| <html><body> |
| <style> |
| |
| body, h1, h2, h3, div, span, p, pre, a { |
| margin: 0; |
| padding: 0; |
| border: 0; |
| font-weight: inherit; |
| font-style: inherit; |
| font-size: 100%; |
| font-family: inherit; |
| vertical-align: baseline; |
| } |
| |
| body { |
| font-size: 13px; |
| padding: 1em; |
| } |
| |
| h1 { |
| font-size: 26px; |
| margin-bottom: 1em; |
| } |
| |
| h2 { |
| font-size: 24px; |
| margin-bottom: 1em; |
| } |
| |
| h3 { |
| font-size: 20px; |
| margin-bottom: 1em; |
| margin-top: 1em; |
| } |
| |
| pre, code { |
| line-height: 1.5; |
| font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace; |
| } |
| |
| pre { |
| margin-top: 0.5em; |
| } |
| |
| h1, h2, h3, p { |
| font-family: Arial, sans serif; |
| } |
| |
| h1, h2, h3 { |
| border-bottom: solid #CCC 1px; |
| } |
| |
| .toc_element { |
| margin-top: 0.5em; |
| } |
| |
| .firstline { |
| margin-left: 2 em; |
| } |
| |
| .method { |
| margin-top: 1em; |
| border: solid 1px #CCC; |
| padding: 1em; |
| background: #EEE; |
| } |
| |
| .details { |
| font-weight: bold; |
| font-size: 14px; |
| } |
| |
| </style> |
| |
| <h1><a href="compute_alpha.html">Compute Engine API</a> . <a href="compute_alpha.licenses.html">licenses</a></h1> |
| <h2>Instance Methods</h2> |
| <p class="toc_element"> |
| <code><a href="#close">close()</a></code></p> |
| <p class="firstline">Close httplib2 connections.</p> |
| <p class="toc_element"> |
| <code><a href="#delete">delete(project, license, requestId=None, x__xgafv=None)</a></code></p> |
| <p class="firstline">Deletes the specified license.</p> |
| <p class="toc_element"> |
| <code><a href="#get">get(project, license, x__xgafv=None)</a></code></p> |
| <p class="firstline">Returns the specified License resource.</p> |
| <p class="toc_element"> |
| <code><a href="#getIamPolicy">getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)</a></code></p> |
| <p class="firstline">Gets the access control policy for a resource. May be empty if no such</p> |
| <p class="toc_element"> |
| <code><a href="#insert">insert(project, body=None, requestId=None, x__xgafv=None)</a></code></p> |
| <p class="firstline">Create a License resource in the specified project.</p> |
| <p class="toc_element"> |
| <code><a href="#list">list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)</a></code></p> |
| <p class="firstline">Retrieves the list of licenses</p> |
| <p class="toc_element"> |
| <code><a href="#list_next">list_next()</a></code></p> |
| <p class="firstline">Retrieves the next page of results.</p> |
| <p class="toc_element"> |
| <code><a href="#setIamPolicy">setIamPolicy(project, resource, body=None, x__xgafv=None)</a></code></p> |
| <p class="firstline">Sets the access control policy on the specified resource.</p> |
| <p class="toc_element"> |
| <code><a href="#testIamPermissions">testIamPermissions(project, resource, body=None, x__xgafv=None)</a></code></p> |
| <p class="firstline">Returns permissions that a caller has on the specified resource.</p> |
| <p class="toc_element"> |
| <code><a href="#update">update(project, license, body=None, requestId=None, updateMask=None, x__xgafv=None)</a></code></p> |
| <p class="firstline">Updates a License resource in the specified project.</p> |
| <h3>Method Details</h3> |
| <div class="method"> |
| <code class="details" id="close">close()</code> |
| <pre>Close httplib2 connections.</pre> |
| </div> |
| |
| <div class="method"> |
| <code class="details" id="delete">delete(project, license, requestId=None, x__xgafv=None)</code> |
| <pre>Deletes the specified license. |
| *Caution* This resource is intended |
| for use only by third-party partners who are creatingCloud Marketplace |
| images. |
| |
| Args: |
| project: string, Project ID for this request. (required) |
| license: string, Name of the license resource to delete. (required) |
| requestId: string, An optional request ID to identify requests. Specify a unique request ID so |
| that if you must retry your request, the server will know to ignore the |
| request if it has already been completed. |
| |
| For example, consider a situation where you make an initial request and |
| the request times out. If you make the request again with the same |
| request ID, the server can check if original operation with the same |
| request ID was received, and if so, will ignore the second request. This |
| prevents clients from accidentally creating duplicate commitments. |
| |
| The request ID must be |
| a valid UUID with the exception that zero UUID is not supported |
| (00000000-0000-0000-0000-000000000000). |
| x__xgafv: string, V1 error format. |
| Allowed values |
| 1 - v1 error format |
| 2 - v2 error format |
| |
| Returns: |
| An object of the form: |
| |
| { # Represents an Operation resource. |
| # |
| # Google Compute Engine has three Operation resources: |
| # |
| # * [Global](/compute/docs/reference/rest/alpha/globalOperations) |
| # * [Regional](/compute/docs/reference/rest/alpha/regionOperations) |
| # * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) |
| # |
| # You can use an operation resource to manage asynchronous API requests. |
| # For more information, readHandling |
| # API responses. |
| # |
| # Operations can be global, regional or zonal. |
| # |
| # - For global operations, use the `globalOperations` |
| # resource. |
| # - For regional operations, use the |
| # `regionOperations` resource. |
| # - For zonal operations, use |
| # the `zoneOperations` resource. |
| # |
| # |
| # |
| # For more information, read |
| # Global, Regional, and Zonal Resources. |
| # |
| # Note that completed Operation resources have a limited |
| # retention period. |
| "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. |
| # Not present otherwise. |
| "creationTimestamp": "A String", # [Deprecated] This field is deprecated. |
| "description": "A String", # [Output Only] A textual description of the operation, which is |
| # set when the operation is created. |
| "endTime": "A String", # [Output Only] The time that this operation was completed. This value is inRFC3339 |
| # text format. |
| "error": { # [Output Only] If errors are generated during processing of the operation, |
| # this field will be populated. |
| "errors": [ # [Output Only] The array of errors encountered while processing this |
| # operation. |
| { |
| "code": "A String", # [Output Only] The error type identifier for this error. |
| "errorDetails": [ # [Output Only] An optional list of messages that contain the error |
| # details. There is a set of defined message types to use for providing |
| # details.The syntax depends on the error code. For example, |
| # QuotaExceededInfo will have details when the error code is |
| # QUOTA_EXCEEDED. |
| { |
| "errorInfo": { # Describes the cause of the error with structured details. |
| # |
| # Example of an error when contacting the "pubsub.googleapis.com" API when it |
| # is not enabled: |
| # |
| # { "reason": "API_DISABLED" |
| # "domain": "googleapis.com" |
| # "metadata": { |
| # "resource": "projects/123", |
| # "service": "pubsub.googleapis.com" |
| # } |
| # } |
| # |
| # This response indicates that the pubsub.googleapis.com API is not enabled. |
| # |
| # Example of an error that is returned when attempting to create a Spanner |
| # instance in a region that is out of stock: |
| # |
| # { "reason": "STOCKOUT" |
| # "domain": "spanner.googleapis.com", |
| # "metadata": { |
| # "availableRegions": "us-central1,us-east2" |
| # } |
| # } |
| "domain": "A String", # The logical grouping to which the "reason" belongs. The error domain |
| # is typically the registered service name of the tool or product that |
| # generates the error. Example: "pubsub.googleapis.com". If the error is |
| # generated by some common infrastructure, the error domain must be a |
| # globally unique value that identifies the infrastructure. For Google API |
| # infrastructure, the error domain is "googleapis.com". |
| "metadatas": { # Additional structured details about this error. |
| # |
| # Keys must match a regular expression of `a-z+` but should |
| # ideally be lowerCamelCase. Also, they must be limited to 64 characters in |
| # length. When identifying the current value of an exceeded limit, the units |
| # should be contained in the key, not the value. For example, rather than |
| # `{"instanceLimit": "100/request"}`, should be returned as, |
| # `{"instanceLimitPerRequest": "100"}`, if the client exceeds the number of |
| # instances that can be created in a single (batch) request. |
| "a_key": "A String", |
| }, |
| "reason": "A String", # The reason of the error. This is a constant value that identifies the |
| # proximate cause of the error. Error reasons are unique within a particular |
| # domain of errors. This should be at most 63 characters and match a |
| # regular expression of `A-Z+[A-Z0-9]`, which represents |
| # UPPER_SNAKE_CASE. |
| }, |
| "help": { # Provides links to documentation or for performing an out of band action. |
| # |
| # For example, if a quota check failed with an error indicating the calling |
| # project hasn't enabled the accessed service, this can contain a URL pointing |
| # directly to the right place in the developer console to flip the bit. |
| "links": [ # URL(s) pointing to additional information on handling the current error. |
| { # Describes a URL link. |
| "description": "A String", # Describes what the link offers. |
| "url": "A String", # The URL of the link. |
| }, |
| ], |
| }, |
| "localizedMessage": { # Provides a localized error message that is safe to return to the user |
| # which can be attached to an RPC error. |
| "locale": "A String", # The locale used following the specification defined at |
| # https://www.rfc-editor.org/rfc/bcp/bcp47.txt. |
| # Examples are: "en-US", "fr-CH", "es-MX" |
| "message": "A String", # The localized error message in the above locale. |
| }, |
| "quotaInfo": { # Additional details for quota exceeded error for resource quota. |
| "dimensions": { # The map holding related quota dimensions. |
| "a_key": "A String", |
| }, |
| "futureLimit": 3.14, # Future quota limit being rolled out. The limit's unit depends on the quota |
| # type or metric. |
| "limit": 3.14, # Current effective quota limit. The limit's unit depends on the quota type |
| # or metric. |
| "limitName": "A String", # The name of the quota limit. |
| "metricName": "A String", # The Compute Engine quota metric name. |
| "rolloutStatus": "A String", # Rollout status of the future quota limit. |
| }, |
| }, |
| ], |
| "location": "A String", # [Output Only] Indicates the field in the request that caused the error. |
| # This property is optional. |
| "message": "A String", # [Output Only] An optional, human-readable error message. |
| }, |
| ], |
| }, |
| "httpErrorMessage": "A String", # [Output Only] If the operation fails, this field contains the HTTP error |
| # message that was returned, such as `NOT FOUND`. |
| "httpErrorStatusCode": 42, # [Output Only] If the operation fails, this field contains the HTTP error |
| # status code that was returned. For example, a `404` means the |
| # resource was not found. |
| "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is |
| # defined by the server. |
| "insertTime": "A String", # [Output Only] The time that this operation was requested. |
| # This value is inRFC3339 |
| # text format. |
| "instancesBulkInsertOperationMetadata": { |
| "perLocationStatus": { # Status information per location (location name is key). |
| # Example key: zones/us-central1-a |
| "a_key": { |
| "createdVmCount": 42, # [Output Only] Count of VMs successfully created so far. |
| "deletedVmCount": 42, # [Output Only] Count of VMs that got deleted during rollback. |
| "failedToCreateVmCount": 42, # [Output Only] Count of VMs that started creating but encountered an |
| # error. |
| "status": "A String", # [Output Only] Creation status of BulkInsert operation - information |
| # if the flow is rolling forward or rolling back. |
| "targetVmCount": 42, # [Output Only] Count of VMs originally planned to be created. |
| }, |
| }, |
| }, |
| "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for |
| # Operation resources. |
| "name": "A String", # [Output Only] Name of the operation. |
| "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a |
| # group of operations results from a `bulkInsert` API request. |
| "operationType": "A String", # [Output Only] The type of operation, such as `insert`, |
| # `update`, or `delete`, and so on. |
| "progress": 42, # [Output Only] An optional progress indicator that ranges from 0 to 100. |
| # There is no requirement that this be linear or support any granularity of |
| # operations. This should not be used to guess when the operation will be |
| # complete. This number should monotonically increase as the operation |
| # progresses. |
| "region": "A String", # [Output Only] The URL of the region where the operation resides. Only |
| # applicable when performing regional operations. |
| "selfLink": "A String", # [Output Only] Server-defined URL for the resource. |
| "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id. |
| "setCommonInstanceMetadataOperationMetadata": { # [Output Only] If the operation is for projects.setCommonInstanceMetadata, |
| # this field will contain information on all underlying zonal actions and |
| # their state. |
| "clientOperationId": "A String", # [Output Only] The client operation id. |
| "perLocationOperations": { # [Output Only] Status information per location (location name is key). |
| # Example key: zones/us-central1-a |
| "a_key": { |
| "error": { # The `Status` type defines a logical error model that is suitable for # [Output Only] If state is `ABANDONED` or `FAILED`, this field is |
| # populated. |
| # different programming environments, including REST APIs and RPC APIs. It is |
| # used by [gRPC](https://github.com/grpc). Each `Status` message contains |
| # three pieces of data: error code, error message, and error details. |
| # |
| # You can find out more about this error model and how to work with it in the |
| # [API Design Guide](https://cloud.google.com/apis/design/errors). |
| "code": 42, # The status code, which should be an enum value of google.rpc.Code. |
| "details": [ # A list of messages that carry the error details. There is a common set of |
| # message types for APIs to use. |
| { |
| "a_key": "", # Properties of the object. Contains field @type with type URL. |
| }, |
| ], |
| "message": "A String", # A developer-facing error message, which should be in English. Any |
| # user-facing error message should be localized and sent in the |
| # google.rpc.Status.details field, or localized by the client. |
| }, |
| "state": "A String", # [Output Only] Status of the action, which can be one of the following: |
| # `PROPAGATING`, `PROPAGATED`, `ABANDONED`, `FAILED`, or `DONE`. |
| }, |
| }, |
| }, |
| "startTime": "A String", # [Output Only] The time that this operation was started by the server. |
| # This value is inRFC3339 |
| # text format. |
| "status": "A String", # [Output Only] The status of the operation, which can be one of the |
| # following: |
| # `PENDING`, `RUNNING`, or `DONE`. |
| "statusMessage": "A String", # [Output Only] An optional textual description of the current status of the |
| # operation. |
| "targetId": "A String", # [Output Only] The unique target ID, which identifies a specific incarnation |
| # of the target resource. |
| "targetLink": "A String", # [Output Only] The URL of the resource that the operation modifies. For |
| # operations related to creating a snapshot, this points to the disk |
| # that the snapshot was created from. |
| "user": "A String", # [Output Only] User who requested the operation, for example: |
| # `[email protected]` or |
| # `alice_smith_identifier (global/workforcePools/example-com-us-employees)`. |
| "warnings": [ # [Output Only] If warning messages are generated during processing of the |
| # operation, this field will be populated. |
| { |
| "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute |
| # Engine returns NO_RESULTS_ON_PAGE if there |
| # are no results in the response. |
| "data": [ # [Output Only] Metadata about this warning in key: |
| # value format. For example: |
| # |
| # "data": [ |
| # { |
| # "key": "scope", |
| # "value": "zones/us-east1-d" |
| # } |
| { |
| "key": "A String", # [Output Only] A key that provides more detail on the warning being |
| # returned. For example, for warnings where there are no results in a list |
| # request for a particular zone, this key might be scope and |
| # the key value might be the zone name. Other examples might be a key |
| # indicating a deprecated resource and a suggested replacement, or a |
| # warning about invalid network settings (for example, if an instance |
| # attempts to perform IP forwarding but is not enabled for IP forwarding). |
| "value": "A String", # [Output Only] A warning data value corresponding to the key. |
| }, |
| ], |
| "message": "A String", # [Output Only] A human-readable description of the warning code. |
| }, |
| ], |
| "zone": "A String", # [Output Only] The URL of the zone where the operation resides. Only |
| # applicable when performing per-zone operations. |
| }</pre> |
| </div> |
| |
| <div class="method"> |
| <code class="details" id="get">get(project, license, x__xgafv=None)</code> |
| <pre>Returns the specified License resource. |
| *Caution* This resource is intended |
| for use only by third-party partners who are creatingCloud Marketplace |
| images. |
| |
| Args: |
| project: string, Project ID for this request. (required) |
| license: string, Name of the License resource to return. (required) |
| x__xgafv: string, V1 error format. |
| Allowed values |
| 1 - v1 error format |
| 2 - v2 error format |
| |
| Returns: |
| An object of the form: |
| |
| { # Represents a License resource. |
| # |
| # A License represents billing and aggregate usage data forpublic andmarketplace images. |
| # *Caution* This resource is intended for |
| # use only by third-party partners who are creatingCloud Marketplace |
| # images. |
| "allowedReplacementLicenses": [ # Specifies licenseCodes of licenses that can replace this license. Note: |
| # such replacements are allowed even if removable_from_disk is false. |
| "A String", |
| ], |
| "appendableToDisk": True or False, # If true, this license can be appended to an existing disk's set of |
| # licenses. |
| "chargesUseFee": True or False, # [Output Only] Deprecated. This field no longer reflects whether a license |
| # charges a usage fee. |
| "creationTimestamp": "A String", # [Output Only] Creation timestamp inRFC3339 |
| # text format. |
| "description": "A String", # An optional textual description of the resource; provided by the client |
| # when the resource is created. |
| "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is |
| # defined by the server. |
| "incompatibleLicenses": [ # Specifies licenseCodes of licenses that are incompatible with this license. |
| # If a license is incompatible with this license, it cannot be attached to |
| # the same disk or image. |
| "A String", |
| ], |
| "kind": "compute#license", # [Output Only] Type of resource. Always compute#license for |
| # licenses. |
| "licenseCode": "A String", # [Output Only] The unique code used to attach this license to images, |
| # snapshots, and disks. |
| "minimumRetention": { # A Duration represents a fixed-length span of time represented # If set, this license will be unable to be removed or replaced once attached |
| # to a disk until the minimum_retention period has passed. |
| # as a count of seconds and fractions of seconds at nanosecond |
| # resolution. It is independent of any calendar and concepts like "day" |
| # or "month". Range is approximately 10,000 years. |
| "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. |
| # Durations less than one second are represented with a 0 |
| # `seconds` field and a positive `nanos` field. Must be from 0 |
| # to 999,999,999 inclusive. |
| "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 |
| # to 315,576,000,000 inclusive. Note: these bounds are computed from: |
| # 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years |
| }, |
| "multiTenantOnly": True or False, # If true, this license can only be used on VMs on multi tenant nodes. |
| "name": "A String", # Name of the resource. The name must be 1-63 characters long and |
| # comply withRFC1035. |
| "osLicense": True or False, # If true, indicates this is an OS license. Only one OS license can be |
| # attached to a disk or image at a time. |
| "removableFromDisk": True or False, # If true, this license can be removed from a disk's set of licenses, with no |
| # replacement license needed. |
| "requiredCoattachedLicenses": [ # Specifies the set of permissible coattached licenseCodes of licenses that |
| # satisfy the coattachment requirement of this license. At least one license |
| # from the set must be attached to the same disk or image as this license. |
| "A String", |
| ], |
| "resourceRequirements": { # [Input Only] Deprecated. |
| "minGuestCpuCount": 42, # [Input Only] Deprecated. This field no longer reflects the minimum number |
| # of guest cpus required to use the Instance. |
| "minMemoryMb": 42, # [Input Only] Deprecated. This field no longer reflects the minimum memory |
| # required to use the Instance. |
| }, |
| "selfLink": "A String", # [Output Only] Server-defined URL for the resource. |
| "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id. |
| "soleTenantOnly": True or False, # If true, this license can only be used on VMs on sole tenant nodes. |
| "transferable": True or False, # If false, licenses will not be copied from the source resource when |
| # creating an image from a disk, disk from snapshot, or snapshot from disk. |
| "updateTimestamp": "A String", # [Output Only] Last update timestamp inRFC3339 |
| # text format. |
| }</pre> |
| </div> |
| |
| <div class="method"> |
| <code class="details" id="getIamPolicy">getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)</code> |
| <pre>Gets the access control policy for a resource. May be empty if no such |
| policy or resource exists. |
| *Caution* This resource is intended |
| for use only by third-party partners who are creatingCloud Marketplace |
| images. |
| |
| Args: |
| project: string, Project ID for this request. (required) |
| resource: string, Name or id of the resource for this request. (required) |
| optionsRequestedPolicyVersion: integer, Requested IAM Policy version. |
| x__xgafv: string, V1 error format. |
| Allowed values |
| 1 - v1 error format |
| 2 - v2 error format |
| |
| Returns: |
| An object of the form: |
| |
| { # An Identity and Access Management (IAM) policy, which specifies access |
| # controls for Google Cloud resources. |
| # |
| # |
| # A `Policy` is a collection of `bindings`. A `binding` binds one or more |
| # `members`, or principals, to a single `role`. Principals can be user |
| # accounts, service accounts, Google groups, and domains (such as G Suite). A |
| # `role` is a named list of permissions; each `role` can be an IAM predefined |
| # role or a user-created custom role. |
| # |
| # For some types of Google Cloud resources, a `binding` can also specify a |
| # `condition`, which is a logical expression that allows access to a resource |
| # only if the expression evaluates to `true`. A condition can add constraints |
| # based on attributes of the request, the resource, or both. To learn which |
| # resources support conditions in their IAM policies, see the |
| # [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). |
| # |
| # **JSON example:** |
| # |
| # ``` |
| # { |
| # "bindings": [ |
| # { |
| # "role": "roles/resourcemanager.organizationAdmin", |
| # "members": [ |
| # "user:[email protected]", |
| # "group:[email protected]", |
| # "domain:google.com", |
| # "serviceAccount:[email protected]" |
| # ] |
| # }, |
| # { |
| # "role": "roles/resourcemanager.organizationViewer", |
| # "members": [ |
| # "user:[email protected]" |
| # ], |
| # "condition": { |
| # "title": "expirable access", |
| # "description": "Does not grant access after Sep 2020", |
| # "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", |
| # } |
| # } |
| # ], |
| # "etag": "BwWWja0YfJA=", |
| # "version": 3 |
| # } |
| # ``` |
| # |
| # **YAML example:** |
| # |
| # ``` |
| # bindings: |
| # - members: |
| # - user:[email protected] |
| # - group:[email protected] |
| # - domain:google.com |
| # - serviceAccount:[email protected] |
| # role: roles/resourcemanager.organizationAdmin |
| # - members: |
| # - user:[email protected] |
| # role: roles/resourcemanager.organizationViewer |
| # condition: |
| # title: expirable access |
| # description: Does not grant access after Sep 2020 |
| # expression: request.time < timestamp('2020-10-01T00:00:00.000Z') |
| # etag: BwWWja0YfJA= |
| # version: 3 |
| # ``` |
| # |
| # For a description of IAM and its features, see the |
| # [IAM documentation](https://cloud.google.com/iam/docs/). |
| "auditConfigs": [ # Specifies cloud audit logging configuration for this policy. |
| { # Specifies the audit configuration for a service. |
| # The configuration determines which permission types are logged, and what |
| # identities, if any, are exempted from logging. |
| # An AuditConfig must have one or more AuditLogConfigs. |
| # |
| # If there are AuditConfigs for both `allServices` and a specific service, |
| # the union of the two AuditConfigs is used for that service: the log_types |
| # specified in each AuditConfig are enabled, and the exempted_members in each |
| # AuditLogConfig are exempted. |
| # |
| # Example Policy with multiple AuditConfigs: |
| # |
| # { |
| # "audit_configs": [ |
| # { |
| # "service": "allServices", |
| # "audit_log_configs": [ |
| # { |
| # "log_type": "DATA_READ", |
| # "exempted_members": [ |
| # "user:[email protected]" |
| # ] |
| # }, |
| # { |
| # "log_type": "DATA_WRITE" |
| # }, |
| # { |
| # "log_type": "ADMIN_READ" |
| # } |
| # ] |
| # }, |
| # { |
| # "service": "sampleservice.googleapis.com", |
| # "audit_log_configs": [ |
| # { |
| # "log_type": "DATA_READ" |
| # }, |
| # { |
| # "log_type": "DATA_WRITE", |
| # "exempted_members": [ |
| # "user:[email protected]" |
| # ] |
| # } |
| # ] |
| # } |
| # ] |
| # } |
| # |
| # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ |
| # logging. It also exempts `[email protected]` from DATA_READ logging, and |
| # `[email protected]` from DATA_WRITE logging. |
| "auditLogConfigs": [ # The configuration for logging of each type of permission. |
| { # Provides the configuration for logging a type of permissions. |
| # Example: |
| # |
| # { |
| # "audit_log_configs": [ |
| # { |
| # "log_type": "DATA_READ", |
| # "exempted_members": [ |
| # "user:[email protected]" |
| # ] |
| # }, |
| # { |
| # "log_type": "DATA_WRITE" |
| # } |
| # ] |
| # } |
| # |
| # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting |
| # [email protected] from DATA_READ logging. |
| "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of |
| # permission. |
| # Follows the same format of Binding.members. |
| "A String", |
| ], |
| "logType": "A String", # The log type that this config enables. |
| }, |
| ], |
| "service": "A String", # Specifies a service that will be enabled for audit logging. |
| # For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. |
| # `allServices` is a special value that covers all services. |
| }, |
| ], |
| "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, |
| # may specify a `condition` that determines how and when the `bindings` are |
| # applied. Each of the `bindings` must contain at least one principal. |
| # |
| # The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 |
| # of these principals can be Google groups. Each occurrence of a principal |
| # counts towards these limits. For example, if the `bindings` grant 50 |
| # different roles to `user:[email protected]`, and not to any other |
| # principal, then you can add another 1,450 principals to the `bindings` in |
| # the `Policy`. |
| { # Associates `members`, or principals, with a `role`. |
| "condition": { # Represents a textual expression in the Common Expression Language (CEL) # The condition that is associated with this binding. |
| # |
| # If the condition evaluates to `true`, then this binding applies to the |
| # current request. |
| # |
| # If the condition evaluates to `false`, then this binding does not apply to |
| # the current request. However, a different role binding might grant the same |
| # role to one or more of the principals in this binding. |
| # |
| # To learn which resources support conditions in their IAM policies, see the |
| # [IAM |
| # documentation](https://cloud.google.com/iam/help/conditions/resource-policies). |
| # syntax. CEL is a C-like expression language. The syntax and semantics of CEL |
| # are documented at https://github.com/google/cel-spec. |
| # |
| # Example (Comparison): |
| # |
| # title: "Summary size limit" |
| # description: "Determines if a summary is less than 100 chars" |
| # expression: "document.summary.size() < 100" |
| # |
| # Example (Equality): |
| # |
| # title: "Requestor is owner" |
| # description: "Determines if requestor is the document owner" |
| # expression: "document.owner == request.auth.claims.email" |
| # |
| # Example (Logic): |
| # |
| # title: "Public documents" |
| # description: "Determine whether the document should be publicly visible" |
| # expression: "document.type != 'private' && document.type != 'internal'" |
| # |
| # Example (Data Manipulation): |
| # |
| # title: "Notification string" |
| # description: "Create a notification string with a timestamp." |
| # expression: "'New message received at ' + string(document.create_time)" |
| # |
| # The exact variables and functions that may be referenced within an expression |
| # are determined by the service that evaluates it. See the service |
| # documentation for additional information. |
| "description": "A String", # Optional. Description of the expression. This is a longer text which |
| # describes the expression, e.g. when hovered over it in a UI. |
| "expression": "A String", # Textual representation of an expression in Common Expression Language |
| # syntax. |
| "location": "A String", # Optional. String indicating the location of the expression for error |
| # reporting, e.g. a file name and a position in the file. |
| "title": "A String", # Optional. Title for the expression, i.e. a short string describing |
| # its purpose. This can be used e.g. in UIs which allow to enter the |
| # expression. |
| }, |
| "members": [ # Specifies the principals requesting access for a Google Cloud resource. |
| # `members` can have the following values: |
| # |
| # * `allUsers`: A special identifier that represents anyone who is |
| # on the internet; with or without a Google account. |
| # |
| # * `allAuthenticatedUsers`: A special identifier that represents anyone |
| # who is authenticated with a Google account or a service account. |
| # Does not include identities that come from external identity providers |
| # (IdPs) through identity federation. |
| # |
| # * `user:{emailid}`: An email address that represents a specific Google |
| # account. For example, `[email protected]` . |
| # |
| # |
| # * `serviceAccount:{emailid}`: An email address that represents a Google |
| # service account. For example, |
| # `[email protected]`. |
| # |
| # * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An |
| # identifier for a |
| # [Kubernetes service |
| # account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). |
| # For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. |
| # |
| # * `group:{emailid}`: An email address that represents a Google group. |
| # For example, `[email protected]`. |
| # |
| # |
| # * `domain:{domain}`: The G Suite domain (primary) that represents all the |
| # users of that domain. For example, `google.com` or `example.com`. |
| # |
| # |
| # |
| # |
| # * `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: |
| # A single identity in a workforce identity pool. |
| # |
| # * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: |
| # All workforce identities in a group. |
| # |
| # * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: |
| # All workforce identities with a specific attribute value. |
| # |
| # * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: |
| # All identities in a workforce identity pool. |
| # |
| # * `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: |
| # A single identity in a workload identity pool. |
| # |
| # * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: |
| # A workload identity pool group. |
| # |
| # * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: |
| # All identities in a workload identity pool with a certain attribute. |
| # |
| # * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: |
| # All identities in a workload identity pool. |
| # |
| # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique |
| # identifier) representing a user that has been recently deleted. For |
| # example, `[email protected]?uid=123456789012345678901`. If the user is |
| # recovered, this value reverts to `user:{emailid}` and the recovered user |
| # retains the role in the binding. |
| # |
| # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus |
| # unique identifier) representing a service account that has been recently |
| # deleted. For example, |
| # `[email protected]?uid=123456789012345678901`. |
| # If the service account is undeleted, this value reverts to |
| # `serviceAccount:{emailid}` and the undeleted service account retains the |
| # role in the binding. |
| # |
| # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique |
| # identifier) representing a Google group that has been recently |
| # deleted. For example, `[email protected]?uid=123456789012345678901`. If |
| # the group is recovered, this value reverts to `group:{emailid}` and the |
| # recovered group retains the role in the binding. |
| # |
| # * `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: |
| # Deleted single identity in a workforce identity pool. For example, |
| # `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. |
| "A String", |
| ], |
| "role": "A String", # Role that is assigned to the list of `members`, or principals. |
| # For example, `roles/viewer`, `roles/editor`, or `roles/owner`. |
| # |
| # For an overview of the IAM roles and permissions, see the |
| # [IAM documentation](https://cloud.google.com/iam/docs/roles-overview). For |
| # a list of the available pre-defined roles, see |
| # [here](https://cloud.google.com/iam/docs/understanding-roles). |
| }, |
| ], |
| "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help |
| # prevent simultaneous updates of a policy from overwriting each other. |
| # It is strongly suggested that systems make use of the `etag` in the |
| # read-modify-write cycle to perform policy updates in order to avoid race |
| # conditions: An `etag` is returned in the response to `getIamPolicy`, and |
| # systems are expected to put that etag in the request to `setIamPolicy` to |
| # ensure that their change will be applied to the same version of the policy. |
| # |
| # **Important:** If you use IAM Conditions, you must include the `etag` field |
| # whenever you call `setIamPolicy`. If you omit this field, then IAM allows |
| # you to overwrite a version `3` policy with a version `1` policy, and all of |
| # the conditions in the version `3` policy are lost. |
| "version": 42, # Specifies the format of the policy. |
| # |
| # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value |
| # are rejected. |
| # |
| # Any operation that affects conditional role bindings must specify version |
| # `3`. This requirement applies to the following operations: |
| # |
| # * Getting a policy that includes a conditional role binding |
| # * Adding a conditional role binding to a policy |
| # * Changing a conditional role binding in a policy |
| # * Removing any role binding, with or without a condition, from a policy |
| # that includes conditions |
| # |
| # **Important:** If you use IAM Conditions, you must include the `etag` field |
| # whenever you call `setIamPolicy`. If you omit this field, then IAM allows |
| # you to overwrite a version `3` policy with a version `1` policy, and all of |
| # the conditions in the version `3` policy are lost. |
| # |
| # If a policy does not include any conditions, operations on that policy may |
| # specify any valid version or leave the field unset. |
| # |
| # To learn which resources support conditions in their IAM policies, see the |
| # [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). |
| }</pre> |
| </div> |
| |
| <div class="method"> |
| <code class="details" id="insert">insert(project, body=None, requestId=None, x__xgafv=None)</code> |
| <pre>Create a License resource in the specified project. |
| *Caution* This resource is intended |
| for use only by third-party partners who are creatingCloud Marketplace |
| images. |
| |
| Args: |
| project: string, Project ID for this request. (required) |
| body: object, The request body. |
| The object takes the form of: |
| |
| { # Represents a License resource. |
| # |
| # A License represents billing and aggregate usage data forpublic andmarketplace images. |
| # *Caution* This resource is intended for |
| # use only by third-party partners who are creatingCloud Marketplace |
| # images. |
| "allowedReplacementLicenses": [ # Specifies licenseCodes of licenses that can replace this license. Note: |
| # such replacements are allowed even if removable_from_disk is false. |
| "A String", |
| ], |
| "appendableToDisk": True or False, # If true, this license can be appended to an existing disk's set of |
| # licenses. |
| "chargesUseFee": True or False, # [Output Only] Deprecated. This field no longer reflects whether a license |
| # charges a usage fee. |
| "creationTimestamp": "A String", # [Output Only] Creation timestamp inRFC3339 |
| # text format. |
| "description": "A String", # An optional textual description of the resource; provided by the client |
| # when the resource is created. |
| "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is |
| # defined by the server. |
| "incompatibleLicenses": [ # Specifies licenseCodes of licenses that are incompatible with this license. |
| # If a license is incompatible with this license, it cannot be attached to |
| # the same disk or image. |
| "A String", |
| ], |
| "kind": "compute#license", # [Output Only] Type of resource. Always compute#license for |
| # licenses. |
| "licenseCode": "A String", # [Output Only] The unique code used to attach this license to images, |
| # snapshots, and disks. |
| "minimumRetention": { # A Duration represents a fixed-length span of time represented # If set, this license will be unable to be removed or replaced once attached |
| # to a disk until the minimum_retention period has passed. |
| # as a count of seconds and fractions of seconds at nanosecond |
| # resolution. It is independent of any calendar and concepts like "day" |
| # or "month". Range is approximately 10,000 years. |
| "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. |
| # Durations less than one second are represented with a 0 |
| # `seconds` field and a positive `nanos` field. Must be from 0 |
| # to 999,999,999 inclusive. |
| "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 |
| # to 315,576,000,000 inclusive. Note: these bounds are computed from: |
| # 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years |
| }, |
| "multiTenantOnly": True or False, # If true, this license can only be used on VMs on multi tenant nodes. |
| "name": "A String", # Name of the resource. The name must be 1-63 characters long and |
| # comply withRFC1035. |
| "osLicense": True or False, # If true, indicates this is an OS license. Only one OS license can be |
| # attached to a disk or image at a time. |
| "removableFromDisk": True or False, # If true, this license can be removed from a disk's set of licenses, with no |
| # replacement license needed. |
| "requiredCoattachedLicenses": [ # Specifies the set of permissible coattached licenseCodes of licenses that |
| # satisfy the coattachment requirement of this license. At least one license |
| # from the set must be attached to the same disk or image as this license. |
| "A String", |
| ], |
| "resourceRequirements": { # [Input Only] Deprecated. |
| "minGuestCpuCount": 42, # [Input Only] Deprecated. This field no longer reflects the minimum number |
| # of guest cpus required to use the Instance. |
| "minMemoryMb": 42, # [Input Only] Deprecated. This field no longer reflects the minimum memory |
| # required to use the Instance. |
| }, |
| "selfLink": "A String", # [Output Only] Server-defined URL for the resource. |
| "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id. |
| "soleTenantOnly": True or False, # If true, this license can only be used on VMs on sole tenant nodes. |
| "transferable": True or False, # If false, licenses will not be copied from the source resource when |
| # creating an image from a disk, disk from snapshot, or snapshot from disk. |
| "updateTimestamp": "A String", # [Output Only] Last update timestamp inRFC3339 |
| # text format. |
| } |
| |
| requestId: string, An optional request ID to identify requests. Specify a unique request ID so |
| that if you must retry your request, the server will know to ignore the |
| request if it has already been completed. |
| |
| For example, consider a situation where you make an initial request and |
| the request times out. If you make the request again with the same |
| request ID, the server can check if original operation with the same |
| request ID was received, and if so, will ignore the second request. This |
| prevents clients from accidentally creating duplicate commitments. |
| |
| The request ID must be |
| a valid UUID with the exception that zero UUID is not supported |
| (00000000-0000-0000-0000-000000000000). |
| x__xgafv: string, V1 error format. |
| Allowed values |
| 1 - v1 error format |
| 2 - v2 error format |
| |
| Returns: |
| An object of the form: |
| |
| { # Represents an Operation resource. |
| # |
| # Google Compute Engine has three Operation resources: |
| # |
| # * [Global](/compute/docs/reference/rest/alpha/globalOperations) |
| # * [Regional](/compute/docs/reference/rest/alpha/regionOperations) |
| # * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) |
| # |
| # You can use an operation resource to manage asynchronous API requests. |
| # For more information, readHandling |
| # API responses. |
| # |
| # Operations can be global, regional or zonal. |
| # |
| # - For global operations, use the `globalOperations` |
| # resource. |
| # - For regional operations, use the |
| # `regionOperations` resource. |
| # - For zonal operations, use |
| # the `zoneOperations` resource. |
| # |
| # |
| # |
| # For more information, read |
| # Global, Regional, and Zonal Resources. |
| # |
| # Note that completed Operation resources have a limited |
| # retention period. |
| "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. |
| # Not present otherwise. |
| "creationTimestamp": "A String", # [Deprecated] This field is deprecated. |
| "description": "A String", # [Output Only] A textual description of the operation, which is |
| # set when the operation is created. |
| "endTime": "A String", # [Output Only] The time that this operation was completed. This value is inRFC3339 |
| # text format. |
| "error": { # [Output Only] If errors are generated during processing of the operation, |
| # this field will be populated. |
| "errors": [ # [Output Only] The array of errors encountered while processing this |
| # operation. |
| { |
| "code": "A String", # [Output Only] The error type identifier for this error. |
| "errorDetails": [ # [Output Only] An optional list of messages that contain the error |
| # details. There is a set of defined message types to use for providing |
| # details.The syntax depends on the error code. For example, |
| # QuotaExceededInfo will have details when the error code is |
| # QUOTA_EXCEEDED. |
| { |
| "errorInfo": { # Describes the cause of the error with structured details. |
| # |
| # Example of an error when contacting the "pubsub.googleapis.com" API when it |
| # is not enabled: |
| # |
| # { "reason": "API_DISABLED" |
| # "domain": "googleapis.com" |
| # "metadata": { |
| # "resource": "projects/123", |
| # "service": "pubsub.googleapis.com" |
| # } |
| # } |
| # |
| # This response indicates that the pubsub.googleapis.com API is not enabled. |
| # |
| # Example of an error that is returned when attempting to create a Spanner |
| # instance in a region that is out of stock: |
| # |
| # { "reason": "STOCKOUT" |
| # "domain": "spanner.googleapis.com", |
| # "metadata": { |
| # "availableRegions": "us-central1,us-east2" |
| # } |
| # } |
| "domain": "A String", # The logical grouping to which the "reason" belongs. The error domain |
| # is typically the registered service name of the tool or product that |
| # generates the error. Example: "pubsub.googleapis.com". If the error is |
| # generated by some common infrastructure, the error domain must be a |
| # globally unique value that identifies the infrastructure. For Google API |
| # infrastructure, the error domain is "googleapis.com". |
| "metadatas": { # Additional structured details about this error. |
| # |
| # Keys must match a regular expression of `a-z+` but should |
| # ideally be lowerCamelCase. Also, they must be limited to 64 characters in |
| # length. When identifying the current value of an exceeded limit, the units |
| # should be contained in the key, not the value. For example, rather than |
| # `{"instanceLimit": "100/request"}`, should be returned as, |
| # `{"instanceLimitPerRequest": "100"}`, if the client exceeds the number of |
| # instances that can be created in a single (batch) request. |
| "a_key": "A String", |
| }, |
| "reason": "A String", # The reason of the error. This is a constant value that identifies the |
| # proximate cause of the error. Error reasons are unique within a particular |
| # domain of errors. This should be at most 63 characters and match a |
| # regular expression of `A-Z+[A-Z0-9]`, which represents |
| # UPPER_SNAKE_CASE. |
| }, |
| "help": { # Provides links to documentation or for performing an out of band action. |
| # |
| # For example, if a quota check failed with an error indicating the calling |
| # project hasn't enabled the accessed service, this can contain a URL pointing |
| # directly to the right place in the developer console to flip the bit. |
| "links": [ # URL(s) pointing to additional information on handling the current error. |
| { # Describes a URL link. |
| "description": "A String", # Describes what the link offers. |
| "url": "A String", # The URL of the link. |
| }, |
| ], |
| }, |
| "localizedMessage": { # Provides a localized error message that is safe to return to the user |
| # which can be attached to an RPC error. |
| "locale": "A String", # The locale used following the specification defined at |
| # https://www.rfc-editor.org/rfc/bcp/bcp47.txt. |
| # Examples are: "en-US", "fr-CH", "es-MX" |
| "message": "A String", # The localized error message in the above locale. |
| }, |
| "quotaInfo": { # Additional details for quota exceeded error for resource quota. |
| "dimensions": { # The map holding related quota dimensions. |
| "a_key": "A String", |
| }, |
| "futureLimit": 3.14, # Future quota limit being rolled out. The limit's unit depends on the quota |
| # type or metric. |
| "limit": 3.14, # Current effective quota limit. The limit's unit depends on the quota type |
| # or metric. |
| "limitName": "A String", # The name of the quota limit. |
| "metricName": "A String", # The Compute Engine quota metric name. |
| "rolloutStatus": "A String", # Rollout status of the future quota limit. |
| }, |
| }, |
| ], |
| "location": "A String", # [Output Only] Indicates the field in the request that caused the error. |
| # This property is optional. |
| "message": "A String", # [Output Only] An optional, human-readable error message. |
| }, |
| ], |
| }, |
| "httpErrorMessage": "A String", # [Output Only] If the operation fails, this field contains the HTTP error |
| # message that was returned, such as `NOT FOUND`. |
| "httpErrorStatusCode": 42, # [Output Only] If the operation fails, this field contains the HTTP error |
| # status code that was returned. For example, a `404` means the |
| # resource was not found. |
| "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is |
| # defined by the server. |
| "insertTime": "A String", # [Output Only] The time that this operation was requested. |
| # This value is inRFC3339 |
| # text format. |
| "instancesBulkInsertOperationMetadata": { |
| "perLocationStatus": { # Status information per location (location name is key). |
| # Example key: zones/us-central1-a |
| "a_key": { |
| "createdVmCount": 42, # [Output Only] Count of VMs successfully created so far. |
| "deletedVmCount": 42, # [Output Only] Count of VMs that got deleted during rollback. |
| "failedToCreateVmCount": 42, # [Output Only] Count of VMs that started creating but encountered an |
| # error. |
| "status": "A String", # [Output Only] Creation status of BulkInsert operation - information |
| # if the flow is rolling forward or rolling back. |
| "targetVmCount": 42, # [Output Only] Count of VMs originally planned to be created. |
| }, |
| }, |
| }, |
| "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for |
| # Operation resources. |
| "name": "A String", # [Output Only] Name of the operation. |
| "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a |
| # group of operations results from a `bulkInsert` API request. |
| "operationType": "A String", # [Output Only] The type of operation, such as `insert`, |
| # `update`, or `delete`, and so on. |
| "progress": 42, # [Output Only] An optional progress indicator that ranges from 0 to 100. |
| # There is no requirement that this be linear or support any granularity of |
| # operations. This should not be used to guess when the operation will be |
| # complete. This number should monotonically increase as the operation |
| # progresses. |
| "region": "A String", # [Output Only] The URL of the region where the operation resides. Only |
| # applicable when performing regional operations. |
| "selfLink": "A String", # [Output Only] Server-defined URL for the resource. |
| "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id. |
| "setCommonInstanceMetadataOperationMetadata": { # [Output Only] If the operation is for projects.setCommonInstanceMetadata, |
| # this field will contain information on all underlying zonal actions and |
| # their state. |
| "clientOperationId": "A String", # [Output Only] The client operation id. |
| "perLocationOperations": { # [Output Only] Status information per location (location name is key). |
| # Example key: zones/us-central1-a |
| "a_key": { |
| "error": { # The `Status` type defines a logical error model that is suitable for # [Output Only] If state is `ABANDONED` or `FAILED`, this field is |
| # populated. |
| # different programming environments, including REST APIs and RPC APIs. It is |
| # used by [gRPC](https://github.com/grpc). Each `Status` message contains |
| # three pieces of data: error code, error message, and error details. |
| # |
| # You can find out more about this error model and how to work with it in the |
| # [API Design Guide](https://cloud.google.com/apis/design/errors). |
| "code": 42, # The status code, which should be an enum value of google.rpc.Code. |
| "details": [ # A list of messages that carry the error details. There is a common set of |
| # message types for APIs to use. |
| { |
| "a_key": "", # Properties of the object. Contains field @type with type URL. |
| }, |
| ], |
| "message": "A String", # A developer-facing error message, which should be in English. Any |
| # user-facing error message should be localized and sent in the |
| # google.rpc.Status.details field, or localized by the client. |
| }, |
| "state": "A String", # [Output Only] Status of the action, which can be one of the following: |
| # `PROPAGATING`, `PROPAGATED`, `ABANDONED`, `FAILED`, or `DONE`. |
| }, |
| }, |
| }, |
| "startTime": "A String", # [Output Only] The time that this operation was started by the server. |
| # This value is inRFC3339 |
| # text format. |
| "status": "A String", # [Output Only] The status of the operation, which can be one of the |
| # following: |
| # `PENDING`, `RUNNING`, or `DONE`. |
| "statusMessage": "A String", # [Output Only] An optional textual description of the current status of the |
| # operation. |
| "targetId": "A String", # [Output Only] The unique target ID, which identifies a specific incarnation |
| # of the target resource. |
| "targetLink": "A String", # [Output Only] The URL of the resource that the operation modifies. For |
| # operations related to creating a snapshot, this points to the disk |
| # that the snapshot was created from. |
| "user": "A String", # [Output Only] User who requested the operation, for example: |
| # `[email protected]` or |
| # `alice_smith_identifier (global/workforcePools/example-com-us-employees)`. |
| "warnings": [ # [Output Only] If warning messages are generated during processing of the |
| # operation, this field will be populated. |
| { |
| "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute |
| # Engine returns NO_RESULTS_ON_PAGE if there |
| # are no results in the response. |
| "data": [ # [Output Only] Metadata about this warning in key: |
| # value format. For example: |
| # |
| # "data": [ |
| # { |
| # "key": "scope", |
| # "value": "zones/us-east1-d" |
| # } |
| { |
| "key": "A String", # [Output Only] A key that provides more detail on the warning being |
| # returned. For example, for warnings where there are no results in a list |
| # request for a particular zone, this key might be scope and |
| # the key value might be the zone name. Other examples might be a key |
| # indicating a deprecated resource and a suggested replacement, or a |
| # warning about invalid network settings (for example, if an instance |
| # attempts to perform IP forwarding but is not enabled for IP forwarding). |
| "value": "A String", # [Output Only] A warning data value corresponding to the key. |
| }, |
| ], |
| "message": "A String", # [Output Only] A human-readable description of the warning code. |
| }, |
| ], |
| "zone": "A String", # [Output Only] The URL of the zone where the operation resides. Only |
| # applicable when performing per-zone operations. |
| }</pre> |
| </div> |
| |
| <div class="method"> |
| <code class="details" id="list">list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)</code> |
| <pre>Retrieves the list of licenses |
| available in the specified project. This method does not |
| get any licenses that belong to other projects, including licenses attached |
| to publicly-available images, like Debian 9. If you want to get a list of |
| publicly-available licenses, use this method to make a request to the |
| respective image project, such as debian-cloud orwindows-cloud. |
| *Caution* This resource is intended |
| for use only by third-party partners who are creatingCloud Marketplace |
| images. |
| |
| Args: |
| project: string, Project ID for this request. (required) |
| filter: string, A filter expression that filters resources listed in the response. Most |
| Compute resources support two types of filter expressions: |
| expressions that support regular expressions and expressions that follow |
| API improvement proposal AIP-160. |
| These two types of filter expressions cannot be mixed in one request. |
| |
| If you want to use AIP-160, your expression must specify the field name, an |
| operator, and the value that you want to use for filtering. The value |
| must be a string, a number, or a boolean. The operator |
| must be either `=`, `!=`, `>`, `<`, `<=`, `>=` or `:`. |
| |
| For example, if you are filtering Compute Engine instances, you can |
| exclude instances named `example-instance` by specifying |
| `name != example-instance`. |
| |
| The `:*` comparison can be used to test whether a key has been defined. |
| For example, to find all objects with `owner` label use: |
| ``` |
| labels.owner:* |
| ``` |
| |
| You can also filter nested fields. For example, you could specify |
| `scheduling.automaticRestart = false` to include instances only |
| if they are not scheduled for automatic restarts. You can use filtering |
| on nested fields to filter based onresource labels. |
| |
| To filter on multiple expressions, provide each separate expression within |
| parentheses. For example: |
| ``` |
| (scheduling.automaticRestart = true) |
| (cpuPlatform = "Intel Skylake") |
| ``` |
| By default, each expression is an `AND` expression. However, you |
| can include `AND` and `OR` expressions explicitly. |
| For example: |
| ``` |
| (cpuPlatform = "Intel Skylake") OR |
| (cpuPlatform = "Intel Broadwell") AND |
| (scheduling.automaticRestart = true) |
| ``` |
| |
| If you want to use a regular expression, use the `eq` (equal) or `ne` |
| (not equal) operator against a single un-parenthesized expression with or |
| without quotes or against multiple parenthesized expressions. Examples: |
| |
| `fieldname eq unquoted literal` |
| `fieldname eq 'single quoted literal'` |
| `fieldname eq "double quoted literal"` |
| `(fieldname1 eq literal) (fieldname2 ne "literal")` |
| |
| The literal value is interpreted as a regular expression using GoogleRE2 library syntax. |
| The literal value must match the entire field. |
| |
| For example, to filter for instances that do not end with name "instance", |
| you would use `name ne .*instance`. |
| |
| You cannot combine constraints on multiple fields using regular |
| expressions. |
| maxResults: integer, The maximum number of results per page that should be returned. |
| If the number of available results is larger than `maxResults`, |
| Compute Engine returns a `nextPageToken` that can be used to get |
| the next page of results in subsequent list requests. Acceptable values are |
| `0` to `500`, inclusive. (Default: `500`) |
| orderBy: string, Sorts list results by a certain order. By default, results |
| are returned in alphanumerical order based on the resource name. |
| |
| You can also sort results in descending order based on the creation |
| timestamp using `orderBy="creationTimestamp desc"`. This sorts |
| results based on the `creationTimestamp` field in |
| reverse chronological order (newest result first). Use this to sort |
| resources like operations so that the newest operation is returned first. |
| |
| Currently, only sorting by `name` or |
| `creationTimestamp desc` is supported. |
| pageToken: string, Specifies a page token to use. Set `pageToken` to the |
| `nextPageToken` returned by a previous list request to get |
| the next page of results. |
| returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case |
| of failure. The default value is false. |
| |
| For example, when partial success behavior is enabled, aggregatedList for a |
| single zone scope either returns all resources in the zone or no resources, |
| with an error code. |
| x__xgafv: string, V1 error format. |
| Allowed values |
| 1 - v1 error format |
| 2 - v2 error format |
| |
| Returns: |
| An object of the form: |
| |
| { |
| "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server. |
| "items": [ # A list of License resources. |
| { # Represents a License resource. |
| # |
| # A License represents billing and aggregate usage data forpublic andmarketplace images. |
| # *Caution* This resource is intended for |
| # use only by third-party partners who are creatingCloud Marketplace |
| # images. |
| "allowedReplacementLicenses": [ # Specifies licenseCodes of licenses that can replace this license. Note: |
| # such replacements are allowed even if removable_from_disk is false. |
| "A String", |
| ], |
| "appendableToDisk": True or False, # If true, this license can be appended to an existing disk's set of |
| # licenses. |
| "chargesUseFee": True or False, # [Output Only] Deprecated. This field no longer reflects whether a license |
| # charges a usage fee. |
| "creationTimestamp": "A String", # [Output Only] Creation timestamp inRFC3339 |
| # text format. |
| "description": "A String", # An optional textual description of the resource; provided by the client |
| # when the resource is created. |
| "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is |
| # defined by the server. |
| "incompatibleLicenses": [ # Specifies licenseCodes of licenses that are incompatible with this license. |
| # If a license is incompatible with this license, it cannot be attached to |
| # the same disk or image. |
| "A String", |
| ], |
| "kind": "compute#license", # [Output Only] Type of resource. Always compute#license for |
| # licenses. |
| "licenseCode": "A String", # [Output Only] The unique code used to attach this license to images, |
| # snapshots, and disks. |
| "minimumRetention": { # A Duration represents a fixed-length span of time represented # If set, this license will be unable to be removed or replaced once attached |
| # to a disk until the minimum_retention period has passed. |
| # as a count of seconds and fractions of seconds at nanosecond |
| # resolution. It is independent of any calendar and concepts like "day" |
| # or "month". Range is approximately 10,000 years. |
| "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. |
| # Durations less than one second are represented with a 0 |
| # `seconds` field and a positive `nanos` field. Must be from 0 |
| # to 999,999,999 inclusive. |
| "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 |
| # to 315,576,000,000 inclusive. Note: these bounds are computed from: |
| # 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years |
| }, |
| "multiTenantOnly": True or False, # If true, this license can only be used on VMs on multi tenant nodes. |
| "name": "A String", # Name of the resource. The name must be 1-63 characters long and |
| # comply withRFC1035. |
| "osLicense": True or False, # If true, indicates this is an OS license. Only one OS license can be |
| # attached to a disk or image at a time. |
| "removableFromDisk": True or False, # If true, this license can be removed from a disk's set of licenses, with no |
| # replacement license needed. |
| "requiredCoattachedLicenses": [ # Specifies the set of permissible coattached licenseCodes of licenses that |
| # satisfy the coattachment requirement of this license. At least one license |
| # from the set must be attached to the same disk or image as this license. |
| "A String", |
| ], |
| "resourceRequirements": { # [Input Only] Deprecated. |
| "minGuestCpuCount": 42, # [Input Only] Deprecated. This field no longer reflects the minimum number |
| # of guest cpus required to use the Instance. |
| "minMemoryMb": 42, # [Input Only] Deprecated. This field no longer reflects the minimum memory |
| # required to use the Instance. |
| }, |
| "selfLink": "A String", # [Output Only] Server-defined URL for the resource. |
| "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id. |
| "soleTenantOnly": True or False, # If true, this license can only be used on VMs on sole tenant nodes. |
| "transferable": True or False, # If false, licenses will not be copied from the source resource when |
| # creating an image from a disk, disk from snapshot, or snapshot from disk. |
| "updateTimestamp": "A String", # [Output Only] Last update timestamp inRFC3339 |
| # text format. |
| }, |
| ], |
| "nextPageToken": "A String", # [Output Only] This token allows you to get the next page of results for |
| # list requests. If the number of results is larger thanmaxResults, use the nextPageToken as a value for |
| # the query parameter pageToken in the next list request. |
| # Subsequent list requests will have their own nextPageToken to |
| # continue paging through the results. |
| "selfLink": "A String", # [Output Only] Server-defined URL for this resource. |
| "warning": { # [Output Only] Informational warning message. |
| "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute |
| # Engine returns NO_RESULTS_ON_PAGE if there |
| # are no results in the response. |
| "data": [ # [Output Only] Metadata about this warning in key: |
| # value format. For example: |
| # |
| # "data": [ |
| # { |
| # "key": "scope", |
| # "value": "zones/us-east1-d" |
| # } |
| { |
| "key": "A String", # [Output Only] A key that provides more detail on the warning being |
| # returned. For example, for warnings where there are no results in a list |
| # request for a particular zone, this key might be scope and |
| # the key value might be the zone name. Other examples might be a key |
| # indicating a deprecated resource and a suggested replacement, or a |
| # warning about invalid network settings (for example, if an instance |
| # attempts to perform IP forwarding but is not enabled for IP forwarding). |
| "value": "A String", # [Output Only] A warning data value corresponding to the key. |
| }, |
| ], |
| "message": "A String", # [Output Only] A human-readable description of the warning code. |
| }, |
| }</pre> |
| </div> |
| |
| <div class="method"> |
| <code class="details" id="list_next">list_next()</code> |
| <pre>Retrieves the next page of results. |
| |
| Args: |
| previous_request: The request for the previous page. (required) |
| previous_response: The response from the request for the previous page. (required) |
| |
| Returns: |
| A request object that you can call 'execute()' on to request the next |
| page. Returns None if there are no more items in the collection. |
| </pre> |
| </div> |
| |
| <div class="method"> |
| <code class="details" id="setIamPolicy">setIamPolicy(project, resource, body=None, x__xgafv=None)</code> |
| <pre>Sets the access control policy on the specified resource. |
| Replaces any existing policy. |
| *Caution* This resource is intended |
| for use only by third-party partners who are creatingCloud Marketplace |
| images. |
| |
| Args: |
| project: string, Project ID for this request. (required) |
| resource: string, Name or id of the resource for this request. (required) |
| body: object, The request body. |
| The object takes the form of: |
| |
| { |
| "bindings": [ # Flatten Policy to create a backward compatible wire-format. |
| # Deprecated. Use 'policy' to specify bindings. |
| { # Associates `members`, or principals, with a `role`. |
| "condition": { # Represents a textual expression in the Common Expression Language (CEL) # The condition that is associated with this binding. |
| # |
| # If the condition evaluates to `true`, then this binding applies to the |
| # current request. |
| # |
| # If the condition evaluates to `false`, then this binding does not apply to |
| # the current request. However, a different role binding might grant the same |
| # role to one or more of the principals in this binding. |
| # |
| # To learn which resources support conditions in their IAM policies, see the |
| # [IAM |
| # documentation](https://cloud.google.com/iam/help/conditions/resource-policies). |
| # syntax. CEL is a C-like expression language. The syntax and semantics of CEL |
| # are documented at https://github.com/google/cel-spec. |
| # |
| # Example (Comparison): |
| # |
| # title: "Summary size limit" |
| # description: "Determines if a summary is less than 100 chars" |
| # expression: "document.summary.size() < 100" |
| # |
| # Example (Equality): |
| # |
| # title: "Requestor is owner" |
| # description: "Determines if requestor is the document owner" |
| # expression: "document.owner == request.auth.claims.email" |
| # |
| # Example (Logic): |
| # |
| # title: "Public documents" |
| # description: "Determine whether the document should be publicly visible" |
| # expression: "document.type != 'private' && document.type != 'internal'" |
| # |
| # Example (Data Manipulation): |
| # |
| # title: "Notification string" |
| # description: "Create a notification string with a timestamp." |
| # expression: "'New message received at ' + string(document.create_time)" |
| # |
| # The exact variables and functions that may be referenced within an expression |
| # are determined by the service that evaluates it. See the service |
| # documentation for additional information. |
| "description": "A String", # Optional. Description of the expression. This is a longer text which |
| # describes the expression, e.g. when hovered over it in a UI. |
| "expression": "A String", # Textual representation of an expression in Common Expression Language |
| # syntax. |
| "location": "A String", # Optional. String indicating the location of the expression for error |
| # reporting, e.g. a file name and a position in the file. |
| "title": "A String", # Optional. Title for the expression, i.e. a short string describing |
| # its purpose. This can be used e.g. in UIs which allow to enter the |
| # expression. |
| }, |
| "members": [ # Specifies the principals requesting access for a Google Cloud resource. |
| # `members` can have the following values: |
| # |
| # * `allUsers`: A special identifier that represents anyone who is |
| # on the internet; with or without a Google account. |
| # |
| # * `allAuthenticatedUsers`: A special identifier that represents anyone |
| # who is authenticated with a Google account or a service account. |
| # Does not include identities that come from external identity providers |
| # (IdPs) through identity federation. |
| # |
| # * `user:{emailid}`: An email address that represents a specific Google |
| # account. For example, `[email protected]` . |
| # |
| # |
| # * `serviceAccount:{emailid}`: An email address that represents a Google |
| # service account. For example, |
| # `[email protected]`. |
| # |
| # * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An |
| # identifier for a |
| # [Kubernetes service |
| # account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). |
| # For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. |
| # |
| # * `group:{emailid}`: An email address that represents a Google group. |
| # For example, `[email protected]`. |
| # |
| # |
| # * `domain:{domain}`: The G Suite domain (primary) that represents all the |
| # users of that domain. For example, `google.com` or `example.com`. |
| # |
| # |
| # |
| # |
| # * `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: |
| # A single identity in a workforce identity pool. |
| # |
| # * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: |
| # All workforce identities in a group. |
| # |
| # * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: |
| # All workforce identities with a specific attribute value. |
| # |
| # * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: |
| # All identities in a workforce identity pool. |
| # |
| # * `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: |
| # A single identity in a workload identity pool. |
| # |
| # * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: |
| # A workload identity pool group. |
| # |
| # * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: |
| # All identities in a workload identity pool with a certain attribute. |
| # |
| # * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: |
| # All identities in a workload identity pool. |
| # |
| # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique |
| # identifier) representing a user that has been recently deleted. For |
| # example, `[email protected]?uid=123456789012345678901`. If the user is |
| # recovered, this value reverts to `user:{emailid}` and the recovered user |
| # retains the role in the binding. |
| # |
| # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus |
| # unique identifier) representing a service account that has been recently |
| # deleted. For example, |
| # `[email protected]?uid=123456789012345678901`. |
| # If the service account is undeleted, this value reverts to |
| # `serviceAccount:{emailid}` and the undeleted service account retains the |
| # role in the binding. |
| # |
| # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique |
| # identifier) representing a Google group that has been recently |
| # deleted. For example, `[email protected]?uid=123456789012345678901`. If |
| # the group is recovered, this value reverts to `group:{emailid}` and the |
| # recovered group retains the role in the binding. |
| # |
| # * `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: |
| # Deleted single identity in a workforce identity pool. For example, |
| # `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. |
| "A String", |
| ], |
| "role": "A String", # Role that is assigned to the list of `members`, or principals. |
| # For example, `roles/viewer`, `roles/editor`, or `roles/owner`. |
| # |
| # For an overview of the IAM roles and permissions, see the |
| # [IAM documentation](https://cloud.google.com/iam/docs/roles-overview). For |
| # a list of the available pre-defined roles, see |
| # [here](https://cloud.google.com/iam/docs/understanding-roles). |
| }, |
| ], |
| "etag": "A String", # Flatten Policy to create a backward compatible wire-format. |
| # Deprecated. Use 'policy' to specify the etag. |
| "policy": { # An Identity and Access Management (IAM) policy, which specifies access # REQUIRED: The complete policy to be applied to the 'resource'. The size of |
| # the policy is limited to a few 10s of KB. An empty policy is in general a |
| # valid policy but certain services (like Projects) might reject them. |
| # controls for Google Cloud resources. |
| # |
| # |
| # A `Policy` is a collection of `bindings`. A `binding` binds one or more |
| # `members`, or principals, to a single `role`. Principals can be user |
| # accounts, service accounts, Google groups, and domains (such as G Suite). A |
| # `role` is a named list of permissions; each `role` can be an IAM predefined |
| # role or a user-created custom role. |
| # |
| # For some types of Google Cloud resources, a `binding` can also specify a |
| # `condition`, which is a logical expression that allows access to a resource |
| # only if the expression evaluates to `true`. A condition can add constraints |
| # based on attributes of the request, the resource, or both. To learn which |
| # resources support conditions in their IAM policies, see the |
| # [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). |
| # |
| # **JSON example:** |
| # |
| # ``` |
| # { |
| # "bindings": [ |
| # { |
| # "role": "roles/resourcemanager.organizationAdmin", |
| # "members": [ |
| # "user:[email protected]", |
| # "group:[email protected]", |
| # "domain:google.com", |
| # "serviceAccount:[email protected]" |
| # ] |
| # }, |
| # { |
| # "role": "roles/resourcemanager.organizationViewer", |
| # "members": [ |
| # "user:[email protected]" |
| # ], |
| # "condition": { |
| # "title": "expirable access", |
| # "description": "Does not grant access after Sep 2020", |
| # "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", |
| # } |
| # } |
| # ], |
| # "etag": "BwWWja0YfJA=", |
| # "version": 3 |
| # } |
| # ``` |
| # |
| # **YAML example:** |
| # |
| # ``` |
| # bindings: |
| # - members: |
| # - user:[email protected] |
| # - group:[email protected] |
| # - domain:google.com |
| # - serviceAccount:[email protected] |
| # role: roles/resourcemanager.organizationAdmin |
| # - members: |
| # - user:[email protected] |
| # role: roles/resourcemanager.organizationViewer |
| # condition: |
| # title: expirable access |
| # description: Does not grant access after Sep 2020 |
| # expression: request.time < timestamp('2020-10-01T00:00:00.000Z') |
| # etag: BwWWja0YfJA= |
| # version: 3 |
| # ``` |
| # |
| # For a description of IAM and its features, see the |
| # [IAM documentation](https://cloud.google.com/iam/docs/). |
| "auditConfigs": [ # Specifies cloud audit logging configuration for this policy. |
| { # Specifies the audit configuration for a service. |
| # The configuration determines which permission types are logged, and what |
| # identities, if any, are exempted from logging. |
| # An AuditConfig must have one or more AuditLogConfigs. |
| # |
| # If there are AuditConfigs for both `allServices` and a specific service, |
| # the union of the two AuditConfigs is used for that service: the log_types |
| # specified in each AuditConfig are enabled, and the exempted_members in each |
| # AuditLogConfig are exempted. |
| # |
| # Example Policy with multiple AuditConfigs: |
| # |
| # { |
| # "audit_configs": [ |
| # { |
| # "service": "allServices", |
| # "audit_log_configs": [ |
| # { |
| # "log_type": "DATA_READ", |
| # "exempted_members": [ |
| # "user:[email protected]" |
| # ] |
| # }, |
| # { |
| # "log_type": "DATA_WRITE" |
| # }, |
| # { |
| # "log_type": "ADMIN_READ" |
| # } |
| # ] |
| # }, |
| # { |
| # "service": "sampleservice.googleapis.com", |
| # "audit_log_configs": [ |
| # { |
| # "log_type": "DATA_READ" |
| # }, |
| # { |
| # "log_type": "DATA_WRITE", |
| # "exempted_members": [ |
| # "user:[email protected]" |
| # ] |
| # } |
| # ] |
| # } |
| # ] |
| # } |
| # |
| # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ |
| # logging. It also exempts `[email protected]` from DATA_READ logging, and |
| # `[email protected]` from DATA_WRITE logging. |
| "auditLogConfigs": [ # The configuration for logging of each type of permission. |
| { # Provides the configuration for logging a type of permissions. |
| # Example: |
| # |
| # { |
| # "audit_log_configs": [ |
| # { |
| # "log_type": "DATA_READ", |
| # "exempted_members": [ |
| # "user:[email protected]" |
| # ] |
| # }, |
| # { |
| # "log_type": "DATA_WRITE" |
| # } |
| # ] |
| # } |
| # |
| # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting |
| # [email protected] from DATA_READ logging. |
| "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of |
| # permission. |
| # Follows the same format of Binding.members. |
| "A String", |
| ], |
| "logType": "A String", # The log type that this config enables. |
| }, |
| ], |
| "service": "A String", # Specifies a service that will be enabled for audit logging. |
| # For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. |
| # `allServices` is a special value that covers all services. |
| }, |
| ], |
| "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, |
| # may specify a `condition` that determines how and when the `bindings` are |
| # applied. Each of the `bindings` must contain at least one principal. |
| # |
| # The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 |
| # of these principals can be Google groups. Each occurrence of a principal |
| # counts towards these limits. For example, if the `bindings` grant 50 |
| # different roles to `user:[email protected]`, and not to any other |
| # principal, then you can add another 1,450 principals to the `bindings` in |
| # the `Policy`. |
| { # Associates `members`, or principals, with a `role`. |
| "condition": { # Represents a textual expression in the Common Expression Language (CEL) # The condition that is associated with this binding. |
| # |
| # If the condition evaluates to `true`, then this binding applies to the |
| # current request. |
| # |
| # If the condition evaluates to `false`, then this binding does not apply to |
| # the current request. However, a different role binding might grant the same |
| # role to one or more of the principals in this binding. |
| # |
| # To learn which resources support conditions in their IAM policies, see the |
| # [IAM |
| # documentation](https://cloud.google.com/iam/help/conditions/resource-policies). |
| # syntax. CEL is a C-like expression language. The syntax and semantics of CEL |
| # are documented at https://github.com/google/cel-spec. |
| # |
| # Example (Comparison): |
| # |
| # title: "Summary size limit" |
| # description: "Determines if a summary is less than 100 chars" |
| # expression: "document.summary.size() < 100" |
| # |
| # Example (Equality): |
| # |
| # title: "Requestor is owner" |
| # description: "Determines if requestor is the document owner" |
| # expression: "document.owner == request.auth.claims.email" |
| # |
| # Example (Logic): |
| # |
| # title: "Public documents" |
| # description: "Determine whether the document should be publicly visible" |
| # expression: "document.type != 'private' && document.type != 'internal'" |
| # |
| # Example (Data Manipulation): |
| # |
| # title: "Notification string" |
| # description: "Create a notification string with a timestamp." |
| # expression: "'New message received at ' + string(document.create_time)" |
| # |
| # The exact variables and functions that may be referenced within an expression |
| # are determined by the service that evaluates it. See the service |
| # documentation for additional information. |
| "description": "A String", # Optional. Description of the expression. This is a longer text which |
| # describes the expression, e.g. when hovered over it in a UI. |
| "expression": "A String", # Textual representation of an expression in Common Expression Language |
| # syntax. |
| "location": "A String", # Optional. String indicating the location of the expression for error |
| # reporting, e.g. a file name and a position in the file. |
| "title": "A String", # Optional. Title for the expression, i.e. a short string describing |
| # its purpose. This can be used e.g. in UIs which allow to enter the |
| # expression. |
| }, |
| "members": [ # Specifies the principals requesting access for a Google Cloud resource. |
| # `members` can have the following values: |
| # |
| # * `allUsers`: A special identifier that represents anyone who is |
| # on the internet; with or without a Google account. |
| # |
| # * `allAuthenticatedUsers`: A special identifier that represents anyone |
| # who is authenticated with a Google account or a service account. |
| # Does not include identities that come from external identity providers |
| # (IdPs) through identity federation. |
| # |
| # * `user:{emailid}`: An email address that represents a specific Google |
| # account. For example, `[email protected]` . |
| # |
| # |
| # * `serviceAccount:{emailid}`: An email address that represents a Google |
| # service account. For example, |
| # `[email protected]`. |
| # |
| # * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An |
| # identifier for a |
| # [Kubernetes service |
| # account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). |
| # For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. |
| # |
| # * `group:{emailid}`: An email address that represents a Google group. |
| # For example, `[email protected]`. |
| # |
| # |
| # * `domain:{domain}`: The G Suite domain (primary) that represents all the |
| # users of that domain. For example, `google.com` or `example.com`. |
| # |
| # |
| # |
| # |
| # * `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: |
| # A single identity in a workforce identity pool. |
| # |
| # * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: |
| # All workforce identities in a group. |
| # |
| # * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: |
| # All workforce identities with a specific attribute value. |
| # |
| # * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: |
| # All identities in a workforce identity pool. |
| # |
| # * `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: |
| # A single identity in a workload identity pool. |
| # |
| # * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: |
| # A workload identity pool group. |
| # |
| # * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: |
| # All identities in a workload identity pool with a certain attribute. |
| # |
| # * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: |
| # All identities in a workload identity pool. |
| # |
| # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique |
| # identifier) representing a user that has been recently deleted. For |
| # example, `[email protected]?uid=123456789012345678901`. If the user is |
| # recovered, this value reverts to `user:{emailid}` and the recovered user |
| # retains the role in the binding. |
| # |
| # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus |
| # unique identifier) representing a service account that has been recently |
| # deleted. For example, |
| # `[email protected]?uid=123456789012345678901`. |
| # If the service account is undeleted, this value reverts to |
| # `serviceAccount:{emailid}` and the undeleted service account retains the |
| # role in the binding. |
| # |
| # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique |
| # identifier) representing a Google group that has been recently |
| # deleted. For example, `[email protected]?uid=123456789012345678901`. If |
| # the group is recovered, this value reverts to `group:{emailid}` and the |
| # recovered group retains the role in the binding. |
| # |
| # * `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: |
| # Deleted single identity in a workforce identity pool. For example, |
| # `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. |
| "A String", |
| ], |
| "role": "A String", # Role that is assigned to the list of `members`, or principals. |
| # For example, `roles/viewer`, `roles/editor`, or `roles/owner`. |
| # |
| # For an overview of the IAM roles and permissions, see the |
| # [IAM documentation](https://cloud.google.com/iam/docs/roles-overview). For |
| # a list of the available pre-defined roles, see |
| # [here](https://cloud.google.com/iam/docs/understanding-roles). |
| }, |
| ], |
| "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help |
| # prevent simultaneous updates of a policy from overwriting each other. |
| # It is strongly suggested that systems make use of the `etag` in the |
| # read-modify-write cycle to perform policy updates in order to avoid race |
| # conditions: An `etag` is returned in the response to `getIamPolicy`, and |
| # systems are expected to put that etag in the request to `setIamPolicy` to |
| # ensure that their change will be applied to the same version of the policy. |
| # |
| # **Important:** If you use IAM Conditions, you must include the `etag` field |
| # whenever you call `setIamPolicy`. If you omit this field, then IAM allows |
| # you to overwrite a version `3` policy with a version `1` policy, and all of |
| # the conditions in the version `3` policy are lost. |
| "version": 42, # Specifies the format of the policy. |
| # |
| # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value |
| # are rejected. |
| # |
| # Any operation that affects conditional role bindings must specify version |
| # `3`. This requirement applies to the following operations: |
| # |
| # * Getting a policy that includes a conditional role binding |
| # * Adding a conditional role binding to a policy |
| # * Changing a conditional role binding in a policy |
| # * Removing any role binding, with or without a condition, from a policy |
| # that includes conditions |
| # |
| # **Important:** If you use IAM Conditions, you must include the `etag` field |
| # whenever you call `setIamPolicy`. If you omit this field, then IAM allows |
| # you to overwrite a version `3` policy with a version `1` policy, and all of |
| # the conditions in the version `3` policy are lost. |
| # |
| # If a policy does not include any conditions, operations on that policy may |
| # specify any valid version or leave the field unset. |
| # |
| # To learn which resources support conditions in their IAM policies, see the |
| # [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). |
| }, |
| } |
| |
| x__xgafv: string, V1 error format. |
| Allowed values |
| 1 - v1 error format |
| 2 - v2 error format |
| |
| Returns: |
| An object of the form: |
| |
| { # An Identity and Access Management (IAM) policy, which specifies access |
| # controls for Google Cloud resources. |
| # |
| # |
| # A `Policy` is a collection of `bindings`. A `binding` binds one or more |
| # `members`, or principals, to a single `role`. Principals can be user |
| # accounts, service accounts, Google groups, and domains (such as G Suite). A |
| # `role` is a named list of permissions; each `role` can be an IAM predefined |
| # role or a user-created custom role. |
| # |
| # For some types of Google Cloud resources, a `binding` can also specify a |
| # `condition`, which is a logical expression that allows access to a resource |
| # only if the expression evaluates to `true`. A condition can add constraints |
| # based on attributes of the request, the resource, or both. To learn which |
| # resources support conditions in their IAM policies, see the |
| # [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). |
| # |
| # **JSON example:** |
| # |
| # ``` |
| # { |
| # "bindings": [ |
| # { |
| # "role": "roles/resourcemanager.organizationAdmin", |
| # "members": [ |
| # "user:[email protected]", |
| # "group:[email protected]", |
| # "domain:google.com", |
| # "serviceAccount:[email protected]" |
| # ] |
| # }, |
| # { |
| # "role": "roles/resourcemanager.organizationViewer", |
| # "members": [ |
| # "user:[email protected]" |
| # ], |
| # "condition": { |
| # "title": "expirable access", |
| # "description": "Does not grant access after Sep 2020", |
| # "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", |
| # } |
| # } |
| # ], |
| # "etag": "BwWWja0YfJA=", |
| # "version": 3 |
| # } |
| # ``` |
| # |
| # **YAML example:** |
| # |
| # ``` |
| # bindings: |
| # - members: |
| # - user:[email protected] |
| # - group:[email protected] |
| # - domain:google.com |
| # - serviceAccount:[email protected] |
| # role: roles/resourcemanager.organizationAdmin |
| # - members: |
| # - user:[email protected] |
| # role: roles/resourcemanager.organizationViewer |
| # condition: |
| # title: expirable access |
| # description: Does not grant access after Sep 2020 |
| # expression: request.time < timestamp('2020-10-01T00:00:00.000Z') |
| # etag: BwWWja0YfJA= |
| # version: 3 |
| # ``` |
| # |
| # For a description of IAM and its features, see the |
| # [IAM documentation](https://cloud.google.com/iam/docs/). |
| "auditConfigs": [ # Specifies cloud audit logging configuration for this policy. |
| { # Specifies the audit configuration for a service. |
| # The configuration determines which permission types are logged, and what |
| # identities, if any, are exempted from logging. |
| # An AuditConfig must have one or more AuditLogConfigs. |
| # |
| # If there are AuditConfigs for both `allServices` and a specific service, |
| # the union of the two AuditConfigs is used for that service: the log_types |
| # specified in each AuditConfig are enabled, and the exempted_members in each |
| # AuditLogConfig are exempted. |
| # |
| # Example Policy with multiple AuditConfigs: |
| # |
| # { |
| # "audit_configs": [ |
| # { |
| # "service": "allServices", |
| # "audit_log_configs": [ |
| # { |
| # "log_type": "DATA_READ", |
| # "exempted_members": [ |
| # "user:[email protected]" |
| # ] |
| # }, |
| # { |
| # "log_type": "DATA_WRITE" |
| # }, |
| # { |
| # "log_type": "ADMIN_READ" |
| # } |
| # ] |
| # }, |
| # { |
| # "service": "sampleservice.googleapis.com", |
| # "audit_log_configs": [ |
| # { |
| # "log_type": "DATA_READ" |
| # }, |
| # { |
| # "log_type": "DATA_WRITE", |
| # "exempted_members": [ |
| # "user:[email protected]" |
| # ] |
| # } |
| # ] |
| # } |
| # ] |
| # } |
| # |
| # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ |
| # logging. It also exempts `[email protected]` from DATA_READ logging, and |
| # `[email protected]` from DATA_WRITE logging. |
| "auditLogConfigs": [ # The configuration for logging of each type of permission. |
| { # Provides the configuration for logging a type of permissions. |
| # Example: |
| # |
| # { |
| # "audit_log_configs": [ |
| # { |
| # "log_type": "DATA_READ", |
| # "exempted_members": [ |
| # "user:[email protected]" |
| # ] |
| # }, |
| # { |
| # "log_type": "DATA_WRITE" |
| # } |
| # ] |
| # } |
| # |
| # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting |
| # [email protected] from DATA_READ logging. |
| "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of |
| # permission. |
| # Follows the same format of Binding.members. |
| "A String", |
| ], |
| "logType": "A String", # The log type that this config enables. |
| }, |
| ], |
| "service": "A String", # Specifies a service that will be enabled for audit logging. |
| # For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. |
| # `allServices` is a special value that covers all services. |
| }, |
| ], |
| "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, |
| # may specify a `condition` that determines how and when the `bindings` are |
| # applied. Each of the `bindings` must contain at least one principal. |
| # |
| # The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 |
| # of these principals can be Google groups. Each occurrence of a principal |
| # counts towards these limits. For example, if the `bindings` grant 50 |
| # different roles to `user:[email protected]`, and not to any other |
| # principal, then you can add another 1,450 principals to the `bindings` in |
| # the `Policy`. |
| { # Associates `members`, or principals, with a `role`. |
| "condition": { # Represents a textual expression in the Common Expression Language (CEL) # The condition that is associated with this binding. |
| # |
| # If the condition evaluates to `true`, then this binding applies to the |
| # current request. |
| # |
| # If the condition evaluates to `false`, then this binding does not apply to |
| # the current request. However, a different role binding might grant the same |
| # role to one or more of the principals in this binding. |
| # |
| # To learn which resources support conditions in their IAM policies, see the |
| # [IAM |
| # documentation](https://cloud.google.com/iam/help/conditions/resource-policies). |
| # syntax. CEL is a C-like expression language. The syntax and semantics of CEL |
| # are documented at https://github.com/google/cel-spec. |
| # |
| # Example (Comparison): |
| # |
| # title: "Summary size limit" |
| # description: "Determines if a summary is less than 100 chars" |
| # expression: "document.summary.size() < 100" |
| # |
| # Example (Equality): |
| # |
| # title: "Requestor is owner" |
| # description: "Determines if requestor is the document owner" |
| # expression: "document.owner == request.auth.claims.email" |
| # |
| # Example (Logic): |
| # |
| # title: "Public documents" |
| # description: "Determine whether the document should be publicly visible" |
| # expression: "document.type != 'private' && document.type != 'internal'" |
| # |
| # Example (Data Manipulation): |
| # |
| # title: "Notification string" |
| # description: "Create a notification string with a timestamp." |
| # expression: "'New message received at ' + string(document.create_time)" |
| # |
| # The exact variables and functions that may be referenced within an expression |
| # are determined by the service that evaluates it. See the service |
| # documentation for additional information. |
| "description": "A String", # Optional. Description of the expression. This is a longer text which |
| # describes the expression, e.g. when hovered over it in a UI. |
| "expression": "A String", # Textual representation of an expression in Common Expression Language |
| # syntax. |
| "location": "A String", # Optional. String indicating the location of the expression for error |
| # reporting, e.g. a file name and a position in the file. |
| "title": "A String", # Optional. Title for the expression, i.e. a short string describing |
| # its purpose. This can be used e.g. in UIs which allow to enter the |
| # expression. |
| }, |
| "members": [ # Specifies the principals requesting access for a Google Cloud resource. |
| # `members` can have the following values: |
| # |
| # * `allUsers`: A special identifier that represents anyone who is |
| # on the internet; with or without a Google account. |
| # |
| # * `allAuthenticatedUsers`: A special identifier that represents anyone |
| # who is authenticated with a Google account or a service account. |
| # Does not include identities that come from external identity providers |
| # (IdPs) through identity federation. |
| # |
| # * `user:{emailid}`: An email address that represents a specific Google |
| # account. For example, `[email protected]` . |
| # |
| # |
| # * `serviceAccount:{emailid}`: An email address that represents a Google |
| # service account. For example, |
| # `[email protected]`. |
| # |
| # * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An |
| # identifier for a |
| # [Kubernetes service |
| # account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). |
| # For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. |
| # |
| # * `group:{emailid}`: An email address that represents a Google group. |
| # For example, `[email protected]`. |
| # |
| # |
| # * `domain:{domain}`: The G Suite domain (primary) that represents all the |
| # users of that domain. For example, `google.com` or `example.com`. |
| # |
| # |
| # |
| # |
| # * `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: |
| # A single identity in a workforce identity pool. |
| # |
| # * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: |
| # All workforce identities in a group. |
| # |
| # * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: |
| # All workforce identities with a specific attribute value. |
| # |
| # * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: |
| # All identities in a workforce identity pool. |
| # |
| # * `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: |
| # A single identity in a workload identity pool. |
| # |
| # * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: |
| # A workload identity pool group. |
| # |
| # * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: |
| # All identities in a workload identity pool with a certain attribute. |
| # |
| # * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: |
| # All identities in a workload identity pool. |
| # |
| # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique |
| # identifier) representing a user that has been recently deleted. For |
| # example, `[email protected]?uid=123456789012345678901`. If the user is |
| # recovered, this value reverts to `user:{emailid}` and the recovered user |
| # retains the role in the binding. |
| # |
| # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus |
| # unique identifier) representing a service account that has been recently |
| # deleted. For example, |
| # `[email protected]?uid=123456789012345678901`. |
| # If the service account is undeleted, this value reverts to |
| # `serviceAccount:{emailid}` and the undeleted service account retains the |
| # role in the binding. |
| # |
| # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique |
| # identifier) representing a Google group that has been recently |
| # deleted. For example, `[email protected]?uid=123456789012345678901`. If |
| # the group is recovered, this value reverts to `group:{emailid}` and the |
| # recovered group retains the role in the binding. |
| # |
| # * `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: |
| # Deleted single identity in a workforce identity pool. For example, |
| # `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. |
| "A String", |
| ], |
| "role": "A String", # Role that is assigned to the list of `members`, or principals. |
| # For example, `roles/viewer`, `roles/editor`, or `roles/owner`. |
| # |
| # For an overview of the IAM roles and permissions, see the |
| # [IAM documentation](https://cloud.google.com/iam/docs/roles-overview). For |
| # a list of the available pre-defined roles, see |
| # [here](https://cloud.google.com/iam/docs/understanding-roles). |
| }, |
| ], |
| "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help |
| # prevent simultaneous updates of a policy from overwriting each other. |
| # It is strongly suggested that systems make use of the `etag` in the |
| # read-modify-write cycle to perform policy updates in order to avoid race |
| # conditions: An `etag` is returned in the response to `getIamPolicy`, and |
| # systems are expected to put that etag in the request to `setIamPolicy` to |
| # ensure that their change will be applied to the same version of the policy. |
| # |
| # **Important:** If you use IAM Conditions, you must include the `etag` field |
| # whenever you call `setIamPolicy`. If you omit this field, then IAM allows |
| # you to overwrite a version `3` policy with a version `1` policy, and all of |
| # the conditions in the version `3` policy are lost. |
| "version": 42, # Specifies the format of the policy. |
| # |
| # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value |
| # are rejected. |
| # |
| # Any operation that affects conditional role bindings must specify version |
| # `3`. This requirement applies to the following operations: |
| # |
| # * Getting a policy that includes a conditional role binding |
| # * Adding a conditional role binding to a policy |
| # * Changing a conditional role binding in a policy |
| # * Removing any role binding, with or without a condition, from a policy |
| # that includes conditions |
| # |
| # **Important:** If you use IAM Conditions, you must include the `etag` field |
| # whenever you call `setIamPolicy`. If you omit this field, then IAM allows |
| # you to overwrite a version `3` policy with a version `1` policy, and all of |
| # the conditions in the version `3` policy are lost. |
| # |
| # If a policy does not include any conditions, operations on that policy may |
| # specify any valid version or leave the field unset. |
| # |
| # To learn which resources support conditions in their IAM policies, see the |
| # [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). |
| }</pre> |
| </div> |
| |
| <div class="method"> |
| <code class="details" id="testIamPermissions">testIamPermissions(project, resource, body=None, x__xgafv=None)</code> |
| <pre>Returns permissions that a caller has on the specified resource. |
| *Caution* This resource is intended |
| for use only by third-party partners who are creatingCloud Marketplace |
| images. |
| |
| Args: |
| project: string, Project ID for this request. (required) |
| resource: string, Name or id of the resource for this request. (required) |
| body: object, The request body. |
| The object takes the form of: |
| |
| { |
| "permissions": [ # The set of permissions to check for the 'resource'. Permissions with |
| # wildcards (such as '*' or 'storage.*') are not allowed. |
| "A String", |
| ], |
| } |
| |
| x__xgafv: string, V1 error format. |
| Allowed values |
| 1 - v1 error format |
| 2 - v2 error format |
| |
| Returns: |
| An object of the form: |
| |
| { |
| "permissions": [ # A subset of `TestPermissionsRequest.permissions` that the caller is |
| # allowed. |
| "A String", |
| ], |
| }</pre> |
| </div> |
| |
| <div class="method"> |
| <code class="details" id="update">update(project, license, body=None, requestId=None, updateMask=None, x__xgafv=None)</code> |
| <pre>Updates a License resource in the specified project. |
| *Caution* This resource is intended |
| for use only by third-party partners who are creatingCloud Marketplace |
| images. |
| |
| Args: |
| project: string, Project ID for this request. (required) |
| license: string, The license name for this request. (required) |
| body: object, The request body. |
| The object takes the form of: |
| |
| { # Represents a License resource. |
| # |
| # A License represents billing and aggregate usage data forpublic andmarketplace images. |
| # *Caution* This resource is intended for |
| # use only by third-party partners who are creatingCloud Marketplace |
| # images. |
| "allowedReplacementLicenses": [ # Specifies licenseCodes of licenses that can replace this license. Note: |
| # such replacements are allowed even if removable_from_disk is false. |
| "A String", |
| ], |
| "appendableToDisk": True or False, # If true, this license can be appended to an existing disk's set of |
| # licenses. |
| "chargesUseFee": True or False, # [Output Only] Deprecated. This field no longer reflects whether a license |
| # charges a usage fee. |
| "creationTimestamp": "A String", # [Output Only] Creation timestamp inRFC3339 |
| # text format. |
| "description": "A String", # An optional textual description of the resource; provided by the client |
| # when the resource is created. |
| "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is |
| # defined by the server. |
| "incompatibleLicenses": [ # Specifies licenseCodes of licenses that are incompatible with this license. |
| # If a license is incompatible with this license, it cannot be attached to |
| # the same disk or image. |
| "A String", |
| ], |
| "kind": "compute#license", # [Output Only] Type of resource. Always compute#license for |
| # licenses. |
| "licenseCode": "A String", # [Output Only] The unique code used to attach this license to images, |
| # snapshots, and disks. |
| "minimumRetention": { # A Duration represents a fixed-length span of time represented # If set, this license will be unable to be removed or replaced once attached |
| # to a disk until the minimum_retention period has passed. |
| # as a count of seconds and fractions of seconds at nanosecond |
| # resolution. It is independent of any calendar and concepts like "day" |
| # or "month". Range is approximately 10,000 years. |
| "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. |
| # Durations less than one second are represented with a 0 |
| # `seconds` field and a positive `nanos` field. Must be from 0 |
| # to 999,999,999 inclusive. |
| "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 |
| # to 315,576,000,000 inclusive. Note: these bounds are computed from: |
| # 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years |
| }, |
| "multiTenantOnly": True or False, # If true, this license can only be used on VMs on multi tenant nodes. |
| "name": "A String", # Name of the resource. The name must be 1-63 characters long and |
| # comply withRFC1035. |
| "osLicense": True or False, # If true, indicates this is an OS license. Only one OS license can be |
| # attached to a disk or image at a time. |
| "removableFromDisk": True or False, # If true, this license can be removed from a disk's set of licenses, with no |
| # replacement license needed. |
| "requiredCoattachedLicenses": [ # Specifies the set of permissible coattached licenseCodes of licenses that |
| # satisfy the coattachment requirement of this license. At least one license |
| # from the set must be attached to the same disk or image as this license. |
| "A String", |
| ], |
| "resourceRequirements": { # [Input Only] Deprecated. |
| "minGuestCpuCount": 42, # [Input Only] Deprecated. This field no longer reflects the minimum number |
| # of guest cpus required to use the Instance. |
| "minMemoryMb": 42, # [Input Only] Deprecated. This field no longer reflects the minimum memory |
| # required to use the Instance. |
| }, |
| "selfLink": "A String", # [Output Only] Server-defined URL for the resource. |
| "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id. |
| "soleTenantOnly": True or False, # If true, this license can only be used on VMs on sole tenant nodes. |
| "transferable": True or False, # If false, licenses will not be copied from the source resource when |
| # creating an image from a disk, disk from snapshot, or snapshot from disk. |
| "updateTimestamp": "A String", # [Output Only] Last update timestamp inRFC3339 |
| # text format. |
| } |
| |
| requestId: string, An optional request ID to identify requests. Specify a unique request ID so |
| that if you must retry your request, the server will know to ignore the |
| request if it has already been completed. |
| |
| For example, consider a situation where you make an initial request and |
| the request times out. If you make the request again with the same |
| request ID, the server can check if original operation with the same |
| request ID was received, and if so, will ignore the second request. This |
| prevents clients from accidentally creating duplicate commitments. |
| |
| The request ID must be |
| a valid UUID with the exception that zero UUID is not supported |
| (00000000-0000-0000-0000-000000000000). |
| updateMask: string, update_mask indicates fields to be updated as part of this request. |
| x__xgafv: string, V1 error format. |
| Allowed values |
| 1 - v1 error format |
| 2 - v2 error format |
| |
| Returns: |
| An object of the form: |
| |
| { # Represents an Operation resource. |
| # |
| # Google Compute Engine has three Operation resources: |
| # |
| # * [Global](/compute/docs/reference/rest/alpha/globalOperations) |
| # * [Regional](/compute/docs/reference/rest/alpha/regionOperations) |
| # * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) |
| # |
| # You can use an operation resource to manage asynchronous API requests. |
| # For more information, readHandling |
| # API responses. |
| # |
| # Operations can be global, regional or zonal. |
| # |
| # - For global operations, use the `globalOperations` |
| # resource. |
| # - For regional operations, use the |
| # `regionOperations` resource. |
| # - For zonal operations, use |
| # the `zoneOperations` resource. |
| # |
| # |
| # |
| # For more information, read |
| # Global, Regional, and Zonal Resources. |
| # |
| # Note that completed Operation resources have a limited |
| # retention period. |
| "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. |
| # Not present otherwise. |
| "creationTimestamp": "A String", # [Deprecated] This field is deprecated. |
| "description": "A String", # [Output Only] A textual description of the operation, which is |
| # set when the operation is created. |
| "endTime": "A String", # [Output Only] The time that this operation was completed. This value is inRFC3339 |
| # text format. |
| "error": { # [Output Only] If errors are generated during processing of the operation, |
| # this field will be populated. |
| "errors": [ # [Output Only] The array of errors encountered while processing this |
| # operation. |
| { |
| "code": "A String", # [Output Only] The error type identifier for this error. |
| "errorDetails": [ # [Output Only] An optional list of messages that contain the error |
| # details. There is a set of defined message types to use for providing |
| # details.The syntax depends on the error code. For example, |
| # QuotaExceededInfo will have details when the error code is |
| # QUOTA_EXCEEDED. |
| { |
| "errorInfo": { # Describes the cause of the error with structured details. |
| # |
| # Example of an error when contacting the "pubsub.googleapis.com" API when it |
| # is not enabled: |
| # |
| # { "reason": "API_DISABLED" |
| # "domain": "googleapis.com" |
| # "metadata": { |
| # "resource": "projects/123", |
| # "service": "pubsub.googleapis.com" |
| # } |
| # } |
| # |
| # This response indicates that the pubsub.googleapis.com API is not enabled. |
| # |
| # Example of an error that is returned when attempting to create a Spanner |
| # instance in a region that is out of stock: |
| # |
| # { "reason": "STOCKOUT" |
| # "domain": "spanner.googleapis.com", |
| # "metadata": { |
| # "availableRegions": "us-central1,us-east2" |
| # } |
| # } |
| "domain": "A String", # The logical grouping to which the "reason" belongs. The error domain |
| # is typically the registered service name of the tool or product that |
| # generates the error. Example: "pubsub.googleapis.com". If the error is |
| # generated by some common infrastructure, the error domain must be a |
| # globally unique value that identifies the infrastructure. For Google API |
| # infrastructure, the error domain is "googleapis.com". |
| "metadatas": { # Additional structured details about this error. |
| # |
| # Keys must match a regular expression of `a-z+` but should |
| # ideally be lowerCamelCase. Also, they must be limited to 64 characters in |
| # length. When identifying the current value of an exceeded limit, the units |
| # should be contained in the key, not the value. For example, rather than |
| # `{"instanceLimit": "100/request"}`, should be returned as, |
| # `{"instanceLimitPerRequest": "100"}`, if the client exceeds the number of |
| # instances that can be created in a single (batch) request. |
| "a_key": "A String", |
| }, |
| "reason": "A String", # The reason of the error. This is a constant value that identifies the |
| # proximate cause of the error. Error reasons are unique within a particular |
| # domain of errors. This should be at most 63 characters and match a |
| # regular expression of `A-Z+[A-Z0-9]`, which represents |
| # UPPER_SNAKE_CASE. |
| }, |
| "help": { # Provides links to documentation or for performing an out of band action. |
| # |
| # For example, if a quota check failed with an error indicating the calling |
| # project hasn't enabled the accessed service, this can contain a URL pointing |
| # directly to the right place in the developer console to flip the bit. |
| "links": [ # URL(s) pointing to additional information on handling the current error. |
| { # Describes a URL link. |
| "description": "A String", # Describes what the link offers. |
| "url": "A String", # The URL of the link. |
| }, |
| ], |
| }, |
| "localizedMessage": { # Provides a localized error message that is safe to return to the user |
| # which can be attached to an RPC error. |
| "locale": "A String", # The locale used following the specification defined at |
| # https://www.rfc-editor.org/rfc/bcp/bcp47.txt. |
| # Examples are: "en-US", "fr-CH", "es-MX" |
| "message": "A String", # The localized error message in the above locale. |
| }, |
| "quotaInfo": { # Additional details for quota exceeded error for resource quota. |
| "dimensions": { # The map holding related quota dimensions. |
| "a_key": "A String", |
| }, |
| "futureLimit": 3.14, # Future quota limit being rolled out. The limit's unit depends on the quota |
| # type or metric. |
| "limit": 3.14, # Current effective quota limit. The limit's unit depends on the quota type |
| # or metric. |
| "limitName": "A String", # The name of the quota limit. |
| "metricName": "A String", # The Compute Engine quota metric name. |
| "rolloutStatus": "A String", # Rollout status of the future quota limit. |
| }, |
| }, |
| ], |
| "location": "A String", # [Output Only] Indicates the field in the request that caused the error. |
| # This property is optional. |
| "message": "A String", # [Output Only] An optional, human-readable error message. |
| }, |
| ], |
| }, |
| "httpErrorMessage": "A String", # [Output Only] If the operation fails, this field contains the HTTP error |
| # message that was returned, such as `NOT FOUND`. |
| "httpErrorStatusCode": 42, # [Output Only] If the operation fails, this field contains the HTTP error |
| # status code that was returned. For example, a `404` means the |
| # resource was not found. |
| "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is |
| # defined by the server. |
| "insertTime": "A String", # [Output Only] The time that this operation was requested. |
| # This value is inRFC3339 |
| # text format. |
| "instancesBulkInsertOperationMetadata": { |
| "perLocationStatus": { # Status information per location (location name is key). |
| # Example key: zones/us-central1-a |
| "a_key": { |
| "createdVmCount": 42, # [Output Only] Count of VMs successfully created so far. |
| "deletedVmCount": 42, # [Output Only] Count of VMs that got deleted during rollback. |
| "failedToCreateVmCount": 42, # [Output Only] Count of VMs that started creating but encountered an |
| # error. |
| "status": "A String", # [Output Only] Creation status of BulkInsert operation - information |
| # if the flow is rolling forward or rolling back. |
| "targetVmCount": 42, # [Output Only] Count of VMs originally planned to be created. |
| }, |
| }, |
| }, |
| "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for |
| # Operation resources. |
| "name": "A String", # [Output Only] Name of the operation. |
| "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a |
| # group of operations results from a `bulkInsert` API request. |
| "operationType": "A String", # [Output Only] The type of operation, such as `insert`, |
| # `update`, or `delete`, and so on. |
| "progress": 42, # [Output Only] An optional progress indicator that ranges from 0 to 100. |
| # There is no requirement that this be linear or support any granularity of |
| # operations. This should not be used to guess when the operation will be |
| # complete. This number should monotonically increase as the operation |
| # progresses. |
| "region": "A String", # [Output Only] The URL of the region where the operation resides. Only |
| # applicable when performing regional operations. |
| "selfLink": "A String", # [Output Only] Server-defined URL for the resource. |
| "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id. |
| "setCommonInstanceMetadataOperationMetadata": { # [Output Only] If the operation is for projects.setCommonInstanceMetadata, |
| # this field will contain information on all underlying zonal actions and |
| # their state. |
| "clientOperationId": "A String", # [Output Only] The client operation id. |
| "perLocationOperations": { # [Output Only] Status information per location (location name is key). |
| # Example key: zones/us-central1-a |
| "a_key": { |
| "error": { # The `Status` type defines a logical error model that is suitable for # [Output Only] If state is `ABANDONED` or `FAILED`, this field is |
| # populated. |
| # different programming environments, including REST APIs and RPC APIs. It is |
| # used by [gRPC](https://github.com/grpc). Each `Status` message contains |
| # three pieces of data: error code, error message, and error details. |
| # |
| # You can find out more about this error model and how to work with it in the |
| # [API Design Guide](https://cloud.google.com/apis/design/errors). |
| "code": 42, # The status code, which should be an enum value of google.rpc.Code. |
| "details": [ # A list of messages that carry the error details. There is a common set of |
| # message types for APIs to use. |
| { |
| "a_key": "", # Properties of the object. Contains field @type with type URL. |
| }, |
| ], |
| "message": "A String", # A developer-facing error message, which should be in English. Any |
| # user-facing error message should be localized and sent in the |
| # google.rpc.Status.details field, or localized by the client. |
| }, |
| "state": "A String", # [Output Only] Status of the action, which can be one of the following: |
| # `PROPAGATING`, `PROPAGATED`, `ABANDONED`, `FAILED`, or `DONE`. |
| }, |
| }, |
| }, |
| "startTime": "A String", # [Output Only] The time that this operation was started by the server. |
| # This value is inRFC3339 |
| # text format. |
| "status": "A String", # [Output Only] The status of the operation, which can be one of the |
| # following: |
| # `PENDING`, `RUNNING`, or `DONE`. |
| "statusMessage": "A String", # [Output Only] An optional textual description of the current status of the |
| # operation. |
| "targetId": "A String", # [Output Only] The unique target ID, which identifies a specific incarnation |
| # of the target resource. |
| "targetLink": "A String", # [Output Only] The URL of the resource that the operation modifies. For |
| # operations related to creating a snapshot, this points to the disk |
| # that the snapshot was created from. |
| "user": "A String", # [Output Only] User who requested the operation, for example: |
| # `[email protected]` or |
| # `alice_smith_identifier (global/workforcePools/example-com-us-employees)`. |
| "warnings": [ # [Output Only] If warning messages are generated during processing of the |
| # operation, this field will be populated. |
| { |
| "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute |
| # Engine returns NO_RESULTS_ON_PAGE if there |
| # are no results in the response. |
| "data": [ # [Output Only] Metadata about this warning in key: |
| # value format. For example: |
| # |
| # "data": [ |
| # { |
| # "key": "scope", |
| # "value": "zones/us-east1-d" |
| # } |
| { |
| "key": "A String", # [Output Only] A key that provides more detail on the warning being |
| # returned. For example, for warnings where there are no results in a list |
| # request for a particular zone, this key might be scope and |
| # the key value might be the zone name. Other examples might be a key |
| # indicating a deprecated resource and a suggested replacement, or a |
| # warning about invalid network settings (for example, if an instance |
| # attempts to perform IP forwarding but is not enabled for IP forwarding). |
| "value": "A String", # [Output Only] A warning data value corresponding to the key. |
| }, |
| ], |
| "message": "A String", # [Output Only] A human-readable description of the warning code. |
| }, |
| ], |
| "zone": "A String", # [Output Only] The URL of the zone where the operation resides. Only |
| # applicable when performing per-zone operations. |
| }</pre> |
| </div> |
| |
| </body></html> |
