diff --git a/alloydb/v1beta/alloydb-api.json b/alloydb/v1beta/alloydb-api.json index 61d3144f399..e3c5fc208d4 100644 --- a/alloydb/v1beta/alloydb-api.json +++ b/alloydb/v1beta/alloydb-api.json @@ -1458,7 +1458,7 @@ } } }, - "revision": "20240417", + "revision": "20240424", "rootUrl": "https://alloydb.googleapis.com/", "schemas": { "AuthorizedNetwork": { @@ -4314,6 +4314,7 @@ "PRODUCT_TYPE_ON_PREM", "ON_PREM", "PRODUCT_TYPE_MEMORYSTORE", + "PRODUCT_TYPE_BIGTABLE", "PRODUCT_TYPE_OTHER" ], "enumDeprecated": [ @@ -4326,6 +4327,7 @@ false, true, false, + false, false ], "enumDescriptions": [ @@ -4338,6 +4340,7 @@ "On premises database product.", "On premises database product.", "Memorystore product area in GCP", + "Bigtable product area in GCP", "Other refers to rest of other product type. This is to be when product type is known, but it is not present in this enum." ], "type": "string" diff --git a/alloydb/v1beta/alloydb-gen.go b/alloydb/v1beta/alloydb-gen.go index ee4a048bb4b..f5109c86c26 100644 --- a/alloydb/v1beta/alloydb-gen.go +++ b/alloydb/v1beta/alloydb-gen.go @@ -3299,6 +3299,7 @@ type StorageDatabasecenterProtoCommonProduct struct { // "PRODUCT_TYPE_ON_PREM" - On premises database product. // "ON_PREM" - On premises database product. // "PRODUCT_TYPE_MEMORYSTORE" - Memorystore product area in GCP + // "PRODUCT_TYPE_BIGTABLE" - Bigtable product area in GCP // "PRODUCT_TYPE_OTHER" - Other refers to rest of other product type. This is // to be when product type is known, but it is not present in this enum. Type string `json:"type,omitempty"` diff --git a/api-list.json b/api-list.json index e7e1d47e3ab..642fb119488 100644 --- a/api-list.json +++ b/api-list.json @@ -2901,21 +2901,6 @@ "documentationLink": "https://cloud.google.com/essentialcontacts/docs/", "preferred": true }, - { - "kind": "discovery#directoryItem", - "id": "eventarc:v1beta1", - "name": "eventarc", - "version": "v1beta1", - "title": "Eventarc API", - "description": "Build event-driven applications on Google Cloud Platform.", - "discoveryRestUrl": "https://eventarc.googleapis.com/$discovery/rest?version=v1beta1", - "icons": { - "x16": "https://www.gstatic.com/images/branding/product/1x/googleg_16dp.png", - "x32": "https://www.gstatic.com/images/branding/product/1x/googleg_32dp.png" - }, - "documentationLink": "https://cloud.google.com/eventarc", - "preferred": false - }, { "kind": "discovery#directoryItem", "id": "eventarc:v1", diff --git a/batch/v1/batch-api.json b/batch/v1/batch-api.json index 7531db640bc..f02147156c0 100644 --- a/batch/v1/batch-api.json +++ b/batch/v1/batch-api.json @@ -561,7 +561,7 @@ } } }, - "revision": "20240411", + "revision": "20240425", "rootUrl": "https://batch.googleapis.com/", "schemas": { "Accelerator": { @@ -2067,7 +2067,7 @@ "id": "TaskExecution", "properties": { "exitCode": { - "description": "When task is completed as the status of FAILED or SUCCEEDED, exit code is for one task execution result, default is 0 as success.", + "description": "The exit code of a finished task. If the task succeeded, the exit code will be 0. If the task failed but not due to the following reasons, the exit code will be 50000. Otherwise, it can be from different sources: - Batch known failures as https://cloud.google.com/batch/docs/troubleshooting#reserved-exit-codes. - Batch runnable execution failures: You can rely on Batch logs for further diagnose: https://cloud.google.com/batch/docs/analyze-job-using-logs. If there are multiple runnables failures, Batch only exposes the first error caught for now.", "format": "int32", "type": "integer" } diff --git a/batch/v1/batch-gen.go b/batch/v1/batch-gen.go index 856c3d11b0b..41171b0872c 100644 --- a/batch/v1/batch-gen.go +++ b/batch/v1/batch-gen.go @@ -2186,8 +2186,15 @@ func (s *Task) MarshalJSON() ([]byte, error) { // TaskExecution: This Task Execution field includes detail information for // task execution procedures, based on StatusEvent types. type TaskExecution struct { - // ExitCode: When task is completed as the status of FAILED or SUCCEEDED, exit - // code is for one task execution result, default is 0 as success. + // ExitCode: The exit code of a finished task. If the task succeeded, the exit + // code will be 0. If the task failed but not due to the following reasons, the + // exit code will be 50000. Otherwise, it can be from different sources: - + // Batch known failures as + // https://cloud.google.com/batch/docs/troubleshooting#reserved-exit-codes. - + // Batch runnable execution failures: You can rely on Batch logs for further + // diagnose: https://cloud.google.com/batch/docs/analyze-job-using-logs. If + // there are multiple runnables failures, Batch only exposes the first error + // caught for now. ExitCode int64 `json:"exitCode,omitempty"` // ForceSendFields is a list of field names (e.g. "ExitCode") to // unconditionally include in API requests. By default, fields with empty or diff --git a/beyondcorp/v1/beyondcorp-api.json b/beyondcorp/v1/beyondcorp-api.json index 92b7f786900..2d717a2d8db 100644 --- a/beyondcorp/v1/beyondcorp-api.json +++ b/beyondcorp/v1/beyondcorp-api.json @@ -1804,7 +1804,7 @@ } } }, - "revision": "20240228", + "revision": "20240424", "rootUrl": "https://beyondcorp.googleapis.com/", "schemas": { "AllocatedConnection": { @@ -1868,6 +1868,16 @@ "description": "Required. Unique resource name of the AppGateway. The name is ignored when creating an AppGateway.", "type": "string" }, + "satisfiesPzi": { + "description": "Output only. Reserved for future use.", + "readOnly": true, + "type": "boolean" + }, + "satisfiesPzs": { + "description": "Output only. Reserved for future use.", + "readOnly": true, + "type": "boolean" + }, "state": { "description": "Output only. The current state of the AppGateway.", "enum": [ @@ -2094,6 +2104,16 @@ "description": "Required. Unique resource name of the AppConnection. The name is ignored when creating a AppConnection.", "type": "string" }, + "satisfiesPzi": { + "description": "Output only. Reserved for future use.", + "readOnly": true, + "type": "boolean" + }, + "satisfiesPzs": { + "description": "Output only. Reserved for future use.", + "readOnly": true, + "type": "boolean" + }, "state": { "description": "Output only. The current state of the AppConnection.", "enum": [ diff --git a/beyondcorp/v1/beyondcorp-gen.go b/beyondcorp/v1/beyondcorp-gen.go index 89078a23ef9..26df0dc0ae4 100644 --- a/beyondcorp/v1/beyondcorp-gen.go +++ b/beyondcorp/v1/beyondcorp-gen.go @@ -381,6 +381,10 @@ type AppGateway struct { // Name: Required. Unique resource name of the AppGateway. The name is ignored // when creating an AppGateway. Name string `json:"name,omitempty"` + // SatisfiesPzi: Output only. Reserved for future use. + SatisfiesPzi bool `json:"satisfiesPzi,omitempty"` + // SatisfiesPzs: Output only. Reserved for future use. + SatisfiesPzs bool `json:"satisfiesPzs,omitempty"` // State: Output only. The current state of the AppGateway. // // Possible values: @@ -599,6 +603,10 @@ type GoogleCloudBeyondcorpAppconnectionsV1AppConnection struct { // Name: Required. Unique resource name of the AppConnection. The name is // ignored when creating a AppConnection. Name string `json:"name,omitempty"` + // SatisfiesPzi: Output only. Reserved for future use. + SatisfiesPzi bool `json:"satisfiesPzi,omitempty"` + // SatisfiesPzs: Output only. Reserved for future use. + SatisfiesPzs bool `json:"satisfiesPzs,omitempty"` // State: Output only. The current state of the AppConnection. // // Possible values: diff --git a/beyondcorp/v1alpha/beyondcorp-api.json b/beyondcorp/v1alpha/beyondcorp-api.json index 8b24c3d4505..2e8453a40f4 100644 --- a/beyondcorp/v1alpha/beyondcorp-api.json +++ b/beyondcorp/v1alpha/beyondcorp-api.json @@ -1206,6 +1206,33 @@ }, "subscriptions": { "methods": { + "cancel": { + "description": "Cancels an existing BeyondCorp Enterprise Subscription in a given organization. Location will always be global as BeyondCorp subscriptions are per organization. Returns the timestamp for when the cancellation will become effective", + "flatPath": "v1alpha/organizations/{organizationsId}/locations/{locationsId}/subscriptions/{subscriptionsId}:cancel", + "httpMethod": "GET", + "id": "beyondcorp.organizations.locations.subscriptions.cancel", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. Name of the resource.", + "location": "path", + "pattern": "^organizations/[^/]+/locations/[^/]+/subscriptions/[^/]+$", + "required": true, + "type": "string" + }, + "requestId": { + "description": "Optional. An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + "location": "query", + "type": "string" + } + }, + "path": "v1alpha/{+name}:cancel", + "response": { + "$ref": "GoogleCloudBeyondcorpSaasplatformSubscriptionsV1alphaCancelSubscriptionResponse" + } + }, "create": { "description": "Creates a new BeyondCorp Enterprise Subscription in a given organization. Location will always be global as BeyondCorp subscriptions are per organization.", "flatPath": "v1alpha/organizations/{organizationsId}/locations/{locationsId}/subscriptions", @@ -1308,7 +1335,7 @@ "type": "string" }, "updateMask": { - "description": "Required. Field mask is used to specify the fields to be overwritten in the Subscription resource by the update. The fields specified in the update_mask are relative to the resource, not the full request. A field will be overwritten if it is in the mask. If the user does not provide a mask then all mutable fields will be overwritten. Mutable fields: type, state.", + "description": "Required. Field mask is used to specify the fields to be overwritten in the Subscription resource by the update. The fields specified in the update_mask are relative to the resource, not the full request. A field will be overwritten if it is in the mask. Mutable fields: seat_count.", "format": "google-fieldmask", "location": "query", "type": "string" @@ -3939,7 +3966,7 @@ } } }, - "revision": "20240417", + "revision": "20240424", "rootUrl": "https://beyondcorp.googleapis.com/", "schemas": { "AllocatedConnection": { @@ -4003,6 +4030,16 @@ "description": "Required. Unique resource name of the AppGateway. The name is ignored when creating an AppGateway.", "type": "string" }, + "satisfiesPzi": { + "description": "Output only. Reserved for future use.", + "readOnly": true, + "type": "boolean" + }, + "satisfiesPzs": { + "description": "Output only. Reserved for future use.", + "readOnly": true, + "type": "boolean" + }, "state": { "description": "Output only. The current state of the AppGateway.", "enum": [ @@ -4645,6 +4682,16 @@ "description": "Required. Unique resource name of the AppConnection. The name is ignored when creating a AppConnection.", "type": "string" }, + "satisfiesPzi": { + "description": "Output only. Reserved for future use.", + "readOnly": true, + "type": "boolean" + }, + "satisfiesPzs": { + "description": "Output only. Reserved for future use.", + "readOnly": true, + "type": "boolean" + }, "state": { "description": "Output only. The current state of the AppConnection.", "enum": [ @@ -5936,6 +5983,18 @@ }, "type": "object" }, + "GoogleCloudBeyondcorpSaasplatformSubscriptionsV1alphaCancelSubscriptionResponse": { + "description": "Response message for BeyondCorp.CancelSubscription", + "id": "GoogleCloudBeyondcorpSaasplatformSubscriptionsV1alphaCancelSubscriptionResponse", + "properties": { + "effectiveCancellationTime": { + "description": "Time when the cancellation will become effective", + "format": "google-datetime", + "type": "string" + } + }, + "type": "object" + }, "GoogleCloudBeyondcorpSaasplatformSubscriptionsV1alphaListSubscriptionsResponse": { "description": "Response message for BeyondCorp.ListSubscriptions.", "id": "GoogleCloudBeyondcorpSaasplatformSubscriptionsV1alphaListSubscriptionsResponse", @@ -5963,6 +6022,10 @@ "readOnly": true, "type": "boolean" }, + "billingAccount": { + "description": "Optional. Name of the billing account in the format. e.g. billingAccounts/123456-123456-123456 Required if Subscription is of Paid type.", + "type": "string" + }, "createTime": { "description": "Output only. Create time of the subscription.", "format": "google-datetime", diff --git a/beyondcorp/v1alpha/beyondcorp-gen.go b/beyondcorp/v1alpha/beyondcorp-gen.go index e1b3364ffd0..31a5f54b0dc 100644 --- a/beyondcorp/v1alpha/beyondcorp-gen.go +++ b/beyondcorp/v1alpha/beyondcorp-gen.go @@ -489,6 +489,10 @@ type AppGateway struct { // Name: Required. Unique resource name of the AppGateway. The name is ignored // when creating an AppGateway. Name string `json:"name,omitempty"` + // SatisfiesPzi: Output only. Reserved for future use. + SatisfiesPzi bool `json:"satisfiesPzi,omitempty"` + // SatisfiesPzs: Output only. Reserved for future use. + SatisfiesPzs bool `json:"satisfiesPzs,omitempty"` // State: Output only. The current state of the AppGateway. // // Possible values: @@ -1123,6 +1127,10 @@ type GoogleCloudBeyondcorpAppconnectionsV1alphaAppConnection struct { // Name: Required. Unique resource name of the AppConnection. The name is // ignored when creating a AppConnection. Name string `json:"name,omitempty"` + // SatisfiesPzi: Output only. Reserved for future use. + SatisfiesPzi bool `json:"satisfiesPzi,omitempty"` + // SatisfiesPzs: Output only. Reserved for future use. + SatisfiesPzs bool `json:"satisfiesPzs,omitempty"` // State: Output only. The current state of the AppConnection. // // Possible values: @@ -2644,6 +2652,32 @@ func (s *GoogleCloudBeyondcorpSaasplatformInsightsV1alphaRowFieldVal) MarshalJSO return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) } +// GoogleCloudBeyondcorpSaasplatformSubscriptionsV1alphaCancelSubscriptionRespon +// se: Response message for BeyondCorp.CancelSubscription +type GoogleCloudBeyondcorpSaasplatformSubscriptionsV1alphaCancelSubscriptionResponse struct { + // EffectiveCancellationTime: Time when the cancellation will become effective + EffectiveCancellationTime string `json:"effectiveCancellationTime,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the server. + googleapi.ServerResponse `json:"-"` + // ForceSendFields is a list of field names (e.g. "EffectiveCancellationTime") + // to unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "EffectiveCancellationTime") to + // include in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s *GoogleCloudBeyondcorpSaasplatformSubscriptionsV1alphaCancelSubscriptionResponse) MarshalJSON() ([]byte, error) { + type NoMethod GoogleCloudBeyondcorpSaasplatformSubscriptionsV1alphaCancelSubscriptionResponse + return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) +} + // GoogleCloudBeyondcorpSaasplatformSubscriptionsV1alphaListSubscriptionsRespons // e: Response message for BeyondCorp.ListSubscriptions. type GoogleCloudBeyondcorpSaasplatformSubscriptionsV1alphaListSubscriptionsResponse struct { @@ -2681,6 +2715,10 @@ type GoogleCloudBeyondcorpSaasplatformSubscriptionsV1alphaSubscription struct { // AutoRenewEnabled: Output only. Represents that, if subscription will renew // or end when the term ends. AutoRenewEnabled bool `json:"autoRenewEnabled,omitempty"` + // BillingAccount: Optional. Name of the billing account in the format. e.g. + // billingAccounts/123456-123456-123456 Required if Subscription is of Paid + // type. + BillingAccount string `json:"billingAccount,omitempty"` // CreateTime: Output only. Create time of the subscription. CreateTime string `json:"createTime,omitempty"` // EndTime: Output only. End time of the subscription. @@ -7747,6 +7785,133 @@ func (c *OrganizationsLocationsOperationsListCall) Pages(ctx context.Context, f } } +type OrganizationsLocationsSubscriptionsCancelCall struct { + s *Service + name string + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// Cancel: Cancels an existing BeyondCorp Enterprise Subscription in a given +// organization. Location will always be global as BeyondCorp subscriptions are +// per organization. Returns the timestamp for when the cancellation will +// become effective +// +// - name: Name of the resource. +func (r *OrganizationsLocationsSubscriptionsService) Cancel(name string) *OrganizationsLocationsSubscriptionsCancelCall { + c := &OrganizationsLocationsSubscriptionsCancelCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + return c +} + +// RequestId sets the optional parameter "requestId": An optional request ID to +// identify requests. Specify a unique request ID so that if you must retry +// your request, the server will know to ignore the request if it has already +// been completed. The server will guarantee that for at least 60 minutes after +// the first request. For example, consider a situation where you make an +// initial request and the request times out. If you make the request again +// with the same request ID, the server can check if original operation with +// the same request ID was received, and if so, will ignore the second request. +// This prevents clients from accidentally creating duplicate commitments. The +// request ID must be a valid UUID with the exception that zero UUID is not +// supported (00000000-0000-0000-0000-000000000000). +func (c *OrganizationsLocationsSubscriptionsCancelCall) RequestId(requestId string) *OrganizationsLocationsSubscriptionsCancelCall { + c.urlParams_.Set("requestId", requestId) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more +// details. +func (c *OrganizationsLocationsSubscriptionsCancelCall) Fields(s ...googleapi.Field) *OrganizationsLocationsSubscriptionsCancelCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets an optional parameter which makes the operation fail if the +// object's ETag matches the given value. This is useful for getting updates +// only after the object has changed since the last request. +func (c *OrganizationsLocationsSubscriptionsCancelCall) IfNoneMatch(entityTag string) *OrganizationsLocationsSubscriptionsCancelCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. +func (c *OrganizationsLocationsSubscriptionsCancelCall) Context(ctx context.Context) *OrganizationsLocationsSubscriptionsCancelCall { + c.ctx_ = ctx + return c +} + +// Header returns a http.Header that can be modified by the caller to add +// headers to the request. +func (c *OrganizationsLocationsSubscriptionsCancelCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *OrganizationsLocationsSubscriptionsCancelCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1alpha/{+name}:cancel") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.name, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "beyondcorp.organizations.locations.subscriptions.cancel" call. +// Any non-2xx status code is an error. Response headers are in either +// *GoogleCloudBeyondcorpSaasplatformSubscriptionsV1alphaCancelSubscriptionRespo +// nse.ServerResponse.Header or (if a response was returned at all) in +// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check +// whether the returned error was because http.StatusNotModified was returned. +func (c *OrganizationsLocationsSubscriptionsCancelCall) Do(opts ...googleapi.CallOption) (*GoogleCloudBeyondcorpSaasplatformSubscriptionsV1alphaCancelSubscriptionResponse, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &GoogleCloudBeyondcorpSaasplatformSubscriptionsV1alphaCancelSubscriptionResponse{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil +} + type OrganizationsLocationsSubscriptionsCreateCall struct { s *Service parent string @@ -8151,8 +8316,7 @@ func (c *OrganizationsLocationsSubscriptionsPatchCall) RequestId(requestId strin // used to specify the fields to be overwritten in the Subscription resource by // the update. The fields specified in the update_mask are relative to the // resource, not the full request. A field will be overwritten if it is in the -// mask. If the user does not provide a mask then all mutable fields will be -// overwritten. Mutable fields: type, state. +// mask. Mutable fields: seat_count. func (c *OrganizationsLocationsSubscriptionsPatchCall) UpdateMask(updateMask string) *OrganizationsLocationsSubscriptionsPatchCall { c.urlParams_.Set("updateMask", updateMask) return c diff --git a/cloudbuild/v1/cloudbuild-api.json b/cloudbuild/v1/cloudbuild-api.json index fa5c2b70a4f..56eae306239 100644 --- a/cloudbuild/v1/cloudbuild-api.json +++ b/cloudbuild/v1/cloudbuild-api.json @@ -2346,7 +2346,7 @@ } } }, - "revision": "20240305", + "revision": "20240427", "rootUrl": "https://cloudbuild.googleapis.com/", "schemas": { "ApprovalConfig": { @@ -2804,6 +2804,10 @@ "readOnly": true, "type": "string" }, + "gitConfig": { + "$ref": "GitConfig", + "description": "Optional. Configuration for git operations." + }, "id": { "description": "Output only. Unique identifier of the build.", "readOnly": true, @@ -3734,6 +3738,25 @@ }, "type": "object" }, + "DeveloperConnectConfig": { + "description": "This config defines the location of a source through Developer Connect.", + "id": "DeveloperConnectConfig", + "properties": { + "dir": { + "description": "Required. Directory, relative to the source root, in which to run the build.", + "type": "string" + }, + "gitRepositoryLink": { + "description": "Required. The Developer Connect Git repository link, formatted as `projects/*/locations/*/connections/*/gitRepositoryLink/*`.", + "type": "string" + }, + "revision": { + "description": "Required. The revision to fetch from the Git repository such as a branch, a tag, a commit SHA, or any Git ref.", + "type": "string" + } + }, + "type": "object" + }, "Empty": { "description": "A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }", "id": "Empty", @@ -3787,6 +3810,17 @@ }, "type": "object" }, + "GitConfig": { + "description": "GitConfig is a configuration for git operations.", + "id": "GitConfig", + "properties": { + "http": { + "$ref": "HttpConfig", + "description": "Configuration for HTTP related git operations." + } + }, + "type": "object" + }, "GitFileSource": { "description": "GitFileSource describes a file within a (possibly remote) code repository.", "id": "GitFileSource", @@ -4256,6 +4290,17 @@ }, "type": "object" }, + "HttpConfig": { + "description": "HttpConfig is a configuration for HTTP related git operations.", + "id": "HttpConfig", + "properties": { + "proxySecretVersionName": { + "description": "SecretVersion resource of the HTTP proxy URL. The proxy URL should be in format protocol://@]proxyhost[:port].", + "type": "string" + } + }, + "type": "object" + }, "InlineSecret": { "description": "Pairs a set of secret environment variables mapped to encrypted values with the Cloud KMS key to use to decrypt the value.", "id": "InlineSecret", @@ -5001,6 +5046,10 @@ "$ref": "ConnectedRepository", "description": "Optional. If provided, get the source from this 2nd-gen Google Cloud Build repository resource." }, + "developerConnectConfig": { + "$ref": "DeveloperConnectConfig", + "description": "If provided, get the source from this Developer Connect config." + }, "gitSource": { "$ref": "GitSource", "description": "If provided, get the source from this Git repository." diff --git a/cloudbuild/v1/cloudbuild-gen.go b/cloudbuild/v1/cloudbuild-gen.go index c9d4073dcb6..0d968dbdb1a 100644 --- a/cloudbuild/v1/cloudbuild-gen.go +++ b/cloudbuild/v1/cloudbuild-gen.go @@ -1009,6 +1009,8 @@ type Build struct { // The difference between finish_time and start_time is the duration of the // build's execution. FinishTime string `json:"finishTime,omitempty"` + // GitConfig: Optional. Configuration for git operations. + GitConfig *GitConfig `json:"gitConfig,omitempty"` // Id: Output only. Unique identifier of the build. Id string `json:"id,omitempty"` // Images: A list of images to be pushed upon the successful completion of all @@ -1960,6 +1962,36 @@ func (s *DeleteWorkerPoolOperationMetadata) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) } +// DeveloperConnectConfig: This config defines the location of a source through +// Developer Connect. +type DeveloperConnectConfig struct { + // Dir: Required. Directory, relative to the source root, in which to run the + // build. + Dir string `json:"dir,omitempty"` + // GitRepositoryLink: Required. The Developer Connect Git repository link, + // formatted as `projects/*/locations/*/connections/*/gitRepositoryLink/*`. + GitRepositoryLink string `json:"gitRepositoryLink,omitempty"` + // Revision: Required. The revision to fetch from the Git repository such as a + // branch, a tag, a commit SHA, or any Git ref. + Revision string `json:"revision,omitempty"` + // ForceSendFields is a list of field names (e.g. "Dir") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Dir") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s *DeveloperConnectConfig) MarshalJSON() ([]byte, error) { + type NoMethod DeveloperConnectConfig + return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) +} + // Empty: A generic empty message that you can re-use to avoid defining // duplicated empty messages in your APIs. A typical example is to use it as // the request or the response type of an API method. For instance: service Foo @@ -2025,6 +2057,28 @@ func (s *FileHashes) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) } +// GitConfig: GitConfig is a configuration for git operations. +type GitConfig struct { + // Http: Configuration for HTTP related git operations. + Http *HttpConfig `json:"http,omitempty"` + // ForceSendFields is a list of field names (e.g. "Http") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Http") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s *GitConfig) MarshalJSON() ([]byte, error) { + type NoMethod GitConfig + return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) +} + // GitFileSource: GitFileSource describes a file within a (possibly remote) // code repository. type GitFileSource struct { @@ -2605,6 +2659,29 @@ func (s *HttpBody) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) } +// HttpConfig: HttpConfig is a configuration for HTTP related git operations. +type HttpConfig struct { + // ProxySecretVersionName: SecretVersion resource of the HTTP proxy URL. The + // proxy URL should be in format protocol://@]proxyhost[:port]. + ProxySecretVersionName string `json:"proxySecretVersionName,omitempty"` + // ForceSendFields is a list of field names (e.g. "ProxySecretVersionName") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "ProxySecretVersionName") to + // include in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s *HttpConfig) MarshalJSON() ([]byte, error) { + type NoMethod HttpConfig + return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) +} + // InlineSecret: Pairs a set of secret environment variables mapped to // encrypted values with the Cloud KMS key to use to decrypt the value. type InlineSecret struct { @@ -3650,6 +3727,9 @@ type Source struct { // ConnectedRepository: Optional. If provided, get the source from this 2nd-gen // Google Cloud Build repository resource. ConnectedRepository *ConnectedRepository `json:"connectedRepository,omitempty"` + // DeveloperConnectConfig: If provided, get the source from this Developer + // Connect config. + DeveloperConnectConfig *DeveloperConnectConfig `json:"developerConnectConfig,omitempty"` // GitSource: If provided, get the source from this Git repository. GitSource *GitSource `json:"gitSource,omitempty"` // RepoSource: If provided, get the source from this location in a Cloud Source diff --git a/cloudbuild/v2/cloudbuild-api.json b/cloudbuild/v2/cloudbuild-api.json index 95bca0faa67..c7868b9127c 100644 --- a/cloudbuild/v2/cloudbuild-api.json +++ b/cloudbuild/v2/cloudbuild-api.json @@ -844,7 +844,7 @@ } } }, - "revision": "20240411", + "revision": "20240427", "rootUrl": "https://cloudbuild.googleapis.com/", "schemas": { "AuditConfig": { @@ -1872,13 +1872,15 @@ "RESOLVER_NAME_UNSPECIFIED", "BUNDLES", "GCB_REPO", - "GIT" + "GIT", + "DEVELOPER_CONNECT" ], "enumDescriptions": [ "Default enum type; should not be used.", "Bundles resolver. https://tekton.dev/docs/pipelines/bundle-resolver/", "GCB repo resolver.", - "Simple Git resolver. https://tekton.dev/docs/pipelines/git-resolver/" + "Simple Git resolver. https://tekton.dev/docs/pipelines/git-resolver/", + "Developer Connect resolver." ], "type": "string" } @@ -2721,6 +2723,17 @@ "description": "Name of the container specified as a DNS_LABEL.", "type": "string" }, + "params": { + "description": "Optional. Optional parameters passed to the StepAction.", + "items": { + "$ref": "Param" + }, + "type": "array" + }, + "ref": { + "$ref": "StepRef", + "description": "Optional. Optional reference to a remote StepAction." + }, "script": { "description": "The contents of an executable file to execute.", "type": "string" @@ -2748,6 +2761,42 @@ }, "type": "object" }, + "StepRef": { + "description": "A reference to a remote Step, i.e. a StepAction.", + "id": "StepRef", + "properties": { + "name": { + "description": "Optional. Name of the step.", + "type": "string" + }, + "params": { + "description": "Optional. Parameters used to control the resolution.", + "items": { + "$ref": "Param" + }, + "type": "array" + }, + "resolver": { + "description": "Optional. Type of the resolver.", + "enum": [ + "RESOLVER_NAME_UNSPECIFIED", + "BUNDLES", + "GCB_REPO", + "GIT", + "DEVELOPER_CONNECT" + ], + "enumDescriptions": [ + "Default enum type; should not be used.", + "Bundles resolver. https://tekton.dev/docs/pipelines/bundle-resolver/", + "GCB repo resolver.", + "Simple Git resolver. https://tekton.dev/docs/pipelines/git-resolver/", + "Developer Connect resolver." + ], + "type": "string" + } + }, + "type": "object" + }, "StepTemplate": { "description": "StepTemplate can be used as the basis for all step containers within the Task, so that the steps inherit settings on the base container.", "id": "StepTemplate", @@ -2791,13 +2840,15 @@ "RESOLVER_NAME_UNSPECIFIED", "BUNDLES", "GCB_REPO", - "GIT" + "GIT", + "DEVELOPER_CONNECT" ], "enumDescriptions": [ "Default enum type; should not be used.", "Bundles resolver. https://tekton.dev/docs/pipelines/bundle-resolver/", "GCB repo resolver.", - "Simple Git resolver. https://tekton.dev/docs/pipelines/git-resolver/" + "Simple Git resolver. https://tekton.dev/docs/pipelines/git-resolver/", + "Developer Connect resolver." ], "type": "string" } @@ -2838,6 +2889,10 @@ "Object type" ], "type": "string" + }, + "value": { + "$ref": "ParamValue", + "description": "Optional. Optionally used to initialize a Task's result with a Step's result." } }, "type": "object" diff --git a/cloudbuild/v2/cloudbuild-gen.go b/cloudbuild/v2/cloudbuild-gen.go index 56179fce409..95cf04dee7f 100644 --- a/cloudbuild/v2/cloudbuild-gen.go +++ b/cloudbuild/v2/cloudbuild-gen.go @@ -1587,6 +1587,7 @@ type PipelineRef struct { // "GCB_REPO" - GCB repo resolver. // "GIT" - Simple Git resolver. // https://tekton.dev/docs/pipelines/git-resolver/ + // "DEVELOPER_CONNECT" - Developer Connect resolver. Resolver string `json:"resolver,omitempty"` // ForceSendFields is a list of field names (e.g. "Name") to unconditionally // include in API requests. By default, fields with empty or default values are @@ -2437,6 +2438,10 @@ type Step struct { Image string `json:"image,omitempty"` // Name: Name of the container specified as a DNS_LABEL. Name string `json:"name,omitempty"` + // Params: Optional. Optional parameters passed to the StepAction. + Params []*Param `json:"params,omitempty"` + // Ref: Optional. Optional reference to a remote StepAction. + Ref *StepRef `json:"ref,omitempty"` // Script: The contents of an executable file to execute. Script string `json:"script,omitempty"` // SecurityContext: Optional. SecurityContext defines the security options the @@ -2469,6 +2474,41 @@ func (s *Step) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) } +// StepRef: A reference to a remote Step, i.e. a StepAction. +type StepRef struct { + // Name: Optional. Name of the step. + Name string `json:"name,omitempty"` + // Params: Optional. Parameters used to control the resolution. + Params []*Param `json:"params,omitempty"` + // Resolver: Optional. Type of the resolver. + // + // Possible values: + // "RESOLVER_NAME_UNSPECIFIED" - Default enum type; should not be used. + // "BUNDLES" - Bundles resolver. + // https://tekton.dev/docs/pipelines/bundle-resolver/ + // "GCB_REPO" - GCB repo resolver. + // "GIT" - Simple Git resolver. + // https://tekton.dev/docs/pipelines/git-resolver/ + // "DEVELOPER_CONNECT" - Developer Connect resolver. + Resolver string `json:"resolver,omitempty"` + // ForceSendFields is a list of field names (e.g. "Name") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Name") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s *StepRef) MarshalJSON() ([]byte, error) { + type NoMethod StepRef + return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) +} + // StepTemplate: StepTemplate can be used as the basis for all step containers // within the Task, so that the steps inherit settings on the base container. type StepTemplate struct { @@ -2515,6 +2555,7 @@ type TaskRef struct { // "GCB_REPO" - GCB repo resolver. // "GIT" - Simple Git resolver. // https://tekton.dev/docs/pipelines/git-resolver/ + // "DEVELOPER_CONNECT" - Developer Connect resolver. Resolver string `json:"resolver,omitempty"` // ForceSendFields is a list of field names (e.g. "Name") to unconditionally // include in API requests. By default, fields with empty or default values are @@ -2551,6 +2592,9 @@ type TaskResult struct { // "ARRAY" - Array type // "OBJECT" - Object type Type string `json:"type,omitempty"` + // Value: Optional. Optionally used to initialize a Task's result with a Step's + // result. + Value *ParamValue `json:"value,omitempty"` // ForceSendFields is a list of field names (e.g. "Description") to // unconditionally include in API requests. By default, fields with empty or // default values are omitted from API requests. See diff --git a/cloudkms/v1/cloudkms-api.json b/cloudkms/v1/cloudkms-api.json index f132d919d37..2a462b65865 100644 --- a/cloudkms/v1/cloudkms-api.json +++ b/cloudkms/v1/cloudkms-api.json @@ -125,7 +125,100 @@ }, "protocol": "rest", "resources": { + "folders": { + "methods": { + "getAutokeyConfig": { + "description": "Returns the AutokeyConfig for a folder.", + "flatPath": "v1/folders/{foldersId}/autokeyConfig", + "httpMethod": "GET", + "id": "cloudkms.folders.getAutokeyConfig", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. Name of the AutokeyConfig resource, e.g. `folders/{FOLDER_NUMBER}/autokeyConfig`.", + "location": "path", + "pattern": "^folders/[^/]+/autokeyConfig$", + "required": true, + "type": "string" + } + }, + "path": "v1/{+name}", + "response": { + "$ref": "AutokeyConfig" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/cloudkms" + ] + }, + "updateAutokeyConfig": { + "description": "Updates the AutokeyConfig for a folder. The caller must have both `cloudkms.autokeyConfigs.update` permission on the parent folder and `cloudkms.cryptoKeys.setIamPolicy` permission on the provided key project. An empty key project may be provided to clear the configuration.", + "flatPath": "v1/folders/{foldersId}/autokeyConfig", + "httpMethod": "PATCH", + "id": "cloudkms.folders.updateAutokeyConfig", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Identifier. Name of the AutokeyConfig resource, e.g. `folders/{FOLDER_NUMBER}/autokeyConfig`.", + "location": "path", + "pattern": "^folders/[^/]+/autokeyConfig$", + "required": true, + "type": "string" + }, + "updateMask": { + "description": "Required. Masks which fields of the AutokeyConfig to update, e.g. `keyProject`.", + "format": "google-fieldmask", + "location": "query", + "type": "string" + } + }, + "path": "v1/{+name}", + "request": { + "$ref": "AutokeyConfig" + }, + "response": { + "$ref": "AutokeyConfig" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/cloudkms" + ] + } + } + }, "projects": { + "methods": { + "showEffectiveAutokeyConfig": { + "description": "Returns the effective Cloud KMS Autokey configuration for a given project.", + "flatPath": "v1/projects/{projectsId}:showEffectiveAutokeyConfig", + "httpMethod": "GET", + "id": "cloudkms.projects.showEffectiveAutokeyConfig", + "parameterOrder": [ + "parent" + ], + "parameters": { + "parent": { + "description": "Required. Name of the resource project to the show effective Cloud KMS Autokey configuration for. This may be helpful for interrogating the effect of nested folder configurations on a given resource project.", + "location": "path", + "pattern": "^projects/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v1/{+parent}:showEffectiveAutokeyConfig", + "response": { + "$ref": "ShowEffectiveAutokeyConfigResponse" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/cloudkms" + ] + } + }, "resources": { "locations": { "methods": { @@ -645,6 +738,101 @@ } } }, + "keyHandles": { + "methods": { + "create": { + "description": "Creates a new KeyHandle, triggering the provisioning of a new CryptoKey for CMEK use with the given resource type in the configured key project and the same location. GetOperation should be used to resolve the resulting long-running operation and get the resulting KeyHandle and CryptoKey.", + "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/keyHandles", + "httpMethod": "POST", + "id": "cloudkms.projects.locations.keyHandles.create", + "parameterOrder": [ + "parent" + ], + "parameters": { + "keyHandleId": { + "description": "Optional. Id of the KeyHandle. Must be unique to the resource project and location. If not provided by the caller, a new UUID is used.", + "location": "query", + "type": "string" + }, + "parent": { + "description": "Required. Name of the resource project and location to create the KeyHandle in, e.g. `projects/{PROJECT_ID}/locations/{LOCATION}`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v1/{+parent}/keyHandles", + "request": { + "$ref": "KeyHandle" + }, + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/cloudkms" + ] + }, + "get": { + "description": "Returns the KeyHandle.", + "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/keyHandles/{keyHandlesId}", + "httpMethod": "GET", + "id": "cloudkms.projects.locations.keyHandles.get", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. Name of the KeyHandle resource, e.g. `projects/{PROJECT_ID}/locations/{LOCATION}/keyHandles/{KEY_HANDLE_ID}`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/keyHandles/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v1/{+name}", + "response": { + "$ref": "KeyHandle" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/cloudkms" + ] + }, + "list": { + "description": "Lists KeyHandles.", + "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/keyHandles", + "httpMethod": "GET", + "id": "cloudkms.projects.locations.keyHandles.list", + "parameterOrder": [ + "parent" + ], + "parameters": { + "filter": { + "description": "Optional. Filter to apply when listing KeyHandles, e.g. `resource_type_selector=\"{SERVICE}.googleapis.com/{TYPE}\"`.", + "location": "query", + "type": "string" + }, + "parent": { + "description": "Required. Name of the resource project and location from which to list KeyHandles, e.g. `projects/{PROJECT_ID}/locations/{LOCATION}`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v1/{+parent}/keyHandles", + "response": { + "$ref": "ListKeyHandlesResponse" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/cloudkms" + ] + } + } + }, "keyRings": { "methods": { "create": { @@ -1832,13 +2020,43 @@ } } } + }, + "operations": { + "methods": { + "get": { + "description": "Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.", + "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}", + "httpMethod": "GET", + "id": "cloudkms.projects.locations.operations.get", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "The name of the operation resource.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/operations/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v1/{+name}", + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/cloudkms" + ] + } + } } } } } } }, - "revision": "20240314", + "revision": "20240425", "rootUrl": "https://cloudkms.googleapis.com/", "schemas": { "AsymmetricDecryptRequest": { @@ -2018,6 +2236,21 @@ }, "type": "object" }, + "AutokeyConfig": { + "description": "Cloud KMS Autokey configuration for a folder.", + "id": "AutokeyConfig", + "properties": { + "keyProject": { + "description": "Optional. Name of the key project, e.g. `projects/{PROJECT_ID}` or `projects/{PROJECT_NUMBER}`, where Cloud KMS Autokey will provision new CryptoKeys. On UpdateAutokeyConfig, the caller will require `cloudkms.cryptoKeys.setIamPolicy` permission on this key project. Once configured, for Cloud KMS Autokey to function properly, this key project must have the Cloud KMS API activated and the Cloud KMS Service Agent for this key project must be granted the `cloudkms.admin` role (or pertinent permissions).", + "type": "string" + }, + "name": { + "description": "Identifier. Name of the AutokeyConfig resource, e.g. `folders/{FOLDER_NUMBER}/autokeyConfig`.", + "type": "string" + } + }, + "type": "object" + }, "Binding": { "description": "Associates `members`, or principals, with a `role`.", "id": "Binding", @@ -2238,6 +2471,7 @@ "EC_SIGN_P256_SHA256", "EC_SIGN_P384_SHA384", "EC_SIGN_SECP256K1_SHA256", + "EC_SIGN_ED25519", "HMAC_SHA256", "HMAC_SHA1", "HMAC_SHA384", @@ -2275,6 +2509,7 @@ "ECDSA on the NIST P-256 curve with a SHA256 digest. Other hash functions can also be used: https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms", "ECDSA on the NIST P-384 curve with a SHA384 digest. Other hash functions can also be used: https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms", "ECDSA on the non-NIST secp256k1 curve. This curve is only supported for HSM protection level. Other hash functions can also be used: https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms", + "EdDSA on the Curve25519 in pure mode (taking data as input).", "HMAC-SHA256 signing with a 256 bit key.", "HMAC-SHA1 signing with a 160 bit key.", "HMAC-SHA384 signing with a 384 bit key.", @@ -2442,6 +2677,7 @@ "EC_SIGN_P256_SHA256", "EC_SIGN_P384_SHA384", "EC_SIGN_SECP256K1_SHA256", + "EC_SIGN_ED25519", "HMAC_SHA256", "HMAC_SHA1", "HMAC_SHA384", @@ -2479,6 +2715,7 @@ "ECDSA on the NIST P-256 curve with a SHA256 digest. Other hash functions can also be used: https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms", "ECDSA on the NIST P-384 curve with a SHA384 digest. Other hash functions can also be used: https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms", "ECDSA on the non-NIST secp256k1 curve. This curve is only supported for HSM protection level. Other hash functions can also be used: https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms", + "EdDSA on the Curve25519 in pure mode (taking data as input).", "HMAC-SHA256 signing with a 256 bit key.", "HMAC-SHA1 signing with a 160 bit key.", "HMAC-SHA384 signing with a 384 bit key.", @@ -2861,6 +3098,7 @@ "EC_SIGN_P256_SHA256", "EC_SIGN_P384_SHA384", "EC_SIGN_SECP256K1_SHA256", + "EC_SIGN_ED25519", "HMAC_SHA256", "HMAC_SHA1", "HMAC_SHA384", @@ -2898,6 +3136,7 @@ "ECDSA on the NIST P-256 curve with a SHA256 digest. Other hash functions can also be used: https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms", "ECDSA on the NIST P-384 curve with a SHA384 digest. Other hash functions can also be used: https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms", "ECDSA on the non-NIST secp256k1 curve. This curve is only supported for HSM protection level. Other hash functions can also be used: https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms", + "EdDSA on the Curve25519 in pure mode (taking data as input).", "HMAC-SHA256 signing with a 256 bit key.", "HMAC-SHA1 signing with a 160 bit key.", "HMAC-SHA384 signing with a 384 bit key.", @@ -3031,6 +3270,27 @@ }, "type": "object" }, + "KeyHandle": { + "description": "Resource-oriented representation of a request to Cloud KMS Autokey and the resulting provisioning of a CryptoKey.", + "id": "KeyHandle", + "properties": { + "kmsKey": { + "description": "Output only. Name of a CryptoKey that has been provisioned for Customer Managed Encryption Key (CMEK) use in the KeyHandle's project and location for the requested resource type.", + "readOnly": true, + "type": "string" + }, + "name": { + "description": "Output only. Identifier. Name of the [KeyHandle] resource, e.g. `projects/{PROJECT_ID}/locations/{LOCATION}/keyHandles/{KEY_HANDLE_ID}`.", + "readOnly": true, + "type": "string" + }, + "resourceTypeSelector": { + "description": "Required. Indicates the resource type that the resulting CryptoKey is meant to protect, e.g. `{SERVICE}.googleapis.com/{TYPE}`. See documentation for supported resource types.", + "type": "string" + } + }, + "type": "object" + }, "KeyOperationAttestation": { "description": "Contains an HSM-generated attestation about a key operation. For more information, see [Verifying attestations] (https://cloud.google.com/kms/docs/attest-key).", "id": "KeyOperationAttestation", @@ -3174,6 +3434,20 @@ }, "type": "object" }, + "ListKeyHandlesResponse": { + "description": "Response message for Autokey.ListKeyHandles.", + "id": "ListKeyHandlesResponse", + "properties": { + "keyHandles": { + "description": "Resulting KeyHandles.", + "items": { + "$ref": "KeyHandle" + }, + "type": "array" + } + }, + "type": "object" + }, "ListKeyRingsResponse": { "description": "Response message for KeyManagementService.ListKeyRings.", "id": "ListKeyRingsResponse", @@ -3396,6 +3670,41 @@ }, "type": "object" }, + "Operation": { + "description": "This resource represents a long-running operation that is the result of a network API call.", + "id": "Operation", + "properties": { + "done": { + "description": "If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.", + "type": "boolean" + }, + "error": { + "$ref": "Status", + "description": "The error result of the operation in case of failure or cancellation." + }, + "metadata": { + "additionalProperties": { + "description": "Properties of the object. Contains field @type with type URL.", + "type": "any" + }, + "description": "Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.", + "type": "object" + }, + "name": { + "description": "The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.", + "type": "string" + }, + "response": { + "additionalProperties": { + "description": "Properties of the object. Contains field @type with type URL.", + "type": "any" + }, + "description": "The normal, successful response of the operation. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.", + "type": "object" + } + }, + "type": "object" + }, "Policy": { "description": "An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** ``` { \"bindings\": [ { \"role\": \"roles/resourcemanager.organizationAdmin\", \"members\": [ \"user:mike@example.com\", \"group:admins@example.com\", \"domain:google.com\", \"serviceAccount:my-project-id@appspot.gserviceaccount.com\" ] }, { \"role\": \"roles/resourcemanager.organizationViewer\", \"members\": [ \"user:eve@example.com\" ], \"condition\": { \"title\": \"expirable access\", \"description\": \"Does not grant access after Sep 2020\", \"expression\": \"request.time \u003c timestamp('2020-10-01T00:00:00.000Z')\", } } ], \"etag\": \"BwWWja0YfJA=\", \"version\": 3 } ``` **YAML example:** ``` bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time \u003c timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).", "id": "Policy", @@ -3463,6 +3772,7 @@ "EC_SIGN_P256_SHA256", "EC_SIGN_P384_SHA384", "EC_SIGN_SECP256K1_SHA256", + "EC_SIGN_ED25519", "HMAC_SHA256", "HMAC_SHA1", "HMAC_SHA384", @@ -3500,6 +3810,7 @@ "ECDSA on the NIST P-256 curve with a SHA256 digest. Other hash functions can also be used: https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms", "ECDSA on the NIST P-384 curve with a SHA384 digest. Other hash functions can also be used: https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms", "ECDSA on the non-NIST secp256k1 curve. This curve is only supported for HSM protection level. Other hash functions can also be used: https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms", + "EdDSA on the Curve25519 in pure mode (taking data as input).", "HMAC-SHA256 signing with a 256 bit key.", "HMAC-SHA1 signing with a 160 bit key.", "HMAC-SHA384 signing with a 384 bit key.", @@ -3783,6 +4094,44 @@ }, "type": "object" }, + "ShowEffectiveAutokeyConfigResponse": { + "description": "Response message for ShowEffectiveAutokeyConfig.", + "id": "ShowEffectiveAutokeyConfigResponse", + "properties": { + "keyProject": { + "description": "Name of the key project configured in the resource project's folder ancestry.", + "type": "string" + } + }, + "type": "object" + }, + "Status": { + "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).", + "id": "Status", + "properties": { + "code": { + "description": "The status code, which should be an enum value of google.rpc.Code.", + "format": "int32", + "type": "integer" + }, + "details": { + "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use.", + "items": { + "additionalProperties": { + "description": "Properties of the object. Contains field @type with type URL.", + "type": "any" + }, + "type": "object" + }, + "type": "array" + }, + "message": { + "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.", + "type": "string" + } + }, + "type": "object" + }, "TestIamPermissionsRequest": { "description": "Request message for `TestIamPermissions` method.", "id": "TestIamPermissionsRequest", diff --git a/cloudkms/v1/cloudkms-gen.go b/cloudkms/v1/cloudkms-gen.go index 9429bd88cad..4adbf557fc6 100644 --- a/cloudkms/v1/cloudkms-gen.go +++ b/cloudkms/v1/cloudkms-gen.go @@ -147,6 +147,7 @@ func New(client *http.Client) (*Service, error) { return nil, errors.New("client is nil") } s := &Service{client: client, BasePath: basePath} + s.Folders = NewFoldersService(s) s.Projects = NewProjectsService(s) return s, nil } @@ -156,6 +157,8 @@ type Service struct { BasePath string // API endpoint base URL UserAgent string // optional additional User-Agent fragment + Folders *FoldersService + Projects *ProjectsService } @@ -166,6 +169,15 @@ func (s *Service) userAgent() string { return googleapi.UserAgent + " " + s.UserAgent } +func NewFoldersService(s *Service) *FoldersService { + rs := &FoldersService{s: s} + return rs +} + +type FoldersService struct { + s *Service +} + func NewProjectsService(s *Service) *ProjectsService { rs := &ProjectsService{s: s} rs.Locations = NewProjectsLocationsService(s) @@ -182,7 +194,9 @@ func NewProjectsLocationsService(s *Service) *ProjectsLocationsService { rs := &ProjectsLocationsService{s: s} rs.EkmConfig = NewProjectsLocationsEkmConfigService(s) rs.EkmConnections = NewProjectsLocationsEkmConnectionsService(s) + rs.KeyHandles = NewProjectsLocationsKeyHandlesService(s) rs.KeyRings = NewProjectsLocationsKeyRingsService(s) + rs.Operations = NewProjectsLocationsOperationsService(s) return rs } @@ -193,7 +207,11 @@ type ProjectsLocationsService struct { EkmConnections *ProjectsLocationsEkmConnectionsService + KeyHandles *ProjectsLocationsKeyHandlesService + KeyRings *ProjectsLocationsKeyRingsService + + Operations *ProjectsLocationsOperationsService } func NewProjectsLocationsEkmConfigService(s *Service) *ProjectsLocationsEkmConfigService { @@ -214,6 +232,15 @@ type ProjectsLocationsEkmConnectionsService struct { s *Service } +func NewProjectsLocationsKeyHandlesService(s *Service) *ProjectsLocationsKeyHandlesService { + rs := &ProjectsLocationsKeyHandlesService{s: s} + return rs +} + +type ProjectsLocationsKeyHandlesService struct { + s *Service +} + func NewProjectsLocationsKeyRingsService(s *Service) *ProjectsLocationsKeyRingsService { rs := &ProjectsLocationsKeyRingsService{s: s} rs.CryptoKeys = NewProjectsLocationsKeyRingsCryptoKeysService(s) @@ -259,6 +286,15 @@ type ProjectsLocationsKeyRingsImportJobsService struct { s *Service } +func NewProjectsLocationsOperationsService(s *Service) *ProjectsLocationsOperationsService { + rs := &ProjectsLocationsOperationsService{s: s} + return rs +} + +type ProjectsLocationsOperationsService struct { + s *Service +} + // AsymmetricDecryptRequest: Request message for // KeyManagementService.AsymmetricDecrypt. type AsymmetricDecryptRequest struct { @@ -553,6 +589,41 @@ func (s *AuditLogConfig) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) } +// AutokeyConfig: Cloud KMS Autokey configuration for a folder. +type AutokeyConfig struct { + // KeyProject: Optional. Name of the key project, e.g. `projects/{PROJECT_ID}` + // or `projects/{PROJECT_NUMBER}`, where Cloud KMS Autokey will provision new + // CryptoKeys. On UpdateAutokeyConfig, the caller will require + // `cloudkms.cryptoKeys.setIamPolicy` permission on this key project. Once + // configured, for Cloud KMS Autokey to function properly, this key project + // must have the Cloud KMS API activated and the Cloud KMS Service Agent for + // this key project must be granted the `cloudkms.admin` role (or pertinent + // permissions). + KeyProject string `json:"keyProject,omitempty"` + // Name: Identifier. Name of the AutokeyConfig resource, e.g. + // `folders/{FOLDER_NUMBER}/autokeyConfig`. + Name string `json:"name,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the server. + googleapi.ServerResponse `json:"-"` + // ForceSendFields is a list of field names (e.g. "KeyProject") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "KeyProject") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s *AutokeyConfig) MarshalJSON() ([]byte, error) { + type NoMethod AutokeyConfig + return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) +} + // Binding: Associates `members`, or principals, with a `role`. type Binding struct { // Condition: The condition that is associated with this binding. If the @@ -874,6 +945,8 @@ type CryptoKeyVersion struct { // curve is only supported for HSM protection level. Other hash functions can // also be used: // https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms + // "EC_SIGN_ED25519" - EdDSA on the Curve25519 in pure mode (taking data as + // input). // "HMAC_SHA256" - HMAC-SHA256 signing with a 256 bit key. // "HMAC_SHA1" - HMAC-SHA1 signing with a 160 bit key. // "HMAC_SHA384" - HMAC-SHA384 signing with a 384 bit key. @@ -1053,6 +1126,8 @@ type CryptoKeyVersionTemplate struct { // curve is only supported for HSM protection level. Other hash functions can // also be used: // https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms + // "EC_SIGN_ED25519" - EdDSA on the Curve25519 in pure mode (taking data as + // input). // "HMAC_SHA256" - HMAC-SHA256 signing with a 256 bit key. // "HMAC_SHA1" - HMAC-SHA1 signing with a 160 bit key. // "HMAC_SHA384" - HMAC-SHA384 signing with a 384 bit key. @@ -1654,6 +1729,8 @@ type ImportCryptoKeyVersionRequest struct { // curve is only supported for HSM protection level. Other hash functions can // also be used: // https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms + // "EC_SIGN_ED25519" - EdDSA on the Curve25519 in pure mode (taking data as + // input). // "HMAC_SHA256" - HMAC-SHA256 signing with a 256 bit key. // "HMAC_SHA1" - HMAC-SHA1 signing with a 160 bit key. // "HMAC_SHA384" - HMAC-SHA384 signing with a 384 bit key. @@ -1845,6 +1922,42 @@ func (s *ImportJob) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) } +// KeyHandle: Resource-oriented representation of a request to Cloud KMS +// Autokey and the resulting provisioning of a CryptoKey. +type KeyHandle struct { + // KmsKey: Output only. Name of a CryptoKey that has been provisioned for + // Customer Managed Encryption Key (CMEK) use in the KeyHandle's project and + // location for the requested resource type. + KmsKey string `json:"kmsKey,omitempty"` + // Name: Output only. Identifier. Name of the [KeyHandle] resource, e.g. + // `projects/{PROJECT_ID}/locations/{LOCATION}/keyHandles/{KEY_HANDLE_ID}`. + Name string `json:"name,omitempty"` + // ResourceTypeSelector: Required. Indicates the resource type that the + // resulting CryptoKey is meant to protect, e.g. + // `{SERVICE}.googleapis.com/{TYPE}`. See documentation for supported resource + // types. + ResourceTypeSelector string `json:"resourceTypeSelector,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the server. + googleapi.ServerResponse `json:"-"` + // ForceSendFields is a list of field names (e.g. "KmsKey") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "KmsKey") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s *KeyHandle) MarshalJSON() ([]byte, error) { + type NoMethod KeyHandle + return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) +} + // KeyOperationAttestation: Contains an HSM-generated attestation about a key // operation. For more information, see [Verifying attestations] // (https://cloud.google.com/kms/docs/attest-key). @@ -2036,6 +2149,31 @@ func (s *ListImportJobsResponse) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) } +// ListKeyHandlesResponse: Response message for Autokey.ListKeyHandles. +type ListKeyHandlesResponse struct { + // KeyHandles: Resulting KeyHandles. + KeyHandles []*KeyHandle `json:"keyHandles,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the server. + googleapi.ServerResponse `json:"-"` + // ForceSendFields is a list of field names (e.g. "KeyHandles") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "KeyHandles") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s *ListKeyHandlesResponse) MarshalJSON() ([]byte, error) { + type NoMethod ListKeyHandlesResponse + return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) +} + // ListKeyRingsResponse: Response message for // KeyManagementService.ListKeyRings. type ListKeyRingsResponse struct { @@ -2364,6 +2502,53 @@ func (s *MacVerifyResponse) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) } +// Operation: This resource represents a long-running operation that is the +// result of a network API call. +type Operation struct { + // Done: If the value is `false`, it means the operation is still in progress. + // If `true`, the operation is completed, and either `error` or `response` is + // available. + Done bool `json:"done,omitempty"` + // Error: The error result of the operation in case of failure or cancellation. + Error *Status `json:"error,omitempty"` + // Metadata: Service-specific metadata associated with the operation. It + // typically contains progress information and common metadata such as create + // time. Some services might not provide such metadata. Any method that returns + // a long-running operation should document the metadata type, if any. + Metadata googleapi.RawMessage `json:"metadata,omitempty"` + // Name: The server-assigned name, which is only unique within the same service + // that originally returns it. If you use the default HTTP mapping, the `name` + // should be a resource name ending with `operations/{unique_id}`. + Name string `json:"name,omitempty"` + // Response: The normal, successful response of the operation. If the original + // method returns no data on success, such as `Delete`, the response is + // `google.protobuf.Empty`. If the original method is standard + // `Get`/`Create`/`Update`, the response should be the resource. For other + // methods, the response should have the type `XxxResponse`, where `Xxx` is the + // original method name. For example, if the original method name is + // `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`. + Response googleapi.RawMessage `json:"response,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the server. + googleapi.ServerResponse `json:"-"` + // ForceSendFields is a list of field names (e.g. "Done") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Done") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s *Operation) MarshalJSON() ([]byte, error) { + type NoMethod Operation + return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) +} + // Policy: An Identity and Access Management (IAM) policy, which specifies // access controls for Google Cloud resources. A `Policy` is a collection of // `bindings`. A `binding` binds one or more `members`, or principals, to a @@ -2509,6 +2694,8 @@ type PublicKey struct { // curve is only supported for HSM protection level. Other hash functions can // also be used: // https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms + // "EC_SIGN_ED25519" - EdDSA on the Curve25519 in pure mode (taking data as + // input). // "HMAC_SHA256" - HMAC-SHA256 signing with a 256 bit key. // "HMAC_SHA1" - HMAC-SHA1 signing with a 160 bit key. // "HMAC_SHA384" - HMAC-SHA384 signing with a 384 bit key. @@ -2965,6 +3152,67 @@ func (s *SetIamPolicyRequest) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) } +// ShowEffectiveAutokeyConfigResponse: Response message for +// ShowEffectiveAutokeyConfig. +type ShowEffectiveAutokeyConfigResponse struct { + // KeyProject: Name of the key project configured in the resource project's + // folder ancestry. + KeyProject string `json:"keyProject,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the server. + googleapi.ServerResponse `json:"-"` + // ForceSendFields is a list of field names (e.g. "KeyProject") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "KeyProject") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s *ShowEffectiveAutokeyConfigResponse) MarshalJSON() ([]byte, error) { + type NoMethod ShowEffectiveAutokeyConfigResponse + return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) +} + +// Status: The `Status` type defines a logical error model that is suitable for +// different programming environments, including REST APIs and RPC APIs. It is +// used by gRPC (https://github.com/grpc). Each `Status` message contains three +// pieces of data: error code, error message, and error details. You can find +// out more about this error model and how to work with it in the API Design +// Guide (https://cloud.google.com/apis/design/errors). +type Status struct { + // Code: The status code, which should be an enum value of google.rpc.Code. + Code int64 `json:"code,omitempty"` + // Details: A list of messages that carry the error details. There is a common + // set of message types for APIs to use. + Details []googleapi.RawMessage `json:"details,omitempty"` + // Message: A developer-facing error message, which should be in English. Any + // user-facing error message should be localized and sent in the + // google.rpc.Status.details field, or localized by the client. + Message string `json:"message,omitempty"` + // ForceSendFields is a list of field names (e.g. "Code") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Code") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s *Status) MarshalJSON() ([]byte, error) { + type NoMethod Status + return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) +} + // TestIamPermissionsRequest: Request message for `TestIamPermissions` method. type TestIamPermissionsRequest struct { // Permissions: The set of permissions to check for the `resource`. Permissions @@ -3075,79 +3323,83 @@ func (s *WrappingPublicKey) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) } -type ProjectsLocationsGenerateRandomBytesCall struct { - s *Service - location string - generaterandombytesrequest *GenerateRandomBytesRequest - urlParams_ gensupport.URLParams - ctx_ context.Context - header_ http.Header +type FoldersGetAutokeyConfigCall struct { + s *Service + name string + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header } -// GenerateRandomBytes: Generate random bytes using the Cloud KMS randomness -// source in the provided location. +// GetAutokeyConfig: Returns the AutokeyConfig for a folder. // -// - location: The project-specific location in which to generate random bytes. -// For example, "projects/my-project/locations/us-central1". -func (r *ProjectsLocationsService) GenerateRandomBytes(location string, generaterandombytesrequest *GenerateRandomBytesRequest) *ProjectsLocationsGenerateRandomBytesCall { - c := &ProjectsLocationsGenerateRandomBytesCall{s: r.s, urlParams_: make(gensupport.URLParams)} - c.location = location - c.generaterandombytesrequest = generaterandombytesrequest +// - name: Name of the AutokeyConfig resource, e.g. +// `folders/{FOLDER_NUMBER}/autokeyConfig`. +func (r *FoldersService) GetAutokeyConfig(name string) *FoldersGetAutokeyConfigCall { + c := &FoldersGetAutokeyConfigCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name return c } // Fields allows partial responses to be retrieved. See // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more // details. -func (c *ProjectsLocationsGenerateRandomBytesCall) Fields(s ...googleapi.Field) *ProjectsLocationsGenerateRandomBytesCall { +func (c *FoldersGetAutokeyConfigCall) Fields(s ...googleapi.Field) *FoldersGetAutokeyConfigCall { c.urlParams_.Set("fields", googleapi.CombineFields(s)) return c } +// IfNoneMatch sets an optional parameter which makes the operation fail if the +// object's ETag matches the given value. This is useful for getting updates +// only after the object has changed since the last request. +func (c *FoldersGetAutokeyConfigCall) IfNoneMatch(entityTag string) *FoldersGetAutokeyConfigCall { + c.ifNoneMatch_ = entityTag + return c +} + // Context sets the context to be used in this call's Do method. -func (c *ProjectsLocationsGenerateRandomBytesCall) Context(ctx context.Context) *ProjectsLocationsGenerateRandomBytesCall { +func (c *FoldersGetAutokeyConfigCall) Context(ctx context.Context) *FoldersGetAutokeyConfigCall { c.ctx_ = ctx return c } // Header returns a http.Header that can be modified by the caller to add // headers to the request. -func (c *ProjectsLocationsGenerateRandomBytesCall) Header() http.Header { +func (c *FoldersGetAutokeyConfigCall) Header() http.Header { if c.header_ == nil { c.header_ = make(http.Header) } return c.header_ } -func (c *ProjectsLocationsGenerateRandomBytesCall) doRequest(alt string) (*http.Response, error) { - reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_) - var body io.Reader = nil - body, err := googleapi.WithoutDataWrapper.JSONReader(c.generaterandombytesrequest) - if err != nil { - return nil, err +func (c *FoldersGetAutokeyConfigCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) } + var body io.Reader = nil c.urlParams_.Set("alt", alt) c.urlParams_.Set("prettyPrint", "false") - urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+location}:generateRandomBytes") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") urls += "?" + c.urlParams_.Encode() - req, err := http.NewRequest("POST", urls, body) + req, err := http.NewRequest("GET", urls, body) if err != nil { return nil, err } req.Header = reqHeaders googleapi.Expand(req.URL, map[string]string{ - "location": c.location, + "name": c.name, }) return gensupport.SendRequest(c.ctx_, c.s.client, req) } -// Do executes the "cloudkms.projects.locations.generateRandomBytes" call. +// Do executes the "cloudkms.folders.getAutokeyConfig" call. // Any non-2xx status code is an error. Response headers are in either -// *GenerateRandomBytesResponse.ServerResponse.Header or (if a response was -// returned at all) in error.(*googleapi.Error).Header. Use -// googleapi.IsNotModified to check whether the returned error was because -// http.StatusNotModified was returned. -func (c *ProjectsLocationsGenerateRandomBytesCall) Do(opts ...googleapi.CallOption) (*GenerateRandomBytesResponse, error) { +// *AutokeyConfig.ServerResponse.Header or (if a response was returned at all) +// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check +// whether the returned error was because http.StatusNotModified was returned. +func (c *FoldersGetAutokeyConfigCall) Do(opts ...googleapi.CallOption) (*AutokeyConfig, error) { gensupport.SetOptions(c.urlParams_, opts...) res, err := c.doRequest("json") if res != nil && res.StatusCode == http.StatusNotModified { @@ -3166,7 +3418,7 @@ func (c *ProjectsLocationsGenerateRandomBytesCall) Do(opts ...googleapi.CallOpti if err := googleapi.CheckResponse(res); err != nil { return nil, gensupport.WrapError(err) } - ret := &GenerateRandomBytesResponse{ + ret := &AutokeyConfig{ ServerResponse: googleapi.ServerResponse{ Header: res.Header, HTTPStatusCode: res.StatusCode, @@ -3179,66 +3431,71 @@ func (c *ProjectsLocationsGenerateRandomBytesCall) Do(opts ...googleapi.CallOpti return ret, nil } -type ProjectsLocationsGetCall struct { - s *Service - name string - urlParams_ gensupport.URLParams - ifNoneMatch_ string - ctx_ context.Context - header_ http.Header +type FoldersUpdateAutokeyConfigCall struct { + s *Service + name string + autokeyconfig *AutokeyConfig + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header } -// Get: Gets information about a location. +// UpdateAutokeyConfig: Updates the AutokeyConfig for a folder. The caller must +// have both `cloudkms.autokeyConfigs.update` permission on the parent folder +// and `cloudkms.cryptoKeys.setIamPolicy` permission on the provided key +// project. An empty key project may be provided to clear the configuration. // -// - name: Resource name for the location. -func (r *ProjectsLocationsService) Get(name string) *ProjectsLocationsGetCall { - c := &ProjectsLocationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} +// - name: Identifier. Name of the AutokeyConfig resource, e.g. +// `folders/{FOLDER_NUMBER}/autokeyConfig`. +func (r *FoldersService) UpdateAutokeyConfig(name string, autokeyconfig *AutokeyConfig) *FoldersUpdateAutokeyConfigCall { + c := &FoldersUpdateAutokeyConfigCall{s: r.s, urlParams_: make(gensupport.URLParams)} c.name = name + c.autokeyconfig = autokeyconfig + return c +} + +// UpdateMask sets the optional parameter "updateMask": Required. Masks which +// fields of the AutokeyConfig to update, e.g. `keyProject`. +func (c *FoldersUpdateAutokeyConfigCall) UpdateMask(updateMask string) *FoldersUpdateAutokeyConfigCall { + c.urlParams_.Set("updateMask", updateMask) return c } // Fields allows partial responses to be retrieved. See // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more // details. -func (c *ProjectsLocationsGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsGetCall { +func (c *FoldersUpdateAutokeyConfigCall) Fields(s ...googleapi.Field) *FoldersUpdateAutokeyConfigCall { c.urlParams_.Set("fields", googleapi.CombineFields(s)) return c } -// IfNoneMatch sets an optional parameter which makes the operation fail if the -// object's ETag matches the given value. This is useful for getting updates -// only after the object has changed since the last request. -func (c *ProjectsLocationsGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsGetCall { - c.ifNoneMatch_ = entityTag - return c -} - // Context sets the context to be used in this call's Do method. -func (c *ProjectsLocationsGetCall) Context(ctx context.Context) *ProjectsLocationsGetCall { +func (c *FoldersUpdateAutokeyConfigCall) Context(ctx context.Context) *FoldersUpdateAutokeyConfigCall { c.ctx_ = ctx return c } // Header returns a http.Header that can be modified by the caller to add // headers to the request. -func (c *ProjectsLocationsGetCall) Header() http.Header { +func (c *FoldersUpdateAutokeyConfigCall) Header() http.Header { if c.header_ == nil { c.header_ = make(http.Header) } return c.header_ } -func (c *ProjectsLocationsGetCall) doRequest(alt string) (*http.Response, error) { - reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) - if c.ifNoneMatch_ != "" { - reqHeaders.Set("If-None-Match", c.ifNoneMatch_) - } +func (c *FoldersUpdateAutokeyConfigCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_) var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.autokeyconfig) + if err != nil { + return nil, err + } c.urlParams_.Set("alt", alt) c.urlParams_.Set("prettyPrint", "false") urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") urls += "?" + c.urlParams_.Encode() - req, err := http.NewRequest("GET", urls, body) + req, err := http.NewRequest("PATCH", urls, body) if err != nil { return nil, err } @@ -3249,12 +3506,12 @@ func (c *ProjectsLocationsGetCall) doRequest(alt string) (*http.Response, error) return gensupport.SendRequest(c.ctx_, c.s.client, req) } -// Do executes the "cloudkms.projects.locations.get" call. +// Do executes the "cloudkms.folders.updateAutokeyConfig" call. // Any non-2xx status code is an error. Response headers are in either -// *Location.ServerResponse.Header or (if a response was returned at all) in -// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check +// *AutokeyConfig.ServerResponse.Header or (if a response was returned at all) +// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check // whether the returned error was because http.StatusNotModified was returned. -func (c *ProjectsLocationsGetCall) Do(opts ...googleapi.CallOption) (*Location, error) { +func (c *FoldersUpdateAutokeyConfigCall) Do(opts ...googleapi.CallOption) (*AutokeyConfig, error) { gensupport.SetOptions(c.urlParams_, opts...) res, err := c.doRequest("json") if res != nil && res.StatusCode == http.StatusNotModified { @@ -3273,7 +3530,7 @@ func (c *ProjectsLocationsGetCall) Do(opts ...googleapi.CallOption) (*Location, if err := googleapi.CheckResponse(res); err != nil { return nil, gensupport.WrapError(err) } - ret := &Location{ + ret := &AutokeyConfig{ ServerResponse: googleapi.ServerResponse{ Header: res.Header, HTTPStatusCode: res.StatusCode, @@ -3286,29 +3543,31 @@ func (c *ProjectsLocationsGetCall) Do(opts ...googleapi.CallOption) (*Location, return ret, nil } -type ProjectsLocationsGetEkmConfigCall struct { +type ProjectsShowEffectiveAutokeyConfigCall struct { s *Service - name string + parent string urlParams_ gensupport.URLParams ifNoneMatch_ string ctx_ context.Context header_ http.Header } -// GetEkmConfig: Returns the EkmConfig singleton resource for a given project -// and location. +// ShowEffectiveAutokeyConfig: Returns the effective Cloud KMS Autokey +// configuration for a given project. // -// - name: The name of the EkmConfig to get. -func (r *ProjectsLocationsService) GetEkmConfig(name string) *ProjectsLocationsGetEkmConfigCall { - c := &ProjectsLocationsGetEkmConfigCall{s: r.s, urlParams_: make(gensupport.URLParams)} - c.name = name +// - parent: Name of the resource project to the show effective Cloud KMS +// Autokey configuration for. This may be helpful for interrogating the +// effect of nested folder configurations on a given resource project. +func (r *ProjectsService) ShowEffectiveAutokeyConfig(parent string) *ProjectsShowEffectiveAutokeyConfigCall { + c := &ProjectsShowEffectiveAutokeyConfigCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.parent = parent return c } // Fields allows partial responses to be retrieved. See // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more // details. -func (c *ProjectsLocationsGetEkmConfigCall) Fields(s ...googleapi.Field) *ProjectsLocationsGetEkmConfigCall { +func (c *ProjectsShowEffectiveAutokeyConfigCall) Fields(s ...googleapi.Field) *ProjectsShowEffectiveAutokeyConfigCall { c.urlParams_.Set("fields", googleapi.CombineFields(s)) return c } @@ -3316,27 +3575,27 @@ func (c *ProjectsLocationsGetEkmConfigCall) Fields(s ...googleapi.Field) *Projec // IfNoneMatch sets an optional parameter which makes the operation fail if the // object's ETag matches the given value. This is useful for getting updates // only after the object has changed since the last request. -func (c *ProjectsLocationsGetEkmConfigCall) IfNoneMatch(entityTag string) *ProjectsLocationsGetEkmConfigCall { +func (c *ProjectsShowEffectiveAutokeyConfigCall) IfNoneMatch(entityTag string) *ProjectsShowEffectiveAutokeyConfigCall { c.ifNoneMatch_ = entityTag return c } // Context sets the context to be used in this call's Do method. -func (c *ProjectsLocationsGetEkmConfigCall) Context(ctx context.Context) *ProjectsLocationsGetEkmConfigCall { +func (c *ProjectsShowEffectiveAutokeyConfigCall) Context(ctx context.Context) *ProjectsShowEffectiveAutokeyConfigCall { c.ctx_ = ctx return c } // Header returns a http.Header that can be modified by the caller to add // headers to the request. -func (c *ProjectsLocationsGetEkmConfigCall) Header() http.Header { +func (c *ProjectsShowEffectiveAutokeyConfigCall) Header() http.Header { if c.header_ == nil { c.header_ = make(http.Header) } return c.header_ } -func (c *ProjectsLocationsGetEkmConfigCall) doRequest(alt string) (*http.Response, error) { +func (c *ProjectsShowEffectiveAutokeyConfigCall) doRequest(alt string) (*http.Response, error) { reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) if c.ifNoneMatch_ != "" { reqHeaders.Set("If-None-Match", c.ifNoneMatch_) @@ -3344,7 +3603,7 @@ func (c *ProjectsLocationsGetEkmConfigCall) doRequest(alt string) (*http.Respons var body io.Reader = nil c.urlParams_.Set("alt", alt) c.urlParams_.Set("prettyPrint", "false") - urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}:showEffectiveAutokeyConfig") urls += "?" + c.urlParams_.Encode() req, err := http.NewRequest("GET", urls, body) if err != nil { @@ -3352,17 +3611,18 @@ func (c *ProjectsLocationsGetEkmConfigCall) doRequest(alt string) (*http.Respons } req.Header = reqHeaders googleapi.Expand(req.URL, map[string]string{ - "name": c.name, + "parent": c.parent, }) return gensupport.SendRequest(c.ctx_, c.s.client, req) } -// Do executes the "cloudkms.projects.locations.getEkmConfig" call. +// Do executes the "cloudkms.projects.showEffectiveAutokeyConfig" call. // Any non-2xx status code is an error. Response headers are in either -// *EkmConfig.ServerResponse.Header or (if a response was returned at all) in -// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check -// whether the returned error was because http.StatusNotModified was returned. -func (c *ProjectsLocationsGetEkmConfigCall) Do(opts ...googleapi.CallOption) (*EkmConfig, error) { +// *ShowEffectiveAutokeyConfigResponse.ServerResponse.Header or (if a response +// was returned at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was because +// http.StatusNotModified was returned. +func (c *ProjectsShowEffectiveAutokeyConfigCall) Do(opts ...googleapi.CallOption) (*ShowEffectiveAutokeyConfigResponse, error) { gensupport.SetOptions(c.urlParams_, opts...) res, err := c.doRequest("json") if res != nil && res.StatusCode == http.StatusNotModified { @@ -3381,7 +3641,7 @@ func (c *ProjectsLocationsGetEkmConfigCall) Do(opts ...googleapi.CallOption) (*E if err := googleapi.CheckResponse(res); err != nil { return nil, gensupport.WrapError(err) } - ret := &EkmConfig{ + ret := &ShowEffectiveAutokeyConfigResponse{ ServerResponse: googleapi.ServerResponse{ Header: res.Header, HTTPStatusCode: res.StatusCode, @@ -3394,107 +3654,79 @@ func (c *ProjectsLocationsGetEkmConfigCall) Do(opts ...googleapi.CallOption) (*E return ret, nil } -type ProjectsLocationsListCall struct { - s *Service - name string - urlParams_ gensupport.URLParams - ifNoneMatch_ string - ctx_ context.Context - header_ http.Header +type ProjectsLocationsGenerateRandomBytesCall struct { + s *Service + location string + generaterandombytesrequest *GenerateRandomBytesRequest + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header } -// List: Lists information about the supported locations for this service. +// GenerateRandomBytes: Generate random bytes using the Cloud KMS randomness +// source in the provided location. // -// - name: The resource that owns the locations collection, if applicable. -func (r *ProjectsLocationsService) List(name string) *ProjectsLocationsListCall { - c := &ProjectsLocationsListCall{s: r.s, urlParams_: make(gensupport.URLParams)} - c.name = name - return c -} - -// Filter sets the optional parameter "filter": A filter to narrow down results -// to a preferred subset. The filtering language accepts strings like -// "displayName=tokyo", and is documented in more detail in AIP-160 -// (https://google.aip.dev/160). -func (c *ProjectsLocationsListCall) Filter(filter string) *ProjectsLocationsListCall { - c.urlParams_.Set("filter", filter) - return c -} - -// PageSize sets the optional parameter "pageSize": The maximum number of -// results to return. If not set, the service selects a default. -func (c *ProjectsLocationsListCall) PageSize(pageSize int64) *ProjectsLocationsListCall { - c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) - return c -} - -// PageToken sets the optional parameter "pageToken": A page token received -// from the `next_page_token` field in the response. Send that page token to -// receive the subsequent page. -func (c *ProjectsLocationsListCall) PageToken(pageToken string) *ProjectsLocationsListCall { - c.urlParams_.Set("pageToken", pageToken) +// - location: The project-specific location in which to generate random bytes. +// For example, "projects/my-project/locations/us-central1". +func (r *ProjectsLocationsService) GenerateRandomBytes(location string, generaterandombytesrequest *GenerateRandomBytesRequest) *ProjectsLocationsGenerateRandomBytesCall { + c := &ProjectsLocationsGenerateRandomBytesCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.location = location + c.generaterandombytesrequest = generaterandombytesrequest return c } // Fields allows partial responses to be retrieved. See // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more // details. -func (c *ProjectsLocationsListCall) Fields(s ...googleapi.Field) *ProjectsLocationsListCall { +func (c *ProjectsLocationsGenerateRandomBytesCall) Fields(s ...googleapi.Field) *ProjectsLocationsGenerateRandomBytesCall { c.urlParams_.Set("fields", googleapi.CombineFields(s)) return c } -// IfNoneMatch sets an optional parameter which makes the operation fail if the -// object's ETag matches the given value. This is useful for getting updates -// only after the object has changed since the last request. -func (c *ProjectsLocationsListCall) IfNoneMatch(entityTag string) *ProjectsLocationsListCall { - c.ifNoneMatch_ = entityTag - return c -} - // Context sets the context to be used in this call's Do method. -func (c *ProjectsLocationsListCall) Context(ctx context.Context) *ProjectsLocationsListCall { +func (c *ProjectsLocationsGenerateRandomBytesCall) Context(ctx context.Context) *ProjectsLocationsGenerateRandomBytesCall { c.ctx_ = ctx return c } // Header returns a http.Header that can be modified by the caller to add // headers to the request. -func (c *ProjectsLocationsListCall) Header() http.Header { +func (c *ProjectsLocationsGenerateRandomBytesCall) Header() http.Header { if c.header_ == nil { c.header_ = make(http.Header) } return c.header_ } -func (c *ProjectsLocationsListCall) doRequest(alt string) (*http.Response, error) { - reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) - if c.ifNoneMatch_ != "" { - reqHeaders.Set("If-None-Match", c.ifNoneMatch_) - } +func (c *ProjectsLocationsGenerateRandomBytesCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_) var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.generaterandombytesrequest) + if err != nil { + return nil, err + } c.urlParams_.Set("alt", alt) c.urlParams_.Set("prettyPrint", "false") - urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}/locations") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+location}:generateRandomBytes") urls += "?" + c.urlParams_.Encode() - req, err := http.NewRequest("GET", urls, body) + req, err := http.NewRequest("POST", urls, body) if err != nil { return nil, err } req.Header = reqHeaders googleapi.Expand(req.URL, map[string]string{ - "name": c.name, + "location": c.location, }) return gensupport.SendRequest(c.ctx_, c.s.client, req) } -// Do executes the "cloudkms.projects.locations.list" call. +// Do executes the "cloudkms.projects.locations.generateRandomBytes" call. // Any non-2xx status code is an error. Response headers are in either -// *ListLocationsResponse.ServerResponse.Header or (if a response was returned -// at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to -// check whether the returned error was because http.StatusNotModified was -// returned. -func (c *ProjectsLocationsListCall) Do(opts ...googleapi.CallOption) (*ListLocationsResponse, error) { +// *GenerateRandomBytesResponse.ServerResponse.Header or (if a response was +// returned at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was because +// http.StatusNotModified was returned. +func (c *ProjectsLocationsGenerateRandomBytesCall) Do(opts ...googleapi.CallOption) (*GenerateRandomBytesResponse, error) { gensupport.SetOptions(c.urlParams_, opts...) res, err := c.doRequest("json") if res != nil && res.StatusCode == http.StatusNotModified { @@ -3513,7 +3745,7 @@ func (c *ProjectsLocationsListCall) Do(opts ...googleapi.CallOption) (*ListLocat if err := googleapi.CheckResponse(res); err != nil { return nil, gensupport.WrapError(err) } - ret := &ListLocationsResponse{ + ret := &GenerateRandomBytesResponse{ ServerResponse: googleapi.ServerResponse{ Header: res.Header, HTTPStatusCode: res.StatusCode, @@ -3526,90 +3758,66 @@ func (c *ProjectsLocationsListCall) Do(opts ...googleapi.CallOption) (*ListLocat return ret, nil } -// Pages invokes f for each page of results. -// A non-nil error returned from f will halt the iteration. -// The provided context supersedes any context provided to the Context method. -func (c *ProjectsLocationsListCall) Pages(ctx context.Context, f func(*ListLocationsResponse) error) error { - c.ctx_ = ctx - defer c.PageToken(c.urlParams_.Get("pageToken")) - for { - x, err := c.Do() - if err != nil { - return err - } - if err := f(x); err != nil { - return err - } - if x.NextPageToken == "" { - return nil - } - c.PageToken(x.NextPageToken) - } -} - -type ProjectsLocationsUpdateEkmConfigCall struct { - s *Service - name string - ekmconfig *EkmConfig - urlParams_ gensupport.URLParams - ctx_ context.Context - header_ http.Header +type ProjectsLocationsGetCall struct { + s *Service + name string + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header } -// UpdateEkmConfig: Updates the EkmConfig singleton resource for a given -// project and location. +// Get: Gets information about a location. // -// - name: Output only. The resource name for the EkmConfig in the format -// `projects/*/locations/*/ekmConfig`. -func (r *ProjectsLocationsService) UpdateEkmConfig(name string, ekmconfig *EkmConfig) *ProjectsLocationsUpdateEkmConfigCall { - c := &ProjectsLocationsUpdateEkmConfigCall{s: r.s, urlParams_: make(gensupport.URLParams)} +// - name: Resource name for the location. +func (r *ProjectsLocationsService) Get(name string) *ProjectsLocationsGetCall { + c := &ProjectsLocationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} c.name = name - c.ekmconfig = ekmconfig - return c -} - -// UpdateMask sets the optional parameter "updateMask": Required. List of -// fields to be updated in this request. -func (c *ProjectsLocationsUpdateEkmConfigCall) UpdateMask(updateMask string) *ProjectsLocationsUpdateEkmConfigCall { - c.urlParams_.Set("updateMask", updateMask) return c } // Fields allows partial responses to be retrieved. See // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more // details. -func (c *ProjectsLocationsUpdateEkmConfigCall) Fields(s ...googleapi.Field) *ProjectsLocationsUpdateEkmConfigCall { +func (c *ProjectsLocationsGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsGetCall { c.urlParams_.Set("fields", googleapi.CombineFields(s)) return c } +// IfNoneMatch sets an optional parameter which makes the operation fail if the +// object's ETag matches the given value. This is useful for getting updates +// only after the object has changed since the last request. +func (c *ProjectsLocationsGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsGetCall { + c.ifNoneMatch_ = entityTag + return c +} + // Context sets the context to be used in this call's Do method. -func (c *ProjectsLocationsUpdateEkmConfigCall) Context(ctx context.Context) *ProjectsLocationsUpdateEkmConfigCall { +func (c *ProjectsLocationsGetCall) Context(ctx context.Context) *ProjectsLocationsGetCall { c.ctx_ = ctx return c } // Header returns a http.Header that can be modified by the caller to add // headers to the request. -func (c *ProjectsLocationsUpdateEkmConfigCall) Header() http.Header { +func (c *ProjectsLocationsGetCall) Header() http.Header { if c.header_ == nil { c.header_ = make(http.Header) } return c.header_ } -func (c *ProjectsLocationsUpdateEkmConfigCall) doRequest(alt string) (*http.Response, error) { - reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_) - var body io.Reader = nil - body, err := googleapi.WithoutDataWrapper.JSONReader(c.ekmconfig) - if err != nil { - return nil, err +func (c *ProjectsLocationsGetCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) } + var body io.Reader = nil c.urlParams_.Set("alt", alt) c.urlParams_.Set("prettyPrint", "false") urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") urls += "?" + c.urlParams_.Encode() - req, err := http.NewRequest("PATCH", urls, body) + req, err := http.NewRequest("GET", urls, body) if err != nil { return nil, err } @@ -3620,12 +3828,12 @@ func (c *ProjectsLocationsUpdateEkmConfigCall) doRequest(alt string) (*http.Resp return gensupport.SendRequest(c.ctx_, c.s.client, req) } -// Do executes the "cloudkms.projects.locations.updateEkmConfig" call. +// Do executes the "cloudkms.projects.locations.get" call. // Any non-2xx status code is an error. Response headers are in either -// *EkmConfig.ServerResponse.Header or (if a response was returned at all) in +// *Location.ServerResponse.Header or (if a response was returned at all) in // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check // whether the returned error was because http.StatusNotModified was returned. -func (c *ProjectsLocationsUpdateEkmConfigCall) Do(opts ...googleapi.CallOption) (*EkmConfig, error) { +func (c *ProjectsLocationsGetCall) Do(opts ...googleapi.CallOption) (*Location, error) { gensupport.SetOptions(c.urlParams_, opts...) res, err := c.doRequest("json") if res != nil && res.StatusCode == http.StatusNotModified { @@ -3644,7 +3852,7 @@ func (c *ProjectsLocationsUpdateEkmConfigCall) Do(opts ...googleapi.CallOption) if err := googleapi.CheckResponse(res); err != nil { return nil, gensupport.WrapError(err) } - ret := &EkmConfig{ + ret := &Location{ ServerResponse: googleapi.ServerResponse{ Header: res.Header, HTTPStatusCode: res.StatusCode, @@ -3657,48 +3865,29 @@ func (c *ProjectsLocationsUpdateEkmConfigCall) Do(opts ...googleapi.CallOption) return ret, nil } -type ProjectsLocationsEkmConfigGetIamPolicyCall struct { +type ProjectsLocationsGetEkmConfigCall struct { s *Service - resource string + name string urlParams_ gensupport.URLParams ifNoneMatch_ string ctx_ context.Context header_ http.Header } -// GetIamPolicy: Gets the access control policy for a resource. Returns an -// empty policy if the resource exists and does not have a policy set. +// GetEkmConfig: Returns the EkmConfig singleton resource for a given project +// and location. // -// - resource: REQUIRED: The resource for which the policy is being requested. -// See Resource names (https://cloud.google.com/apis/design/resource_names) -// for the appropriate value for this field. -func (r *ProjectsLocationsEkmConfigService) GetIamPolicy(resource string) *ProjectsLocationsEkmConfigGetIamPolicyCall { - c := &ProjectsLocationsEkmConfigGetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} - c.resource = resource - return c -} - -// OptionsRequestedPolicyVersion sets the optional parameter -// "options.requestedPolicyVersion": The maximum policy version that will be -// used to format the policy. Valid values are 0, 1, and 3. Requests specifying -// an invalid value will be rejected. Requests for policies with any -// conditional role bindings must specify version 3. Policies with no -// conditional role bindings may specify any valid value or leave the field -// unset. The policy in the response might use the policy version that you -// specified, or it might use a lower policy version. For example, if you -// specify version 3, but the policy has no conditional role bindings, the -// response uses version 1. To learn which resources support conditions in -// their IAM policies, see the IAM documentation -// (https://cloud.google.com/iam/help/conditions/resource-policies). -func (c *ProjectsLocationsEkmConfigGetIamPolicyCall) OptionsRequestedPolicyVersion(optionsRequestedPolicyVersion int64) *ProjectsLocationsEkmConfigGetIamPolicyCall { - c.urlParams_.Set("options.requestedPolicyVersion", fmt.Sprint(optionsRequestedPolicyVersion)) +// - name: The name of the EkmConfig to get. +func (r *ProjectsLocationsService) GetEkmConfig(name string) *ProjectsLocationsGetEkmConfigCall { + c := &ProjectsLocationsGetEkmConfigCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name return c } // Fields allows partial responses to be retrieved. See // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more // details. -func (c *ProjectsLocationsEkmConfigGetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsLocationsEkmConfigGetIamPolicyCall { +func (c *ProjectsLocationsGetEkmConfigCall) Fields(s ...googleapi.Field) *ProjectsLocationsGetEkmConfigCall { c.urlParams_.Set("fields", googleapi.CombineFields(s)) return c } @@ -3706,27 +3895,27 @@ func (c *ProjectsLocationsEkmConfigGetIamPolicyCall) Fields(s ...googleapi.Field // IfNoneMatch sets an optional parameter which makes the operation fail if the // object's ETag matches the given value. This is useful for getting updates // only after the object has changed since the last request. -func (c *ProjectsLocationsEkmConfigGetIamPolicyCall) IfNoneMatch(entityTag string) *ProjectsLocationsEkmConfigGetIamPolicyCall { +func (c *ProjectsLocationsGetEkmConfigCall) IfNoneMatch(entityTag string) *ProjectsLocationsGetEkmConfigCall { c.ifNoneMatch_ = entityTag return c } // Context sets the context to be used in this call's Do method. -func (c *ProjectsLocationsEkmConfigGetIamPolicyCall) Context(ctx context.Context) *ProjectsLocationsEkmConfigGetIamPolicyCall { +func (c *ProjectsLocationsGetEkmConfigCall) Context(ctx context.Context) *ProjectsLocationsGetEkmConfigCall { c.ctx_ = ctx return c } // Header returns a http.Header that can be modified by the caller to add // headers to the request. -func (c *ProjectsLocationsEkmConfigGetIamPolicyCall) Header() http.Header { +func (c *ProjectsLocationsGetEkmConfigCall) Header() http.Header { if c.header_ == nil { c.header_ = make(http.Header) } return c.header_ } -func (c *ProjectsLocationsEkmConfigGetIamPolicyCall) doRequest(alt string) (*http.Response, error) { +func (c *ProjectsLocationsGetEkmConfigCall) doRequest(alt string) (*http.Response, error) { reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) if c.ifNoneMatch_ != "" { reqHeaders.Set("If-None-Match", c.ifNoneMatch_) @@ -3734,7 +3923,7 @@ func (c *ProjectsLocationsEkmConfigGetIamPolicyCall) doRequest(alt string) (*htt var body io.Reader = nil c.urlParams_.Set("alt", alt) c.urlParams_.Set("prettyPrint", "false") - urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:getIamPolicy") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") urls += "?" + c.urlParams_.Encode() req, err := http.NewRequest("GET", urls, body) if err != nil { @@ -3742,17 +3931,17 @@ func (c *ProjectsLocationsEkmConfigGetIamPolicyCall) doRequest(alt string) (*htt } req.Header = reqHeaders googleapi.Expand(req.URL, map[string]string{ - "resource": c.resource, + "name": c.name, }) return gensupport.SendRequest(c.ctx_, c.s.client, req) } -// Do executes the "cloudkms.projects.locations.ekmConfig.getIamPolicy" call. +// Do executes the "cloudkms.projects.locations.getEkmConfig" call. // Any non-2xx status code is an error. Response headers are in either -// *Policy.ServerResponse.Header or (if a response was returned at all) in +// *EkmConfig.ServerResponse.Header or (if a response was returned at all) in // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check // whether the returned error was because http.StatusNotModified was returned. -func (c *ProjectsLocationsEkmConfigGetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) { +func (c *ProjectsLocationsGetEkmConfigCall) Do(opts ...googleapi.CallOption) (*EkmConfig, error) { gensupport.SetOptions(c.urlParams_, opts...) res, err := c.doRequest("json") if res != nil && res.StatusCode == http.StatusNotModified { @@ -3771,7 +3960,7 @@ func (c *ProjectsLocationsEkmConfigGetIamPolicyCall) Do(opts ...googleapi.CallOp if err := googleapi.CheckResponse(res); err != nil { return nil, gensupport.WrapError(err) } - ret := &Policy{ + ret := &EkmConfig{ ServerResponse: googleapi.ServerResponse{ Header: res.Header, HTTPStatusCode: res.StatusCode, @@ -3784,80 +3973,107 @@ func (c *ProjectsLocationsEkmConfigGetIamPolicyCall) Do(opts ...googleapi.CallOp return ret, nil } -type ProjectsLocationsEkmConfigSetIamPolicyCall struct { - s *Service - resource string - setiampolicyrequest *SetIamPolicyRequest - urlParams_ gensupport.URLParams - ctx_ context.Context - header_ http.Header +type ProjectsLocationsListCall struct { + s *Service + name string + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header } -// SetIamPolicy: Sets the access control policy on the specified resource. -// Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, -// and `PERMISSION_DENIED` errors. +// List: Lists information about the supported locations for this service. // -// - resource: REQUIRED: The resource for which the policy is being specified. -// See Resource names (https://cloud.google.com/apis/design/resource_names) -// for the appropriate value for this field. -func (r *ProjectsLocationsEkmConfigService) SetIamPolicy(resource string, setiampolicyrequest *SetIamPolicyRequest) *ProjectsLocationsEkmConfigSetIamPolicyCall { - c := &ProjectsLocationsEkmConfigSetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} - c.resource = resource - c.setiampolicyrequest = setiampolicyrequest +// - name: The resource that owns the locations collection, if applicable. +func (r *ProjectsLocationsService) List(name string) *ProjectsLocationsListCall { + c := &ProjectsLocationsListCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + return c +} + +// Filter sets the optional parameter "filter": A filter to narrow down results +// to a preferred subset. The filtering language accepts strings like +// "displayName=tokyo", and is documented in more detail in AIP-160 +// (https://google.aip.dev/160). +func (c *ProjectsLocationsListCall) Filter(filter string) *ProjectsLocationsListCall { + c.urlParams_.Set("filter", filter) + return c +} + +// PageSize sets the optional parameter "pageSize": The maximum number of +// results to return. If not set, the service selects a default. +func (c *ProjectsLocationsListCall) PageSize(pageSize int64) *ProjectsLocationsListCall { + c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) + return c +} + +// PageToken sets the optional parameter "pageToken": A page token received +// from the `next_page_token` field in the response. Send that page token to +// receive the subsequent page. +func (c *ProjectsLocationsListCall) PageToken(pageToken string) *ProjectsLocationsListCall { + c.urlParams_.Set("pageToken", pageToken) return c } // Fields allows partial responses to be retrieved. See // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more // details. -func (c *ProjectsLocationsEkmConfigSetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsLocationsEkmConfigSetIamPolicyCall { +func (c *ProjectsLocationsListCall) Fields(s ...googleapi.Field) *ProjectsLocationsListCall { c.urlParams_.Set("fields", googleapi.CombineFields(s)) return c } +// IfNoneMatch sets an optional parameter which makes the operation fail if the +// object's ETag matches the given value. This is useful for getting updates +// only after the object has changed since the last request. +func (c *ProjectsLocationsListCall) IfNoneMatch(entityTag string) *ProjectsLocationsListCall { + c.ifNoneMatch_ = entityTag + return c +} + // Context sets the context to be used in this call's Do method. -func (c *ProjectsLocationsEkmConfigSetIamPolicyCall) Context(ctx context.Context) *ProjectsLocationsEkmConfigSetIamPolicyCall { +func (c *ProjectsLocationsListCall) Context(ctx context.Context) *ProjectsLocationsListCall { c.ctx_ = ctx return c } // Header returns a http.Header that can be modified by the caller to add // headers to the request. -func (c *ProjectsLocationsEkmConfigSetIamPolicyCall) Header() http.Header { +func (c *ProjectsLocationsListCall) Header() http.Header { if c.header_ == nil { c.header_ = make(http.Header) } return c.header_ } -func (c *ProjectsLocationsEkmConfigSetIamPolicyCall) doRequest(alt string) (*http.Response, error) { - reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_) - var body io.Reader = nil - body, err := googleapi.WithoutDataWrapper.JSONReader(c.setiampolicyrequest) - if err != nil { - return nil, err +func (c *ProjectsLocationsListCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) } + var body io.Reader = nil c.urlParams_.Set("alt", alt) c.urlParams_.Set("prettyPrint", "false") - urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:setIamPolicy") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}/locations") urls += "?" + c.urlParams_.Encode() - req, err := http.NewRequest("POST", urls, body) + req, err := http.NewRequest("GET", urls, body) if err != nil { return nil, err } req.Header = reqHeaders googleapi.Expand(req.URL, map[string]string{ - "resource": c.resource, + "name": c.name, }) return gensupport.SendRequest(c.ctx_, c.s.client, req) } -// Do executes the "cloudkms.projects.locations.ekmConfig.setIamPolicy" call. +// Do executes the "cloudkms.projects.locations.list" call. // Any non-2xx status code is an error. Response headers are in either -// *Policy.ServerResponse.Header or (if a response was returned at all) in -// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check -// whether the returned error was because http.StatusNotModified was returned. -func (c *ProjectsLocationsEkmConfigSetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) { +// *ListLocationsResponse.ServerResponse.Header or (if a response was returned +// at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to +// check whether the returned error was because http.StatusNotModified was +// returned. +func (c *ProjectsLocationsListCall) Do(opts ...googleapi.CallOption) (*ListLocationsResponse, error) { gensupport.SetOptions(c.urlParams_, opts...) res, err := c.doRequest("json") if res != nil && res.StatusCode == http.StatusNotModified { @@ -3876,7 +4092,7 @@ func (c *ProjectsLocationsEkmConfigSetIamPolicyCall) Do(opts ...googleapi.CallOp if err := googleapi.CheckResponse(res); err != nil { return nil, gensupport.WrapError(err) } - ret := &Policy{ + ret := &ListLocationsResponse{ ServerResponse: googleapi.ServerResponse{ Header: res.Header, HTTPStatusCode: res.StatusCode, @@ -3889,84 +4105,106 @@ func (c *ProjectsLocationsEkmConfigSetIamPolicyCall) Do(opts ...googleapi.CallOp return ret, nil } -type ProjectsLocationsEkmConfigTestIamPermissionsCall struct { - s *Service - resource string - testiampermissionsrequest *TestIamPermissionsRequest - urlParams_ gensupport.URLParams - ctx_ context.Context - header_ http.Header +// Pages invokes f for each page of results. +// A non-nil error returned from f will halt the iteration. +// The provided context supersedes any context provided to the Context method. +func (c *ProjectsLocationsListCall) Pages(ctx context.Context, f func(*ListLocationsResponse) error) error { + c.ctx_ = ctx + defer c.PageToken(c.urlParams_.Get("pageToken")) + for { + x, err := c.Do() + if err != nil { + return err + } + if err := f(x); err != nil { + return err + } + if x.NextPageToken == "" { + return nil + } + c.PageToken(x.NextPageToken) + } } -// TestIamPermissions: Returns permissions that a caller has on the specified -// resource. If the resource does not exist, this will return an empty set of -// permissions, not a `NOT_FOUND` error. Note: This operation is designed to be -// used for building permission-aware UIs and command-line tools, not for -// authorization checking. This operation may "fail open" without warning. +type ProjectsLocationsUpdateEkmConfigCall struct { + s *Service + name string + ekmconfig *EkmConfig + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// UpdateEkmConfig: Updates the EkmConfig singleton resource for a given +// project and location. // -// - resource: REQUIRED: The resource for which the policy detail is being -// requested. See Resource names -// (https://cloud.google.com/apis/design/resource_names) for the appropriate -// value for this field. -func (r *ProjectsLocationsEkmConfigService) TestIamPermissions(resource string, testiampermissionsrequest *TestIamPermissionsRequest) *ProjectsLocationsEkmConfigTestIamPermissionsCall { - c := &ProjectsLocationsEkmConfigTestIamPermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)} - c.resource = resource - c.testiampermissionsrequest = testiampermissionsrequest +// - name: Output only. The resource name for the EkmConfig in the format +// `projects/*/locations/*/ekmConfig`. +func (r *ProjectsLocationsService) UpdateEkmConfig(name string, ekmconfig *EkmConfig) *ProjectsLocationsUpdateEkmConfigCall { + c := &ProjectsLocationsUpdateEkmConfigCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + c.ekmconfig = ekmconfig + return c +} + +// UpdateMask sets the optional parameter "updateMask": Required. List of +// fields to be updated in this request. +func (c *ProjectsLocationsUpdateEkmConfigCall) UpdateMask(updateMask string) *ProjectsLocationsUpdateEkmConfigCall { + c.urlParams_.Set("updateMask", updateMask) return c } // Fields allows partial responses to be retrieved. See // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more // details. -func (c *ProjectsLocationsEkmConfigTestIamPermissionsCall) Fields(s ...googleapi.Field) *ProjectsLocationsEkmConfigTestIamPermissionsCall { +func (c *ProjectsLocationsUpdateEkmConfigCall) Fields(s ...googleapi.Field) *ProjectsLocationsUpdateEkmConfigCall { c.urlParams_.Set("fields", googleapi.CombineFields(s)) return c } // Context sets the context to be used in this call's Do method. -func (c *ProjectsLocationsEkmConfigTestIamPermissionsCall) Context(ctx context.Context) *ProjectsLocationsEkmConfigTestIamPermissionsCall { +func (c *ProjectsLocationsUpdateEkmConfigCall) Context(ctx context.Context) *ProjectsLocationsUpdateEkmConfigCall { c.ctx_ = ctx return c } // Header returns a http.Header that can be modified by the caller to add // headers to the request. -func (c *ProjectsLocationsEkmConfigTestIamPermissionsCall) Header() http.Header { +func (c *ProjectsLocationsUpdateEkmConfigCall) Header() http.Header { if c.header_ == nil { c.header_ = make(http.Header) } return c.header_ } -func (c *ProjectsLocationsEkmConfigTestIamPermissionsCall) doRequest(alt string) (*http.Response, error) { +func (c *ProjectsLocationsUpdateEkmConfigCall) doRequest(alt string) (*http.Response, error) { reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_) var body io.Reader = nil - body, err := googleapi.WithoutDataWrapper.JSONReader(c.testiampermissionsrequest) + body, err := googleapi.WithoutDataWrapper.JSONReader(c.ekmconfig) if err != nil { return nil, err } c.urlParams_.Set("alt", alt) c.urlParams_.Set("prettyPrint", "false") - urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:testIamPermissions") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") urls += "?" + c.urlParams_.Encode() - req, err := http.NewRequest("POST", urls, body) + req, err := http.NewRequest("PATCH", urls, body) if err != nil { return nil, err } req.Header = reqHeaders googleapi.Expand(req.URL, map[string]string{ - "resource": c.resource, + "name": c.name, }) return gensupport.SendRequest(c.ctx_, c.s.client, req) } -// Do executes the "cloudkms.projects.locations.ekmConfig.testIamPermissions" call. +// Do executes the "cloudkms.projects.locations.updateEkmConfig" call. // Any non-2xx status code is an error. Response headers are in either -// *TestIamPermissionsResponse.ServerResponse.Header or (if a response was -// returned at all) in error.(*googleapi.Error).Header. Use -// googleapi.IsNotModified to check whether the returned error was because -// http.StatusNotModified was returned. -func (c *ProjectsLocationsEkmConfigTestIamPermissionsCall) Do(opts ...googleapi.CallOption) (*TestIamPermissionsResponse, error) { +// *EkmConfig.ServerResponse.Header or (if a response was returned at all) in +// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check +// whether the returned error was because http.StatusNotModified was returned. +func (c *ProjectsLocationsUpdateEkmConfigCall) Do(opts ...googleapi.CallOption) (*EkmConfig, error) { gensupport.SetOptions(c.urlParams_, opts...) res, err := c.doRequest("json") if res != nil && res.StatusCode == http.StatusNotModified { @@ -3985,7 +4223,7 @@ func (c *ProjectsLocationsEkmConfigTestIamPermissionsCall) Do(opts ...googleapi. if err := googleapi.CheckResponse(res); err != nil { return nil, gensupport.WrapError(err) } - ret := &TestIamPermissionsResponse{ + ret := &EkmConfig{ ServerResponse: googleapi.ServerResponse{ Header: res.Header, HTTPStatusCode: res.StatusCode, @@ -3998,85 +4236,102 @@ func (c *ProjectsLocationsEkmConfigTestIamPermissionsCall) Do(opts ...googleapi. return ret, nil } -type ProjectsLocationsEkmConnectionsCreateCall struct { - s *Service - parent string - ekmconnection *EkmConnection - urlParams_ gensupport.URLParams - ctx_ context.Context - header_ http.Header +type ProjectsLocationsEkmConfigGetIamPolicyCall struct { + s *Service + resource string + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header } -// Create: Creates a new EkmConnection in a given Project and Location. +// GetIamPolicy: Gets the access control policy for a resource. Returns an +// empty policy if the resource exists and does not have a policy set. // -// - parent: The resource name of the location associated with the -// EkmConnection, in the format `projects/*/locations/*`. -func (r *ProjectsLocationsEkmConnectionsService) Create(parent string, ekmconnection *EkmConnection) *ProjectsLocationsEkmConnectionsCreateCall { - c := &ProjectsLocationsEkmConnectionsCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} - c.parent = parent - c.ekmconnection = ekmconnection +// - resource: REQUIRED: The resource for which the policy is being requested. +// See Resource names (https://cloud.google.com/apis/design/resource_names) +// for the appropriate value for this field. +func (r *ProjectsLocationsEkmConfigService) GetIamPolicy(resource string) *ProjectsLocationsEkmConfigGetIamPolicyCall { + c := &ProjectsLocationsEkmConfigGetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.resource = resource return c } -// EkmConnectionId sets the optional parameter "ekmConnectionId": Required. It -// must be unique within a location and match the regular expression -// `[a-zA-Z0-9_-]{1,63}`. -func (c *ProjectsLocationsEkmConnectionsCreateCall) EkmConnectionId(ekmConnectionId string) *ProjectsLocationsEkmConnectionsCreateCall { - c.urlParams_.Set("ekmConnectionId", ekmConnectionId) +// OptionsRequestedPolicyVersion sets the optional parameter +// "options.requestedPolicyVersion": The maximum policy version that will be +// used to format the policy. Valid values are 0, 1, and 3. Requests specifying +// an invalid value will be rejected. Requests for policies with any +// conditional role bindings must specify version 3. Policies with no +// conditional role bindings may specify any valid value or leave the field +// unset. The policy in the response might use the policy version that you +// specified, or it might use a lower policy version. For example, if you +// specify version 3, but the policy has no conditional role bindings, the +// response uses version 1. To learn which resources support conditions in +// their IAM policies, see the IAM documentation +// (https://cloud.google.com/iam/help/conditions/resource-policies). +func (c *ProjectsLocationsEkmConfigGetIamPolicyCall) OptionsRequestedPolicyVersion(optionsRequestedPolicyVersion int64) *ProjectsLocationsEkmConfigGetIamPolicyCall { + c.urlParams_.Set("options.requestedPolicyVersion", fmt.Sprint(optionsRequestedPolicyVersion)) return c } // Fields allows partial responses to be retrieved. See // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more // details. -func (c *ProjectsLocationsEkmConnectionsCreateCall) Fields(s ...googleapi.Field) *ProjectsLocationsEkmConnectionsCreateCall { +func (c *ProjectsLocationsEkmConfigGetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsLocationsEkmConfigGetIamPolicyCall { c.urlParams_.Set("fields", googleapi.CombineFields(s)) return c } +// IfNoneMatch sets an optional parameter which makes the operation fail if the +// object's ETag matches the given value. This is useful for getting updates +// only after the object has changed since the last request. +func (c *ProjectsLocationsEkmConfigGetIamPolicyCall) IfNoneMatch(entityTag string) *ProjectsLocationsEkmConfigGetIamPolicyCall { + c.ifNoneMatch_ = entityTag + return c +} + // Context sets the context to be used in this call's Do method. -func (c *ProjectsLocationsEkmConnectionsCreateCall) Context(ctx context.Context) *ProjectsLocationsEkmConnectionsCreateCall { +func (c *ProjectsLocationsEkmConfigGetIamPolicyCall) Context(ctx context.Context) *ProjectsLocationsEkmConfigGetIamPolicyCall { c.ctx_ = ctx return c } // Header returns a http.Header that can be modified by the caller to add // headers to the request. -func (c *ProjectsLocationsEkmConnectionsCreateCall) Header() http.Header { +func (c *ProjectsLocationsEkmConfigGetIamPolicyCall) Header() http.Header { if c.header_ == nil { c.header_ = make(http.Header) } return c.header_ } -func (c *ProjectsLocationsEkmConnectionsCreateCall) doRequest(alt string) (*http.Response, error) { - reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_) - var body io.Reader = nil - body, err := googleapi.WithoutDataWrapper.JSONReader(c.ekmconnection) - if err != nil { - return nil, err +func (c *ProjectsLocationsEkmConfigGetIamPolicyCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) } + var body io.Reader = nil c.urlParams_.Set("alt", alt) c.urlParams_.Set("prettyPrint", "false") - urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/ekmConnections") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:getIamPolicy") urls += "?" + c.urlParams_.Encode() - req, err := http.NewRequest("POST", urls, body) + req, err := http.NewRequest("GET", urls, body) if err != nil { return nil, err } req.Header = reqHeaders googleapi.Expand(req.URL, map[string]string{ - "parent": c.parent, + "resource": c.resource, }) return gensupport.SendRequest(c.ctx_, c.s.client, req) } -// Do executes the "cloudkms.projects.locations.ekmConnections.create" call. +// Do executes the "cloudkms.projects.locations.ekmConfig.getIamPolicy" call. // Any non-2xx status code is an error. Response headers are in either -// *EkmConnection.ServerResponse.Header or (if a response was returned at all) -// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check +// *Policy.ServerResponse.Header or (if a response was returned at all) in +// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check // whether the returned error was because http.StatusNotModified was returned. -func (c *ProjectsLocationsEkmConnectionsCreateCall) Do(opts ...googleapi.CallOption) (*EkmConnection, error) { +func (c *ProjectsLocationsEkmConfigGetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) { gensupport.SetOptions(c.urlParams_, opts...) res, err := c.doRequest("json") if res != nil && res.StatusCode == http.StatusNotModified { @@ -4095,7 +4350,7 @@ func (c *ProjectsLocationsEkmConnectionsCreateCall) Do(opts ...googleapi.CallOpt if err := googleapi.CheckResponse(res); err != nil { return nil, gensupport.WrapError(err) } - ret := &EkmConnection{ + ret := &Policy{ ServerResponse: googleapi.ServerResponse{ Header: res.Header, HTTPStatusCode: res.StatusCode, @@ -4108,82 +4363,80 @@ func (c *ProjectsLocationsEkmConnectionsCreateCall) Do(opts ...googleapi.CallOpt return ret, nil } -type ProjectsLocationsEkmConnectionsGetCall struct { - s *Service - name string - urlParams_ gensupport.URLParams - ifNoneMatch_ string - ctx_ context.Context - header_ http.Header +type ProjectsLocationsEkmConfigSetIamPolicyCall struct { + s *Service + resource string + setiampolicyrequest *SetIamPolicyRequest + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header } -// Get: Returns metadata for a given EkmConnection. +// SetIamPolicy: Sets the access control policy on the specified resource. +// Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, +// and `PERMISSION_DENIED` errors. // -// - name: The name of the EkmConnection to get. -func (r *ProjectsLocationsEkmConnectionsService) Get(name string) *ProjectsLocationsEkmConnectionsGetCall { - c := &ProjectsLocationsEkmConnectionsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} - c.name = name +// - resource: REQUIRED: The resource for which the policy is being specified. +// See Resource names (https://cloud.google.com/apis/design/resource_names) +// for the appropriate value for this field. +func (r *ProjectsLocationsEkmConfigService) SetIamPolicy(resource string, setiampolicyrequest *SetIamPolicyRequest) *ProjectsLocationsEkmConfigSetIamPolicyCall { + c := &ProjectsLocationsEkmConfigSetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.resource = resource + c.setiampolicyrequest = setiampolicyrequest return c } // Fields allows partial responses to be retrieved. See // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more // details. -func (c *ProjectsLocationsEkmConnectionsGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsEkmConnectionsGetCall { +func (c *ProjectsLocationsEkmConfigSetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsLocationsEkmConfigSetIamPolicyCall { c.urlParams_.Set("fields", googleapi.CombineFields(s)) return c } -// IfNoneMatch sets an optional parameter which makes the operation fail if the -// object's ETag matches the given value. This is useful for getting updates -// only after the object has changed since the last request. -func (c *ProjectsLocationsEkmConnectionsGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsEkmConnectionsGetCall { - c.ifNoneMatch_ = entityTag - return c -} - // Context sets the context to be used in this call's Do method. -func (c *ProjectsLocationsEkmConnectionsGetCall) Context(ctx context.Context) *ProjectsLocationsEkmConnectionsGetCall { +func (c *ProjectsLocationsEkmConfigSetIamPolicyCall) Context(ctx context.Context) *ProjectsLocationsEkmConfigSetIamPolicyCall { c.ctx_ = ctx return c } // Header returns a http.Header that can be modified by the caller to add // headers to the request. -func (c *ProjectsLocationsEkmConnectionsGetCall) Header() http.Header { +func (c *ProjectsLocationsEkmConfigSetIamPolicyCall) Header() http.Header { if c.header_ == nil { c.header_ = make(http.Header) } return c.header_ } -func (c *ProjectsLocationsEkmConnectionsGetCall) doRequest(alt string) (*http.Response, error) { - reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) - if c.ifNoneMatch_ != "" { - reqHeaders.Set("If-None-Match", c.ifNoneMatch_) - } +func (c *ProjectsLocationsEkmConfigSetIamPolicyCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_) var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.setiampolicyrequest) + if err != nil { + return nil, err + } c.urlParams_.Set("alt", alt) c.urlParams_.Set("prettyPrint", "false") - urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:setIamPolicy") urls += "?" + c.urlParams_.Encode() - req, err := http.NewRequest("GET", urls, body) + req, err := http.NewRequest("POST", urls, body) if err != nil { return nil, err } req.Header = reqHeaders googleapi.Expand(req.URL, map[string]string{ - "name": c.name, + "resource": c.resource, }) return gensupport.SendRequest(c.ctx_, c.s.client, req) } -// Do executes the "cloudkms.projects.locations.ekmConnections.get" call. +// Do executes the "cloudkms.projects.locations.ekmConfig.setIamPolicy" call. // Any non-2xx status code is an error. Response headers are in either -// *EkmConnection.ServerResponse.Header or (if a response was returned at all) -// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check +// *Policy.ServerResponse.Header or (if a response was returned at all) in +// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check // whether the returned error was because http.StatusNotModified was returned. -func (c *ProjectsLocationsEkmConnectionsGetCall) Do(opts ...googleapi.CallOption) (*EkmConnection, error) { +func (c *ProjectsLocationsEkmConfigSetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) { gensupport.SetOptions(c.urlParams_, opts...) res, err := c.doRequest("json") if res != nil && res.StatusCode == http.StatusNotModified { @@ -4202,7 +4455,7 @@ func (c *ProjectsLocationsEkmConnectionsGetCall) Do(opts ...googleapi.CallOption if err := googleapi.CheckResponse(res); err != nil { return nil, gensupport.WrapError(err) } - ret := &EkmConnection{ + ret := &Policy{ ServerResponse: googleapi.ServerResponse{ Header: res.Header, HTTPStatusCode: res.StatusCode, @@ -4215,86 +4468,67 @@ func (c *ProjectsLocationsEkmConnectionsGetCall) Do(opts ...googleapi.CallOption return ret, nil } -type ProjectsLocationsEkmConnectionsGetIamPolicyCall struct { - s *Service - resource string - urlParams_ gensupport.URLParams - ifNoneMatch_ string - ctx_ context.Context - header_ http.Header +type ProjectsLocationsEkmConfigTestIamPermissionsCall struct { + s *Service + resource string + testiampermissionsrequest *TestIamPermissionsRequest + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header } -// GetIamPolicy: Gets the access control policy for a resource. Returns an -// empty policy if the resource exists and does not have a policy set. +// TestIamPermissions: Returns permissions that a caller has on the specified +// resource. If the resource does not exist, this will return an empty set of +// permissions, not a `NOT_FOUND` error. Note: This operation is designed to be +// used for building permission-aware UIs and command-line tools, not for +// authorization checking. This operation may "fail open" without warning. // -// - resource: REQUIRED: The resource for which the policy is being requested. -// See Resource names (https://cloud.google.com/apis/design/resource_names) -// for the appropriate value for this field. -func (r *ProjectsLocationsEkmConnectionsService) GetIamPolicy(resource string) *ProjectsLocationsEkmConnectionsGetIamPolicyCall { - c := &ProjectsLocationsEkmConnectionsGetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} +// - resource: REQUIRED: The resource for which the policy detail is being +// requested. See Resource names +// (https://cloud.google.com/apis/design/resource_names) for the appropriate +// value for this field. +func (r *ProjectsLocationsEkmConfigService) TestIamPermissions(resource string, testiampermissionsrequest *TestIamPermissionsRequest) *ProjectsLocationsEkmConfigTestIamPermissionsCall { + c := &ProjectsLocationsEkmConfigTestIamPermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)} c.resource = resource - return c -} - -// OptionsRequestedPolicyVersion sets the optional parameter -// "options.requestedPolicyVersion": The maximum policy version that will be -// used to format the policy. Valid values are 0, 1, and 3. Requests specifying -// an invalid value will be rejected. Requests for policies with any -// conditional role bindings must specify version 3. Policies with no -// conditional role bindings may specify any valid value or leave the field -// unset. The policy in the response might use the policy version that you -// specified, or it might use a lower policy version. For example, if you -// specify version 3, but the policy has no conditional role bindings, the -// response uses version 1. To learn which resources support conditions in -// their IAM policies, see the IAM documentation -// (https://cloud.google.com/iam/help/conditions/resource-policies). -func (c *ProjectsLocationsEkmConnectionsGetIamPolicyCall) OptionsRequestedPolicyVersion(optionsRequestedPolicyVersion int64) *ProjectsLocationsEkmConnectionsGetIamPolicyCall { - c.urlParams_.Set("options.requestedPolicyVersion", fmt.Sprint(optionsRequestedPolicyVersion)) + c.testiampermissionsrequest = testiampermissionsrequest return c } // Fields allows partial responses to be retrieved. See // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more // details. -func (c *ProjectsLocationsEkmConnectionsGetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsLocationsEkmConnectionsGetIamPolicyCall { +func (c *ProjectsLocationsEkmConfigTestIamPermissionsCall) Fields(s ...googleapi.Field) *ProjectsLocationsEkmConfigTestIamPermissionsCall { c.urlParams_.Set("fields", googleapi.CombineFields(s)) return c } -// IfNoneMatch sets an optional parameter which makes the operation fail if the -// object's ETag matches the given value. This is useful for getting updates -// only after the object has changed since the last request. -func (c *ProjectsLocationsEkmConnectionsGetIamPolicyCall) IfNoneMatch(entityTag string) *ProjectsLocationsEkmConnectionsGetIamPolicyCall { - c.ifNoneMatch_ = entityTag - return c -} - // Context sets the context to be used in this call's Do method. -func (c *ProjectsLocationsEkmConnectionsGetIamPolicyCall) Context(ctx context.Context) *ProjectsLocationsEkmConnectionsGetIamPolicyCall { +func (c *ProjectsLocationsEkmConfigTestIamPermissionsCall) Context(ctx context.Context) *ProjectsLocationsEkmConfigTestIamPermissionsCall { c.ctx_ = ctx return c } // Header returns a http.Header that can be modified by the caller to add // headers to the request. -func (c *ProjectsLocationsEkmConnectionsGetIamPolicyCall) Header() http.Header { +func (c *ProjectsLocationsEkmConfigTestIamPermissionsCall) Header() http.Header { if c.header_ == nil { c.header_ = make(http.Header) } return c.header_ } -func (c *ProjectsLocationsEkmConnectionsGetIamPolicyCall) doRequest(alt string) (*http.Response, error) { - reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) - if c.ifNoneMatch_ != "" { - reqHeaders.Set("If-None-Match", c.ifNoneMatch_) - } +func (c *ProjectsLocationsEkmConfigTestIamPermissionsCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_) var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.testiampermissionsrequest) + if err != nil { + return nil, err + } c.urlParams_.Set("alt", alt) c.urlParams_.Set("prettyPrint", "false") - urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:getIamPolicy") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:testIamPermissions") urls += "?" + c.urlParams_.Encode() - req, err := http.NewRequest("GET", urls, body) + req, err := http.NewRequest("POST", urls, body) if err != nil { return nil, err } @@ -4305,12 +4539,13 @@ func (c *ProjectsLocationsEkmConnectionsGetIamPolicyCall) doRequest(alt string) return gensupport.SendRequest(c.ctx_, c.s.client, req) } -// Do executes the "cloudkms.projects.locations.ekmConnections.getIamPolicy" call. +// Do executes the "cloudkms.projects.locations.ekmConfig.testIamPermissions" call. // Any non-2xx status code is an error. Response headers are in either -// *Policy.ServerResponse.Header or (if a response was returned at all) in -// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check -// whether the returned error was because http.StatusNotModified was returned. -func (c *ProjectsLocationsEkmConnectionsGetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) { +// *TestIamPermissionsResponse.ServerResponse.Header or (if a response was +// returned at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was because +// http.StatusNotModified was returned. +func (c *ProjectsLocationsEkmConfigTestIamPermissionsCall) Do(opts ...googleapi.CallOption) (*TestIamPermissionsResponse, error) { gensupport.SetOptions(c.urlParams_, opts...) res, err := c.doRequest("json") if res != nil && res.StatusCode == http.StatusNotModified { @@ -4329,7 +4564,7 @@ func (c *ProjectsLocationsEkmConnectionsGetIamPolicyCall) Do(opts ...googleapi.C if err := googleapi.CheckResponse(res); err != nil { return nil, gensupport.WrapError(err) } - ret := &Policy{ + ret := &TestIamPermissionsResponse{ ServerResponse: googleapi.ServerResponse{ Header: res.Header, HTTPStatusCode: res.StatusCode, @@ -4342,102 +4577,69 @@ func (c *ProjectsLocationsEkmConnectionsGetIamPolicyCall) Do(opts ...googleapi.C return ret, nil } -type ProjectsLocationsEkmConnectionsListCall struct { - s *Service - parent string - urlParams_ gensupport.URLParams - ifNoneMatch_ string - ctx_ context.Context - header_ http.Header +type ProjectsLocationsEkmConnectionsCreateCall struct { + s *Service + parent string + ekmconnection *EkmConnection + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header } -// List: Lists EkmConnections. +// Create: Creates a new EkmConnection in a given Project and Location. // // - parent: The resource name of the location associated with the -// EkmConnections to list, in the format `projects/*/locations/*`. -func (r *ProjectsLocationsEkmConnectionsService) List(parent string) *ProjectsLocationsEkmConnectionsListCall { - c := &ProjectsLocationsEkmConnectionsListCall{s: r.s, urlParams_: make(gensupport.URLParams)} +// EkmConnection, in the format `projects/*/locations/*`. +func (r *ProjectsLocationsEkmConnectionsService) Create(parent string, ekmconnection *EkmConnection) *ProjectsLocationsEkmConnectionsCreateCall { + c := &ProjectsLocationsEkmConnectionsCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} c.parent = parent + c.ekmconnection = ekmconnection return c } -// Filter sets the optional parameter "filter": Only include resources that -// match the filter in the response. For more information, see Sorting and -// filtering list results -// (https://cloud.google.com/kms/docs/sorting-and-filtering). -func (c *ProjectsLocationsEkmConnectionsListCall) Filter(filter string) *ProjectsLocationsEkmConnectionsListCall { - c.urlParams_.Set("filter", filter) - return c -} - -// OrderBy sets the optional parameter "orderBy": Specify how the results -// should be sorted. If not specified, the results will be sorted in the -// default order. For more information, see Sorting and filtering list results -// (https://cloud.google.com/kms/docs/sorting-and-filtering). -func (c *ProjectsLocationsEkmConnectionsListCall) OrderBy(orderBy string) *ProjectsLocationsEkmConnectionsListCall { - c.urlParams_.Set("orderBy", orderBy) - return c -} - -// PageSize sets the optional parameter "pageSize": Optional limit on the -// number of EkmConnections to include in the response. Further EkmConnections -// can subsequently be obtained by including the -// ListEkmConnectionsResponse.next_page_token in a subsequent request. If -// unspecified, the server will pick an appropriate default. -func (c *ProjectsLocationsEkmConnectionsListCall) PageSize(pageSize int64) *ProjectsLocationsEkmConnectionsListCall { - c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) - return c -} - -// PageToken sets the optional parameter "pageToken": Optional pagination -// token, returned earlier via ListEkmConnectionsResponse.next_page_token. -func (c *ProjectsLocationsEkmConnectionsListCall) PageToken(pageToken string) *ProjectsLocationsEkmConnectionsListCall { - c.urlParams_.Set("pageToken", pageToken) +// EkmConnectionId sets the optional parameter "ekmConnectionId": Required. It +// must be unique within a location and match the regular expression +// `[a-zA-Z0-9_-]{1,63}`. +func (c *ProjectsLocationsEkmConnectionsCreateCall) EkmConnectionId(ekmConnectionId string) *ProjectsLocationsEkmConnectionsCreateCall { + c.urlParams_.Set("ekmConnectionId", ekmConnectionId) return c } // Fields allows partial responses to be retrieved. See // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more // details. -func (c *ProjectsLocationsEkmConnectionsListCall) Fields(s ...googleapi.Field) *ProjectsLocationsEkmConnectionsListCall { +func (c *ProjectsLocationsEkmConnectionsCreateCall) Fields(s ...googleapi.Field) *ProjectsLocationsEkmConnectionsCreateCall { c.urlParams_.Set("fields", googleapi.CombineFields(s)) return c } -// IfNoneMatch sets an optional parameter which makes the operation fail if the -// object's ETag matches the given value. This is useful for getting updates -// only after the object has changed since the last request. -func (c *ProjectsLocationsEkmConnectionsListCall) IfNoneMatch(entityTag string) *ProjectsLocationsEkmConnectionsListCall { - c.ifNoneMatch_ = entityTag - return c -} - // Context sets the context to be used in this call's Do method. -func (c *ProjectsLocationsEkmConnectionsListCall) Context(ctx context.Context) *ProjectsLocationsEkmConnectionsListCall { +func (c *ProjectsLocationsEkmConnectionsCreateCall) Context(ctx context.Context) *ProjectsLocationsEkmConnectionsCreateCall { c.ctx_ = ctx return c } // Header returns a http.Header that can be modified by the caller to add // headers to the request. -func (c *ProjectsLocationsEkmConnectionsListCall) Header() http.Header { +func (c *ProjectsLocationsEkmConnectionsCreateCall) Header() http.Header { if c.header_ == nil { c.header_ = make(http.Header) } return c.header_ } -func (c *ProjectsLocationsEkmConnectionsListCall) doRequest(alt string) (*http.Response, error) { - reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) - if c.ifNoneMatch_ != "" { - reqHeaders.Set("If-None-Match", c.ifNoneMatch_) - } +func (c *ProjectsLocationsEkmConnectionsCreateCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_) var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.ekmconnection) + if err != nil { + return nil, err + } c.urlParams_.Set("alt", alt) c.urlParams_.Set("prettyPrint", "false") urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/ekmConnections") urls += "?" + c.urlParams_.Encode() - req, err := http.NewRequest("GET", urls, body) + req, err := http.NewRequest("POST", urls, body) if err != nil { return nil, err } @@ -4448,13 +4650,12 @@ func (c *ProjectsLocationsEkmConnectionsListCall) doRequest(alt string) (*http.R return gensupport.SendRequest(c.ctx_, c.s.client, req) } -// Do executes the "cloudkms.projects.locations.ekmConnections.list" call. +// Do executes the "cloudkms.projects.locations.ekmConnections.create" call. // Any non-2xx status code is an error. Response headers are in either -// *ListEkmConnectionsResponse.ServerResponse.Header or (if a response was -// returned at all) in error.(*googleapi.Error).Header. Use -// googleapi.IsNotModified to check whether the returned error was because -// http.StatusNotModified was returned. -func (c *ProjectsLocationsEkmConnectionsListCall) Do(opts ...googleapi.CallOption) (*ListEkmConnectionsResponse, error) { +// *EkmConnection.ServerResponse.Header or (if a response was returned at all) +// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check +// whether the returned error was because http.StatusNotModified was returned. +func (c *ProjectsLocationsEkmConnectionsCreateCall) Do(opts ...googleapi.CallOption) (*EkmConnection, error) { gensupport.SetOptions(c.urlParams_, opts...) res, err := c.doRequest("json") if res != nil && res.StatusCode == http.StatusNotModified { @@ -4473,7 +4674,7 @@ func (c *ProjectsLocationsEkmConnectionsListCall) Do(opts ...googleapi.CallOptio if err := googleapi.CheckResponse(res); err != nil { return nil, gensupport.WrapError(err) } - ret := &ListEkmConnectionsResponse{ + ret := &EkmConnection{ ServerResponse: googleapi.ServerResponse{ Header: res.Header, HTTPStatusCode: res.StatusCode, @@ -4486,89 +4687,792 @@ func (c *ProjectsLocationsEkmConnectionsListCall) Do(opts ...googleapi.CallOptio return ret, nil } -// Pages invokes f for each page of results. -// A non-nil error returned from f will halt the iteration. -// The provided context supersedes any context provided to the Context method. -func (c *ProjectsLocationsEkmConnectionsListCall) Pages(ctx context.Context, f func(*ListEkmConnectionsResponse) error) error { +type ProjectsLocationsEkmConnectionsGetCall struct { + s *Service + name string + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// Get: Returns metadata for a given EkmConnection. +// +// - name: The name of the EkmConnection to get. +func (r *ProjectsLocationsEkmConnectionsService) Get(name string) *ProjectsLocationsEkmConnectionsGetCall { + c := &ProjectsLocationsEkmConnectionsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more +// details. +func (c *ProjectsLocationsEkmConnectionsGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsEkmConnectionsGetCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets an optional parameter which makes the operation fail if the +// object's ETag matches the given value. This is useful for getting updates +// only after the object has changed since the last request. +func (c *ProjectsLocationsEkmConnectionsGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsEkmConnectionsGetCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. +func (c *ProjectsLocationsEkmConnectionsGetCall) Context(ctx context.Context) *ProjectsLocationsEkmConnectionsGetCall { c.ctx_ = ctx - defer c.PageToken(c.urlParams_.Get("pageToken")) - for { - x, err := c.Do() - if err != nil { - return err - } - if err := f(x); err != nil { - return err - } - if x.NextPageToken == "" { - return nil + return c +} + +// Header returns a http.Header that can be modified by the caller to add +// headers to the request. +func (c *ProjectsLocationsEkmConnectionsGetCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsLocationsEkmConnectionsGetCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.name, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudkms.projects.locations.ekmConnections.get" call. +// Any non-2xx status code is an error. Response headers are in either +// *EkmConnection.ServerResponse.Header or (if a response was returned at all) +// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check +// whether the returned error was because http.StatusNotModified was returned. +func (c *ProjectsLocationsEkmConnectionsGetCall) Do(opts ...googleapi.CallOption) (*EkmConnection, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() } - c.PageToken(x.NextPageToken) + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &EkmConnection{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err } + return ret, nil } -type ProjectsLocationsEkmConnectionsPatchCall struct { - s *Service - name string - ekmconnection *EkmConnection - urlParams_ gensupport.URLParams - ctx_ context.Context - header_ http.Header +type ProjectsLocationsEkmConnectionsGetIamPolicyCall struct { + s *Service + resource string + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header } -// Patch: Updates an EkmConnection's metadata. +// GetIamPolicy: Gets the access control policy for a resource. Returns an +// empty policy if the resource exists and does not have a policy set. // -// - name: Output only. The resource name for the EkmConnection in the format -// `projects/*/locations/*/ekmConnections/*`. -func (r *ProjectsLocationsEkmConnectionsService) Patch(name string, ekmconnection *EkmConnection) *ProjectsLocationsEkmConnectionsPatchCall { - c := &ProjectsLocationsEkmConnectionsPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)} - c.name = name - c.ekmconnection = ekmconnection +// - resource: REQUIRED: The resource for which the policy is being requested. +// See Resource names (https://cloud.google.com/apis/design/resource_names) +// for the appropriate value for this field. +func (r *ProjectsLocationsEkmConnectionsService) GetIamPolicy(resource string) *ProjectsLocationsEkmConnectionsGetIamPolicyCall { + c := &ProjectsLocationsEkmConnectionsGetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.resource = resource return c } -// UpdateMask sets the optional parameter "updateMask": Required. List of -// fields to be updated in this request. -func (c *ProjectsLocationsEkmConnectionsPatchCall) UpdateMask(updateMask string) *ProjectsLocationsEkmConnectionsPatchCall { - c.urlParams_.Set("updateMask", updateMask) +// OptionsRequestedPolicyVersion sets the optional parameter +// "options.requestedPolicyVersion": The maximum policy version that will be +// used to format the policy. Valid values are 0, 1, and 3. Requests specifying +// an invalid value will be rejected. Requests for policies with any +// conditional role bindings must specify version 3. Policies with no +// conditional role bindings may specify any valid value or leave the field +// unset. The policy in the response might use the policy version that you +// specified, or it might use a lower policy version. For example, if you +// specify version 3, but the policy has no conditional role bindings, the +// response uses version 1. To learn which resources support conditions in +// their IAM policies, see the IAM documentation +// (https://cloud.google.com/iam/help/conditions/resource-policies). +func (c *ProjectsLocationsEkmConnectionsGetIamPolicyCall) OptionsRequestedPolicyVersion(optionsRequestedPolicyVersion int64) *ProjectsLocationsEkmConnectionsGetIamPolicyCall { + c.urlParams_.Set("options.requestedPolicyVersion", fmt.Sprint(optionsRequestedPolicyVersion)) return c } // Fields allows partial responses to be retrieved. See // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more // details. -func (c *ProjectsLocationsEkmConnectionsPatchCall) Fields(s ...googleapi.Field) *ProjectsLocationsEkmConnectionsPatchCall { +func (c *ProjectsLocationsEkmConnectionsGetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsLocationsEkmConnectionsGetIamPolicyCall { c.urlParams_.Set("fields", googleapi.CombineFields(s)) return c } +// IfNoneMatch sets an optional parameter which makes the operation fail if the +// object's ETag matches the given value. This is useful for getting updates +// only after the object has changed since the last request. +func (c *ProjectsLocationsEkmConnectionsGetIamPolicyCall) IfNoneMatch(entityTag string) *ProjectsLocationsEkmConnectionsGetIamPolicyCall { + c.ifNoneMatch_ = entityTag + return c +} + // Context sets the context to be used in this call's Do method. -func (c *ProjectsLocationsEkmConnectionsPatchCall) Context(ctx context.Context) *ProjectsLocationsEkmConnectionsPatchCall { +func (c *ProjectsLocationsEkmConnectionsGetIamPolicyCall) Context(ctx context.Context) *ProjectsLocationsEkmConnectionsGetIamPolicyCall { c.ctx_ = ctx return c } // Header returns a http.Header that can be modified by the caller to add // headers to the request. -func (c *ProjectsLocationsEkmConnectionsPatchCall) Header() http.Header { +func (c *ProjectsLocationsEkmConnectionsGetIamPolicyCall) Header() http.Header { if c.header_ == nil { c.header_ = make(http.Header) } - return c.header_ -} - -func (c *ProjectsLocationsEkmConnectionsPatchCall) doRequest(alt string) (*http.Response, error) { - reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_) + return c.header_ +} + +func (c *ProjectsLocationsEkmConnectionsGetIamPolicyCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:getIamPolicy") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "resource": c.resource, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudkms.projects.locations.ekmConnections.getIamPolicy" call. +// Any non-2xx status code is an error. Response headers are in either +// *Policy.ServerResponse.Header or (if a response was returned at all) in +// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check +// whether the returned error was because http.StatusNotModified was returned. +func (c *ProjectsLocationsEkmConnectionsGetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Policy{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil +} + +type ProjectsLocationsEkmConnectionsListCall struct { + s *Service + parent string + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// List: Lists EkmConnections. +// +// - parent: The resource name of the location associated with the +// EkmConnections to list, in the format `projects/*/locations/*`. +func (r *ProjectsLocationsEkmConnectionsService) List(parent string) *ProjectsLocationsEkmConnectionsListCall { + c := &ProjectsLocationsEkmConnectionsListCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.parent = parent + return c +} + +// Filter sets the optional parameter "filter": Only include resources that +// match the filter in the response. For more information, see Sorting and +// filtering list results +// (https://cloud.google.com/kms/docs/sorting-and-filtering). +func (c *ProjectsLocationsEkmConnectionsListCall) Filter(filter string) *ProjectsLocationsEkmConnectionsListCall { + c.urlParams_.Set("filter", filter) + return c +} + +// OrderBy sets the optional parameter "orderBy": Specify how the results +// should be sorted. If not specified, the results will be sorted in the +// default order. For more information, see Sorting and filtering list results +// (https://cloud.google.com/kms/docs/sorting-and-filtering). +func (c *ProjectsLocationsEkmConnectionsListCall) OrderBy(orderBy string) *ProjectsLocationsEkmConnectionsListCall { + c.urlParams_.Set("orderBy", orderBy) + return c +} + +// PageSize sets the optional parameter "pageSize": Optional limit on the +// number of EkmConnections to include in the response. Further EkmConnections +// can subsequently be obtained by including the +// ListEkmConnectionsResponse.next_page_token in a subsequent request. If +// unspecified, the server will pick an appropriate default. +func (c *ProjectsLocationsEkmConnectionsListCall) PageSize(pageSize int64) *ProjectsLocationsEkmConnectionsListCall { + c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) + return c +} + +// PageToken sets the optional parameter "pageToken": Optional pagination +// token, returned earlier via ListEkmConnectionsResponse.next_page_token. +func (c *ProjectsLocationsEkmConnectionsListCall) PageToken(pageToken string) *ProjectsLocationsEkmConnectionsListCall { + c.urlParams_.Set("pageToken", pageToken) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more +// details. +func (c *ProjectsLocationsEkmConnectionsListCall) Fields(s ...googleapi.Field) *ProjectsLocationsEkmConnectionsListCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets an optional parameter which makes the operation fail if the +// object's ETag matches the given value. This is useful for getting updates +// only after the object has changed since the last request. +func (c *ProjectsLocationsEkmConnectionsListCall) IfNoneMatch(entityTag string) *ProjectsLocationsEkmConnectionsListCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. +func (c *ProjectsLocationsEkmConnectionsListCall) Context(ctx context.Context) *ProjectsLocationsEkmConnectionsListCall { + c.ctx_ = ctx + return c +} + +// Header returns a http.Header that can be modified by the caller to add +// headers to the request. +func (c *ProjectsLocationsEkmConnectionsListCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsLocationsEkmConnectionsListCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/ekmConnections") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "parent": c.parent, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudkms.projects.locations.ekmConnections.list" call. +// Any non-2xx status code is an error. Response headers are in either +// *ListEkmConnectionsResponse.ServerResponse.Header or (if a response was +// returned at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was because +// http.StatusNotModified was returned. +func (c *ProjectsLocationsEkmConnectionsListCall) Do(opts ...googleapi.CallOption) (*ListEkmConnectionsResponse, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &ListEkmConnectionsResponse{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil +} + +// Pages invokes f for each page of results. +// A non-nil error returned from f will halt the iteration. +// The provided context supersedes any context provided to the Context method. +func (c *ProjectsLocationsEkmConnectionsListCall) Pages(ctx context.Context, f func(*ListEkmConnectionsResponse) error) error { + c.ctx_ = ctx + defer c.PageToken(c.urlParams_.Get("pageToken")) + for { + x, err := c.Do() + if err != nil { + return err + } + if err := f(x); err != nil { + return err + } + if x.NextPageToken == "" { + return nil + } + c.PageToken(x.NextPageToken) + } +} + +type ProjectsLocationsEkmConnectionsPatchCall struct { + s *Service + name string + ekmconnection *EkmConnection + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// Patch: Updates an EkmConnection's metadata. +// +// - name: Output only. The resource name for the EkmConnection in the format +// `projects/*/locations/*/ekmConnections/*`. +func (r *ProjectsLocationsEkmConnectionsService) Patch(name string, ekmconnection *EkmConnection) *ProjectsLocationsEkmConnectionsPatchCall { + c := &ProjectsLocationsEkmConnectionsPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + c.ekmconnection = ekmconnection + return c +} + +// UpdateMask sets the optional parameter "updateMask": Required. List of +// fields to be updated in this request. +func (c *ProjectsLocationsEkmConnectionsPatchCall) UpdateMask(updateMask string) *ProjectsLocationsEkmConnectionsPatchCall { + c.urlParams_.Set("updateMask", updateMask) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more +// details. +func (c *ProjectsLocationsEkmConnectionsPatchCall) Fields(s ...googleapi.Field) *ProjectsLocationsEkmConnectionsPatchCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. +func (c *ProjectsLocationsEkmConnectionsPatchCall) Context(ctx context.Context) *ProjectsLocationsEkmConnectionsPatchCall { + c.ctx_ = ctx + return c +} + +// Header returns a http.Header that can be modified by the caller to add +// headers to the request. +func (c *ProjectsLocationsEkmConnectionsPatchCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsLocationsEkmConnectionsPatchCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.ekmconnection) + if err != nil { + return nil, err + } + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("PATCH", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.name, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudkms.projects.locations.ekmConnections.patch" call. +// Any non-2xx status code is an error. Response headers are in either +// *EkmConnection.ServerResponse.Header or (if a response was returned at all) +// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check +// whether the returned error was because http.StatusNotModified was returned. +func (c *ProjectsLocationsEkmConnectionsPatchCall) Do(opts ...googleapi.CallOption) (*EkmConnection, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &EkmConnection{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil +} + +type ProjectsLocationsEkmConnectionsSetIamPolicyCall struct { + s *Service + resource string + setiampolicyrequest *SetIamPolicyRequest + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// SetIamPolicy: Sets the access control policy on the specified resource. +// Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, +// and `PERMISSION_DENIED` errors. +// +// - resource: REQUIRED: The resource for which the policy is being specified. +// See Resource names (https://cloud.google.com/apis/design/resource_names) +// for the appropriate value for this field. +func (r *ProjectsLocationsEkmConnectionsService) SetIamPolicy(resource string, setiampolicyrequest *SetIamPolicyRequest) *ProjectsLocationsEkmConnectionsSetIamPolicyCall { + c := &ProjectsLocationsEkmConnectionsSetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.resource = resource + c.setiampolicyrequest = setiampolicyrequest + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more +// details. +func (c *ProjectsLocationsEkmConnectionsSetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsLocationsEkmConnectionsSetIamPolicyCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. +func (c *ProjectsLocationsEkmConnectionsSetIamPolicyCall) Context(ctx context.Context) *ProjectsLocationsEkmConnectionsSetIamPolicyCall { + c.ctx_ = ctx + return c +} + +// Header returns a http.Header that can be modified by the caller to add +// headers to the request. +func (c *ProjectsLocationsEkmConnectionsSetIamPolicyCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsLocationsEkmConnectionsSetIamPolicyCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.setiampolicyrequest) + if err != nil { + return nil, err + } + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:setIamPolicy") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "resource": c.resource, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudkms.projects.locations.ekmConnections.setIamPolicy" call. +// Any non-2xx status code is an error. Response headers are in either +// *Policy.ServerResponse.Header or (if a response was returned at all) in +// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check +// whether the returned error was because http.StatusNotModified was returned. +func (c *ProjectsLocationsEkmConnectionsSetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Policy{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil +} + +type ProjectsLocationsEkmConnectionsTestIamPermissionsCall struct { + s *Service + resource string + testiampermissionsrequest *TestIamPermissionsRequest + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// TestIamPermissions: Returns permissions that a caller has on the specified +// resource. If the resource does not exist, this will return an empty set of +// permissions, not a `NOT_FOUND` error. Note: This operation is designed to be +// used for building permission-aware UIs and command-line tools, not for +// authorization checking. This operation may "fail open" without warning. +// +// - resource: REQUIRED: The resource for which the policy detail is being +// requested. See Resource names +// (https://cloud.google.com/apis/design/resource_names) for the appropriate +// value for this field. +func (r *ProjectsLocationsEkmConnectionsService) TestIamPermissions(resource string, testiampermissionsrequest *TestIamPermissionsRequest) *ProjectsLocationsEkmConnectionsTestIamPermissionsCall { + c := &ProjectsLocationsEkmConnectionsTestIamPermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.resource = resource + c.testiampermissionsrequest = testiampermissionsrequest + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more +// details. +func (c *ProjectsLocationsEkmConnectionsTestIamPermissionsCall) Fields(s ...googleapi.Field) *ProjectsLocationsEkmConnectionsTestIamPermissionsCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. +func (c *ProjectsLocationsEkmConnectionsTestIamPermissionsCall) Context(ctx context.Context) *ProjectsLocationsEkmConnectionsTestIamPermissionsCall { + c.ctx_ = ctx + return c +} + +// Header returns a http.Header that can be modified by the caller to add +// headers to the request. +func (c *ProjectsLocationsEkmConnectionsTestIamPermissionsCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsLocationsEkmConnectionsTestIamPermissionsCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.testiampermissionsrequest) + if err != nil { + return nil, err + } + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:testIamPermissions") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "resource": c.resource, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudkms.projects.locations.ekmConnections.testIamPermissions" call. +// Any non-2xx status code is an error. Response headers are in either +// *TestIamPermissionsResponse.ServerResponse.Header or (if a response was +// returned at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was because +// http.StatusNotModified was returned. +func (c *ProjectsLocationsEkmConnectionsTestIamPermissionsCall) Do(opts ...googleapi.CallOption) (*TestIamPermissionsResponse, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &TestIamPermissionsResponse{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil +} + +type ProjectsLocationsEkmConnectionsVerifyConnectivityCall struct { + s *Service + name string + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// VerifyConnectivity: Verifies that Cloud KMS can successfully connect to the +// external key manager specified by an EkmConnection. If there is an error +// connecting to the EKM, this method returns a FAILED_PRECONDITION status +// containing structured information as described at +// https://cloud.google.com/kms/docs/reference/ekm_errors. +// +// - name: The name of the EkmConnection to verify. +func (r *ProjectsLocationsEkmConnectionsService) VerifyConnectivity(name string) *ProjectsLocationsEkmConnectionsVerifyConnectivityCall { + c := &ProjectsLocationsEkmConnectionsVerifyConnectivityCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more +// details. +func (c *ProjectsLocationsEkmConnectionsVerifyConnectivityCall) Fields(s ...googleapi.Field) *ProjectsLocationsEkmConnectionsVerifyConnectivityCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets an optional parameter which makes the operation fail if the +// object's ETag matches the given value. This is useful for getting updates +// only after the object has changed since the last request. +func (c *ProjectsLocationsEkmConnectionsVerifyConnectivityCall) IfNoneMatch(entityTag string) *ProjectsLocationsEkmConnectionsVerifyConnectivityCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. +func (c *ProjectsLocationsEkmConnectionsVerifyConnectivityCall) Context(ctx context.Context) *ProjectsLocationsEkmConnectionsVerifyConnectivityCall { + c.ctx_ = ctx + return c +} + +// Header returns a http.Header that can be modified by the caller to add +// headers to the request. +func (c *ProjectsLocationsEkmConnectionsVerifyConnectivityCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsLocationsEkmConnectionsVerifyConnectivityCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } var body io.Reader = nil - body, err := googleapi.WithoutDataWrapper.JSONReader(c.ekmconnection) - if err != nil { - return nil, err - } c.urlParams_.Set("alt", alt) c.urlParams_.Set("prettyPrint", "false") - urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:verifyConnectivity") urls += "?" + c.urlParams_.Encode() - req, err := http.NewRequest("PATCH", urls, body) + req, err := http.NewRequest("GET", urls, body) if err != nil { return nil, err } @@ -4579,12 +5483,13 @@ func (c *ProjectsLocationsEkmConnectionsPatchCall) doRequest(alt string) (*http. return gensupport.SendRequest(c.ctx_, c.s.client, req) } -// Do executes the "cloudkms.projects.locations.ekmConnections.patch" call. +// Do executes the "cloudkms.projects.locations.ekmConnections.verifyConnectivity" call. // Any non-2xx status code is an error. Response headers are in either -// *EkmConnection.ServerResponse.Header or (if a response was returned at all) -// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check -// whether the returned error was because http.StatusNotModified was returned. -func (c *ProjectsLocationsEkmConnectionsPatchCall) Do(opts ...googleapi.CallOption) (*EkmConnection, error) { +// *VerifyConnectivityResponse.ServerResponse.Header or (if a response was +// returned at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was because +// http.StatusNotModified was returned. +func (c *ProjectsLocationsEkmConnectionsVerifyConnectivityCall) Do(opts ...googleapi.CallOption) (*VerifyConnectivityResponse, error) { gensupport.SetOptions(c.urlParams_, opts...) res, err := c.doRequest("json") if res != nil && res.StatusCode == http.StatusNotModified { @@ -4603,7 +5508,7 @@ func (c *ProjectsLocationsEkmConnectionsPatchCall) Do(opts ...googleapi.CallOpti if err := googleapi.CheckResponse(res); err != nil { return nil, gensupport.WrapError(err) } - ret := &EkmConnection{ + ret := &VerifyConnectivityResponse{ ServerResponse: googleapi.ServerResponse{ Header: res.Header, HTTPStatusCode: res.StatusCode, @@ -4616,62 +5521,71 @@ func (c *ProjectsLocationsEkmConnectionsPatchCall) Do(opts ...googleapi.CallOpti return ret, nil } -type ProjectsLocationsEkmConnectionsSetIamPolicyCall struct { - s *Service - resource string - setiampolicyrequest *SetIamPolicyRequest - urlParams_ gensupport.URLParams - ctx_ context.Context - header_ http.Header +type ProjectsLocationsKeyHandlesCreateCall struct { + s *Service + parent string + keyhandle *KeyHandle + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header } -// SetIamPolicy: Sets the access control policy on the specified resource. -// Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, -// and `PERMISSION_DENIED` errors. +// Create: Creates a new KeyHandle, triggering the provisioning of a new +// CryptoKey for CMEK use with the given resource type in the configured key +// project and the same location. GetOperation should be used to resolve the +// resulting long-running operation and get the resulting KeyHandle and +// CryptoKey. // -// - resource: REQUIRED: The resource for which the policy is being specified. -// See Resource names (https://cloud.google.com/apis/design/resource_names) -// for the appropriate value for this field. -func (r *ProjectsLocationsEkmConnectionsService) SetIamPolicy(resource string, setiampolicyrequest *SetIamPolicyRequest) *ProjectsLocationsEkmConnectionsSetIamPolicyCall { - c := &ProjectsLocationsEkmConnectionsSetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} - c.resource = resource - c.setiampolicyrequest = setiampolicyrequest +// - parent: Name of the resource project and location to create the KeyHandle +// in, e.g. `projects/{PROJECT_ID}/locations/{LOCATION}`. +func (r *ProjectsLocationsKeyHandlesService) Create(parent string, keyhandle *KeyHandle) *ProjectsLocationsKeyHandlesCreateCall { + c := &ProjectsLocationsKeyHandlesCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.parent = parent + c.keyhandle = keyhandle + return c +} + +// KeyHandleId sets the optional parameter "keyHandleId": Id of the KeyHandle. +// Must be unique to the resource project and location. If not provided by the +// caller, a new UUID is used. +func (c *ProjectsLocationsKeyHandlesCreateCall) KeyHandleId(keyHandleId string) *ProjectsLocationsKeyHandlesCreateCall { + c.urlParams_.Set("keyHandleId", keyHandleId) return c } // Fields allows partial responses to be retrieved. See // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more // details. -func (c *ProjectsLocationsEkmConnectionsSetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsLocationsEkmConnectionsSetIamPolicyCall { +func (c *ProjectsLocationsKeyHandlesCreateCall) Fields(s ...googleapi.Field) *ProjectsLocationsKeyHandlesCreateCall { c.urlParams_.Set("fields", googleapi.CombineFields(s)) return c } // Context sets the context to be used in this call's Do method. -func (c *ProjectsLocationsEkmConnectionsSetIamPolicyCall) Context(ctx context.Context) *ProjectsLocationsEkmConnectionsSetIamPolicyCall { +func (c *ProjectsLocationsKeyHandlesCreateCall) Context(ctx context.Context) *ProjectsLocationsKeyHandlesCreateCall { c.ctx_ = ctx return c } // Header returns a http.Header that can be modified by the caller to add // headers to the request. -func (c *ProjectsLocationsEkmConnectionsSetIamPolicyCall) Header() http.Header { +func (c *ProjectsLocationsKeyHandlesCreateCall) Header() http.Header { if c.header_ == nil { c.header_ = make(http.Header) } return c.header_ } -func (c *ProjectsLocationsEkmConnectionsSetIamPolicyCall) doRequest(alt string) (*http.Response, error) { +func (c *ProjectsLocationsKeyHandlesCreateCall) doRequest(alt string) (*http.Response, error) { reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_) var body io.Reader = nil - body, err := googleapi.WithoutDataWrapper.JSONReader(c.setiampolicyrequest) + body, err := googleapi.WithoutDataWrapper.JSONReader(c.keyhandle) if err != nil { return nil, err } c.urlParams_.Set("alt", alt) c.urlParams_.Set("prettyPrint", "false") - urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:setIamPolicy") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/keyHandles") urls += "?" + c.urlParams_.Encode() req, err := http.NewRequest("POST", urls, body) if err != nil { @@ -4679,17 +5593,17 @@ func (c *ProjectsLocationsEkmConnectionsSetIamPolicyCall) doRequest(alt string) } req.Header = reqHeaders googleapi.Expand(req.URL, map[string]string{ - "resource": c.resource, + "parent": c.parent, }) return gensupport.SendRequest(c.ctx_, c.s.client, req) } -// Do executes the "cloudkms.projects.locations.ekmConnections.setIamPolicy" call. +// Do executes the "cloudkms.projects.locations.keyHandles.create" call. // Any non-2xx status code is an error. Response headers are in either -// *Policy.ServerResponse.Header or (if a response was returned at all) in +// *Operation.ServerResponse.Header or (if a response was returned at all) in // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check // whether the returned error was because http.StatusNotModified was returned. -func (c *ProjectsLocationsEkmConnectionsSetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) { +func (c *ProjectsLocationsKeyHandlesCreateCall) Do(opts ...googleapi.CallOption) (*Operation, error) { gensupport.SetOptions(c.urlParams_, opts...) res, err := c.doRequest("json") if res != nil && res.StatusCode == http.StatusNotModified { @@ -4708,7 +5622,7 @@ func (c *ProjectsLocationsEkmConnectionsSetIamPolicyCall) Do(opts ...googleapi.C if err := googleapi.CheckResponse(res); err != nil { return nil, gensupport.WrapError(err) } - ret := &Policy{ + ret := &Operation{ ServerResponse: googleapi.ServerResponse{ Header: res.Header, HTTPStatusCode: res.StatusCode, @@ -4721,84 +5635,83 @@ func (c *ProjectsLocationsEkmConnectionsSetIamPolicyCall) Do(opts ...googleapi.C return ret, nil } -type ProjectsLocationsEkmConnectionsTestIamPermissionsCall struct { - s *Service - resource string - testiampermissionsrequest *TestIamPermissionsRequest - urlParams_ gensupport.URLParams - ctx_ context.Context - header_ http.Header +type ProjectsLocationsKeyHandlesGetCall struct { + s *Service + name string + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header } -// TestIamPermissions: Returns permissions that a caller has on the specified -// resource. If the resource does not exist, this will return an empty set of -// permissions, not a `NOT_FOUND` error. Note: This operation is designed to be -// used for building permission-aware UIs and command-line tools, not for -// authorization checking. This operation may "fail open" without warning. +// Get: Returns the KeyHandle. // -// - resource: REQUIRED: The resource for which the policy detail is being -// requested. See Resource names -// (https://cloud.google.com/apis/design/resource_names) for the appropriate -// value for this field. -func (r *ProjectsLocationsEkmConnectionsService) TestIamPermissions(resource string, testiampermissionsrequest *TestIamPermissionsRequest) *ProjectsLocationsEkmConnectionsTestIamPermissionsCall { - c := &ProjectsLocationsEkmConnectionsTestIamPermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)} - c.resource = resource - c.testiampermissionsrequest = testiampermissionsrequest +// - name: Name of the KeyHandle resource, e.g. +// `projects/{PROJECT_ID}/locations/{LOCATION}/keyHandles/{KEY_HANDLE_ID}`. +func (r *ProjectsLocationsKeyHandlesService) Get(name string) *ProjectsLocationsKeyHandlesGetCall { + c := &ProjectsLocationsKeyHandlesGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name return c } // Fields allows partial responses to be retrieved. See // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more // details. -func (c *ProjectsLocationsEkmConnectionsTestIamPermissionsCall) Fields(s ...googleapi.Field) *ProjectsLocationsEkmConnectionsTestIamPermissionsCall { +func (c *ProjectsLocationsKeyHandlesGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsKeyHandlesGetCall { c.urlParams_.Set("fields", googleapi.CombineFields(s)) return c } +// IfNoneMatch sets an optional parameter which makes the operation fail if the +// object's ETag matches the given value. This is useful for getting updates +// only after the object has changed since the last request. +func (c *ProjectsLocationsKeyHandlesGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsKeyHandlesGetCall { + c.ifNoneMatch_ = entityTag + return c +} + // Context sets the context to be used in this call's Do method. -func (c *ProjectsLocationsEkmConnectionsTestIamPermissionsCall) Context(ctx context.Context) *ProjectsLocationsEkmConnectionsTestIamPermissionsCall { +func (c *ProjectsLocationsKeyHandlesGetCall) Context(ctx context.Context) *ProjectsLocationsKeyHandlesGetCall { c.ctx_ = ctx return c } // Header returns a http.Header that can be modified by the caller to add // headers to the request. -func (c *ProjectsLocationsEkmConnectionsTestIamPermissionsCall) Header() http.Header { +func (c *ProjectsLocationsKeyHandlesGetCall) Header() http.Header { if c.header_ == nil { c.header_ = make(http.Header) } return c.header_ } -func (c *ProjectsLocationsEkmConnectionsTestIamPermissionsCall) doRequest(alt string) (*http.Response, error) { - reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_) - var body io.Reader = nil - body, err := googleapi.WithoutDataWrapper.JSONReader(c.testiampermissionsrequest) - if err != nil { - return nil, err +func (c *ProjectsLocationsKeyHandlesGetCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) } + var body io.Reader = nil c.urlParams_.Set("alt", alt) c.urlParams_.Set("prettyPrint", "false") - urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:testIamPermissions") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") urls += "?" + c.urlParams_.Encode() - req, err := http.NewRequest("POST", urls, body) + req, err := http.NewRequest("GET", urls, body) if err != nil { return nil, err } req.Header = reqHeaders googleapi.Expand(req.URL, map[string]string{ - "resource": c.resource, + "name": c.name, }) return gensupport.SendRequest(c.ctx_, c.s.client, req) } -// Do executes the "cloudkms.projects.locations.ekmConnections.testIamPermissions" call. +// Do executes the "cloudkms.projects.locations.keyHandles.get" call. // Any non-2xx status code is an error. Response headers are in either -// *TestIamPermissionsResponse.ServerResponse.Header or (if a response was -// returned at all) in error.(*googleapi.Error).Header. Use -// googleapi.IsNotModified to check whether the returned error was because -// http.StatusNotModified was returned. -func (c *ProjectsLocationsEkmConnectionsTestIamPermissionsCall) Do(opts ...googleapi.CallOption) (*TestIamPermissionsResponse, error) { +// *KeyHandle.ServerResponse.Header or (if a response was returned at all) in +// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check +// whether the returned error was because http.StatusNotModified was returned. +func (c *ProjectsLocationsKeyHandlesGetCall) Do(opts ...googleapi.CallOption) (*KeyHandle, error) { gensupport.SetOptions(c.urlParams_, opts...) res, err := c.doRequest("json") if res != nil && res.StatusCode == http.StatusNotModified { @@ -4817,7 +5730,7 @@ func (c *ProjectsLocationsEkmConnectionsTestIamPermissionsCall) Do(opts ...googl if err := googleapi.CheckResponse(res); err != nil { return nil, gensupport.WrapError(err) } - ret := &TestIamPermissionsResponse{ + ret := &KeyHandle{ ServerResponse: googleapi.ServerResponse{ Header: res.Header, HTTPStatusCode: res.StatusCode, @@ -4830,32 +5743,36 @@ func (c *ProjectsLocationsEkmConnectionsTestIamPermissionsCall) Do(opts ...googl return ret, nil } -type ProjectsLocationsEkmConnectionsVerifyConnectivityCall struct { +type ProjectsLocationsKeyHandlesListCall struct { s *Service - name string + parent string urlParams_ gensupport.URLParams ifNoneMatch_ string ctx_ context.Context header_ http.Header } -// VerifyConnectivity: Verifies that Cloud KMS can successfully connect to the -// external key manager specified by an EkmConnection. If there is an error -// connecting to the EKM, this method returns a FAILED_PRECONDITION status -// containing structured information as described at -// https://cloud.google.com/kms/docs/reference/ekm_errors. +// List: Lists KeyHandles. // -// - name: The name of the EkmConnection to verify. -func (r *ProjectsLocationsEkmConnectionsService) VerifyConnectivity(name string) *ProjectsLocationsEkmConnectionsVerifyConnectivityCall { - c := &ProjectsLocationsEkmConnectionsVerifyConnectivityCall{s: r.s, urlParams_: make(gensupport.URLParams)} - c.name = name +// - parent: Name of the resource project and location from which to list +// KeyHandles, e.g. `projects/{PROJECT_ID}/locations/{LOCATION}`. +func (r *ProjectsLocationsKeyHandlesService) List(parent string) *ProjectsLocationsKeyHandlesListCall { + c := &ProjectsLocationsKeyHandlesListCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.parent = parent + return c +} + +// Filter sets the optional parameter "filter": Filter to apply when listing +// KeyHandles, e.g. `resource_type_selector="{SERVICE}.googleapis.com/{TYPE}". +func (c *ProjectsLocationsKeyHandlesListCall) Filter(filter string) *ProjectsLocationsKeyHandlesListCall { + c.urlParams_.Set("filter", filter) return c } // Fields allows partial responses to be retrieved. See // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more // details. -func (c *ProjectsLocationsEkmConnectionsVerifyConnectivityCall) Fields(s ...googleapi.Field) *ProjectsLocationsEkmConnectionsVerifyConnectivityCall { +func (c *ProjectsLocationsKeyHandlesListCall) Fields(s ...googleapi.Field) *ProjectsLocationsKeyHandlesListCall { c.urlParams_.Set("fields", googleapi.CombineFields(s)) return c } @@ -4863,27 +5780,27 @@ func (c *ProjectsLocationsEkmConnectionsVerifyConnectivityCall) Fields(s ...goog // IfNoneMatch sets an optional parameter which makes the operation fail if the // object's ETag matches the given value. This is useful for getting updates // only after the object has changed since the last request. -func (c *ProjectsLocationsEkmConnectionsVerifyConnectivityCall) IfNoneMatch(entityTag string) *ProjectsLocationsEkmConnectionsVerifyConnectivityCall { +func (c *ProjectsLocationsKeyHandlesListCall) IfNoneMatch(entityTag string) *ProjectsLocationsKeyHandlesListCall { c.ifNoneMatch_ = entityTag return c } // Context sets the context to be used in this call's Do method. -func (c *ProjectsLocationsEkmConnectionsVerifyConnectivityCall) Context(ctx context.Context) *ProjectsLocationsEkmConnectionsVerifyConnectivityCall { +func (c *ProjectsLocationsKeyHandlesListCall) Context(ctx context.Context) *ProjectsLocationsKeyHandlesListCall { c.ctx_ = ctx return c } // Header returns a http.Header that can be modified by the caller to add // headers to the request. -func (c *ProjectsLocationsEkmConnectionsVerifyConnectivityCall) Header() http.Header { +func (c *ProjectsLocationsKeyHandlesListCall) Header() http.Header { if c.header_ == nil { c.header_ = make(http.Header) } return c.header_ } -func (c *ProjectsLocationsEkmConnectionsVerifyConnectivityCall) doRequest(alt string) (*http.Response, error) { +func (c *ProjectsLocationsKeyHandlesListCall) doRequest(alt string) (*http.Response, error) { reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) if c.ifNoneMatch_ != "" { reqHeaders.Set("If-None-Match", c.ifNoneMatch_) @@ -4891,7 +5808,7 @@ func (c *ProjectsLocationsEkmConnectionsVerifyConnectivityCall) doRequest(alt st var body io.Reader = nil c.urlParams_.Set("alt", alt) c.urlParams_.Set("prettyPrint", "false") - urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:verifyConnectivity") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/keyHandles") urls += "?" + c.urlParams_.Encode() req, err := http.NewRequest("GET", urls, body) if err != nil { @@ -4899,18 +5816,18 @@ func (c *ProjectsLocationsEkmConnectionsVerifyConnectivityCall) doRequest(alt st } req.Header = reqHeaders googleapi.Expand(req.URL, map[string]string{ - "name": c.name, + "parent": c.parent, }) return gensupport.SendRequest(c.ctx_, c.s.client, req) } -// Do executes the "cloudkms.projects.locations.ekmConnections.verifyConnectivity" call. +// Do executes the "cloudkms.projects.locations.keyHandles.list" call. // Any non-2xx status code is an error. Response headers are in either -// *VerifyConnectivityResponse.ServerResponse.Header or (if a response was -// returned at all) in error.(*googleapi.Error).Header. Use -// googleapi.IsNotModified to check whether the returned error was because -// http.StatusNotModified was returned. -func (c *ProjectsLocationsEkmConnectionsVerifyConnectivityCall) Do(opts ...googleapi.CallOption) (*VerifyConnectivityResponse, error) { +// *ListKeyHandlesResponse.ServerResponse.Header or (if a response was returned +// at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to +// check whether the returned error was because http.StatusNotModified was +// returned. +func (c *ProjectsLocationsKeyHandlesListCall) Do(opts ...googleapi.CallOption) (*ListKeyHandlesResponse, error) { gensupport.SetOptions(c.urlParams_, opts...) res, err := c.doRequest("json") if res != nil && res.StatusCode == http.StatusNotModified { @@ -4929,7 +5846,7 @@ func (c *ProjectsLocationsEkmConnectionsVerifyConnectivityCall) Do(opts ...googl if err := googleapi.CheckResponse(res); err != nil { return nil, gensupport.WrapError(err) } - ret := &VerifyConnectivityResponse{ + ret := &ListKeyHandlesResponse{ ServerResponse: googleapi.ServerResponse{ Header: res.Header, HTTPStatusCode: res.StatusCode, @@ -9114,3 +10031,112 @@ func (c *ProjectsLocationsKeyRingsImportJobsTestIamPermissionsCall) Do(opts ...g } return ret, nil } + +type ProjectsLocationsOperationsGetCall struct { + s *Service + name string + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// Get: Gets the latest state of a long-running operation. Clients can use this +// method to poll the operation result at intervals as recommended by the API +// service. +// +// - name: The name of the operation resource. +func (r *ProjectsLocationsOperationsService) Get(name string) *ProjectsLocationsOperationsGetCall { + c := &ProjectsLocationsOperationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more +// details. +func (c *ProjectsLocationsOperationsGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsOperationsGetCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets an optional parameter which makes the operation fail if the +// object's ETag matches the given value. This is useful for getting updates +// only after the object has changed since the last request. +func (c *ProjectsLocationsOperationsGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsOperationsGetCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. +func (c *ProjectsLocationsOperationsGetCall) Context(ctx context.Context) *ProjectsLocationsOperationsGetCall { + c.ctx_ = ctx + return c +} + +// Header returns a http.Header that can be modified by the caller to add +// headers to the request. +func (c *ProjectsLocationsOperationsGetCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsLocationsOperationsGetCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.name, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudkms.projects.locations.operations.get" call. +// Any non-2xx status code is an error. Response headers are in either +// *Operation.ServerResponse.Header or (if a response was returned at all) in +// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check +// whether the returned error was because http.StatusNotModified was returned. +func (c *ProjectsLocationsOperationsGetCall) Do(opts ...googleapi.CallOption) (*Operation, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Operation{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil +} diff --git a/config/v1/config-api.json b/config/v1/config-api.json index 5d5f315a90e..6f6fe39f930 100644 --- a/config/v1/config-api.json +++ b/config/v1/config-api.json @@ -1187,7 +1187,7 @@ } } }, - "revision": "20240410", + "revision": "20240424", "rootUrl": "https://config.googleapis.com/", "schemas": { "ApplyResults": { @@ -1308,7 +1308,7 @@ "additionalProperties": { "type": "string" }, - "description": "Optional. Arbitrary key-value metadata storage e.g. to help client tools identifiy deployments during automation. See https://google.aip.dev/148#annotations for details on format and size limitations.", + "description": "Optional. Arbitrary key-value metadata storage e.g. to help client tools identify deployments during automation. See https://google.aip.dev/148#annotations for details on format and size limitations.", "type": "object" }, "artifactsGcsBucket": { @@ -1996,6 +1996,13 @@ "description": "A preview represents a set of actions Infra Manager would perform to move the resources towards the desired state as specified in the configuration.", "id": "Preview", "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "description": "Optional. Arbitrary key-value metadata storage e.g. to help client tools identifiy preview during automation. See https://google.aip.dev/148#annotations for details on format and size limitations.", + "type": "object" + }, "artifactsGcsBucket": { "description": "Optional. User-defined location of Cloud Build logs, artifacts, and in Google Cloud Storage. Format: `gs://{bucket}/{folder}` A default bucket will be bootstrapped if the field is not set or empty Default Bucket Format: `gs://--blueprint-config` Constraints: - The bucket needs to be in the same project as the deployment - The path cannot be within the path of `gcs_source` If omitted and deployment resource ref provided has artifacts_gcs_bucket defined, that artifact bucket is used.", "type": "string" @@ -2124,6 +2131,15 @@ "readOnly": true, "type": "array" }, + "tfVersion": { + "description": "Output only. The current Terraform version set on the preview. It is in the format of \"Major.Minor.Patch\", for example, \"1.3.10\".", + "readOnly": true, + "type": "string" + }, + "tfVersionConstraint": { + "description": "Optional. The user-specified Terraform version constraint. Example: \"=1.3.10\".", + "type": "string" + }, "workerPool": { "description": "Optional. The user-specified Worker Pool resource in which the Cloud Build job will execute. Format projects/{project}/locations/{location}/workerPools/{workerPoolId} If this field is unspecified, the default Cloud Build worker pool will be used. If omitted and deployment resource ref provided has worker_pool defined, that worker pool is used.", "type": "string" diff --git a/config/v1/config-gen.go b/config/v1/config-gen.go index 588cbc804ea..92276d189f5 100644 --- a/config/v1/config-gen.go +++ b/config/v1/config-gen.go @@ -483,7 +483,7 @@ func (s *DeleteStatefileRequest) MarshalJSON() ([]byte, error) { // provisioned by Infra Manager. type Deployment struct { // Annotations: Optional. Arbitrary key-value metadata storage e.g. to help - // client tools identifiy deployments during automation. See + // client tools identify deployments during automation. See // https://google.aip.dev/148#annotations for details on format and size // limitations. Annotations map[string]string `json:"annotations,omitempty"` @@ -1326,6 +1326,11 @@ func (s *Policy) MarshalJSON() ([]byte, error) { // to move the resources towards the desired state as specified in the // configuration. type Preview struct { + // Annotations: Optional. Arbitrary key-value metadata storage e.g. to help + // client tools identifiy preview during automation. See + // https://google.aip.dev/148#annotations for details on format and size + // limitations. + Annotations map[string]string `json:"annotations,omitempty"` // ArtifactsGcsBucket: Optional. User-defined location of Cloud Build logs, // artifacts, and in Google Cloud Storage. Format: `gs://{bucket}/{folder}` A // default bucket will be bootstrapped if the field is not set or empty Default @@ -1412,6 +1417,12 @@ type Preview struct { // preview. It has a size limit of 10, i.e. only top 10 errors will be // summarized here. TfErrors []*TerraformError `json:"tfErrors,omitempty"` + // TfVersion: Output only. The current Terraform version set on the preview. It + // is in the format of "Major.Minor.Patch", for example, "1.3.10". + TfVersion string `json:"tfVersion,omitempty"` + // TfVersionConstraint: Optional. The user-specified Terraform version + // constraint. Example: "=1.3.10". + TfVersionConstraint string `json:"tfVersionConstraint,omitempty"` // WorkerPool: Optional. The user-specified Worker Pool resource in which the // Cloud Build job will execute. Format // projects/{project}/locations/{location}/workerPools/{workerPoolId} If this @@ -1422,15 +1433,15 @@ type Preview struct { // ServerResponse contains the HTTP response code and headers from the server. googleapi.ServerResponse `json:"-"` - // ForceSendFields is a list of field names (e.g. "ArtifactsGcsBucket") to + // ForceSendFields is a list of field names (e.g. "Annotations") to // unconditionally include in API requests. By default, fields with empty or // default values are omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more // details. ForceSendFields []string `json:"-"` - // NullFields is a list of field names (e.g. "ArtifactsGcsBucket") to include - // in API requests with the JSON null value. By default, fields with empty - // values are omitted from API requests. See + // NullFields is a list of field names (e.g. "Annotations") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. NullFields []string `json:"-"` } diff --git a/datamigration/v1/datamigration-api.json b/datamigration/v1/datamigration-api.json index 6b3f7ed88a5..88711b69819 100644 --- a/datamigration/v1/datamigration-api.json +++ b/datamigration/v1/datamigration-api.json @@ -2125,7 +2125,7 @@ } } }, - "revision": "20240421", + "revision": "20240430", "rootUrl": "https://datamigration.googleapis.com/", "schemas": { "AlloyDbConnectionProfile": { @@ -2530,6 +2530,7 @@ "MYSQL_8_0_33", "MYSQL_8_0_34", "MYSQL_8_0_35", + "MYSQL_8_0_36", "POSTGRES_9_6", "POSTGRES_11", "POSTGRES_10", @@ -2553,6 +2554,7 @@ "The database major version is MySQL 8.0 and the minor version is 33.", "The database major version is MySQL 8.0 and the minor version is 34.", "The database major version is MySQL 8.0 and the minor version is 35.", + "The database major version is MySQL 8.0 and the minor version is 36.", "PostgreSQL 9.6.", "PostgreSQL 11.", "PostgreSQL 10.", diff --git a/datamigration/v1/datamigration-gen.go b/datamigration/v1/datamigration-gen.go index 6a199c90a90..aee86bea65c 100644 --- a/datamigration/v1/datamigration-gen.go +++ b/datamigration/v1/datamigration-gen.go @@ -787,6 +787,8 @@ type CloudSqlSettings struct { // version is 34. // "MYSQL_8_0_35" - The database major version is MySQL 8.0 and the minor // version is 35. + // "MYSQL_8_0_36" - The database major version is MySQL 8.0 and the minor + // version is 36. // "POSTGRES_9_6" - PostgreSQL 9.6. // "POSTGRES_11" - PostgreSQL 11. // "POSTGRES_10" - PostgreSQL 10. diff --git a/firestore/v1/firestore-api.json b/firestore/v1/firestore-api.json index 3143863a70b..9d366efd183 100644 --- a/firestore/v1/firestore-api.json +++ b/firestore/v1/firestore-api.json @@ -276,6 +276,11 @@ "pattern": "^projects/[^/]+$", "required": true, "type": "string" + }, + "showDeleted": { + "description": "If true, also returns deleted resources.", + "location": "query", + "type": "boolean" } }, "path": "v1/{+parent}/databases", @@ -1672,7 +1677,7 @@ } } }, - "revision": "20240420", + "revision": "20240430", "rootUrl": "https://firestore.googleapis.com/", "schemas": { "Aggregation": { @@ -2571,6 +2576,12 @@ ], "type": "string" }, + "deleteTime": { + "description": "Output only. The timestamp at which this database was soft deleted. Only set if the database has been soft deleted.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + }, "earliestVersionTime": { "description": "Output only. The earliest timestamp at which older versions of the data can be read from the database. See [version_retention_period] above; this field is populated with `now - version_retention_period`. This value is continuously updated, and becomes stale the moment it is queried. If you are using this value to recover data, make sure to account for the time from the moment when the value is queried to the moment when you initiate the recovery.", "format": "google-datetime", diff --git a/firestore/v1/firestore-gen.go b/firestore/v1/firestore-gen.go index c0dcf88dd9b..540fd7fe6bd 100644 --- a/firestore/v1/firestore-gen.go +++ b/firestore/v1/firestore-gen.go @@ -1587,6 +1587,9 @@ type GoogleFirestoreAdminV1Database struct { // "DELETE_PROTECTION_DISABLED" - Delete protection is disabled // "DELETE_PROTECTION_ENABLED" - Delete protection is enabled DeleteProtectionState string `json:"deleteProtectionState,omitempty"` + // DeleteTime: Output only. The timestamp at which this database was soft + // deleted. Only set if the database has been soft deleted. + DeleteTime string `json:"deleteTime,omitempty"` // EarliestVersionTime: Output only. The earliest timestamp at which older // versions of the data can be read from the database. See // [version_retention_period] above; this field is populated with `now - @@ -4630,6 +4633,13 @@ func (r *ProjectsDatabasesService) List(parent string) *ProjectsDatabasesListCal return c } +// ShowDeleted sets the optional parameter "showDeleted": If true, also returns +// deleted resources. +func (c *ProjectsDatabasesListCall) ShowDeleted(showDeleted bool) *ProjectsDatabasesListCall { + c.urlParams_.Set("showDeleted", fmt.Sprint(showDeleted)) + return c +} + // Fields allows partial responses to be retrieved. See // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more // details. diff --git a/gkehub/v1/gkehub-api.json b/gkehub/v1/gkehub-api.json index 423c09b292b..08716ba0d4e 100644 --- a/gkehub/v1/gkehub-api.json +++ b/gkehub/v1/gkehub-api.json @@ -1911,7 +1911,7 @@ } } }, - "revision": "20240412", + "revision": "20240428", "rootUrl": "https://gkehub.googleapis.com/", "schemas": { "AppDevExperienceFeatureSpec": { @@ -3889,6 +3889,18 @@ }, "type": "object" }, + "IdentityServiceIdentityServiceOptions": { + "description": "Holds non-protocol-related configuration options.", + "id": "IdentityServiceIdentityServiceOptions", + "properties": { + "sessionDuration": { + "description": "Optional. Determines the lifespan of STS tokens issued by Anthos Identity Service.", + "format": "google-duration", + "type": "string" + } + }, + "type": "object" + }, "IdentityServiceLdapConfig": { "description": "Configuration for the LDAP Auth flow.", "id": "IdentityServiceLdapConfig", @@ -3922,6 +3934,10 @@ "$ref": "IdentityServiceAuthMethod" }, "type": "array" + }, + "identityServiceOptions": { + "$ref": "IdentityServiceIdentityServiceOptions", + "description": "Optional. non-protocol-related configuration options." } }, "type": "object" @@ -5725,7 +5741,25 @@ "CNI_INSTALLATION_FAILED", "CNI_POD_UNSCHEDULABLE", "UNSUPPORTED_MULTIPLE_CONTROL_PLANES", - "VPCSC_GA_SUPPORTED" + "VPCSC_GA_SUPPORTED", + "CONFIG_APPLY_INTERNAL_ERROR", + "CONFIG_VALIDATION_ERROR", + "CONFIG_VALIDATION_WARNING", + "QUOTA_EXCEEDED_BACKEND_SERVICES", + "QUOTA_EXCEEDED_HEALTH_CHECKS", + "QUOTA_EXCEEDED_HTTP_ROUTES", + "QUOTA_EXCEEDED_TCP_ROUTES", + "QUOTA_EXCEEDED_TLS_ROUTES", + "QUOTA_EXCEEDED_TRAFFIC_POLICIES", + "QUOTA_EXCEEDED_ENDPOINT_POLICIES", + "QUOTA_EXCEEDED_GATEWAYS", + "QUOTA_EXCEEDED_MESHES", + "QUOTA_EXCEEDED_SERVER_TLS_POLICIES", + "QUOTA_EXCEEDED_CLIENT_TLS_POLICIES", + "QUOTA_EXCEEDED_SERVICE_LB_POLICIES", + "QUOTA_EXCEEDED_HTTP_FILTERS", + "QUOTA_EXCEEDED_TCP_FILTERS", + "QUOTA_EXCEEDED_NETWORK_ENDPOINT_GROUPS" ], "enumDescriptions": [ "Default Unspecified code", @@ -5736,7 +5770,25 @@ "CNI installation failed error code", "CNI pod unschedulable error code", "Multiple control planes unsupported error code", - "VPC-SC GA is supported for this control plane." + "VPC-SC GA is supported for this control plane.", + "Configuration (Istio/k8s resources) failed to apply due to internal error.", + "Configuration failed to be applied due to being invalid.", + "Encountered configuration(s) with possible unintended behavior or invalid configuration. These configs may not have been applied.", + "BackendService quota exceeded error code.", + "HealthCheck quota exceeded error code.", + "HTTPRoute quota exceeded error code.", + "TCPRoute quota exceeded error code.", + "TLS routes quota exceeded error code.", + "TrafficPolicy quota exceeded error code.", + "EndpointPolicy quota exceeded error code.", + "Gateway quota exceeded error code.", + "Mesh quota exceeded error code.", + "ServerTLSPolicy quota exceeded error code.", + "ClientTLSPolicy quota exceeded error code.", + "ServiceLBPolicy quota exceeded error code.", + "HTTPFilter quota exceeded error code.", + "TCPFilter quota exceeded error code.", + "NetworkEndpointGroup quota exceeded error code." ], "type": "string" }, @@ -5778,6 +5830,23 @@ }, "type": "array" }, + "implementation": { + "description": "Output only. Implementation of managed control plane.", + "enum": [ + "IMPLEMENTATION_UNSPECIFIED", + "ISTIOD", + "TRAFFIC_DIRECTOR", + "UPDATING" + ], + "enumDescriptions": [ + "Unspecified", + "A Google build of istiod is used for the managed control plane.", + "Traffic director is used for the managed control plane.", + "The control plane implementation is being updated." + ], + "readOnly": true, + "type": "string" + }, "state": { "description": "LifecycleState of control plane management.", "enum": [ diff --git a/gkehub/v1/gkehub-gen.go b/gkehub/v1/gkehub-gen.go index c4825a82e66..c15be7ab1b8 100644 --- a/gkehub/v1/gkehub-gen.go +++ b/gkehub/v1/gkehub-gen.go @@ -2808,6 +2808,30 @@ func (s *IdentityServiceGroupConfig) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) } +// IdentityServiceIdentityServiceOptions: Holds non-protocol-related +// configuration options. +type IdentityServiceIdentityServiceOptions struct { + // SessionDuration: Optional. Determines the lifespan of STS tokens issued by + // Anthos Identity Service. + SessionDuration string `json:"sessionDuration,omitempty"` + // ForceSendFields is a list of field names (e.g. "SessionDuration") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "SessionDuration") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s *IdentityServiceIdentityServiceOptions) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceIdentityServiceOptions + return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) +} + // IdentityServiceLdapConfig: Configuration for the LDAP Auth flow. type IdentityServiceLdapConfig struct { // Group: Optional. Contains the properties for locating and authenticating @@ -2845,6 +2869,9 @@ func (s *IdentityServiceLdapConfig) MarshalJSON() ([]byte, error) { type IdentityServiceMembershipSpec struct { // AuthMethods: A member may support multiple auth methods. AuthMethods []*IdentityServiceAuthMethod `json:"authMethods,omitempty"` + // IdentityServiceOptions: Optional. non-protocol-related configuration + // options. + IdentityServiceOptions *IdentityServiceIdentityServiceOptions `json:"identityServiceOptions,omitempty"` // ForceSendFields is a list of field names (e.g. "AuthMethods") to // unconditionally include in API requests. By default, fields with empty or // default values are omitted from API requests. See @@ -5142,6 +5169,35 @@ type ServiceMeshCondition struct { // "UNSUPPORTED_MULTIPLE_CONTROL_PLANES" - Multiple control planes // unsupported error code // "VPCSC_GA_SUPPORTED" - VPC-SC GA is supported for this control plane. + // "CONFIG_APPLY_INTERNAL_ERROR" - Configuration (Istio/k8s resources) failed + // to apply due to internal error. + // "CONFIG_VALIDATION_ERROR" - Configuration failed to be applied due to + // being invalid. + // "CONFIG_VALIDATION_WARNING" - Encountered configuration(s) with possible + // unintended behavior or invalid configuration. These configs may not have + // been applied. + // "QUOTA_EXCEEDED_BACKEND_SERVICES" - BackendService quota exceeded error + // code. + // "QUOTA_EXCEEDED_HEALTH_CHECKS" - HealthCheck quota exceeded error code. + // "QUOTA_EXCEEDED_HTTP_ROUTES" - HTTPRoute quota exceeded error code. + // "QUOTA_EXCEEDED_TCP_ROUTES" - TCPRoute quota exceeded error code. + // "QUOTA_EXCEEDED_TLS_ROUTES" - TLS routes quota exceeded error code. + // "QUOTA_EXCEEDED_TRAFFIC_POLICIES" - TrafficPolicy quota exceeded error + // code. + // "QUOTA_EXCEEDED_ENDPOINT_POLICIES" - EndpointPolicy quota exceeded error + // code. + // "QUOTA_EXCEEDED_GATEWAYS" - Gateway quota exceeded error code. + // "QUOTA_EXCEEDED_MESHES" - Mesh quota exceeded error code. + // "QUOTA_EXCEEDED_SERVER_TLS_POLICIES" - ServerTLSPolicy quota exceeded + // error code. + // "QUOTA_EXCEEDED_CLIENT_TLS_POLICIES" - ClientTLSPolicy quota exceeded + // error code. + // "QUOTA_EXCEEDED_SERVICE_LB_POLICIES" - ServiceLBPolicy quota exceeded + // error code. + // "QUOTA_EXCEEDED_HTTP_FILTERS" - HTTPFilter quota exceeded error code. + // "QUOTA_EXCEEDED_TCP_FILTERS" - TCPFilter quota exceeded error code. + // "QUOTA_EXCEEDED_NETWORK_ENDPOINT_GROUPS" - NetworkEndpointGroup quota + // exceeded error code. Code string `json:"code,omitempty"` // Details: A short summary about the issue. Details string `json:"details,omitempty"` @@ -5179,6 +5235,15 @@ func (s *ServiceMeshCondition) MarshalJSON() ([]byte, error) { type ServiceMeshControlPlaneManagement struct { // Details: Explanation of state. Details []*ServiceMeshStatusDetails `json:"details,omitempty"` + // Implementation: Output only. Implementation of managed control plane. + // + // Possible values: + // "IMPLEMENTATION_UNSPECIFIED" - Unspecified + // "ISTIOD" - A Google build of istiod is used for the managed control plane. + // "TRAFFIC_DIRECTOR" - Traffic director is used for the managed control + // plane. + // "UPDATING" - The control plane implementation is being updated. + Implementation string `json:"implementation,omitempty"` // State: LifecycleState of control plane management. // // Possible values: diff --git a/gkehub/v1alpha/gkehub-api.json b/gkehub/v1alpha/gkehub-api.json index a386949d711..462a9b65533 100644 --- a/gkehub/v1alpha/gkehub-api.json +++ b/gkehub/v1alpha/gkehub-api.json @@ -2175,7 +2175,7 @@ } } }, - "revision": "20240412", + "revision": "20240428", "rootUrl": "https://gkehub.googleapis.com/", "schemas": { "AnthosObservabilityFeatureSpec": { @@ -4403,6 +4403,18 @@ }, "type": "object" }, + "IdentityServiceIdentityServiceOptions": { + "description": "Holds non-protocol-related configuration options.", + "id": "IdentityServiceIdentityServiceOptions", + "properties": { + "sessionDuration": { + "description": "Optional. Determines the lifespan of STS tokens issued by Anthos Identity Service.", + "format": "google-duration", + "type": "string" + } + }, + "type": "object" + }, "IdentityServiceLdapConfig": { "description": "Configuration for the LDAP Auth flow.", "id": "IdentityServiceLdapConfig", @@ -4436,6 +4448,10 @@ "$ref": "IdentityServiceAuthMethod" }, "type": "array" + }, + "identityServiceOptions": { + "$ref": "IdentityServiceIdentityServiceOptions", + "description": "Optional. non-protocol-related configuration options." } }, "type": "object" @@ -6468,7 +6484,25 @@ "CNI_INSTALLATION_FAILED", "CNI_POD_UNSCHEDULABLE", "UNSUPPORTED_MULTIPLE_CONTROL_PLANES", - "VPCSC_GA_SUPPORTED" + "VPCSC_GA_SUPPORTED", + "CONFIG_APPLY_INTERNAL_ERROR", + "CONFIG_VALIDATION_ERROR", + "CONFIG_VALIDATION_WARNING", + "QUOTA_EXCEEDED_BACKEND_SERVICES", + "QUOTA_EXCEEDED_HEALTH_CHECKS", + "QUOTA_EXCEEDED_HTTP_ROUTES", + "QUOTA_EXCEEDED_TCP_ROUTES", + "QUOTA_EXCEEDED_TLS_ROUTES", + "QUOTA_EXCEEDED_TRAFFIC_POLICIES", + "QUOTA_EXCEEDED_ENDPOINT_POLICIES", + "QUOTA_EXCEEDED_GATEWAYS", + "QUOTA_EXCEEDED_MESHES", + "QUOTA_EXCEEDED_SERVER_TLS_POLICIES", + "QUOTA_EXCEEDED_CLIENT_TLS_POLICIES", + "QUOTA_EXCEEDED_SERVICE_LB_POLICIES", + "QUOTA_EXCEEDED_HTTP_FILTERS", + "QUOTA_EXCEEDED_TCP_FILTERS", + "QUOTA_EXCEEDED_NETWORK_ENDPOINT_GROUPS" ], "enumDescriptions": [ "Default Unspecified code", @@ -6479,7 +6513,25 @@ "CNI installation failed error code", "CNI pod unschedulable error code", "Multiple control planes unsupported error code", - "VPC-SC GA is supported for this control plane." + "VPC-SC GA is supported for this control plane.", + "Configuration (Istio/k8s resources) failed to apply due to internal error.", + "Configuration failed to be applied due to being invalid.", + "Encountered configuration(s) with possible unintended behavior or invalid configuration. These configs may not have been applied.", + "BackendService quota exceeded error code.", + "HealthCheck quota exceeded error code.", + "HTTPRoute quota exceeded error code.", + "TCPRoute quota exceeded error code.", + "TLS routes quota exceeded error code.", + "TrafficPolicy quota exceeded error code.", + "EndpointPolicy quota exceeded error code.", + "Gateway quota exceeded error code.", + "Mesh quota exceeded error code.", + "ServerTLSPolicy quota exceeded error code.", + "ClientTLSPolicy quota exceeded error code.", + "ServiceLBPolicy quota exceeded error code.", + "HTTPFilter quota exceeded error code.", + "TCPFilter quota exceeded error code.", + "NetworkEndpointGroup quota exceeded error code." ], "type": "string" }, diff --git a/gkehub/v1alpha/gkehub-gen.go b/gkehub/v1alpha/gkehub-gen.go index b3b994af904..c18ddeefbf2 100644 --- a/gkehub/v1alpha/gkehub-gen.go +++ b/gkehub/v1alpha/gkehub-gen.go @@ -3155,6 +3155,30 @@ func (s *IdentityServiceGroupConfig) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) } +// IdentityServiceIdentityServiceOptions: Holds non-protocol-related +// configuration options. +type IdentityServiceIdentityServiceOptions struct { + // SessionDuration: Optional. Determines the lifespan of STS tokens issued by + // Anthos Identity Service. + SessionDuration string `json:"sessionDuration,omitempty"` + // ForceSendFields is a list of field names (e.g. "SessionDuration") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "SessionDuration") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s *IdentityServiceIdentityServiceOptions) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceIdentityServiceOptions + return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) +} + // IdentityServiceLdapConfig: Configuration for the LDAP Auth flow. type IdentityServiceLdapConfig struct { // Group: Optional. Contains the properties for locating and authenticating @@ -3192,6 +3216,9 @@ func (s *IdentityServiceLdapConfig) MarshalJSON() ([]byte, error) { type IdentityServiceMembershipSpec struct { // AuthMethods: A member may support multiple auth methods. AuthMethods []*IdentityServiceAuthMethod `json:"authMethods,omitempty"` + // IdentityServiceOptions: Optional. non-protocol-related configuration + // options. + IdentityServiceOptions *IdentityServiceIdentityServiceOptions `json:"identityServiceOptions,omitempty"` // ForceSendFields is a list of field names (e.g. "AuthMethods") to // unconditionally include in API requests. By default, fields with empty or // default values are omitted from API requests. See @@ -5781,6 +5808,35 @@ type ServiceMeshCondition struct { // "UNSUPPORTED_MULTIPLE_CONTROL_PLANES" - Multiple control planes // unsupported error code // "VPCSC_GA_SUPPORTED" - VPC-SC GA is supported for this control plane. + // "CONFIG_APPLY_INTERNAL_ERROR" - Configuration (Istio/k8s resources) failed + // to apply due to internal error. + // "CONFIG_VALIDATION_ERROR" - Configuration failed to be applied due to + // being invalid. + // "CONFIG_VALIDATION_WARNING" - Encountered configuration(s) with possible + // unintended behavior or invalid configuration. These configs may not have + // been applied. + // "QUOTA_EXCEEDED_BACKEND_SERVICES" - BackendService quota exceeded error + // code. + // "QUOTA_EXCEEDED_HEALTH_CHECKS" - HealthCheck quota exceeded error code. + // "QUOTA_EXCEEDED_HTTP_ROUTES" - HTTPRoute quota exceeded error code. + // "QUOTA_EXCEEDED_TCP_ROUTES" - TCPRoute quota exceeded error code. + // "QUOTA_EXCEEDED_TLS_ROUTES" - TLS routes quota exceeded error code. + // "QUOTA_EXCEEDED_TRAFFIC_POLICIES" - TrafficPolicy quota exceeded error + // code. + // "QUOTA_EXCEEDED_ENDPOINT_POLICIES" - EndpointPolicy quota exceeded error + // code. + // "QUOTA_EXCEEDED_GATEWAYS" - Gateway quota exceeded error code. + // "QUOTA_EXCEEDED_MESHES" - Mesh quota exceeded error code. + // "QUOTA_EXCEEDED_SERVER_TLS_POLICIES" - ServerTLSPolicy quota exceeded + // error code. + // "QUOTA_EXCEEDED_CLIENT_TLS_POLICIES" - ClientTLSPolicy quota exceeded + // error code. + // "QUOTA_EXCEEDED_SERVICE_LB_POLICIES" - ServiceLBPolicy quota exceeded + // error code. + // "QUOTA_EXCEEDED_HTTP_FILTERS" - HTTPFilter quota exceeded error code. + // "QUOTA_EXCEEDED_TCP_FILTERS" - TCPFilter quota exceeded error code. + // "QUOTA_EXCEEDED_NETWORK_ENDPOINT_GROUPS" - NetworkEndpointGroup quota + // exceeded error code. Code string `json:"code,omitempty"` // Details: A short summary about the issue. Details string `json:"details,omitempty"` diff --git a/gkehub/v1beta/gkehub-api.json b/gkehub/v1beta/gkehub-api.json index 04099b27c24..babcda1df17 100644 --- a/gkehub/v1beta/gkehub-api.json +++ b/gkehub/v1beta/gkehub-api.json @@ -2101,7 +2101,7 @@ } } }, - "revision": "20240412", + "revision": "20240428", "rootUrl": "https://gkehub.googleapis.com/", "schemas": { "AnthosObservabilityFeatureSpec": { @@ -4184,6 +4184,18 @@ }, "type": "object" }, + "IdentityServiceIdentityServiceOptions": { + "description": "Holds non-protocol-related configuration options.", + "id": "IdentityServiceIdentityServiceOptions", + "properties": { + "sessionDuration": { + "description": "Optional. Determines the lifespan of STS tokens issued by Anthos Identity Service.", + "format": "google-duration", + "type": "string" + } + }, + "type": "object" + }, "IdentityServiceLdapConfig": { "description": "Configuration for the LDAP Auth flow.", "id": "IdentityServiceLdapConfig", @@ -4217,6 +4229,10 @@ "$ref": "IdentityServiceAuthMethod" }, "type": "array" + }, + "identityServiceOptions": { + "$ref": "IdentityServiceIdentityServiceOptions", + "description": "Optional. non-protocol-related configuration options." } }, "type": "object" @@ -6107,7 +6123,25 @@ "CNI_INSTALLATION_FAILED", "CNI_POD_UNSCHEDULABLE", "UNSUPPORTED_MULTIPLE_CONTROL_PLANES", - "VPCSC_GA_SUPPORTED" + "VPCSC_GA_SUPPORTED", + "CONFIG_APPLY_INTERNAL_ERROR", + "CONFIG_VALIDATION_ERROR", + "CONFIG_VALIDATION_WARNING", + "QUOTA_EXCEEDED_BACKEND_SERVICES", + "QUOTA_EXCEEDED_HEALTH_CHECKS", + "QUOTA_EXCEEDED_HTTP_ROUTES", + "QUOTA_EXCEEDED_TCP_ROUTES", + "QUOTA_EXCEEDED_TLS_ROUTES", + "QUOTA_EXCEEDED_TRAFFIC_POLICIES", + "QUOTA_EXCEEDED_ENDPOINT_POLICIES", + "QUOTA_EXCEEDED_GATEWAYS", + "QUOTA_EXCEEDED_MESHES", + "QUOTA_EXCEEDED_SERVER_TLS_POLICIES", + "QUOTA_EXCEEDED_CLIENT_TLS_POLICIES", + "QUOTA_EXCEEDED_SERVICE_LB_POLICIES", + "QUOTA_EXCEEDED_HTTP_FILTERS", + "QUOTA_EXCEEDED_TCP_FILTERS", + "QUOTA_EXCEEDED_NETWORK_ENDPOINT_GROUPS" ], "enumDescriptions": [ "Default Unspecified code", @@ -6118,7 +6152,25 @@ "CNI installation failed error code", "CNI pod unschedulable error code", "Multiple control planes unsupported error code", - "VPC-SC GA is supported for this control plane." + "VPC-SC GA is supported for this control plane.", + "Configuration (Istio/k8s resources) failed to apply due to internal error.", + "Configuration failed to be applied due to being invalid.", + "Encountered configuration(s) with possible unintended behavior or invalid configuration. These configs may not have been applied.", + "BackendService quota exceeded error code.", + "HealthCheck quota exceeded error code.", + "HTTPRoute quota exceeded error code.", + "TCPRoute quota exceeded error code.", + "TLS routes quota exceeded error code.", + "TrafficPolicy quota exceeded error code.", + "EndpointPolicy quota exceeded error code.", + "Gateway quota exceeded error code.", + "Mesh quota exceeded error code.", + "ServerTLSPolicy quota exceeded error code.", + "ClientTLSPolicy quota exceeded error code.", + "ServiceLBPolicy quota exceeded error code.", + "HTTPFilter quota exceeded error code.", + "TCPFilter quota exceeded error code.", + "NetworkEndpointGroup quota exceeded error code." ], "type": "string" }, @@ -6160,6 +6212,23 @@ }, "type": "array" }, + "implementation": { + "description": "Output only. Implementation of managed control plane.", + "enum": [ + "IMPLEMENTATION_UNSPECIFIED", + "ISTIOD", + "TRAFFIC_DIRECTOR", + "UPDATING" + ], + "enumDescriptions": [ + "Unspecified", + "A Google build of istiod is used for the managed control plane.", + "Traffic director is used for the managed control plane.", + "The control plane implementation is being updated." + ], + "readOnly": true, + "type": "string" + }, "state": { "description": "LifecycleState of control plane management.", "enum": [ diff --git a/gkehub/v1beta/gkehub-gen.go b/gkehub/v1beta/gkehub-gen.go index 4ff79381a36..6ffb651956a 100644 --- a/gkehub/v1beta/gkehub-gen.go +++ b/gkehub/v1beta/gkehub-gen.go @@ -2979,6 +2979,30 @@ func (s *IdentityServiceGroupConfig) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) } +// IdentityServiceIdentityServiceOptions: Holds non-protocol-related +// configuration options. +type IdentityServiceIdentityServiceOptions struct { + // SessionDuration: Optional. Determines the lifespan of STS tokens issued by + // Anthos Identity Service. + SessionDuration string `json:"sessionDuration,omitempty"` + // ForceSendFields is a list of field names (e.g. "SessionDuration") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "SessionDuration") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s *IdentityServiceIdentityServiceOptions) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceIdentityServiceOptions + return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) +} + // IdentityServiceLdapConfig: Configuration for the LDAP Auth flow. type IdentityServiceLdapConfig struct { // Group: Optional. Contains the properties for locating and authenticating @@ -3016,6 +3040,9 @@ func (s *IdentityServiceLdapConfig) MarshalJSON() ([]byte, error) { type IdentityServiceMembershipSpec struct { // AuthMethods: A member may support multiple auth methods. AuthMethods []*IdentityServiceAuthMethod `json:"authMethods,omitempty"` + // IdentityServiceOptions: Optional. non-protocol-related configuration + // options. + IdentityServiceOptions *IdentityServiceIdentityServiceOptions `json:"identityServiceOptions,omitempty"` // ForceSendFields is a list of field names (e.g. "AuthMethods") to // unconditionally include in API requests. By default, fields with empty or // default values are omitted from API requests. See @@ -5427,6 +5454,35 @@ type ServiceMeshCondition struct { // "UNSUPPORTED_MULTIPLE_CONTROL_PLANES" - Multiple control planes // unsupported error code // "VPCSC_GA_SUPPORTED" - VPC-SC GA is supported for this control plane. + // "CONFIG_APPLY_INTERNAL_ERROR" - Configuration (Istio/k8s resources) failed + // to apply due to internal error. + // "CONFIG_VALIDATION_ERROR" - Configuration failed to be applied due to + // being invalid. + // "CONFIG_VALIDATION_WARNING" - Encountered configuration(s) with possible + // unintended behavior or invalid configuration. These configs may not have + // been applied. + // "QUOTA_EXCEEDED_BACKEND_SERVICES" - BackendService quota exceeded error + // code. + // "QUOTA_EXCEEDED_HEALTH_CHECKS" - HealthCheck quota exceeded error code. + // "QUOTA_EXCEEDED_HTTP_ROUTES" - HTTPRoute quota exceeded error code. + // "QUOTA_EXCEEDED_TCP_ROUTES" - TCPRoute quota exceeded error code. + // "QUOTA_EXCEEDED_TLS_ROUTES" - TLS routes quota exceeded error code. + // "QUOTA_EXCEEDED_TRAFFIC_POLICIES" - TrafficPolicy quota exceeded error + // code. + // "QUOTA_EXCEEDED_ENDPOINT_POLICIES" - EndpointPolicy quota exceeded error + // code. + // "QUOTA_EXCEEDED_GATEWAYS" - Gateway quota exceeded error code. + // "QUOTA_EXCEEDED_MESHES" - Mesh quota exceeded error code. + // "QUOTA_EXCEEDED_SERVER_TLS_POLICIES" - ServerTLSPolicy quota exceeded + // error code. + // "QUOTA_EXCEEDED_CLIENT_TLS_POLICIES" - ClientTLSPolicy quota exceeded + // error code. + // "QUOTA_EXCEEDED_SERVICE_LB_POLICIES" - ServiceLBPolicy quota exceeded + // error code. + // "QUOTA_EXCEEDED_HTTP_FILTERS" - HTTPFilter quota exceeded error code. + // "QUOTA_EXCEEDED_TCP_FILTERS" - TCPFilter quota exceeded error code. + // "QUOTA_EXCEEDED_NETWORK_ENDPOINT_GROUPS" - NetworkEndpointGroup quota + // exceeded error code. Code string `json:"code,omitempty"` // Details: A short summary about the issue. Details string `json:"details,omitempty"` @@ -5464,6 +5520,15 @@ func (s *ServiceMeshCondition) MarshalJSON() ([]byte, error) { type ServiceMeshControlPlaneManagement struct { // Details: Explanation of state. Details []*ServiceMeshStatusDetails `json:"details,omitempty"` + // Implementation: Output only. Implementation of managed control plane. + // + // Possible values: + // "IMPLEMENTATION_UNSPECIFIED" - Unspecified + // "ISTIOD" - A Google build of istiod is used for the managed control plane. + // "TRAFFIC_DIRECTOR" - Traffic director is used for the managed control + // plane. + // "UPDATING" - The control plane implementation is being updated. + Implementation string `json:"implementation,omitempty"` // State: LifecycleState of control plane management. // // Possible values: diff --git a/logging/v2/logging-api.json b/logging/v2/logging-api.json index ea881c54e9a..c09c2c174c0 100644 --- a/logging/v2/logging-api.json +++ b/logging/v2/logging-api.json @@ -8132,7 +8132,7 @@ } } }, - "revision": "20240419", + "revision": "20240426", "rootUrl": "https://logging.googleapis.com/", "schemas": { "AuditConfig": { @@ -8935,11 +8935,11 @@ "id": "ListLogEntriesRequest", "properties": { "filter": { - "description": "Optional. A filter that chooses which log entries to return. For more information, see Logging query language (https://cloud.google.com/logging/docs/view/logging-query-language).Only log entries that match the filter are returned. An empty filter matches all log entries in the resources listed in resource_names. Referencing a parent resource that is not listed in resource_names will cause the filter to return no results. The maximum length of a filter is 20,000 characters.", + "description": "Optional. A filter that chooses which log entries to return. For more information, see Logging query language (https://cloud.google.com/logging/docs/view/logging-query-language).Only log entries that match the filter are returned. An empty filter matches all log entries in the resources listed in resource_names. Referencing a parent resource that is not listed in resource_names will cause the filter to return no results. The maximum length of a filter is 20,000 characters.To make queries faster, you can make the filter more selective by using restrictions on indexed fields (https://cloud.google.com/logging/docs/view/logging-query-language#indexed-fields) as well as limit the time range of the query by adding range restrictions on the timestamp field.", "type": "string" }, "orderBy": { - "description": "Optional. How the results should be sorted. Presently, the only permitted values are \"timestamp asc\" (default) and \"timestamp desc\". The first option returns entries in order of increasing values of LogEntry.timestamp (oldest first), and the second option returns entries in order of decreasing timestamps (newest first). Entries with equal timestamps are returned in order of their insert_id values.", + "description": "Optional. How the results should be sorted. Presently, the only permitted values are \"timestamp asc\" (default) and \"timestamp desc\". The first option returns entries in order of increasing values of LogEntry.timestamp (oldest first), and the second option returns entries in order of decreasing timestamps (newest first). Entries with equal timestamps are returned in order of their insert_id values.We recommend setting the order_by field to \"timestamp desc\" when listing recently ingested log entries. If not set, the default value of \"timestamp asc\" may take a long time to fetch matching logs that are only recently ingested.", "type": "string" }, "pageSize": { diff --git a/logging/v2/logging-gen.go b/logging/v2/logging-gen.go index 33758413db1..218ae323ab7 100644 --- a/logging/v2/logging-gen.go +++ b/logging/v2/logging-gen.go @@ -2148,14 +2148,22 @@ type ListLogEntriesRequest struct { // entries that match the filter are returned. An empty filter matches all log // entries in the resources listed in resource_names. Referencing a parent // resource that is not listed in resource_names will cause the filter to - // return no results. The maximum length of a filter is 20,000 characters. + // return no results. The maximum length of a filter is 20,000 characters.To + // make queries faster, you can make the filter more selective by using + // restrictions on indexed fields + // (https://cloud.google.com/logging/docs/view/logging-query-language#indexed-fields) + // as well as limit the time range of the query by adding range restrictions on + // the timestamp field. Filter string `json:"filter,omitempty"` // OrderBy: Optional. How the results should be sorted. Presently, the only // permitted values are "timestamp asc" (default) and "timestamp desc". The // first option returns entries in order of increasing values of // LogEntry.timestamp (oldest first), and the second option returns entries in // order of decreasing timestamps (newest first). Entries with equal timestamps - // are returned in order of their insert_id values. + // are returned in order of their insert_id values.We recommend setting the + // order_by field to "timestamp desc" when listing recently ingested log + // entries. If not set, the default value of "timestamp asc" may take a long + // time to fetch matching logs that are only recently ingested. OrderBy string `json:"orderBy,omitempty"` // PageSize: Optional. The maximum number of results to return from this // request. Default is 50. If the value is negative, the request is diff --git a/redis/v1/redis-api.json b/redis/v1/redis-api.json index 8880175f85a..b61ff46f0fc 100644 --- a/redis/v1/redis-api.json +++ b/redis/v1/redis-api.json @@ -821,7 +821,7 @@ } } }, - "revision": "20240418", + "revision": "20240425", "rootUrl": "https://redis.googleapis.com/", "schemas": { "AOFConfig": { @@ -2950,6 +2950,7 @@ "PRODUCT_TYPE_ON_PREM", "ON_PREM", "PRODUCT_TYPE_MEMORYSTORE", + "PRODUCT_TYPE_BIGTABLE", "PRODUCT_TYPE_OTHER" ], "enumDeprecated": [ @@ -2962,6 +2963,7 @@ false, true, false, + false, false ], "enumDescriptions": [ @@ -2974,6 +2976,7 @@ "On premises database product.", "On premises database product.", "Memorystore product area in GCP", + "Bigtable product area in GCP", "Other refers to rest of other product type. This is to be when product type is known, but it is not present in this enum." ], "type": "string" diff --git a/redis/v1/redis-gen.go b/redis/v1/redis-gen.go index f08ce224718..e5468fc8c32 100644 --- a/redis/v1/redis-gen.go +++ b/redis/v1/redis-gen.go @@ -2339,6 +2339,7 @@ type Product struct { // "PRODUCT_TYPE_ON_PREM" - On premises database product. // "ON_PREM" - On premises database product. // "PRODUCT_TYPE_MEMORYSTORE" - Memorystore product area in GCP + // "PRODUCT_TYPE_BIGTABLE" - Bigtable product area in GCP // "PRODUCT_TYPE_OTHER" - Other refers to rest of other product type. This is // to be when product type is known, but it is not present in this enum. Type string `json:"type,omitempty"` diff --git a/redis/v1beta1/redis-api.json b/redis/v1beta1/redis-api.json index 1c815672d6f..db76c63c593 100644 --- a/redis/v1beta1/redis-api.json +++ b/redis/v1beta1/redis-api.json @@ -821,7 +821,7 @@ } } }, - "revision": "20240418", + "revision": "20240425", "rootUrl": "https://redis.googleapis.com/", "schemas": { "AOFConfig": { @@ -2957,6 +2957,7 @@ "PRODUCT_TYPE_ON_PREM", "ON_PREM", "PRODUCT_TYPE_MEMORYSTORE", + "PRODUCT_TYPE_BIGTABLE", "PRODUCT_TYPE_OTHER" ], "enumDeprecated": [ @@ -2969,6 +2970,7 @@ false, true, false, + false, false ], "enumDescriptions": [ @@ -2981,6 +2983,7 @@ "On premises database product.", "On premises database product.", "Memorystore product area in GCP", + "Bigtable product area in GCP", "Other refers to rest of other product type. This is to be when product type is known, but it is not present in this enum." ], "type": "string" diff --git a/redis/v1beta1/redis-gen.go b/redis/v1beta1/redis-gen.go index dd6dc5f58e3..36ec0335636 100644 --- a/redis/v1beta1/redis-gen.go +++ b/redis/v1beta1/redis-gen.go @@ -2343,6 +2343,7 @@ type Product struct { // "PRODUCT_TYPE_ON_PREM" - On premises database product. // "ON_PREM" - On premises database product. // "PRODUCT_TYPE_MEMORYSTORE" - Memorystore product area in GCP + // "PRODUCT_TYPE_BIGTABLE" - Bigtable product area in GCP // "PRODUCT_TYPE_OTHER" - Other refers to rest of other product type. This is // to be when product type is known, but it is not present in this enum. Type string `json:"type,omitempty"` diff --git a/workstations/v1/workstations-api.json b/workstations/v1/workstations-api.json index 431637d5e0e..25e15755934 100644 --- a/workstations/v1/workstations-api.json +++ b/workstations/v1/workstations-api.json @@ -1195,7 +1195,7 @@ } } }, - "revision": "20240301", + "revision": "20240424", "rootUrl": "https://workstations.googleapis.com/", "schemas": { "Accelerator": { @@ -1454,11 +1454,11 @@ "type": "integer" }, "serviceAccount": { - "description": "Optional. The email address of the service account for Cloud Workstations VMs created with this configuration. When specified, be sure that the service account has `logginglogEntries.create` permission on the project so it can write logs out to Cloud Logging. If using a custom container image, the service account must have [Artifact Registry Reader](https://cloud.google.com/artifact-registry/docs/access-control#roles) permission to pull the specified image. If you as the administrator want to be able to `ssh` into the underlying VM, you need to set this value to a service account for which you have the `iam.serviceAccounts.actAs` permission. Conversely, if you don't want anyone to be able to `ssh` into the underlying VM, use a service account where no one has that permission. If not set, VMs run with a service account provided by the Cloud Workstations service, and the image must be publicly accessible.", + "description": "Optional. The email address of the service account for Cloud Workstations VMs created with this configuration. When specified, be sure that the service account has `logging.logEntries.create` and `monitoring.timeSeries.create` permissions on the project so it can write logs out to Cloud Logging. If using a custom container image, the service account must have [Artifact Registry Reader](https://cloud.google.com/artifact-registry/docs/access-control#roles) permission to pull the specified image. If you as the administrator want to be able to `ssh` into the underlying VM, you need to set this value to a service account for which you have the `iam.serviceAccounts.actAs` permission. Conversely, if you don't want anyone to be able to `ssh` into the underlying VM, use a service account where no one has that permission. If not set, VMs run with a service account provided by the Cloud Workstations service, and the image must be publicly accessible.", "type": "string" }, "serviceAccountScopes": { - "description": "Optional. Scopes to grant to the service_account. Various scopes are automatically added based on feature usage. When specified, users of workstations under this configuration must have `iam.serviceAccounts.actAs` on the service account.", + "description": "Optional. Scopes to grant to the service_account. When specified, users of workstations under this configuration must have `iam.serviceAccounts.actAs` on the service account.", "items": { "type": "string" }, diff --git a/workstations/v1/workstations-gen.go b/workstations/v1/workstations-gen.go index c7b92d55aa5..a91ea2aa968 100644 --- a/workstations/v1/workstations-gen.go +++ b/workstations/v1/workstations-gen.go @@ -690,9 +690,10 @@ type GceInstance struct { PooledInstances int64 `json:"pooledInstances,omitempty"` // ServiceAccount: Optional. The email address of the service account for Cloud // Workstations VMs created with this configuration. When specified, be sure - // that the service account has `logginglogEntries.create` permission on the - // project so it can write logs out to Cloud Logging. If using a custom - // container image, the service account must have Artifact Registry Reader + // that the service account has `logging.logEntries.create` and + // `monitoring.timeSeries.create` permissions on the project so it can write + // logs out to Cloud Logging. If using a custom container image, the service + // account must have Artifact Registry Reader // (https://cloud.google.com/artifact-registry/docs/access-control#roles) // permission to pull the specified image. If you as the administrator want to // be able to `ssh` into the underlying VM, you need to set this value to a @@ -702,8 +703,7 @@ type GceInstance struct { // If not set, VMs run with a service account provided by the Cloud // Workstations service, and the image must be publicly accessible. ServiceAccount string `json:"serviceAccount,omitempty"` - // ServiceAccountScopes: Optional. Scopes to grant to the service_account. - // Various scopes are automatically added based on feature usage. When + // ServiceAccountScopes: Optional. Scopes to grant to the service_account. When // specified, users of workstations under this configuration must have // `iam.serviceAccounts.actAs` on the service account. ServiceAccountScopes []string `json:"serviceAccountScopes,omitempty"` diff --git a/workstations/v1beta/workstations-api.json b/workstations/v1beta/workstations-api.json index 5f47af3786a..0027e9e3d7b 100644 --- a/workstations/v1beta/workstations-api.json +++ b/workstations/v1beta/workstations-api.json @@ -1127,7 +1127,7 @@ } } }, - "revision": "20240318", + "revision": "20240424", "rootUrl": "https://workstations.googleapis.com/", "schemas": { "Accelerator": { @@ -1420,11 +1420,11 @@ "type": "integer" }, "serviceAccount": { - "description": "Optional. The email address of the service account for Cloud Workstations VMs created with this configuration. When specified, be sure that the service account has `logginglogEntries.create` permission on the project so it can write logs out to Cloud Logging. If using a custom container image, the service account must have [Artifact Registry Reader](https://cloud.google.com/artifact-registry/docs/access-control#roles) permission to pull the specified image. If you as the administrator want to be able to `ssh` into the underlying VM, you need to set this value to a service account for which you have the `iam.serviceAccounts.actAs` permission. Conversely, if you don't want anyone to be able to `ssh` into the underlying VM, use a service account where no one has that permission. If not set, VMs run with a service account provided by the Cloud Workstations service, and the image must be publicly accessible.", + "description": "Optional. The email address of the service account for Cloud Workstations VMs created with this configuration. When specified, be sure that the service account has `logging.logEntries.create` and `monitoring.timeSeries.create` permissions on the project so it can write logs out to Cloud Logging. If using a custom container image, the service account must have [Artifact Registry Reader](https://cloud.google.com/artifact-registry/docs/access-control#roles) permission to pull the specified image. If you as the administrator want to be able to `ssh` into the underlying VM, you need to set this value to a service account for which you have the `iam.serviceAccounts.actAs` permission. Conversely, if you don't want anyone to be able to `ssh` into the underlying VM, use a service account where no one has that permission. If not set, VMs run with a service account provided by the Cloud Workstations service, and the image must be publicly accessible.", "type": "string" }, "serviceAccountScopes": { - "description": "Optional. Scopes to grant to the service_account. Various scopes are automatically added based on feature usage. When specified, users of workstations under this configuration must have `iam.serviceAccounts.actAs` on the service account.", + "description": "Optional. Scopes to grant to the service_account. When specified, users of workstations under this configuration must have `iam.serviceAccounts.actAs` on the service account.", "items": { "type": "string" }, diff --git a/workstations/v1beta/workstations-gen.go b/workstations/v1beta/workstations-gen.go index d0cc1c02598..15d767ebbca 100644 --- a/workstations/v1beta/workstations-gen.go +++ b/workstations/v1beta/workstations-gen.go @@ -727,9 +727,10 @@ type GceInstance struct { PooledInstances int64 `json:"pooledInstances,omitempty"` // ServiceAccount: Optional. The email address of the service account for Cloud // Workstations VMs created with this configuration. When specified, be sure - // that the service account has `logginglogEntries.create` permission on the - // project so it can write logs out to Cloud Logging. If using a custom - // container image, the service account must have Artifact Registry Reader + // that the service account has `logging.logEntries.create` and + // `monitoring.timeSeries.create` permissions on the project so it can write + // logs out to Cloud Logging. If using a custom container image, the service + // account must have Artifact Registry Reader // (https://cloud.google.com/artifact-registry/docs/access-control#roles) // permission to pull the specified image. If you as the administrator want to // be able to `ssh` into the underlying VM, you need to set this value to a @@ -739,8 +740,7 @@ type GceInstance struct { // If not set, VMs run with a service account provided by the Cloud // Workstations service, and the image must be publicly accessible. ServiceAccount string `json:"serviceAccount,omitempty"` - // ServiceAccountScopes: Optional. Scopes to grant to the service_account. - // Various scopes are automatically added based on feature usage. When + // ServiceAccountScopes: Optional. Scopes to grant to the service_account. When // specified, users of workstations under this configuration must have // `iam.serviceAccounts.actAs` on the service account. ServiceAccountScopes []string `json:"serviceAccountScopes,omitempty"`