| Index: discovery/googleapis/sourcerepo__v1.json
|
| diff --git a/discovery/googleapis/sourcerepo__v1.json b/discovery/googleapis/sourcerepo__v1.json
|
| index cd358cb9419df18d6c395a0ff1d0887dbea55386..2930522b9adf1d229accc425071d0e5639a00d26 100644
|
| --- a/discovery/googleapis/sourcerepo__v1.json
|
| +++ b/discovery/googleapis/sourcerepo__v1.json
|
| @@ -2,14 +2,14 @@
|
| "auth": {
|
| "oauth2": {
|
| "scopes": {
|
| + "https://www.googleapis.com/auth/cloud-platform": {
|
| + "description": "View and manage your data across Google Cloud Platform services"
|
| + },
|
| "https://www.googleapis.com/auth/source.read_only": {
|
| "description": "View the contents of your source code repositories"
|
| },
|
| "https://www.googleapis.com/auth/source.read_write": {
|
| "description": "Manage the contents of your source code repositories"
|
| - },
|
| - "https://www.googleapis.com/auth/cloud-platform": {
|
| - "description": "View and manage your data across Google Cloud Platform services"
|
| }
|
| }
|
| }
|
| @@ -31,6 +31,16 @@
|
| "ownerDomain": "google.com",
|
| "ownerName": "Google",
|
| "parameters": {
|
| + "bearer_token": {
|
| + "description": "OAuth bearer token.",
|
| + "location": "query",
|
| + "type": "string"
|
| + },
|
| + "oauth_token": {
|
| + "description": "OAuth 2.0 token for the current user.",
|
| + "location": "query",
|
| + "type": "string"
|
| + },
|
| "upload_protocol": {
|
| "description": "Upload protocol for media (e.g. \"raw\", \"multipart\").",
|
| "location": "query",
|
| @@ -86,13 +96,13 @@
|
| "location": "query",
|
| "type": "string"
|
| },
|
| - "access_token": {
|
| - "description": "OAuth access token.",
|
| + "key": {
|
| + "description": "API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token.",
|
| "location": "query",
|
| "type": "string"
|
| },
|
| - "key": {
|
| - "description": "API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token.",
|
| + "access_token": {
|
| + "description": "OAuth access token.",
|
| "location": "query",
|
| "type": "string"
|
| },
|
| @@ -106,16 +116,6 @@
|
| "description": "Pretty-print response.",
|
| "location": "query",
|
| "type": "boolean"
|
| - },
|
| - "oauth_token": {
|
| - "description": "OAuth 2.0 token for the current user.",
|
| - "location": "query",
|
| - "type": "string"
|
| - },
|
| - "bearer_token": {
|
| - "description": "OAuth bearer token.",
|
| - "location": "query",
|
| - "type": "string"
|
| }
|
| },
|
| "protocol": "rest",
|
| @@ -124,28 +124,62 @@
|
| "resources": {
|
| "repos": {
|
| "methods": {
|
| - "setIamPolicy": {
|
| - "description": "Sets the access control policy on the specified resource. Replaces any\nexisting policy.",
|
| - "httpMethod": "POST",
|
| - "id": "sourcerepo.projects.repos.setIamPolicy",
|
| + "delete": {
|
| + "description": "Deletes a repo.",
|
| + "httpMethod": "DELETE",
|
| + "id": "sourcerepo.projects.repos.delete",
|
| "parameterOrder": [
|
| - "resource"
|
| + "name"
|
| ],
|
| "parameters": {
|
| - "resource": {
|
| - "description": "REQUIRED: The resource for which the policy is being specified.\nSee the operation documentation for the appropriate value for this field.",
|
| + "name": {
|
| + "description": "The name of the repo to delete. Values are of the form\n`projects/<project>/repos/<repo>`.",
|
| "location": "path",
|
| "pattern": "^projects/[^/]+/repos/.+$",
|
| "required": true,
|
| "type": "string"
|
| }
|
| },
|
| - "path": "v1/{+resource}:setIamPolicy",
|
| - "request": {
|
| - "$ref": "SetIamPolicyRequest"
|
| + "path": "v1/{+name}",
|
| + "response": {
|
| + "$ref": "Empty"
|
| + },
|
| + "scopes": [
|
| + "https://www.googleapis.com/auth/cloud-platform",
|
| + "https://www.googleapis.com/auth/source.read_only",
|
| + "https://www.googleapis.com/auth/source.read_write"
|
| + ]
|
| + },
|
| + "list": {
|
| + "description": "Returns all repos belonging to a project. The sizes of the repos are\nnot set by ListRepos. To get the size of a repo, use GetRepo.",
|
| + "httpMethod": "GET",
|
| + "id": "sourcerepo.projects.repos.list",
|
| + "parameterOrder": [
|
| + "name"
|
| + ],
|
| + "parameters": {
|
| + "pageToken": {
|
| + "description": "Resume listing repositories where a prior ListReposResponse\nleft off. This is an opaque token that must be obtained from\na recent, prior ListReposResponse's next_page_token field.",
|
| + "location": "query",
|
| + "type": "string"
|
| + },
|
| + "name": {
|
| + "description": "The project ID whose repos should be listed. Values are of the form\n`projects/<project>`.",
|
| + "location": "path",
|
| + "pattern": "^projects/[^/]+$",
|
| + "required": true,
|
| + "type": "string"
|
| + },
|
| + "pageSize": {
|
| + "description": "Maximum number of repositories to return; between 1 and 500.\nIf not set or zero, defaults to 100 at the server.",
|
| + "format": "int32",
|
| + "location": "query",
|
| + "type": "integer"
|
| + }
|
| },
|
| + "path": "v1/{+name}/repos",
|
| "response": {
|
| - "$ref": "Policy"
|
| + "$ref": "ListReposResponse"
|
| },
|
| "scopes": [
|
| "https://www.googleapis.com/auth/cloud-platform",
|
| @@ -182,6 +216,35 @@
|
| "https://www.googleapis.com/auth/source.read_write"
|
| ]
|
| },
|
| + "setIamPolicy": {
|
| + "description": "Sets the access control policy on the specified resource. Replaces any\nexisting policy.",
|
| + "httpMethod": "POST",
|
| + "id": "sourcerepo.projects.repos.setIamPolicy",
|
| + "parameterOrder": [
|
| + "resource"
|
| + ],
|
| + "parameters": {
|
| + "resource": {
|
| + "description": "REQUIRED: The resource for which the policy is being specified.\nSee the operation documentation for the appropriate value for this field.",
|
| + "location": "path",
|
| + "pattern": "^projects/[^/]+/repos/.+$",
|
| + "required": true,
|
| + "type": "string"
|
| + }
|
| + },
|
| + "path": "v1/{+resource}:setIamPolicy",
|
| + "request": {
|
| + "$ref": "SetIamPolicyRequest"
|
| + },
|
| + "response": {
|
| + "$ref": "Policy"
|
| + },
|
| + "scopes": [
|
| + "https://www.googleapis.com/auth/cloud-platform",
|
| + "https://www.googleapis.com/auth/source.read_only",
|
| + "https://www.googleapis.com/auth/source.read_write"
|
| + ]
|
| + },
|
| "getIamPolicy": {
|
| "description": "Gets the access control policy for a resource.\nReturns an empty policy if the resource exists and does not have a policy\nset.",
|
| "httpMethod": "GET",
|
| @@ -262,69 +325,6 @@
|
| "https://www.googleapis.com/auth/source.read_only",
|
| "https://www.googleapis.com/auth/source.read_write"
|
| ]
|
| - },
|
| - "delete": {
|
| - "description": "Deletes a repo.",
|
| - "httpMethod": "DELETE",
|
| - "id": "sourcerepo.projects.repos.delete",
|
| - "parameterOrder": [
|
| - "name"
|
| - ],
|
| - "parameters": {
|
| - "name": {
|
| - "description": "The name of the repo to delete. Values are of the form\n`projects/<project>/repos/<repo>`.",
|
| - "location": "path",
|
| - "pattern": "^projects/[^/]+/repos/.+$",
|
| - "required": true,
|
| - "type": "string"
|
| - }
|
| - },
|
| - "path": "v1/{+name}",
|
| - "response": {
|
| - "$ref": "Empty"
|
| - },
|
| - "scopes": [
|
| - "https://www.googleapis.com/auth/cloud-platform",
|
| - "https://www.googleapis.com/auth/source.read_only",
|
| - "https://www.googleapis.com/auth/source.read_write"
|
| - ]
|
| - },
|
| - "list": {
|
| - "description": "Returns all repos belonging to a project. The sizes of the repos are\nnot set by ListRepos. To get the size of a repo, use GetRepo.",
|
| - "httpMethod": "GET",
|
| - "id": "sourcerepo.projects.repos.list",
|
| - "parameterOrder": [
|
| - "name"
|
| - ],
|
| - "parameters": {
|
| - "name": {
|
| - "description": "The project ID whose repos should be listed. Values are of the form\n`projects/<project>`.",
|
| - "location": "path",
|
| - "pattern": "^projects/[^/]+$",
|
| - "required": true,
|
| - "type": "string"
|
| - },
|
| - "pageToken": {
|
| - "description": "Resume listing repositories where a prior ListReposResponse\nleft off. This is an opaque token that must be obtained from\na recent, prior ListReposResponse's next_page_token field.",
|
| - "location": "query",
|
| - "type": "string"
|
| - },
|
| - "pageSize": {
|
| - "description": "Maximum number of repositories to return; between 1 and 500.\nIf not set or zero, defaults to 100 at the server.",
|
| - "format": "int32",
|
| - "location": "query",
|
| - "type": "integer"
|
| - }
|
| - },
|
| - "path": "v1/{+name}/repos",
|
| - "response": {
|
| - "$ref": "ListReposResponse"
|
| - },
|
| - "scopes": [
|
| - "https://www.googleapis.com/auth/cloud-platform",
|
| - "https://www.googleapis.com/auth/source.read_only",
|
| - "https://www.googleapis.com/auth/source.read_write"
|
| - ]
|
| }
|
| }
|
| }
|
| @@ -334,246 +334,76 @@
|
| "revision": "20170528",
|
| "rootUrl": "https://sourcerepo.googleapis.com/",
|
| "schemas": {
|
| - "AuditLogConfig": {
|
| - "description": "Provides the configuration for logging a type of permissions.\nExample:\n\n {\n \"audit_log_configs\": [\n {\n \"log_type\": \"DATA_READ\",\n \"exempted_members\": [\n \"user:foo@gmail.com\"\n ]\n },\n {\n \"log_type\": \"DATA_WRITE\",\n }\n ]\n }\n\nThis enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting\nfoo@gmail.com from DATA_READ logging.",
|
| - "id": "AuditLogConfig",
|
| + "DataAccessOptions": {
|
| + "description": "Write a Data Access (Gin) log",
|
| + "id": "DataAccessOptions",
|
| + "properties": {},
|
| + "type": "object"
|
| + },
|
| + "AuditConfig": {
|
| + "description": "Specifies the audit configuration for a service.\nThe configuration determines which permission types are logged, and what\nidentities, if any, are exempted from logging.\nAn AuditConfig must have one or more AuditLogConfigs.\n\nIf there are AuditConfigs for both `allServices` and a specific service,\nthe union of the two AuditConfigs is used for that service: the log_types\nspecified in each AuditConfig are enabled, and the exempted_members in each\nAuditConfig are exempted.\n\nExample Policy with multiple AuditConfigs:\n\n {\n \"audit_configs\": [\n {\n \"service\": \"allServices\"\n \"audit_log_configs\": [\n {\n \"log_type\": \"DATA_READ\",\n \"exempted_members\": [\n \"user:foo@gmail.com\"\n ]\n },\n {\n \"log_type\": \"DATA_WRITE\",\n },\n {\n \"log_type\": \"ADMIN_READ\",\n }\n ]\n },\n {\n \"service\": \"fooservice.googleapis.com\"\n \"audit_log_configs\": [\n {\n \"log_type\": \"DATA_READ\",\n },\n {\n \"log_type\": \"DATA_WRITE\",\n \"exempted_members\": [\n \"user:bar@gmail.com\"\n ]\n }\n ]\n }\n ]\n }\n\nFor fooservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ\nlogging. It also exempts foo@gmail.com from DATA_READ logging, and\nbar@gmail.com from DATA_WRITE logging.",
|
| + "id": "AuditConfig",
|
| "properties": {
|
| + "service": {
|
| + "description": "Specifies a service that will be enabled for audit logging.\nFor example, `storage.googleapis.com`, `cloudsql.googleapis.com`.\n`allServices` is a special value that covers all services.",
|
| + "type": "string"
|
| + },
|
| + "auditLogConfigs": {
|
| + "description": "The configuration for logging of each type of permission.\nNext ID: 4",
|
| + "items": {
|
| + "$ref": "AuditLogConfig"
|
| + },
|
| + "type": "array"
|
| + },
|
| "exemptedMembers": {
|
| - "description": "Specifies the identities that do not cause logging for this type of\npermission.\nFollows the same format of Binding.members.",
|
| "items": {
|
| "type": "string"
|
| },
|
| "type": "array"
|
| + }
|
| + },
|
| + "type": "object"
|
| + },
|
| + "SetIamPolicyRequest": {
|
| + "description": "Request message for `SetIamPolicy` method.",
|
| + "id": "SetIamPolicyRequest",
|
| + "properties": {
|
| + "updateMask": {
|
| + "description": "OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only\nthe fields in the mask will be modified. If no mask is provided, the\nfollowing default mask is used:\npaths: \"bindings, etag\"\nThis field is only used by Cloud IAM.",
|
| + "format": "google-fieldmask",
|
| + "type": "string"
|
| },
|
| - "logType": {
|
| - "description": "The log type that this config enables.",
|
| + "policy": {
|
| + "$ref": "Policy",
|
| + "description": "REQUIRED: The complete policy to be applied to the `resource`. The size of\nthe policy is limited to a few 10s of KB. An empty policy is a\nvalid policy but certain Cloud Platform services (such as Projects)\nmight reject them."
|
| + }
|
| + },
|
| + "type": "object"
|
| + },
|
| + "CloudAuditOptions": {
|
| + "description": "Write a Cloud Audit log",
|
| + "id": "CloudAuditOptions",
|
| + "properties": {
|
| + "logName": {
|
| + "description": "The log_name to populate in the Cloud Audit Record.",
|
| "enum": [
|
| - "LOG_TYPE_UNSPECIFIED",
|
| - "ADMIN_READ",
|
| - "DATA_WRITE",
|
| - "DATA_READ"
|
| + "UNSPECIFIED_LOG_NAME",
|
| + "ADMIN_ACTIVITY",
|
| + "DATA_ACCESS"
|
| ],
|
| "enumDescriptions": [
|
| - "Default case. Should never be this.",
|
| - "Admin reads. Example: CloudIAM getIamPolicy",
|
| - "Data writes. Example: CloudSQL Users create",
|
| - "Data reads. Example: CloudSQL Users list"
|
| + "Default. Should not be used.",
|
| + "Corresponds to \"cloudaudit.googleapis.com/activity\"",
|
| + "Corresponds to \"cloudaudit.googleapis.com/data_access\""
|
| ],
|
| "type": "string"
|
| }
|
| },
|
| "type": "object"
|
| },
|
| - "Rule": {
|
| - "description": "A rule to be applied in a Policy.",
|
| - "id": "Rule",
|
| - "properties": {
|
| - "description": {
|
| - "description": "Human-readable description of the rule.",
|
| - "type": "string"
|
| - },
|
| - "conditions": {
|
| - "description": "Additional restrictions that must be met",
|
| - "items": {
|
| - "$ref": "Condition"
|
| - },
|
| - "type": "array"
|
| - },
|
| - "logConfig": {
|
| - "description": "The config returned to callers of tech.iam.IAM.CheckPolicy for any entries\nthat match the LOG action.",
|
| - "items": {
|
| - "$ref": "LogConfig"
|
| - },
|
| - "type": "array"
|
| - },
|
| - "in": {
|
| - "description": "If one or more 'in' clauses are specified, the rule matches if\nthe PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.",
|
| - "items": {
|
| - "type": "string"
|
| - },
|
| - "type": "array"
|
| - },
|
| - "permissions": {
|
| - "description": "A permission is a string of form '<service>.<resource type>.<verb>'\n(e.g., 'storage.buckets.list'). A value of '*' matches all permissions,\nand a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.",
|
| - "items": {
|
| - "type": "string"
|
| - },
|
| - "type": "array"
|
| - },
|
| - "action": {
|
| - "description": "Required",
|
| - "enum": [
|
| - "NO_ACTION",
|
| - "ALLOW",
|
| - "ALLOW_WITH_LOG",
|
| - "DENY",
|
| - "DENY_WITH_LOG",
|
| - "LOG"
|
| - ],
|
| - "enumDescriptions": [
|
| - "Default no action.",
|
| - "Matching 'Entries' grant access.",
|
| - "Matching 'Entries' grant access and the caller promises to log\nthe request per the returned log_configs.",
|
| - "Matching 'Entries' deny access.",
|
| - "Matching 'Entries' deny access and the caller promises to log\nthe request per the returned log_configs.",
|
| - "Matching 'Entries' tell IAM.Check callers to generate logs."
|
| - ],
|
| - "type": "string"
|
| - },
|
| - "notIn": {
|
| - "description": "If one or more 'not_in' clauses are specified, the rule matches\nif the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.\nThe format for in and not_in entries is the same as for members in a\nBinding (see google/iam/v1/policy.proto).",
|
| - "items": {
|
| - "type": "string"
|
| - },
|
| - "type": "array"
|
| - }
|
| - },
|
| - "type": "object"
|
| - },
|
| - "LogConfig": {
|
| - "description": "Specifies what kind of log the caller must write",
|
| - "id": "LogConfig",
|
| - "properties": {
|
| - "cloudAudit": {
|
| - "$ref": "CloudAuditOptions",
|
| - "description": "Cloud audit options."
|
| - },
|
| - "counter": {
|
| - "$ref": "CounterOptions",
|
| - "description": "Counter options."
|
| - },
|
| - "dataAccess": {
|
| - "$ref": "DataAccessOptions",
|
| - "description": "Data access options."
|
| - }
|
| - },
|
| - "type": "object"
|
| - },
|
| - "TestIamPermissionsRequest": {
|
| - "description": "Request message for `TestIamPermissions` method.",
|
| - "id": "TestIamPermissionsRequest",
|
| - "properties": {
|
| - "permissions": {
|
| - "description": "The set of permissions to check for the `resource`. Permissions with\nwildcards (such as '*' or 'storage.*') are not allowed. For more\ninformation see\n[IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).",
|
| - "items": {
|
| - "type": "string"
|
| - },
|
| - "type": "array"
|
| - }
|
| - },
|
| - "type": "object"
|
| - },
|
| - "Policy": {
|
| - "description": "Defines an Identity and Access Management (IAM) policy. It is used to\nspecify access control policies for Cloud Platform resources.\n\n\nA `Policy` consists of a list of `bindings`. A `Binding` binds a list of\n`members` to a `role`, where the members can be user accounts, Google groups,\nGoogle domains, and service accounts. A `role` is a named list of permissions\ndefined by IAM.\n\n**Example**\n\n {\n \"bindings\": [\n {\n \"role\": \"roles/owner\",\n \"members\": [\n \"user:mike@example.com\",\n \"group:admins@example.com\",\n \"domain:google.com\",\n \"serviceAccount:my-other-app@appspot.gserviceaccount.com\",\n ]\n },\n {\n \"role\": \"roles/viewer\",\n \"members\": [\"user:sean@example.com\"]\n }\n ]\n }\n\nFor a description of IAM and its features, see the\n[IAM developer's guide](https://cloud.google.com/iam).",
|
| - "id": "Policy",
|
| - "properties": {
|
| - "version": {
|
| - "description": "Version of the `Policy`. The default version is 0.",
|
| - "format": "int32",
|
| - "type": "integer"
|
| - },
|
| - "auditConfigs": {
|
| - "description": "Specifies cloud audit logging configuration for this policy.",
|
| - "items": {
|
| - "$ref": "AuditConfig"
|
| - },
|
| - "type": "array"
|
| - },
|
| - "bindings": {
|
| - "description": "Associates a list of `members` to a `role`.\nMultiple `bindings` must not be specified for the same `role`.\n`bindings` with no members will result in an error.",
|
| - "items": {
|
| - "$ref": "Binding"
|
| - },
|
| - "type": "array"
|
| - },
|
| - "etag": {
|
| - "description": "`etag` is used for optimistic concurrency control as a way to help\nprevent simultaneous updates of a policy from overwriting each other.\nIt is strongly suggested that systems make use of the `etag` in the\nread-modify-write cycle to perform policy updates in order to avoid race\nconditions: An `etag` is returned in the response to `getIamPolicy`, and\nsystems are expected to put that etag in the request to `setIamPolicy` to\nensure that their change will be applied to the same version of the policy.\n\nIf no `etag` is provided in the call to `setIamPolicy`, then the existing\npolicy is overwritten blindly.",
|
| - "format": "byte",
|
| - "type": "string"
|
| - },
|
| - "iamOwned": {
|
| - "type": "boolean"
|
| - },
|
| - "rules": {
|
| - "description": "If more than one rule is specified, the rules are applied in the following\nmanner:\n- All matching LOG rules are always applied.\n- If any DENY/DENY_WITH_LOG rule matches, permission is denied.\n Logging will be applied if one or more matching rule requires logging.\n- Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is\n granted.\n Logging will be applied if one or more matching rule requires logging.\n- Otherwise, if no rule applies, permission is denied.",
|
| - "items": {
|
| - "$ref": "Rule"
|
| - },
|
| - "type": "array"
|
| - }
|
| - },
|
| - "type": "object"
|
| - },
|
| - "DataAccessOptions": {
|
| - "description": "Write a Data Access (Gin) log",
|
| - "id": "DataAccessOptions",
|
| - "properties": {},
|
| - "type": "object"
|
| - },
|
| - "AuditConfig": {
|
| - "description": "Specifies the audit configuration for a service.\nThe configuration determines which permission types are logged, and what\nidentities, if any, are exempted from logging.\nAn AuditConfig must have one or more AuditLogConfigs.\n\nIf there are AuditConfigs for both `allServices` and a specific service,\nthe union of the two AuditConfigs is used for that service: the log_types\nspecified in each AuditConfig are enabled, and the exempted_members in each\nAuditConfig are exempted.\n\nExample Policy with multiple AuditConfigs:\n\n {\n \"audit_configs\": [\n {\n \"service\": \"allServices\"\n \"audit_log_configs\": [\n {\n \"log_type\": \"DATA_READ\",\n \"exempted_members\": [\n \"user:foo@gmail.com\"\n ]\n },\n {\n \"log_type\": \"DATA_WRITE\",\n },\n {\n \"log_type\": \"ADMIN_READ\",\n }\n ]\n },\n {\n \"service\": \"fooservice.googleapis.com\"\n \"audit_log_configs\": [\n {\n \"log_type\": \"DATA_READ\",\n },\n {\n \"log_type\": \"DATA_WRITE\",\n \"exempted_members\": [\n \"user:bar@gmail.com\"\n ]\n }\n ]\n }\n ]\n }\n\nFor fooservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ\nlogging. It also exempts foo@gmail.com from DATA_READ logging, and\nbar@gmail.com from DATA_WRITE logging.",
|
| - "id": "AuditConfig",
|
| - "properties": {
|
| - "auditLogConfigs": {
|
| - "description": "The configuration for logging of each type of permission.\nNext ID: 4",
|
| - "items": {
|
| - "$ref": "AuditLogConfig"
|
| - },
|
| - "type": "array"
|
| - },
|
| - "exemptedMembers": {
|
| - "items": {
|
| - "type": "string"
|
| - },
|
| - "type": "array"
|
| - },
|
| - "service": {
|
| - "description": "Specifies a service that will be enabled for audit logging.\nFor example, `storage.googleapis.com`, `cloudsql.googleapis.com`.\n`allServices` is a special value that covers all services.",
|
| - "type": "string"
|
| - }
|
| - },
|
| - "type": "object"
|
| - },
|
| - "SetIamPolicyRequest": {
|
| - "description": "Request message for `SetIamPolicy` method.",
|
| - "id": "SetIamPolicyRequest",
|
| - "properties": {
|
| - "updateMask": {
|
| - "description": "OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only\nthe fields in the mask will be modified. If no mask is provided, the\nfollowing default mask is used:\npaths: \"bindings, etag\"\nThis field is only used by Cloud IAM.",
|
| - "format": "google-fieldmask",
|
| - "type": "string"
|
| - },
|
| - "policy": {
|
| - "$ref": "Policy",
|
| - "description": "REQUIRED: The complete policy to be applied to the `resource`. The size of\nthe policy is limited to a few 10s of KB. An empty policy is a\nvalid policy but certain Cloud Platform services (such as Projects)\nmight reject them."
|
| - }
|
| - },
|
| - "type": "object"
|
| - },
|
| - "CloudAuditOptions": {
|
| - "description": "Write a Cloud Audit log",
|
| - "id": "CloudAuditOptions",
|
| - "properties": {
|
| - "logName": {
|
| - "description": "The log_name to populate in the Cloud Audit Record.",
|
| - "enum": [
|
| - "UNSPECIFIED_LOG_NAME",
|
| - "ADMIN_ACTIVITY",
|
| - "DATA_ACCESS"
|
| - ],
|
| - "enumDescriptions": [
|
| - "Default. Should not be used.",
|
| - "Corresponds to \"cloudaudit.googleapis.com/activity\"",
|
| - "Corresponds to \"cloudaudit.googleapis.com/data_access\""
|
| - ],
|
| - "type": "string"
|
| - }
|
| - },
|
| - "type": "object"
|
| - },
|
| - "Binding": {
|
| - "description": "Associates `members` with a `role`.",
|
| - "id": "Binding",
|
| + "Binding": {
|
| + "description": "Associates `members` with a `role`.",
|
| + "id": "Binding",
|
| "properties": {
|
| "members": {
|
| "description": "Specifies the identities requesting access for a Cloud Platform resource.\n`members` can have the following values:\n\n* `allUsers`: A special identifier that represents anyone who is\n on the internet; with or without a Google account.\n\n* `allAuthenticatedUsers`: A special identifier that represents anyone\n who is authenticated with a Google account or a service account.\n\n* `user:{emailid}`: An email address that represents a specific Google\n account. For example, `alice@gmail.com` or `joe@example.com`.\n\n\n* `serviceAccount:{emailid}`: An email address that represents a service\n account. For example, `my-other-app@appspot.gserviceaccount.com`.\n\n* `group:{emailid}`: An email address that represents a Google group.\n For example, `admins@example.com`.\n\n\n* `domain:{domain}`: A Google Apps domain name that represents all the\n users of that domain. For example, `google.com` or `example.com`.\n\n",
|
| @@ -589,10 +419,20 @@
|
| },
|
| "type": "object"
|
| },
|
| + "Empty": {
|
| + "description": "A generic empty message that you can re-use to avoid defining duplicated\nempty messages in your APIs. A typical example is to use it as the request\nor the response type of an API method. For instance:\n\n service Foo {\n rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty);\n }\n\nThe JSON representation for `Empty` is empty JSON object `{}`.",
|
| + "id": "Empty",
|
| + "properties": {},
|
| + "type": "object"
|
| + },
|
| "MirrorConfig": {
|
| "description": "Configuration to automatically mirror a repository from another\nhosting service, for example GitHub or BitBucket.",
|
| "id": "MirrorConfig",
|
| "properties": {
|
| + "deployKeyId": {
|
| + "description": "ID of the SSH deploy key at the other hosting service.\nRemoving this key from the other service would deauthorize\nGoogle Cloud Source Repositories from mirroring.",
|
| + "type": "string"
|
| + },
|
| "url": {
|
| "description": "URL of the main repository at the other hosting service.",
|
| "type": "string"
|
| @@ -600,32 +440,14 @@
|
| "webhookId": {
|
| "description": "ID of the webhook listening to updates to trigger mirroring.\nRemoving this webook from the other hosting service will stop\nGoogle Cloud Source Repositories from receiving notifications,\nand thereby disabling mirroring.",
|
| "type": "string"
|
| - },
|
| - "deployKeyId": {
|
| - "description": "ID of the SSH deploy key at the other hosting service.\nRemoving this key from the other service would deauthorize\nGoogle Cloud Source Repositories from mirroring.",
|
| - "type": "string"
|
| }
|
| },
|
| "type": "object"
|
| },
|
| - "Empty": {
|
| - "description": "A generic empty message that you can re-use to avoid defining duplicated\nempty messages in your APIs. A typical example is to use it as the request\nor the response type of an API method. For instance:\n\n service Foo {\n rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty);\n }\n\nThe JSON representation for `Empty` is empty JSON object `{}`.",
|
| - "id": "Empty",
|
| - "properties": {},
|
| - "type": "object"
|
| - },
|
| "Repo": {
|
| "description": "A repository (or repo) is a Git repository storing versioned source content.",
|
| "id": "Repo",
|
| "properties": {
|
| - "name": {
|
| - "description": "Resource name of the repository, of the form\n`projects/<project>/repos/<repo>`. The repo name may contain slashes.\neg, `projects/myproject/repos/name/with/slash`",
|
| - "type": "string"
|
| - },
|
| - "mirrorConfig": {
|
| - "$ref": "MirrorConfig",
|
| - "description": "How this repository mirrors a repository managed by another service."
|
| - },
|
| "url": {
|
| "description": "URL to clone the repository from Google Cloud Source Repositories.",
|
| "type": "string"
|
| @@ -634,6 +456,28 @@
|
| "description": "The disk usage of the repo, in bytes.\nOnly returned by GetRepo.",
|
| "format": "int64",
|
| "type": "string"
|
| + },
|
| + "name": {
|
| + "description": "Resource name of the repository, of the form\n`projects/<project>/repos/<repo>`. The repo name may contain slashes.\neg, `projects/myproject/repos/name/with/slash`",
|
| + "type": "string"
|
| + },
|
| + "mirrorConfig": {
|
| + "$ref": "MirrorConfig",
|
| + "description": "How this repository mirrors a repository managed by another service."
|
| + }
|
| + },
|
| + "type": "object"
|
| + },
|
| + "TestIamPermissionsResponse": {
|
| + "description": "Response message for `TestIamPermissions` method.",
|
| + "id": "TestIamPermissionsResponse",
|
| + "properties": {
|
| + "permissions": {
|
| + "description": "A subset of `TestPermissionsRequest.permissions` that the caller is\nallowed.",
|
| + "items": {
|
| + "type": "string"
|
| + },
|
| + "type": "array"
|
| }
|
| },
|
| "type": "object"
|
| @@ -660,6 +504,39 @@
|
| "description": "A condition to be met.",
|
| "id": "Condition",
|
| "properties": {
|
| + "svc": {
|
| + "description": "Trusted attributes discharged by the service.",
|
| + "type": "string"
|
| + },
|
| + "value": {
|
| + "description": "DEPRECATED. Use 'values' instead.",
|
| + "type": "string"
|
| + },
|
| + "sys": {
|
| + "description": "Trusted attributes supplied by any service that owns resources and uses\nthe IAM system for access control.",
|
| + "enum": [
|
| + "NO_ATTR",
|
| + "REGION",
|
| + "SERVICE",
|
| + "NAME",
|
| + "IP"
|
| + ],
|
| + "enumDescriptions": [
|
| + "Default non-attribute type",
|
| + "Region of the resource",
|
| + "Service name",
|
| + "Resource name",
|
| + "IP address of the caller"
|
| + ],
|
| + "type": "string"
|
| + },
|
| + "values": {
|
| + "description": "The objects of the condition. This is mutually exclusive with 'value'.",
|
| + "items": {
|
| + "type": "string"
|
| + },
|
| + "type": "array"
|
| + },
|
| "iam": {
|
| "description": "Trusted attributes supplied by the IAM system.",
|
| "enum": [
|
| @@ -678,13 +555,6 @@
|
| ],
|
| "type": "string"
|
| },
|
| - "values": {
|
| - "description": "The objects of the condition. This is mutually exclusive with 'value'.",
|
| - "items": {
|
| - "type": "string"
|
| - },
|
| - "type": "array"
|
| - },
|
| "op": {
|
| "description": "An operator to apply the subject with.",
|
| "enum": [
|
| @@ -704,42 +574,146 @@
|
| "Subject is discharged"
|
| ],
|
| "type": "string"
|
| + }
|
| + },
|
| + "type": "object"
|
| + },
|
| + "CounterOptions": {
|
| + "description": "Options for counters",
|
| + "id": "CounterOptions",
|
| + "properties": {
|
| + "field": {
|
| + "description": "The field value to attribute.",
|
| + "type": "string"
|
| },
|
| - "svc": {
|
| - "description": "Trusted attributes discharged by the service.",
|
| + "metric": {
|
| + "description": "The metric to update.",
|
| "type": "string"
|
| + }
|
| + },
|
| + "type": "object"
|
| + },
|
| + "AuditLogConfig": {
|
| + "description": "Provides the configuration for logging a type of permissions.\nExample:\n\n {\n \"audit_log_configs\": [\n {\n \"log_type\": \"DATA_READ\",\n \"exempted_members\": [\n \"user:foo@gmail.com\"\n ]\n },\n {\n \"log_type\": \"DATA_WRITE\",\n }\n ]\n }\n\nThis enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting\nfoo@gmail.com from DATA_READ logging.",
|
| + "id": "AuditLogConfig",
|
| + "properties": {
|
| + "exemptedMembers": {
|
| + "description": "Specifies the identities that do not cause logging for this type of\npermission.\nFollows the same format of Binding.members.",
|
| + "items": {
|
| + "type": "string"
|
| + },
|
| + "type": "array"
|
| },
|
| - "sys": {
|
| - "description": "Trusted attributes supplied by any service that owns resources and uses\nthe IAM system for access control.",
|
| + "logType": {
|
| + "description": "The log type that this config enables.",
|
| "enum": [
|
| - "NO_ATTR",
|
| - "REGION",
|
| - "SERVICE",
|
| - "NAME",
|
| - "IP"
|
| + "LOG_TYPE_UNSPECIFIED",
|
| + "ADMIN_READ",
|
| + "DATA_WRITE",
|
| + "DATA_READ"
|
| ],
|
| "enumDescriptions": [
|
| - "Default non-attribute type",
|
| - "Region of the resource",
|
| - "Service name",
|
| - "Resource name",
|
| - "IP address of the caller"
|
| + "Default case. Should never be this.",
|
| + "Admin reads. Example: CloudIAM getIamPolicy",
|
| + "Data writes. Example: CloudSQL Users create",
|
| + "Data reads. Example: CloudSQL Users list"
|
| ],
|
| "type": "string"
|
| + }
|
| + },
|
| + "type": "object"
|
| + },
|
| + "Rule": {
|
| + "description": "A rule to be applied in a Policy.",
|
| + "id": "Rule",
|
| + "properties": {
|
| + "logConfig": {
|
| + "description": "The config returned to callers of tech.iam.IAM.CheckPolicy for any entries\nthat match the LOG action.",
|
| + "items": {
|
| + "$ref": "LogConfig"
|
| + },
|
| + "type": "array"
|
| },
|
| - "value": {
|
| - "description": "DEPRECATED. Use 'values' instead.",
|
| + "in": {
|
| + "description": "If one or more 'in' clauses are specified, the rule matches if\nthe PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.",
|
| + "items": {
|
| + "type": "string"
|
| + },
|
| + "type": "array"
|
| + },
|
| + "permissions": {
|
| + "description": "A permission is a string of form '<service>.<resource type>.<verb>'\n(e.g., 'storage.buckets.list'). A value of '*' matches all permissions,\nand a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.",
|
| + "items": {
|
| + "type": "string"
|
| + },
|
| + "type": "array"
|
| + },
|
| + "action": {
|
| + "description": "Required",
|
| + "enum": [
|
| + "NO_ACTION",
|
| + "ALLOW",
|
| + "ALLOW_WITH_LOG",
|
| + "DENY",
|
| + "DENY_WITH_LOG",
|
| + "LOG"
|
| + ],
|
| + "enumDescriptions": [
|
| + "Default no action.",
|
| + "Matching 'Entries' grant access.",
|
| + "Matching 'Entries' grant access and the caller promises to log\nthe request per the returned log_configs.",
|
| + "Matching 'Entries' deny access.",
|
| + "Matching 'Entries' deny access and the caller promises to log\nthe request per the returned log_configs.",
|
| + "Matching 'Entries' tell IAM.Check callers to generate logs."
|
| + ],
|
| "type": "string"
|
| + },
|
| + "notIn": {
|
| + "description": "If one or more 'not_in' clauses are specified, the rule matches\nif the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.\nThe format for in and not_in entries is the same as for members in a\nBinding (see google/iam/v1/policy.proto).",
|
| + "items": {
|
| + "type": "string"
|
| + },
|
| + "type": "array"
|
| + },
|
| + "description": {
|
| + "description": "Human-readable description of the rule.",
|
| + "type": "string"
|
| + },
|
| + "conditions": {
|
| + "description": "Additional restrictions that must be met",
|
| + "items": {
|
| + "$ref": "Condition"
|
| + },
|
| + "type": "array"
|
| }
|
| },
|
| "type": "object"
|
| },
|
| - "TestIamPermissionsResponse": {
|
| - "description": "Response message for `TestIamPermissions` method.",
|
| - "id": "TestIamPermissionsResponse",
|
| + "LogConfig": {
|
| + "description": "Specifies what kind of log the caller must write",
|
| + "id": "LogConfig",
|
| + "properties": {
|
| + "counter": {
|
| + "$ref": "CounterOptions",
|
| + "description": "Counter options."
|
| + },
|
| + "dataAccess": {
|
| + "$ref": "DataAccessOptions",
|
| + "description": "Data access options."
|
| + },
|
| + "cloudAudit": {
|
| + "$ref": "CloudAuditOptions",
|
| + "description": "Cloud audit options."
|
| + }
|
| + },
|
| + "type": "object"
|
| + },
|
| + "TestIamPermissionsRequest": {
|
| + "description": "Request message for `TestIamPermissions` method.",
|
| + "id": "TestIamPermissionsRequest",
|
| "properties": {
|
| "permissions": {
|
| - "description": "A subset of `TestPermissionsRequest.permissions` that the caller is\nallowed.",
|
| + "description": "The set of permissions to check for the `resource`. Permissions with\nwildcards (such as '*' or 'storage.*') are not allowed. For more\ninformation see\n[IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).",
|
| "items": {
|
| "type": "string"
|
| },
|
| @@ -748,16 +722,42 @@
|
| },
|
| "type": "object"
|
| },
|
| - "CounterOptions": {
|
| - "description": "Options for counters",
|
| - "id": "CounterOptions",
|
| + "Policy": {
|
| + "description": "Defines an Identity and Access Management (IAM) policy. It is used to\nspecify access control policies for Cloud Platform resources.\n\n\nA `Policy` consists of a list of `bindings`. A `Binding` binds a list of\n`members` to a `role`, where the members can be user accounts, Google groups,\nGoogle domains, and service accounts. A `role` is a named list of permissions\ndefined by IAM.\n\n**Example**\n\n {\n \"bindings\": [\n {\n \"role\": \"roles/owner\",\n \"members\": [\n \"user:mike@example.com\",\n \"group:admins@example.com\",\n \"domain:google.com\",\n \"serviceAccount:my-other-app@appspot.gserviceaccount.com\",\n ]\n },\n {\n \"role\": \"roles/viewer\",\n \"members\": [\"user:sean@example.com\"]\n }\n ]\n }\n\nFor a description of IAM and its features, see the\n[IAM developer's guide](https://cloud.google.com/iam).",
|
| + "id": "Policy",
|
| "properties": {
|
| - "metric": {
|
| - "description": "The metric to update.",
|
| - "type": "string"
|
| + "iamOwned": {
|
| + "type": "boolean"
|
| },
|
| - "field": {
|
| - "description": "The field value to attribute.",
|
| + "rules": {
|
| + "description": "If more than one rule is specified, the rules are applied in the following\nmanner:\n- All matching LOG rules are always applied.\n- If any DENY/DENY_WITH_LOG rule matches, permission is denied.\n Logging will be applied if one or more matching rule requires logging.\n- Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is\n granted.\n Logging will be applied if one or more matching rule requires logging.\n- Otherwise, if no rule applies, permission is denied.",
|
| + "items": {
|
| + "$ref": "Rule"
|
| + },
|
| + "type": "array"
|
| + },
|
| + "version": {
|
| + "description": "Version of the `Policy`. The default version is 0.",
|
| + "format": "int32",
|
| + "type": "integer"
|
| + },
|
| + "auditConfigs": {
|
| + "description": "Specifies cloud audit logging configuration for this policy.",
|
| + "items": {
|
| + "$ref": "AuditConfig"
|
| + },
|
| + "type": "array"
|
| + },
|
| + "bindings": {
|
| + "description": "Associates a list of `members` to a `role`.\nMultiple `bindings` must not be specified for the same `role`.\n`bindings` with no members will result in an error.",
|
| + "items": {
|
| + "$ref": "Binding"
|
| + },
|
| + "type": "array"
|
| + },
|
| + "etag": {
|
| + "description": "`etag` is used for optimistic concurrency control as a way to help\nprevent simultaneous updates of a policy from overwriting each other.\nIt is strongly suggested that systems make use of the `etag` in the\nread-modify-write cycle to perform policy updates in order to avoid race\nconditions: An `etag` is returned in the response to `getIamPolicy`, and\nsystems are expected to put that etag in the request to `setIamPolicy` to\nensure that their change will be applied to the same version of the policy.\n\nIf no `etag` is provided in the call to `setIamPolicy`, then the existing\npolicy is overwritten blindly.",
|
| + "format": "byte",
|
| "type": "string"
|
| }
|
| },
|
|
|
Chromium Code Reviews
Issue 2973303002:
Api-Roll 51: 2017-07-10 (Closed)
