Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(86)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: discovery/googleapis/cloudresourcemanager__v1.json

Issue 3003493002: Api-Roll 53: 2017-08-21 (Closed)
Patch Set: Created 3 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « discovery/googleapis/cloudkms__v1.json ('k') | discovery/googleapis/cloudresourcemanager__v2beta1.json » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 { 1 {
2 "auth": { 2 "auth": {
3 "oauth2": { 3 "oauth2": {
4 "scopes": { 4 "scopes": {
5 "https://www.googleapis.com/auth/cloud-platform.read-only": { 5 "https://www.googleapis.com/auth/cloud-platform.read-only": {
6 "description": "View your data across Google Cloud Platform services" 6 "description": "View your data across Google Cloud Platform services"
7 }, 7 },
8 "https://www.googleapis.com/auth/cloud-platform": { 8 "https://www.googleapis.com/auth/cloud-platform": {
9 "description": "View and manage your data across Google Clou d Platform services" 9 "description": "View and manage your data across Google Clou d Platform services"
10 } 10 }
(...skipping 10 matching lines...) Expand all
21 "icons": { 21 "icons": {
22 "x16": "http://www.google.com/images/icons/product/search-16.gif", 22 "x16": "http://www.google.com/images/icons/product/search-16.gif",
23 "x32": "http://www.google.com/images/icons/product/search-32.gif" 23 "x32": "http://www.google.com/images/icons/product/search-32.gif"
24 }, 24 },
25 "id": "cloudresourcemanager:v1", 25 "id": "cloudresourcemanager:v1",
26 "kind": "discovery#restDescription", 26 "kind": "discovery#restDescription",
27 "name": "cloudresourcemanager", 27 "name": "cloudresourcemanager",
28 "ownerDomain": "google.com", 28 "ownerDomain": "google.com",
29 "ownerName": "Google", 29 "ownerName": "Google",
30 "parameters": { 30 "parameters": {
31 "access_token": {
32 "description": "OAuth access token.",
33 "location": "query",
34 "type": "string"
35 },
31 "key": { 36 "key": {
32 "description": "API key. Your API key identifies your project and pr ovides you with API access, quota, and reports. Required unless you provide an O Auth 2.0 token.", 37 "description": "API key. Your API key identifies your project and pr ovides you with API access, quota, and reports. Required unless you provide an O Auth 2.0 token.",
33 "location": "query", 38 "location": "query",
34 "type": "string" 39 "type": "string"
35 }, 40 },
36 "access_token": {
37 "description": "OAuth access token.",
38 "location": "query",
39 "type": "string"
40 },
41 "quotaUser": { 41 "quotaUser": {
42 "description": "Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exc eed 40 characters.", 42 "description": "Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exc eed 40 characters.",
43 "location": "query", 43 "location": "query",
44 "type": "string" 44 "type": "string"
45 }, 45 },
46 "pp": { 46 "pp": {
47 "default": "true", 47 "default": "true",
48 "description": "Pretty-print response.", 48 "description": "Pretty-print response.",
49 "location": "query", 49 "location": "query",
50 "type": "boolean" 50 "type": "boolean"
51 }, 51 },
52 "oauth_token": {
53 "description": "OAuth 2.0 token for the current user.",
54 "location": "query",
55 "type": "string"
56 },
52 "bearer_token": { 57 "bearer_token": {
53 "description": "OAuth bearer token.", 58 "description": "OAuth bearer token.",
54 "location": "query", 59 "location": "query",
55 "type": "string" 60 "type": "string"
56 }, 61 },
57 "oauth_token": {
58 "description": "OAuth 2.0 token for the current user.",
59 "location": "query",
60 "type": "string"
61 },
62 "upload_protocol": { 62 "upload_protocol": {
63 "description": "Upload protocol for media (e.g. \"raw\", \"multipart \").", 63 "description": "Upload protocol for media (e.g. \"raw\", \"multipart \").",
64 "location": "query", 64 "location": "query",
65 "type": "string" 65 "type": "string"
66 }, 66 },
67 "prettyPrint": { 67 "prettyPrint": {
68 "default": "true", 68 "default": "true",
69 "description": "Returns response with indentations and line breaks." , 69 "description": "Returns response with indentations and line breaks." ,
70 "location": "query", 70 "location": "query",
71 "type": "boolean" 71 "type": "boolean"
72 }, 72 },
73 "uploadType": {
74 "description": "Legacy upload protocol for media (e.g. \"media\", \" multipart\").",
75 "location": "query",
76 "type": "string"
77 },
73 "fields": { 78 "fields": {
74 "description": "Selector specifying which fields to include in a par tial response.", 79 "description": "Selector specifying which fields to include in a par tial response.",
75 "location": "query", 80 "location": "query",
76 "type": "string" 81 "type": "string"
77 }, 82 },
78 "uploadType": { 83 "callback": {
79 "description": "Legacy upload protocol for media (e.g. \"media\", \" multipart\").", 84 "description": "JSONP",
80 "location": "query", 85 "location": "query",
81 "type": "string" 86 "type": "string"
82 }, 87 },
83 "$.xgafv": { 88 "$.xgafv": {
84 "description": "V1 error format.", 89 "description": "V1 error format.",
85 "enum": [ 90 "enum": [
86 "1", 91 "1",
87 "2" 92 "2"
88 ], 93 ],
89 "enumDescriptions": [ 94 "enumDescriptions": [
90 "v1 error format", 95 "v1 error format",
91 "v2 error format" 96 "v2 error format"
92 ], 97 ],
93 "location": "query", 98 "location": "query",
94 "type": "string" 99 "type": "string"
95 }, 100 },
96 "callback": {
97 "description": "JSONP",
98 "location": "query",
99 "type": "string"
100 },
101 "alt": { 101 "alt": {
102 "default": "json", 102 "default": "json",
103 "description": "Data format for response.", 103 "description": "Data format for response.",
104 "enum": [ 104 "enum": [
105 "json", 105 "json",
106 "media", 106 "media",
107 "proto" 107 "proto"
108 ], 108 ],
109 "enumDescriptions": [ 109 "enumDescriptions": [
110 "Responses with Content-Type of application/json", 110 "Responses with Content-Type of application/json",
111 "Media download with context-dependent Content-Type", 111 "Media download with context-dependent Content-Type",
112 "Responses with Content-Type of application/x-protobuf" 112 "Responses with Content-Type of application/x-protobuf"
113 ], 113 ],
114 "location": "query", 114 "location": "query",
115 "type": "string" 115 "type": "string"
116 } 116 }
117 }, 117 },
118 "protocol": "rest", 118 "protocol": "rest",
119 "resources": { 119 "resources": {
120 "organizations": { 120 "projects": {
121 "methods": { 121 "methods": {
122 "get": {
123 "description": "Retrieves the Project identified by the spec ified\n`project_id` (for example, `my-project-123`).\n\nThe caller must have rea d permissions for this Project.",
124 "httpMethod": "GET",
125 "id": "cloudresourcemanager.projects.get",
126 "parameterOrder": [
127 "projectId"
128 ],
129 "parameters": {
130 "projectId": {
131 "description": "The Project ID (for example, `my-pro ject-123`).\n\nRequired.",
132 "location": "path",
133 "required": true,
134 "type": "string"
135 }
136 },
137 "path": "v1/projects/{projectId}",
138 "response": {
139 "$ref": "Project"
140 },
141 "scopes": [
142 "https://www.googleapis.com/auth/cloud-platform",
143 "https://www.googleapis.com/auth/cloud-platform.read-onl y"
144 ]
145 },
146 "getAncestry": {
147 "description": "Gets a list of ancestors in the resource hie rarchy for the Project\nidentified by the specified `project_id` (for example, ` my-project-123`).\n\nThe caller must have read permissions for this Project.",
148 "httpMethod": "POST",
149 "id": "cloudresourcemanager.projects.getAncestry",
150 "parameterOrder": [
151 "projectId"
152 ],
153 "parameters": {
154 "projectId": {
155 "description": "The Project ID (for example, `my-pro ject-123`).\n\nRequired.",
156 "location": "path",
157 "required": true,
158 "type": "string"
159 }
160 },
161 "path": "v1/projects/{projectId}:getAncestry",
162 "request": {
163 "$ref": "GetAncestryRequest"
164 },
165 "response": {
166 "$ref": "GetAncestryResponse"
167 },
168 "scopes": [
169 "https://www.googleapis.com/auth/cloud-platform",
170 "https://www.googleapis.com/auth/cloud-platform.read-onl y"
171 ]
172 },
173 "testIamPermissions": {
174 "description": "Returns permissions that a caller has on the specified Project.\n\nThere are no permissions required for making this API cal l.",
175 "httpMethod": "POST",
176 "id": "cloudresourcemanager.projects.testIamPermissions",
177 "parameterOrder": [
178 "resource"
179 ],
180 "parameters": {
181 "resource": {
182 "description": "REQUIRED: The resource for which the policy detail is being requested.\nSee the operation documentation for the appr opriate value for this field.",
183 "location": "path",
184 "required": true,
185 "type": "string"
186 }
187 },
188 "path": "v1/projects/{resource}:testIamPermissions",
189 "request": {
190 "$ref": "TestIamPermissionsRequest"
191 },
192 "response": {
193 "$ref": "TestIamPermissionsResponse"
194 },
195 "scopes": [
196 "https://www.googleapis.com/auth/cloud-platform",
197 "https://www.googleapis.com/auth/cloud-platform.read-onl y"
198 ]
199 },
200 "delete": {
201 "description": "Marks the Project identified by the specifie d\n`project_id` (for example, `my-project-123`) for deletion.\nThis method will only affect the Project if the following criteria are met:\n\n+ The Project does not have a billing account associated with it.\n+ The Project has a lifecycle s tate of\nACTIVE.\n\nThis method changes the Project's lifecycle state from\nACTI VE\nto DELETE_REQUESTED.\nThe deletion starts at an unspecified time,\nat which point the Project is no longer accessible.\n\nUntil the deletion completes, you can check the lifecycle state\nchecked by retrieving the Project with GetProject ,\nand the Project remains visible to ListProjects.\nHowever, you cannot update the project.\n\nAfter the deletion completes, the Project is not retrievable by\ nthe GetProject and\nListProjects methods.\n\nThe caller must have modify permi ssions for this Project.",
202 "httpMethod": "DELETE",
203 "id": "cloudresourcemanager.projects.delete",
204 "parameterOrder": [
205 "projectId"
206 ],
207 "parameters": {
208 "projectId": {
209 "description": "The Project ID (for example, `foo-ba r-123`).\n\nRequired.",
210 "location": "path",
211 "required": true,
212 "type": "string"
213 }
214 },
215 "path": "v1/projects/{projectId}",
216 "response": {
217 "$ref": "Empty"
218 },
219 "scopes": [
220 "https://www.googleapis.com/auth/cloud-platform"
221 ]
222 },
122 "clearOrgPolicy": { 223 "clearOrgPolicy": {
123 "description": "Clears a `Policy` from a resource.", 224 "description": "Clears a `Policy` from a resource.",
124 "httpMethod": "POST", 225 "httpMethod": "POST",
125 "id": "cloudresourcemanager.organizations.clearOrgPolicy", 226 "id": "cloudresourcemanager.projects.clearOrgPolicy",
126 "parameterOrder": [ 227 "parameterOrder": [
127 "resource" 228 "resource"
128 ], 229 ],
129 "parameters": { 230 "parameters": {
130 "resource": { 231 "resource": {
131 "description": "Name of the resource for the `Policy ` to clear.", 232 "description": "Name of the resource for the `Policy ` to clear.",
132 "location": "path", 233 "location": "path",
133 "pattern": "^organizations/[^/]+$", 234 "pattern": "^projects/[^/]+$",
134 "required": true, 235 "required": true,
135 "type": "string" 236 "type": "string"
136 } 237 }
137 }, 238 },
138 "path": "v1/{+resource}:clearOrgPolicy", 239 "path": "v1/{+resource}:clearOrgPolicy",
139 "request": { 240 "request": {
140 "$ref": "ClearOrgPolicyRequest" 241 "$ref": "ClearOrgPolicyRequest"
141 }, 242 },
142 "response": { 243 "response": {
143 "$ref": "Empty" 244 "$ref": "Empty"
144 }, 245 },
145 "scopes": [ 246 "scopes": [
146 "https://www.googleapis.com/auth/cloud-platform" 247 "https://www.googleapis.com/auth/cloud-platform"
147 ] 248 ]
148 }, 249 },
149 "setOrgPolicy": { 250 "setIamPolicy": {
150 "description": "Updates the specified `Policy` on the resour ce. Creates a new `Policy` for\nthat `Constraint` on the resource if one does no t exist.\n\nNot supplying an `etag` on the request `Policy` results in an uncond itional\nwrite of the `Policy`.", 251 "description": "Sets the IAM access control policy for the s pecified Project. Replaces\nany existing policy.\n\nThe following constraints ap ply when using `setIamPolicy()`:\n\n+ Project does not support `allUsers` and `a llAuthenticatedUsers` as\n`members` in a `Binding` of a `Policy`.\n\n+ The owner role can be granted only to `user` and `serviceAccount`.\n\n+ Service accounts can be made owners of a project directly\nwithout any restrictions. However, to be added as an owner, a user must be\ninvited via Cloud Platform console and mus t accept the invitation.\n\n+ A user cannot be granted the owner role using `set IamPolicy()`. The user\nmust be granted the owner role using the Cloud Platform Console and must\nexplicitly accept the invitation.\n\n+ Invitations to grant th e owner role cannot be sent using\n`setIamPolicy()`;\nthey must be sent only usi ng the Cloud Platform Console.\n\n+ Membership changes that leave the project wi thout any owners that have\naccepted the Terms of Service (ToS) will be rejected .\n\n+ If the project is not part of an organization, there must be at least\non e owner who has accepted the Terms of Service (ToS) agreement in the\npolicy. Ca lling `setIamPolicy()` to remove the last ToS-accepted owner\nfrom the policy wi ll fail. This restriction also applies to legacy\nprojects that no longer have o wners who have accepted the ToS. Edits to\nIAM policies will be rejected until t he lack of a ToS-accepting owner is\nrectified.\n\n+ Calling this method require s enabling the App Engine Admin API.\n\nNote: Removing service accounts from pol icies or changing their roles\ncan render services completely inoperable. It is important to understand\nhow the service account is being used before removing o r updating its\nroles.\n\nAuthorization requires the Google IAM permission\n`res ourcemanager.projects.setIamPolicy` on the project",
151 "httpMethod": "POST", 252 "httpMethod": "POST",
152 "id": "cloudresourcemanager.organizations.setOrgPolicy", 253 "id": "cloudresourcemanager.projects.setIamPolicy",
153 "parameterOrder": [
154 "resource"
155 ],
156 "parameters": {
157 "resource": {
158 "description": "Resource name of the resource to att ach the `Policy`.",
159 "location": "path",
160 "pattern": "^organizations/[^/]+$",
161 "required": true,
162 "type": "string"
163 }
164 },
165 "path": "v1/{+resource}:setOrgPolicy",
166 "request": {
167 "$ref": "SetOrgPolicyRequest"
168 },
169 "response": {
170 "$ref": "OrgPolicy"
171 },
172 "scopes": [
173 "https://www.googleapis.com/auth/cloud-platform"
174 ]
175 },
176 "setIamPolicy": {
177 "description": "Sets the access control policy on an Organiz ation resource. Replaces any\nexisting policy. The `resource` field should be th e organization's resource\nname, e.g. \"organizations/123\".\n\nAuthorization re quires the Google IAM permission\n`resourcemanager.organizations.setIamPolicy` o n the specified organization",
178 "httpMethod": "POST",
179 "id": "cloudresourcemanager.organizations.setIamPolicy",
180 "parameterOrder": [ 254 "parameterOrder": [
181 "resource" 255 "resource"
182 ], 256 ],
183 "parameters": { 257 "parameters": {
184 "resource": { 258 "resource": {
185 "description": "REQUIRED: The resource for which the policy is being specified.\nSee the operation documentation for the appropriate value for this field.", 259 "description": "REQUIRED: The resource for which the policy is being specified.\nSee the operation documentation for the appropriate value for this field.",
186 "location": "path", 260 "location": "path",
187 "pattern": "^organizations/[^/]+$",
188 "required": true, 261 "required": true,
189 "type": "string" 262 "type": "string"
190 } 263 }
191 }, 264 },
192 "path": "v1/{+resource}:setIamPolicy", 265 "path": "v1/projects/{resource}:setIamPolicy",
193 "request": { 266 "request": {
194 "$ref": "SetIamPolicyRequest" 267 "$ref": "SetIamPolicyRequest"
195 }, 268 },
196 "response": { 269 "response": {
197 "$ref": "Policy" 270 "$ref": "Policy"
198 }, 271 },
199 "scopes": [ 272 "scopes": [
200 "https://www.googleapis.com/auth/cloud-platform" 273 "https://www.googleapis.com/auth/cloud-platform"
201 ] 274 ]
202 }, 275 },
203 "listAvailableOrgPolicyConstraints": { 276 "listAvailableOrgPolicyConstraints": {
204 "description": "Lists `Constraints` that could be applied on the specified resource.", 277 "description": "Lists `Constraints` that could be applied on the specified resource.",
205 "httpMethod": "POST", 278 "httpMethod": "POST",
206 "id": "cloudresourcemanager.organizations.listAvailableOrgPo licyConstraints", 279 "id": "cloudresourcemanager.projects.listAvailableOrgPolicyC onstraints",
207 "parameterOrder": [ 280 "parameterOrder": [
208 "resource" 281 "resource"
209 ], 282 ],
210 "parameters": { 283 "parameters": {
211 "resource": { 284 "resource": {
212 "description": "Name of the resource to list `Constr aints` for.", 285 "description": "Name of the resource to list `Constr aints` for.",
213 "location": "path", 286 "location": "path",
214 "pattern": "^organizations/[^/]+$", 287 "pattern": "^projects/[^/]+$",
215 "required": true, 288 "required": true,
216 "type": "string" 289 "type": "string"
217 } 290 }
218 }, 291 },
219 "path": "v1/{+resource}:listAvailableOrgPolicyConstraints", 292 "path": "v1/{+resource}:listAvailableOrgPolicyConstraints",
220 "request": { 293 "request": {
221 "$ref": "ListAvailableOrgPolicyConstraintsRequest" 294 "$ref": "ListAvailableOrgPolicyConstraintsRequest"
222 }, 295 },
223 "response": { 296 "response": {
224 "$ref": "ListAvailableOrgPolicyConstraintsResponse" 297 "$ref": "ListAvailableOrgPolicyConstraintsResponse"
225 }, 298 },
226 "scopes": [ 299 "scopes": [
227 "https://www.googleapis.com/auth/cloud-platform", 300 "https://www.googleapis.com/auth/cloud-platform",
228 "https://www.googleapis.com/auth/cloud-platform.read-onl y"
229 ]
230 },
231 "listOrgPolicies": {
232 "description": "Lists all the `Policies` set for a particula r resource.",
233 "httpMethod": "POST",
234 "id": "cloudresourcemanager.organizations.listOrgPolicies",
235 "parameterOrder": [
236 "resource"
237 ],
238 "parameters": {
239 "resource": {
240 "description": "Name of the resource to list Policie s for.",
241 "location": "path",
242 "pattern": "^organizations/[^/]+$",
243 "required": true,
244 "type": "string"
245 }
246 },
247 "path": "v1/{+resource}:listOrgPolicies",
248 "request": {
249 "$ref": "ListOrgPoliciesRequest"
250 },
251 "response": {
252 "$ref": "ListOrgPoliciesResponse"
253 },
254 "scopes": [
255 "https://www.googleapis.com/auth/cloud-platform",
256 "https://www.googleapis.com/auth/cloud-platform.read-onl y" 301 "https://www.googleapis.com/auth/cloud-platform.read-onl y"
257 ] 302 ]
258 }, 303 },
259 "getIamPolicy": { 304 "getIamPolicy": {
260 "description": "Gets the access control policy for an Organi zation resource. May be empty\nif no such policy or resource exists. The `resour ce` field should be the\norganization's resource name, e.g. \"organizations/123\ ".\n\nAuthorization requires the Google IAM permission\n`resourcemanager.organiz ations.getIamPolicy` on the specified organization", 305 "description": "Returns the IAM access control policy for th e specified Project.\nPermission is denied if the policy or the resource does no t exist.\n\nAuthorization requires the Google IAM permission\n`resourcemanager.p rojects.getIamPolicy` on the project",
261 "httpMethod": "POST", 306 "httpMethod": "POST",
262 "id": "cloudresourcemanager.organizations.getIamPolicy", 307 "id": "cloudresourcemanager.projects.getIamPolicy",
263 "parameterOrder": [ 308 "parameterOrder": [
264 "resource" 309 "resource"
265 ], 310 ],
266 "parameters": { 311 "parameters": {
267 "resource": { 312 "resource": {
268 "description": "REQUIRED: The resource for which the policy is being requested.\nSee the operation documentation for the appropriate value for this field.", 313 "description": "REQUIRED: The resource for which the policy is being requested.\nSee the operation documentation for the appropriate value for this field.",
269 "location": "path", 314 "location": "path",
270 "pattern": "^organizations/[^/]+$",
271 "required": true, 315 "required": true,
272 "type": "string" 316 "type": "string"
273 } 317 }
274 }, 318 },
275 "path": "v1/{+resource}:getIamPolicy", 319 "path": "v1/projects/{resource}:getIamPolicy",
276 "request": { 320 "request": {
277 "$ref": "GetIamPolicyRequest" 321 "$ref": "GetIamPolicyRequest"
278 }, 322 },
279 "response": { 323 "response": {
280 "$ref": "Policy" 324 "$ref": "Policy"
281 }, 325 },
282 "scopes": [ 326 "scopes": [
283 "https://www.googleapis.com/auth/cloud-platform", 327 "https://www.googleapis.com/auth/cloud-platform",
284 "https://www.googleapis.com/auth/cloud-platform.read-onl y" 328 "https://www.googleapis.com/auth/cloud-platform.read-onl y"
285 ] 329 ]
286 }, 330 },
287 "search": {
288 "description": "Searches Organization resources that are vis ible to the user and satisfy\nthe specified filter. This method returns Organiza tions in an unspecified\norder. New Organizations do not necessarily appear at t he end of the\nresults.\n\nSearch will only return organizations on which the us er has the permission\n`resourcemanager.organizations.get`",
289 "httpMethod": "POST",
290 "id": "cloudresourcemanager.organizations.search",
291 "parameterOrder": [],
292 "parameters": {},
293 "path": "v1/organizations:search",
294 "request": {
295 "$ref": "SearchOrganizationsRequest"
296 },
297 "response": {
298 "$ref": "SearchOrganizationsResponse"
299 },
300 "scopes": [
301 "https://www.googleapis.com/auth/cloud-platform",
302 "https://www.googleapis.com/auth/cloud-platform.read-onl y"
303 ]
304 },
305 "getOrgPolicy": { 331 "getOrgPolicy": {
306 "description": "Gets a `Policy` on a resource.\n\nIf no `Pol icy` is set on the resource, a `Policy` is returned with default\nvalues includi ng `POLICY_TYPE_NOT_SET` for the `policy_type oneof`. The\n`etag` value can be u sed with `SetOrgPolicy()` to create or update a\n`Policy` during read-modify-wri te.", 332 "description": "Gets a `Policy` on a resource.\n\nIf no `Pol icy` is set on the resource, a `Policy` is returned with default\nvalues includi ng `POLICY_TYPE_NOT_SET` for the `policy_type oneof`. The\n`etag` value can be u sed with `SetOrgPolicy()` to create or update a\n`Policy` during read-modify-wri te.",
307 "httpMethod": "POST", 333 "httpMethod": "POST",
308 "id": "cloudresourcemanager.organizations.getOrgPolicy", 334 "id": "cloudresourcemanager.projects.getOrgPolicy",
309 "parameterOrder": [ 335 "parameterOrder": [
310 "resource" 336 "resource"
311 ], 337 ],
312 "parameters": { 338 "parameters": {
313 "resource": { 339 "resource": {
314 "description": "Name of the resource the `Policy` is set on.", 340 "description": "Name of the resource the `Policy` is set on.",
315 "location": "path", 341 "location": "path",
316 "pattern": "^organizations/[^/]+$", 342 "pattern": "^projects/[^/]+$",
317 "required": true, 343 "required": true,
318 "type": "string" 344 "type": "string"
319 } 345 }
320 }, 346 },
321 "path": "v1/{+resource}:getOrgPolicy", 347 "path": "v1/{+resource}:getOrgPolicy",
322 "request": { 348 "request": {
323 "$ref": "GetOrgPolicyRequest" 349 "$ref": "GetOrgPolicyRequest"
324 }, 350 },
325 "response": { 351 "response": {
326 "$ref": "OrgPolicy" 352 "$ref": "OrgPolicy"
327 }, 353 },
328 "scopes": [ 354 "scopes": [
329 "https://www.googleapis.com/auth/cloud-platform", 355 "https://www.googleapis.com/auth/cloud-platform",
330 "https://www.googleapis.com/auth/cloud-platform.read-onl y" 356 "https://www.googleapis.com/auth/cloud-platform.read-onl y"
331 ] 357 ]
332 }, 358 },
333 "get": { 359 "undelete": {
334 "description": "Fetches an Organization resource identified by the specified resource name.", 360 "description": "Restores the Project identified by the speci fied\n`project_id` (for example, `my-project-123`).\nYou can only use this metho d for a Project that has a lifecycle state of\nDELETE_REQUESTED.\nAfter deletion starts, the Project cannot be restored.\n\nThe caller must have modify permissi ons for this Project.",
335 "httpMethod": "GET", 361 "httpMethod": "POST",
336 "id": "cloudresourcemanager.organizations.get", 362 "id": "cloudresourcemanager.projects.undelete",
337 "parameterOrder": [ 363 "parameterOrder": [
338 "name" 364 "projectId"
339 ], 365 ],
340 "parameters": { 366 "parameters": {
341 "name": { 367 "projectId": {
342 "description": "The resource name of the Organizatio n to fetch, e.g. \"organizations/1234\".", 368 "description": "The project ID (for example, `foo-ba r-123`).\n\nRequired.",
343 "location": "path", 369 "location": "path",
344 "pattern": "^organizations/[^/]+$",
345 "required": true, 370 "required": true,
346 "type": "string" 371 "type": "string"
347 } 372 }
348 }, 373 },
349 "path": "v1/{+name}", 374 "path": "v1/projects/{projectId}:undelete",
375 "request": {
376 "$ref": "UndeleteProjectRequest"
377 },
350 "response": { 378 "response": {
351 "$ref": "Organization" 379 "$ref": "Empty"
352 }, 380 },
353 "scopes": [ 381 "scopes": [
354 "https://www.googleapis.com/auth/cloud-platform", 382 "https://www.googleapis.com/auth/cloud-platform"
355 "https://www.googleapis.com/auth/cloud-platform.read-onl y"
356 ] 383 ]
357 }, 384 },
358 "getEffectiveOrgPolicy": { 385 "getEffectiveOrgPolicy": {
359 "description": "Gets the effective `Policy` on a resource. T his is the result of merging\n`Policies` in the resource hierarchy. The returned `Policy` will not have\nan `etag`set because it is a computed `Policy` across m ultiple resources.", 386 "description": "Gets the effective `Policy` on a resource. T his is the result of merging\n`Policies` in the resource hierarchy. The returned `Policy` will not have\nan `etag`set because it is a computed `Policy` across m ultiple resources.",
360 "httpMethod": "POST", 387 "httpMethod": "POST",
361 "id": "cloudresourcemanager.organizations.getEffectiveOrgPol icy", 388 "id": "cloudresourcemanager.projects.getEffectiveOrgPolicy",
362 "parameterOrder": [ 389 "parameterOrder": [
363 "resource" 390 "resource"
364 ], 391 ],
365 "parameters": { 392 "parameters": {
366 "resource": { 393 "resource": {
367 "description": "The name of the resource to start co mputing the effective `Policy`.", 394 "description": "The name of the resource to start co mputing the effective `Policy`.",
368 "location": "path", 395 "location": "path",
369 "pattern": "^organizations/[^/]+$", 396 "pattern": "^projects/[^/]+$",
370 "required": true, 397 "required": true,
371 "type": "string" 398 "type": "string"
372 } 399 }
373 }, 400 },
374 "path": "v1/{+resource}:getEffectiveOrgPolicy", 401 "path": "v1/{+resource}:getEffectiveOrgPolicy",
375 "request": { 402 "request": {
376 "$ref": "GetEffectiveOrgPolicyRequest" 403 "$ref": "GetEffectiveOrgPolicyRequest"
377 }, 404 },
378 "response": { 405 "response": {
379 "$ref": "OrgPolicy" 406 "$ref": "OrgPolicy"
380 }, 407 },
381 "scopes": [ 408 "scopes": [
382 "https://www.googleapis.com/auth/cloud-platform", 409 "https://www.googleapis.com/auth/cloud-platform",
383 "https://www.googleapis.com/auth/cloud-platform.read-onl y" 410 "https://www.googleapis.com/auth/cloud-platform.read-onl y"
384 ] 411 ]
385 }, 412 },
386 "testIamPermissions": { 413 "update": {
387 "description": "Returns permissions that a caller has on the specified Organization.\nThe `resource` field should be the organization's reso urce name,\ne.g. \"organizations/123\".\n\nThere are no permissions required for making this API call.", 414 "description": "Updates the attributes of the Project identi fied by the specified\n`project_id` (for example, `my-project-123`).\n\nThe call er must have modify permissions for this Project.",
388 "httpMethod": "POST", 415 "httpMethod": "PUT",
389 "id": "cloudresourcemanager.organizations.testIamPermissions ", 416 "id": "cloudresourcemanager.projects.update",
390 "parameterOrder": [ 417 "parameterOrder": [
391 "resource" 418 "projectId"
392 ], 419 ],
393 "parameters": { 420 "parameters": {
394 "resource": { 421 "projectId": {
395 "description": "REQUIRED: The resource for which the policy detail is being requested.\nSee the operation documentation for the appr opriate value for this field.", 422 "description": "The project ID (for example, `my-pro ject-123`).\n\nRequired.",
396 "location": "path", 423 "location": "path",
397 "pattern": "^organizations/[^/]+$", 424 "required": true,
398 "required": true, 425 "type": "string"
399 "type": "string" 426 }
400 } 427 },
401 }, 428 "path": "v1/projects/{projectId}",
402 "path": "v1/{+resource}:testIamPermissions", 429 "request": {
403 "request": { 430 "$ref": "Project"
404 "$ref": "TestIamPermissionsRequest" 431 },
405 }, 432 "response": {
406 "response": { 433 "$ref": "Project"
407 "$ref": "TestIamPermissionsResponse" 434 },
408 }, 435 "scopes": [
409 "scopes": [ 436 "https://www.googleapis.com/auth/cloud-platform"
410 "https://www.googleapis.com/auth/cloud-platform", 437 ]
411 "https://www.googleapis.com/auth/cloud-platform.read-onl y" 438 },
412 ]
413 }
414 }
415 },
416 "operations": {
417 "methods": {
418 "get": {
419 "description": "Gets the latest state of a long-running oper ation. Clients can use this\nmethod to poll the operation result at intervals a s recommended by the API\nservice.",
420 "httpMethod": "GET",
421 "id": "cloudresourcemanager.operations.get",
422 "parameterOrder": [
423 "name"
424 ],
425 "parameters": {
426 "name": {
427 "description": "The name of the operation resource." ,
428 "location": "path",
429 "pattern": "^operations/.+$",
430 "required": true,
431 "type": "string"
432 }
433 },
434 "path": "v1/{+name}",
435 "response": {
436 "$ref": "Operation"
437 },
438 "scopes": [
439 "https://www.googleapis.com/auth/cloud-platform",
440 "https://www.googleapis.com/auth/cloud-platform.read-onl y"
441 ]
442 }
443 }
444 },
445 "liens": {
446 "methods": {
447 "delete": {
448 "description": "Delete a Lien by `name`.\n\nCallers of this method will require permission on the `parent` resource.\nFor example, a Lien wi th a `parent` of `projects/1234` requires permission\n`resourcemanager.projects. updateLiens`.",
449 "httpMethod": "DELETE",
450 "id": "cloudresourcemanager.liens.delete",
451 "parameterOrder": [
452 "name"
453 ],
454 "parameters": {
455 "name": {
456 "description": "The name/identifier of the Lien to d elete.",
457 "location": "path",
458 "pattern": "^liens/.+$",
459 "required": true,
460 "type": "string"
461 }
462 },
463 "path": "v1/{+name}",
464 "response": {
465 "$ref": "Empty"
466 },
467 "scopes": [
468 "https://www.googleapis.com/auth/cloud-platform",
469 "https://www.googleapis.com/auth/cloud-platform.read-onl y"
470 ]
471 },
472 "list": {
473 "description": "List all Liens applied to the `parent` resou rce.\n\nCallers of this method will require permission on the `parent` resource. \nFor example, a Lien with a `parent` of `projects/1234` requires permission\n`r esourcemanager.projects.get`.",
474 "httpMethod": "GET",
475 "id": "cloudresourcemanager.liens.list",
476 "parameterOrder": [],
477 "parameters": {
478 "pageToken": {
479 "description": "The `next_page_token` value returned from a previous List request, if any.",
480 "location": "query",
481 "type": "string"
482 },
483 "pageSize": {
484 "description": "The maximum number of items to retur n. This is a suggestion for the server.",
485 "format": "int32",
486 "location": "query",
487 "type": "integer"
488 },
489 "parent": {
490 "description": "The name of the resource to list all attached Liens.\nFor example, `projects/1234`.",
491 "location": "query",
492 "type": "string"
493 }
494 },
495 "path": "v1/liens",
496 "response": {
497 "$ref": "ListLiensResponse"
498 },
499 "scopes": [
500 "https://www.googleapis.com/auth/cloud-platform",
501 "https://www.googleapis.com/auth/cloud-platform.read-onl y"
502 ]
503 },
504 "create": {
505 "description": "Create a Lien which applies to the resource denoted by the `parent` field.\n\nCallers of this method will require permission on the `parent` resource.\nFor example, applying to `projects/1234` requires pe rmission\n`resourcemanager.projects.updateLiens`.\n\nNOTE: Some resources may li mit the number of Liens which may be applied.",
506 "httpMethod": "POST",
507 "id": "cloudresourcemanager.liens.create",
508 "parameterOrder": [],
509 "parameters": {},
510 "path": "v1/liens",
511 "request": {
512 "$ref": "Lien"
513 },
514 "response": {
515 "$ref": "Lien"
516 },
517 "scopes": [
518 "https://www.googleapis.com/auth/cloud-platform",
519 "https://www.googleapis.com/auth/cloud-platform.read-onl y"
520 ]
521 }
522 }
523 },
524 "folders": {
525 "methods": {
526 "clearOrgPolicy": {
527 "description": "Clears a `Policy` from a resource.",
528 "httpMethod": "POST",
529 "id": "cloudresourcemanager.folders.clearOrgPolicy",
530 "parameterOrder": [
531 "resource"
532 ],
533 "parameters": {
534 "resource": {
535 "description": "Name of the resource for the `Policy ` to clear.",
536 "location": "path",
537 "pattern": "^folders/[^/]+$",
538 "required": true,
539 "type": "string"
540 }
541 },
542 "path": "v1/{+resource}:clearOrgPolicy",
543 "request": {
544 "$ref": "ClearOrgPolicyRequest"
545 },
546 "response": {
547 "$ref": "Empty"
548 },
549 "scopes": [
550 "https://www.googleapis.com/auth/cloud-platform"
551 ]
552 },
553 "setOrgPolicy": {
554 "description": "Updates the specified `Policy` on the resour ce. Creates a new `Policy` for\nthat `Constraint` on the resource if one does no t exist.\n\nNot supplying an `etag` on the request `Policy` results in an uncond itional\nwrite of the `Policy`.",
555 "httpMethod": "POST",
556 "id": "cloudresourcemanager.folders.setOrgPolicy",
557 "parameterOrder": [
558 "resource"
559 ],
560 "parameters": {
561 "resource": {
562 "description": "Resource name of the resource to att ach the `Policy`.",
563 "location": "path",
564 "pattern": "^folders/[^/]+$",
565 "required": true,
566 "type": "string"
567 }
568 },
569 "path": "v1/{+resource}:setOrgPolicy",
570 "request": {
571 "$ref": "SetOrgPolicyRequest"
572 },
573 "response": {
574 "$ref": "OrgPolicy"
575 },
576 "scopes": [
577 "https://www.googleapis.com/auth/cloud-platform"
578 ]
579 },
580 "listOrgPolicies": {
581 "description": "Lists all the `Policies` set for a particula r resource.",
582 "httpMethod": "POST",
583 "id": "cloudresourcemanager.folders.listOrgPolicies",
584 "parameterOrder": [
585 "resource"
586 ],
587 "parameters": {
588 "resource": {
589 "description": "Name of the resource to list Policie s for.",
590 "location": "path",
591 "pattern": "^folders/[^/]+$",
592 "required": true,
593 "type": "string"
594 }
595 },
596 "path": "v1/{+resource}:listOrgPolicies",
597 "request": {
598 "$ref": "ListOrgPoliciesRequest"
599 },
600 "response": {
601 "$ref": "ListOrgPoliciesResponse"
602 },
603 "scopes": [
604 "https://www.googleapis.com/auth/cloud-platform",
605 "https://www.googleapis.com/auth/cloud-platform.read-onl y"
606 ]
607 },
608 "listAvailableOrgPolicyConstraints": {
609 "description": "Lists `Constraints` that could be applied on the specified resource.",
610 "httpMethod": "POST",
611 "id": "cloudresourcemanager.folders.listAvailableOrgPolicyCo nstraints",
612 "parameterOrder": [
613 "resource"
614 ],
615 "parameters": {
616 "resource": {
617 "description": "Name of the resource to list `Constr aints` for.",
618 "location": "path",
619 "pattern": "^folders/[^/]+$",
620 "required": true,
621 "type": "string"
622 }
623 },
624 "path": "v1/{+resource}:listAvailableOrgPolicyConstraints",
625 "request": {
626 "$ref": "ListAvailableOrgPolicyConstraintsRequest"
627 },
628 "response": {
629 "$ref": "ListAvailableOrgPolicyConstraintsResponse"
630 },
631 "scopes": [
632 "https://www.googleapis.com/auth/cloud-platform",
633 "https://www.googleapis.com/auth/cloud-platform.read-onl y"
634 ]
635 },
636 "getOrgPolicy": {
637 "description": "Gets a `Policy` on a resource.\n\nIf no `Pol icy` is set on the resource, a `Policy` is returned with default\nvalues includi ng `POLICY_TYPE_NOT_SET` for the `policy_type oneof`. The\n`etag` value can be u sed with `SetOrgPolicy()` to create or update a\n`Policy` during read-modify-wri te.",
638 "httpMethod": "POST",
639 "id": "cloudresourcemanager.folders.getOrgPolicy",
640 "parameterOrder": [
641 "resource"
642 ],
643 "parameters": {
644 "resource": {
645 "description": "Name of the resource the `Policy` is set on.",
646 "location": "path",
647 "pattern": "^folders/[^/]+$",
648 "required": true,
649 "type": "string"
650 }
651 },
652 "path": "v1/{+resource}:getOrgPolicy",
653 "request": {
654 "$ref": "GetOrgPolicyRequest"
655 },
656 "response": {
657 "$ref": "OrgPolicy"
658 },
659 "scopes": [
660 "https://www.googleapis.com/auth/cloud-platform",
661 "https://www.googleapis.com/auth/cloud-platform.read-onl y"
662 ]
663 },
664 "getEffectiveOrgPolicy": {
665 "description": "Gets the effective `Policy` on a resource. T his is the result of merging\n`Policies` in the resource hierarchy. The returned `Policy` will not have\nan `etag`set because it is a computed `Policy` across m ultiple resources.",
666 "httpMethod": "POST",
667 "id": "cloudresourcemanager.folders.getEffectiveOrgPolicy",
668 "parameterOrder": [
669 "resource"
670 ],
671 "parameters": {
672 "resource": {
673 "description": "The name of the resource to start co mputing the effective `Policy`.",
674 "location": "path",
675 "pattern": "^folders/[^/]+$",
676 "required": true,
677 "type": "string"
678 }
679 },
680 "path": "v1/{+resource}:getEffectiveOrgPolicy",
681 "request": {
682 "$ref": "GetEffectiveOrgPolicyRequest"
683 },
684 "response": {
685 "$ref": "OrgPolicy"
686 },
687 "scopes": [
688 "https://www.googleapis.com/auth/cloud-platform",
689 "https://www.googleapis.com/auth/cloud-platform.read-onl y"
690 ]
691 }
692 }
693 },
694 "projects": {
695 "methods": {
696 "list": { 439 "list": {
697 "description": "Lists Projects that are visible to the user and satisfy the\nspecified filter. This method returns Projects in an unspecifie d order.\nNew Projects do not necessarily appear at the end of the list.", 440 "description": "Lists Projects that are visible to the user and satisfy the\nspecified filter. This method returns Projects in an unspecifie d order.\nNew Projects do not necessarily appear at the end of the list.",
698 "httpMethod": "GET", 441 "httpMethod": "GET",
699 "id": "cloudresourcemanager.projects.list", 442 "id": "cloudresourcemanager.projects.list",
700 "parameterOrder": [], 443 "parameterOrder": [],
701 "parameters": { 444 "parameters": {
702 "filter": {
703 "description": "An expression for filtering the resu lts of the request. Filter rules are\ncase insensitive. The fields eligible for filtering are:\n\n+ `name`\n+ `id`\n+ <code>labels.<em>key</em></code> where *k ey* is the name of a label\n\nSome examples of using labels as filters:\n\n|Filt er|Description|\n|------|-----------|\n|name:how*|The project's name starts with \"how\".|\n|name:Howl|The project's name is `Howl` or `howl`.|\n|name:HOWL|Equi valent to above.|\n|NAME:howl|Equivalent to above.|\n|labels.color:*|The project has the label `color`.|\n|labels.color:red|The project's label `color` has the value `red`.|\n|labels.color:red&nbsp;labels.size:big|The project's label `color ` has the value `red` and its label `size` has the value `big`.\n\nIf you specif y a filter that has both `parent.type` and `parent.id`, then\nthe `resourcemanag er.projects.list` permission is checked on the parent.\nIf the user has this per mission, all projects under the parent will be\nreturned after remaining filters have been applied. If the user lacks this\npermission, then all projects for wh ich the user has the\n`resourcemanager.projects.get` permission will be returned after remaining\nfilters have been applied. If no filter is specified, the call will return\nprojects for which the user has `resourcemanager.projects.get` per missions.\n\nOptional.",
704 "location": "query",
705 "type": "string"
706 },
707 "pageToken": {
708 "description": "A pagination token returned from a p revious call to ListProjects\nthat indicates from where listing should continue. \n\nOptional.",
709 "location": "query",
710 "type": "string"
711 },
712 "pageSize": { 445 "pageSize": {
713 "description": "The maximum number of Projects to re turn in the response.\nThe server can return fewer Projects than requested.\nIf unspecified, server picks an appropriate default.\n\nOptional.", 446 "description": "The maximum number of Projects to re turn in the response.\nThe server can return fewer Projects than requested.\nIf unspecified, server picks an appropriate default.\n\nOptional.",
714 "format": "int32", 447 "format": "int32",
715 "location": "query", 448 "location": "query",
716 "type": "integer" 449 "type": "integer"
450 },
451 "filter": {
452 "description": "An expression for filtering the resu lts of the request. Filter rules are\ncase insensitive. The fields eligible for filtering are:\n\n+ `name`\n+ `id`\n+ <code>labels.<em>key</em></code> where *k ey* is the name of a label\n\nSome examples of using labels as filters:\n\n|Filt er|Description|\n|------|-----------|\n|name:how*|The project's name starts with \"how\".|\n|name:Howl|The project's name is `Howl` or `howl`.|\n|name:HOWL|Equi valent to above.|\n|NAME:howl|Equivalent to above.|\n|labels.color:*|The project has the label `color`.|\n|labels.color:red|The project's label `color` has the value `red`.|\n|labels.color:red&nbsp;labels.size:big|The project's label `color ` has the value `red` and its label `size` has the value `big`.\n\nIf you specif y a filter that has both `parent.type` and `parent.id`, then\nthe `resourcemanag er.projects.list` permission is checked on the parent.\nIf the user has this per mission, all projects under the parent will be\nreturned after remaining filters have been applied. If the user lacks this\npermission, then all projects for wh ich the user has the\n`resourcemanager.projects.get` permission will be returned after remaining\nfilters have been applied. If no filter is specified, the call will return\nprojects for which the user has `resourcemanager.projects.get` per missions.\n\nOptional.",
453 "location": "query",
454 "type": "string"
455 },
456 "pageToken": {
457 "description": "A pagination token returned from a p revious call to ListProjects\nthat indicates from where listing should continue. \n\nOptional.",
458 "location": "query",
459 "type": "string"
717 } 460 }
718 }, 461 },
719 "path": "v1/projects", 462 "path": "v1/projects",
720 "response": { 463 "response": {
721 "$ref": "ListProjectsResponse" 464 "$ref": "ListProjectsResponse"
722 }, 465 },
723 "scopes": [ 466 "scopes": [
724 "https://www.googleapis.com/auth/cloud-platform", 467 "https://www.googleapis.com/auth/cloud-platform",
725 "https://www.googleapis.com/auth/cloud-platform.read-onl y" 468 "https://www.googleapis.com/auth/cloud-platform.read-onl y"
726 ] 469 ]
(...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after
769 "https://www.googleapis.com/auth/cloud-platform" 512 "https://www.googleapis.com/auth/cloud-platform"
770 ] 513 ]
771 }, 514 },
772 "listOrgPolicies": { 515 "listOrgPolicies": {
773 "description": "Lists all the `Policies` set for a particula r resource.", 516 "description": "Lists all the `Policies` set for a particula r resource.",
774 "httpMethod": "POST", 517 "httpMethod": "POST",
775 "id": "cloudresourcemanager.projects.listOrgPolicies", 518 "id": "cloudresourcemanager.projects.listOrgPolicies",
776 "parameterOrder": [ 519 "parameterOrder": [
777 "resource" 520 "resource"
778 ], 521 ],
522 "parameters": {
523 "resource": {
524 "description": "Name of the resource to list Policie s for.",
525 "location": "path",
526 "pattern": "^projects/[^/]+$",
527 "required": true,
528 "type": "string"
529 }
530 },
531 "path": "v1/{+resource}:listOrgPolicies",
532 "request": {
533 "$ref": "ListOrgPoliciesRequest"
534 },
535 "response": {
536 "$ref": "ListOrgPoliciesResponse"
537 },
538 "scopes": [
539 "https://www.googleapis.com/auth/cloud-platform",
540 "https://www.googleapis.com/auth/cloud-platform.read-onl y"
541 ]
542 }
543 }
544 },
545 "organizations": {
546 "methods": {
547 "search": {
548 "description": "Searches Organization resources that are vis ible to the user and satisfy\nthe specified filter. This method returns Organiza tions in an unspecified\norder. New Organizations do not necessarily appear at t he end of the\nresults.\n\nSearch will only return organizations on which the us er has the permission\n`resourcemanager.organizations.get`",
549 "httpMethod": "POST",
550 "id": "cloudresourcemanager.organizations.search",
551 "parameterOrder": [],
552 "parameters": {},
553 "path": "v1/organizations:search",
554 "request": {
555 "$ref": "SearchOrganizationsRequest"
556 },
557 "response": {
558 "$ref": "SearchOrganizationsResponse"
559 },
560 "scopes": [
561 "https://www.googleapis.com/auth/cloud-platform",
562 "https://www.googleapis.com/auth/cloud-platform.read-onl y"
563 ]
564 },
565 "getOrgPolicy": {
566 "description": "Gets a `Policy` on a resource.\n\nIf no `Pol icy` is set on the resource, a `Policy` is returned with default\nvalues includi ng `POLICY_TYPE_NOT_SET` for the `policy_type oneof`. The\n`etag` value can be u sed with `SetOrgPolicy()` to create or update a\n`Policy` during read-modify-wri te.",
567 "httpMethod": "POST",
568 "id": "cloudresourcemanager.organizations.getOrgPolicy",
569 "parameterOrder": [
570 "resource"
571 ],
572 "parameters": {
573 "resource": {
574 "description": "Name of the resource the `Policy` is set on.",
575 "location": "path",
576 "pattern": "^organizations/[^/]+$",
577 "required": true,
578 "type": "string"
579 }
580 },
581 "path": "v1/{+resource}:getOrgPolicy",
582 "request": {
583 "$ref": "GetOrgPolicyRequest"
584 },
585 "response": {
586 "$ref": "OrgPolicy"
587 },
588 "scopes": [
589 "https://www.googleapis.com/auth/cloud-platform",
590 "https://www.googleapis.com/auth/cloud-platform.read-onl y"
591 ]
592 },
593 "get": {
594 "description": "Fetches an Organization resource identified by the specified resource name.",
595 "httpMethod": "GET",
596 "id": "cloudresourcemanager.organizations.get",
597 "parameterOrder": [
598 "name"
599 ],
600 "parameters": {
601 "name": {
602 "description": "The resource name of the Organizatio n to fetch, e.g. \"organizations/1234\".",
603 "location": "path",
604 "pattern": "^organizations/[^/]+$",
605 "required": true,
606 "type": "string"
607 }
608 },
609 "path": "v1/{+name}",
610 "response": {
611 "$ref": "Organization"
612 },
613 "scopes": [
614 "https://www.googleapis.com/auth/cloud-platform",
615 "https://www.googleapis.com/auth/cloud-platform.read-onl y"
616 ]
617 },
618 "getEffectiveOrgPolicy": {
619 "description": "Gets the effective `Policy` on a resource. T his is the result of merging\n`Policies` in the resource hierarchy. The returned `Policy` will not have\nan `etag`set because it is a computed `Policy` across m ultiple resources.",
620 "httpMethod": "POST",
621 "id": "cloudresourcemanager.organizations.getEffectiveOrgPol icy",
622 "parameterOrder": [
623 "resource"
624 ],
625 "parameters": {
626 "resource": {
627 "description": "The name of the resource to start co mputing the effective `Policy`.",
628 "location": "path",
629 "pattern": "^organizations/[^/]+$",
630 "required": true,
631 "type": "string"
632 }
633 },
634 "path": "v1/{+resource}:getEffectiveOrgPolicy",
635 "request": {
636 "$ref": "GetEffectiveOrgPolicyRequest"
637 },
638 "response": {
639 "$ref": "OrgPolicy"
640 },
641 "scopes": [
642 "https://www.googleapis.com/auth/cloud-platform",
643 "https://www.googleapis.com/auth/cloud-platform.read-onl y"
644 ]
645 },
646 "testIamPermissions": {
647 "description": "Returns permissions that a caller has on the specified Organization.\nThe `resource` field should be the organization's reso urce name,\ne.g. \"organizations/123\".\n\nThere are no permissions required for making this API call.",
648 "httpMethod": "POST",
649 "id": "cloudresourcemanager.organizations.testIamPermissions ",
650 "parameterOrder": [
651 "resource"
652 ],
653 "parameters": {
654 "resource": {
655 "description": "REQUIRED: The resource for which the policy detail is being requested.\nSee the operation documentation for the appr opriate value for this field.",
656 "location": "path",
657 "pattern": "^organizations/[^/]+$",
658 "required": true,
659 "type": "string"
660 }
661 },
662 "path": "v1/{+resource}:testIamPermissions",
663 "request": {
664 "$ref": "TestIamPermissionsRequest"
665 },
666 "response": {
667 "$ref": "TestIamPermissionsResponse"
668 },
669 "scopes": [
670 "https://www.googleapis.com/auth/cloud-platform",
671 "https://www.googleapis.com/auth/cloud-platform.read-onl y"
672 ]
673 },
674 "clearOrgPolicy": {
675 "description": "Clears a `Policy` from a resource.",
676 "httpMethod": "POST",
677 "id": "cloudresourcemanager.organizations.clearOrgPolicy",
678 "parameterOrder": [
679 "resource"
680 ],
681 "parameters": {
682 "resource": {
683 "description": "Name of the resource for the `Policy ` to clear.",
684 "location": "path",
685 "pattern": "^organizations/[^/]+$",
686 "required": true,
687 "type": "string"
688 }
689 },
690 "path": "v1/{+resource}:clearOrgPolicy",
691 "request": {
692 "$ref": "ClearOrgPolicyRequest"
693 },
694 "response": {
695 "$ref": "Empty"
696 },
697 "scopes": [
698 "https://www.googleapis.com/auth/cloud-platform"
699 ]
700 },
701 "setOrgPolicy": {
702 "description": "Updates the specified `Policy` on the resour ce. Creates a new `Policy` for\nthat `Constraint` on the resource if one does no t exist.\n\nNot supplying an `etag` on the request `Policy` results in an uncond itional\nwrite of the `Policy`.",
703 "httpMethod": "POST",
704 "id": "cloudresourcemanager.organizations.setOrgPolicy",
705 "parameterOrder": [
706 "resource"
707 ],
708 "parameters": {
709 "resource": {
710 "description": "Resource name of the resource to att ach the `Policy`.",
711 "location": "path",
712 "pattern": "^organizations/[^/]+$",
713 "required": true,
714 "type": "string"
715 }
716 },
717 "path": "v1/{+resource}:setOrgPolicy",
718 "request": {
719 "$ref": "SetOrgPolicyRequest"
720 },
721 "response": {
722 "$ref": "OrgPolicy"
723 },
724 "scopes": [
725 "https://www.googleapis.com/auth/cloud-platform"
726 ]
727 },
728 "setIamPolicy": {
729 "description": "Sets the access control policy on an Organiz ation resource. Replaces any\nexisting policy. The `resource` field should be th e organization's resource\nname, e.g. \"organizations/123\".\n\nAuthorization re quires the Google IAM permission\n`resourcemanager.organizations.setIamPolicy` o n the specified organization",
730 "httpMethod": "POST",
731 "id": "cloudresourcemanager.organizations.setIamPolicy",
732 "parameterOrder": [
733 "resource"
734 ],
735 "parameters": {
736 "resource": {
737 "description": "REQUIRED: The resource for which the policy is being specified.\nSee the operation documentation for the appropriate value for this field.",
738 "location": "path",
739 "pattern": "^organizations/[^/]+$",
740 "required": true,
741 "type": "string"
742 }
743 },
744 "path": "v1/{+resource}:setIamPolicy",
745 "request": {
746 "$ref": "SetIamPolicyRequest"
747 },
748 "response": {
749 "$ref": "Policy"
750 },
751 "scopes": [
752 "https://www.googleapis.com/auth/cloud-platform"
753 ]
754 },
755 "listAvailableOrgPolicyConstraints": {
756 "description": "Lists `Constraints` that could be applied on the specified resource.",
757 "httpMethod": "POST",
758 "id": "cloudresourcemanager.organizations.listAvailableOrgPo licyConstraints",
759 "parameterOrder": [
760 "resource"
761 ],
762 "parameters": {
763 "resource": {
764 "description": "Name of the resource to list `Constr aints` for.",
765 "location": "path",
766 "pattern": "^organizations/[^/]+$",
767 "required": true,
768 "type": "string"
769 }
770 },
771 "path": "v1/{+resource}:listAvailableOrgPolicyConstraints",
772 "request": {
773 "$ref": "ListAvailableOrgPolicyConstraintsRequest"
774 },
775 "response": {
776 "$ref": "ListAvailableOrgPolicyConstraintsResponse"
777 },
778 "scopes": [
779 "https://www.googleapis.com/auth/cloud-platform",
780 "https://www.googleapis.com/auth/cloud-platform.read-onl y"
781 ]
782 },
783 "listOrgPolicies": {
784 "description": "Lists all the `Policies` set for a particula r resource.",
785 "httpMethod": "POST",
786 "id": "cloudresourcemanager.organizations.listOrgPolicies",
787 "parameterOrder": [
788 "resource"
789 ],
779 "parameters": { 790 "parameters": {
780 "resource": { 791 "resource": {
781 "description": "Name of the resource to list Policie s for.", 792 "description": "Name of the resource to list Policie s for.",
782 "location": "path", 793 "location": "path",
783 "pattern": "^projects/[^/]+$", 794 "pattern": "^organizations/[^/]+$",
784 "required": true, 795 "required": true,
785 "type": "string" 796 "type": "string"
786 } 797 }
787 }, 798 },
788 "path": "v1/{+resource}:listOrgPolicies", 799 "path": "v1/{+resource}:listOrgPolicies",
789 "request": { 800 "request": {
790 "$ref": "ListOrgPoliciesRequest" 801 "$ref": "ListOrgPoliciesRequest"
791 }, 802 },
792 "response": { 803 "response": {
793 "$ref": "ListOrgPoliciesResponse" 804 "$ref": "ListOrgPoliciesResponse"
794 }, 805 },
795 "scopes": [ 806 "scopes": [
796 "https://www.googleapis.com/auth/cloud-platform", 807 "https://www.googleapis.com/auth/cloud-platform",
797 "https://www.googleapis.com/auth/cloud-platform.read-onl y" 808 "https://www.googleapis.com/auth/cloud-platform.read-onl y"
798 ] 809 ]
799 }, 810 },
800 "get": { 811 "getIamPolicy": {
801 "description": "Retrieves the Project identified by the spec ified\n`project_id` (for example, `my-project-123`).\n\nThe caller must have rea d permissions for this Project.", 812 "description": "Gets the access control policy for an Organi zation resource. May be empty\nif no such policy or resource exists. The `resour ce` field should be the\norganization's resource name, e.g. \"organizations/123\ ".\n\nAuthorization requires the Google IAM permission\n`resourcemanager.organiz ations.getIamPolicy` on the specified organization",
802 "httpMethod": "GET", 813 "httpMethod": "POST",
803 "id": "cloudresourcemanager.projects.get", 814 "id": "cloudresourcemanager.organizations.getIamPolicy",
804 "parameterOrder": [ 815 "parameterOrder": [
805 "projectId" 816 "resource"
806 ], 817 ],
807 "parameters": { 818 "parameters": {
808 "projectId": { 819 "resource": {
809 "description": "The Project ID (for example, `my-pro ject-123`).\n\nRequired.", 820 "description": "REQUIRED: The resource for which the policy is being requested.\nSee the operation documentation for the appropriate value for this field.",
810 "location": "path", 821 "location": "path",
822 "pattern": "^organizations/[^/]+$",
811 "required": true, 823 "required": true,
812 "type": "string" 824 "type": "string"
813 } 825 }
814 }, 826 },
815 "path": "v1/projects/{projectId}", 827 "path": "v1/{+resource}:getIamPolicy",
828 "request": {
829 "$ref": "GetIamPolicyRequest"
830 },
816 "response": { 831 "response": {
817 "$ref": "Project" 832 "$ref": "Policy"
833 },
834 "scopes": [
835 "https://www.googleapis.com/auth/cloud-platform",
836 "https://www.googleapis.com/auth/cloud-platform.read-onl y"
837 ]
838 }
839 }
840 },
841 "operations": {
842 "methods": {
843 "get": {
844 "description": "Gets the latest state of a long-running oper ation. Clients can use this\nmethod to poll the operation result at intervals a s recommended by the API\nservice.",
845 "httpMethod": "GET",
846 "id": "cloudresourcemanager.operations.get",
847 "parameterOrder": [
848 "name"
849 ],
850 "parameters": {
851 "name": {
852 "description": "The name of the operation resource." ,
853 "location": "path",
854 "pattern": "^operations/.+$",
855 "required": true,
856 "type": "string"
857 }
858 },
859 "path": "v1/{+name}",
860 "response": {
861 "$ref": "Operation"
862 },
863 "scopes": [
864 "https://www.googleapis.com/auth/cloud-platform",
865 "https://www.googleapis.com/auth/cloud-platform.read-onl y"
866 ]
867 }
868 }
869 },
870 "liens": {
871 "methods": {
872 "list": {
873 "description": "List all Liens applied to the `parent` resou rce.\n\nCallers of this method will require permission on the `parent` resource. \nFor example, a Lien with a `parent` of `projects/1234` requires permission\n`r esourcemanager.projects.get`.",
874 "httpMethod": "GET",
875 "id": "cloudresourcemanager.liens.list",
876 "parameterOrder": [],
877 "parameters": {
878 "pageToken": {
879 "description": "The `next_page_token` value returned from a previous List request, if any.",
880 "location": "query",
881 "type": "string"
882 },
883 "pageSize": {
884 "description": "The maximum number of items to retur n. This is a suggestion for the server.",
885 "format": "int32",
886 "location": "query",
887 "type": "integer"
888 },
889 "parent": {
890 "description": "The name of the resource to list all attached Liens.\nFor example, `projects/1234`.",
891 "location": "query",
892 "type": "string"
893 }
894 },
895 "path": "v1/liens",
896 "response": {
897 "$ref": "ListLiensResponse"
818 }, 898 },
819 "scopes": [ 899 "scopes": [
820 "https://www.googleapis.com/auth/cloud-platform", 900 "https://www.googleapis.com/auth/cloud-platform",
821 "https://www.googleapis.com/auth/cloud-platform.read-onl y" 901 "https://www.googleapis.com/auth/cloud-platform.read-onl y"
822 ] 902 ]
823 }, 903 },
824 "getAncestry": { 904 "create": {
825 "description": "Gets a list of ancestors in the resource hie rarchy for the Project\nidentified by the specified `project_id` (for example, ` my-project-123`).\n\nThe caller must have read permissions for this Project.", 905 "description": "Create a Lien which applies to the resource denoted by the `parent` field.\n\nCallers of this method will require permission on the `parent` resource.\nFor example, applying to `projects/1234` requires pe rmission\n`resourcemanager.projects.updateLiens`.\n\nNOTE: Some resources may li mit the number of Liens which may be applied.",
826 "httpMethod": "POST", 906 "httpMethod": "POST",
827 "id": "cloudresourcemanager.projects.getAncestry", 907 "id": "cloudresourcemanager.liens.create",
828 "parameterOrder": [ 908 "parameterOrder": [],
829 "projectId" 909 "parameters": {},
830 ], 910 "path": "v1/liens",
831 "parameters": {
832 "projectId": {
833 "description": "The Project ID (for example, `my-pro ject-123`).\n\nRequired.",
834 "location": "path",
835 "required": true,
836 "type": "string"
837 }
838 },
839 "path": "v1/projects/{projectId}:getAncestry",
840 "request": { 911 "request": {
841 "$ref": "GetAncestryRequest" 912 "$ref": "Lien"
842 }, 913 },
843 "response": { 914 "response": {
844 "$ref": "GetAncestryResponse" 915 "$ref": "Lien"
845 }, 916 },
846 "scopes": [ 917 "scopes": [
847 "https://www.googleapis.com/auth/cloud-platform", 918 "https://www.googleapis.com/auth/cloud-platform",
848 "https://www.googleapis.com/auth/cloud-platform.read-onl y"
849 ]
850 },
851 "testIamPermissions": {
852 "description": "Returns permissions that a caller has on the specified Project.\n\nThere are no permissions required for making this API cal l.",
853 "httpMethod": "POST",
854 "id": "cloudresourcemanager.projects.testIamPermissions",
855 "parameterOrder": [
856 "resource"
857 ],
858 "parameters": {
859 "resource": {
860 "description": "REQUIRED: The resource for which the policy detail is being requested.\nSee the operation documentation for the appr opriate value for this field.",
861 "location": "path",
862 "required": true,
863 "type": "string"
864 }
865 },
866 "path": "v1/projects/{resource}:testIamPermissions",
867 "request": {
868 "$ref": "TestIamPermissionsRequest"
869 },
870 "response": {
871 "$ref": "TestIamPermissionsResponse"
872 },
873 "scopes": [
874 "https://www.googleapis.com/auth/cloud-platform",
875 "https://www.googleapis.com/auth/cloud-platform.read-onl y" 919 "https://www.googleapis.com/auth/cloud-platform.read-onl y"
876 ] 920 ]
877 }, 921 },
878 "delete": { 922 "delete": {
879 "description": "Marks the Project identified by the specifie d\n`project_id` (for example, `my-project-123`) for deletion.\nThis method will only affect the Project if the following criteria are met:\n\n+ The Project does not have a billing account associated with it.\n+ The Project has a lifecycle s tate of\nACTIVE.\n\nThis method changes the Project's lifecycle state from\nACTI VE\nto DELETE_REQUESTED.\nThe deletion starts at an unspecified time,\nat which point the Project is no longer accessible.\n\nUntil the deletion completes, you can check the lifecycle state\nchecked by retrieving the Project with GetProject ,\nand the Project remains visible to ListProjects.\nHowever, you cannot update the project.\n\nAfter the deletion completes, the Project is not retrievable by\ nthe GetProject and\nListProjects methods.\n\nThe caller must have modify permi ssions for this Project.", 923 "description": "Delete a Lien by `name`.\n\nCallers of this method will require permission on the `parent` resource.\nFor example, a Lien wi th a `parent` of `projects/1234` requires permission\n`resourcemanager.projects. updateLiens`.",
880 "httpMethod": "DELETE", 924 "httpMethod": "DELETE",
881 "id": "cloudresourcemanager.projects.delete", 925 "id": "cloudresourcemanager.liens.delete",
882 "parameterOrder": [ 926 "parameterOrder": [
883 "projectId" 927 "name"
884 ], 928 ],
885 "parameters": { 929 "parameters": {
886 "projectId": { 930 "name": {
887 "description": "The Project ID (for example, `foo-ba r-123`).\n\nRequired.", 931 "description": "The name/identifier of the Lien to d elete.",
888 "location": "path", 932 "location": "path",
933 "pattern": "^liens/.+$",
889 "required": true, 934 "required": true,
890 "type": "string" 935 "type": "string"
891 } 936 }
892 }, 937 },
893 "path": "v1/projects/{projectId}", 938 "path": "v1/{+name}",
894 "response": { 939 "response": {
895 "$ref": "Empty" 940 "$ref": "Empty"
896 }, 941 },
897 "scopes": [ 942 "scopes": [
898 "https://www.googleapis.com/auth/cloud-platform" 943 "https://www.googleapis.com/auth/cloud-platform",
944 "https://www.googleapis.com/auth/cloud-platform.read-onl y"
899 ] 945 ]
900 }, 946 }
901 "clearOrgPolicy": { 947 }
902 "description": "Clears a `Policy` from a resource.", 948 },
949 "folders": {
950 "methods": {
951 "listOrgPolicies": {
952 "description": "Lists all the `Policies` set for a particula r resource.",
903 "httpMethod": "POST", 953 "httpMethod": "POST",
904 "id": "cloudresourcemanager.projects.clearOrgPolicy", 954 "id": "cloudresourcemanager.folders.listOrgPolicies",
905 "parameterOrder": [ 955 "parameterOrder": [
906 "resource" 956 "resource"
907 ], 957 ],
908 "parameters": { 958 "parameters": {
909 "resource": { 959 "resource": {
910 "description": "Name of the resource for the `Policy ` to clear.", 960 "description": "Name of the resource to list Policie s for.",
911 "location": "path", 961 "location": "path",
912 "pattern": "^projects/[^/]+$", 962 "pattern": "^folders/[^/]+$",
913 "required": true, 963 "required": true,
914 "type": "string" 964 "type": "string"
915 } 965 }
916 }, 966 },
917 "path": "v1/{+resource}:clearOrgPolicy", 967 "path": "v1/{+resource}:listOrgPolicies",
918 "request": { 968 "request": {
919 "$ref": "ClearOrgPolicyRequest" 969 "$ref": "ListOrgPoliciesRequest"
920 }, 970 },
921 "response": { 971 "response": {
922 "$ref": "Empty" 972 "$ref": "ListOrgPoliciesResponse"
923 }, 973 },
924 "scopes": [ 974 "scopes": [
925 "https://www.googleapis.com/auth/cloud-platform" 975 "https://www.googleapis.com/auth/cloud-platform",
926 ] 976 "https://www.googleapis.com/auth/cloud-platform.read-onl y"
927 },
928 "setIamPolicy": {
929 "description": "Sets the IAM access control policy for the s pecified Project. Replaces\nany existing policy.\n\nThe following constraints ap ply when using `setIamPolicy()`:\n\n+ Project does not support `allUsers` and `a llAuthenticatedUsers` as\n`members` in a `Binding` of a `Policy`.\n\n+ The owner role can be granted only to `user` and `serviceAccount`.\n\n+ Service accounts can be made owners of a project directly\nwithout any restrictions. However, to be added as an owner, a user must be\ninvited via Cloud Platform console and mus t accept the invitation.\n\n+ A user cannot be granted the owner role using `set IamPolicy()`. The user\nmust be granted the owner role using the Cloud Platform Console and must\nexplicitly accept the invitation.\n\n+ Invitations to grant th e owner role cannot be sent using\n`setIamPolicy()`;\nthey must be sent only usi ng the Cloud Platform Console.\n\n+ Membership changes that leave the project wi thout any owners that have\naccepted the Terms of Service (ToS) will be rejected .\n\n+ If the project is not part of an organization, there must be at least\non e owner who has accepted the Terms of Service (ToS) agreement in the\npolicy. Ca lling `setIamPolicy()` to remove the last ToS-accepted owner\nfrom the policy wi ll fail. This restriction also applies to legacy\nprojects that no longer have o wners who have accepted the ToS. Edits to\nIAM policies will be rejected until t he lack of a ToS-accepting owner is\nrectified.\n\n+ Calling this method require s enabling the App Engine Admin API.\n\nNote: Removing service accounts from pol icies or changing their roles\ncan render services completely inoperable. It is important to understand\nhow the service account is being used before removing o r updating its\nroles.\n\nAuthorization requires the Google IAM permission\n`res ourcemanager.projects.setIamPolicy` on the project",
930 "httpMethod": "POST",
931 "id": "cloudresourcemanager.projects.setIamPolicy",
932 "parameterOrder": [
933 "resource"
934 ],
935 "parameters": {
936 "resource": {
937 "description": "REQUIRED: The resource for which the policy is being specified.\nSee the operation documentation for the appropriate value for this field.",
938 "location": "path",
939 "required": true,
940 "type": "string"
941 }
942 },
943 "path": "v1/projects/{resource}:setIamPolicy",
944 "request": {
945 "$ref": "SetIamPolicyRequest"
946 },
947 "response": {
948 "$ref": "Policy"
949 },
950 "scopes": [
951 "https://www.googleapis.com/auth/cloud-platform"
952 ] 977 ]
953 }, 978 },
954 "listAvailableOrgPolicyConstraints": { 979 "listAvailableOrgPolicyConstraints": {
955 "description": "Lists `Constraints` that could be applied on the specified resource.", 980 "description": "Lists `Constraints` that could be applied on the specified resource.",
956 "httpMethod": "POST", 981 "httpMethod": "POST",
957 "id": "cloudresourcemanager.projects.listAvailableOrgPolicyC onstraints", 982 "id": "cloudresourcemanager.folders.listAvailableOrgPolicyCo nstraints",
958 "parameterOrder": [ 983 "parameterOrder": [
959 "resource" 984 "resource"
960 ], 985 ],
961 "parameters": { 986 "parameters": {
962 "resource": { 987 "resource": {
963 "description": "Name of the resource to list `Constr aints` for.", 988 "description": "Name of the resource to list `Constr aints` for.",
964 "location": "path", 989 "location": "path",
965 "pattern": "^projects/[^/]+$", 990 "pattern": "^folders/[^/]+$",
966 "required": true, 991 "required": true,
967 "type": "string" 992 "type": "string"
968 } 993 }
969 }, 994 },
970 "path": "v1/{+resource}:listAvailableOrgPolicyConstraints", 995 "path": "v1/{+resource}:listAvailableOrgPolicyConstraints",
971 "request": { 996 "request": {
972 "$ref": "ListAvailableOrgPolicyConstraintsRequest" 997 "$ref": "ListAvailableOrgPolicyConstraintsRequest"
973 }, 998 },
974 "response": { 999 "response": {
975 "$ref": "ListAvailableOrgPolicyConstraintsResponse" 1000 "$ref": "ListAvailableOrgPolicyConstraintsResponse"
976 }, 1001 },
977 "scopes": [ 1002 "scopes": [
978 "https://www.googleapis.com/auth/cloud-platform", 1003 "https://www.googleapis.com/auth/cloud-platform",
979 "https://www.googleapis.com/auth/cloud-platform.read-onl y" 1004 "https://www.googleapis.com/auth/cloud-platform.read-onl y"
980 ] 1005 ]
981 }, 1006 },
982 "getIamPolicy": { 1007 "getOrgPolicy": {
983 "description": "Returns the IAM access control policy for th e specified Project.\nPermission is denied if the policy or the resource does no t exist.\n\nAuthorization requires the Google IAM permission\n`resourcemanager.p rojects.getIamPolicy` on the project", 1008 "description": "Gets a `Policy` on a resource.\n\nIf no `Pol icy` is set on the resource, a `Policy` is returned with default\nvalues includi ng `POLICY_TYPE_NOT_SET` for the `policy_type oneof`. The\n`etag` value can be u sed with `SetOrgPolicy()` to create or update a\n`Policy` during read-modify-wri te.",
984 "httpMethod": "POST", 1009 "httpMethod": "POST",
985 "id": "cloudresourcemanager.projects.getIamPolicy", 1010 "id": "cloudresourcemanager.folders.getOrgPolicy",
986 "parameterOrder": [ 1011 "parameterOrder": [
987 "resource" 1012 "resource"
988 ], 1013 ],
989 "parameters": {
990 "resource": {
991 "description": "REQUIRED: The resource for which the policy is being requested.\nSee the operation documentation for the appropriate value for this field.",
992 "location": "path",
993 "required": true,
994 "type": "string"
995 }
996 },
997 "path": "v1/projects/{resource}:getIamPolicy",
998 "request": {
999 "$ref": "GetIamPolicyRequest"
1000 },
1001 "response": {
1002 "$ref": "Policy"
1003 },
1004 "scopes": [
1005 "https://www.googleapis.com/auth/cloud-platform",
1006 "https://www.googleapis.com/auth/cloud-platform.read-onl y"
1007 ]
1008 },
1009 "getOrgPolicy": {
1010 "description": "Gets a `Policy` on a resource.\n\nIf no `Pol icy` is set on the resource, a `Policy` is returned with default\nvalues includi ng `POLICY_TYPE_NOT_SET` for the `policy_type oneof`. The\n`etag` value can be u sed with `SetOrgPolicy()` to create or update a\n`Policy` during read-modify-wri te.",
1011 "httpMethod": "POST",
1012 "id": "cloudresourcemanager.projects.getOrgPolicy",
1013 "parameterOrder": [
1014 "resource"
1015 ],
1016 "parameters": { 1014 "parameters": {
1017 "resource": { 1015 "resource": {
1018 "description": "Name of the resource the `Policy` is set on.", 1016 "description": "Name of the resource the `Policy` is set on.",
1019 "location": "path", 1017 "location": "path",
1020 "pattern": "^projects/[^/]+$", 1018 "pattern": "^folders/[^/]+$",
1021 "required": true, 1019 "required": true,
1022 "type": "string" 1020 "type": "string"
1023 } 1021 }
1024 }, 1022 },
1025 "path": "v1/{+resource}:getOrgPolicy", 1023 "path": "v1/{+resource}:getOrgPolicy",
1026 "request": { 1024 "request": {
1027 "$ref": "GetOrgPolicyRequest" 1025 "$ref": "GetOrgPolicyRequest"
1028 }, 1026 },
1029 "response": { 1027 "response": {
1030 "$ref": "OrgPolicy" 1028 "$ref": "OrgPolicy"
1031 }, 1029 },
1032 "scopes": [ 1030 "scopes": [
1033 "https://www.googleapis.com/auth/cloud-platform", 1031 "https://www.googleapis.com/auth/cloud-platform",
1034 "https://www.googleapis.com/auth/cloud-platform.read-onl y" 1032 "https://www.googleapis.com/auth/cloud-platform.read-onl y"
1035 ] 1033 ]
1036 }, 1034 },
1037 "getEffectiveOrgPolicy": { 1035 "getEffectiveOrgPolicy": {
1038 "description": "Gets the effective `Policy` on a resource. T his is the result of merging\n`Policies` in the resource hierarchy. The returned `Policy` will not have\nan `etag`set because it is a computed `Policy` across m ultiple resources.", 1036 "description": "Gets the effective `Policy` on a resource. T his is the result of merging\n`Policies` in the resource hierarchy. The returned `Policy` will not have\nan `etag`set because it is a computed `Policy` across m ultiple resources.",
1039 "httpMethod": "POST", 1037 "httpMethod": "POST",
1040 "id": "cloudresourcemanager.projects.getEffectiveOrgPolicy", 1038 "id": "cloudresourcemanager.folders.getEffectiveOrgPolicy",
1041 "parameterOrder": [ 1039 "parameterOrder": [
1042 "resource" 1040 "resource"
1043 ], 1041 ],
1044 "parameters": { 1042 "parameters": {
1045 "resource": { 1043 "resource": {
1046 "description": "The name of the resource to start co mputing the effective `Policy`.", 1044 "description": "The name of the resource to start co mputing the effective `Policy`.",
1047 "location": "path", 1045 "location": "path",
1048 "pattern": "^projects/[^/]+$", 1046 "pattern": "^folders/[^/]+$",
1049 "required": true, 1047 "required": true,
1050 "type": "string" 1048 "type": "string"
1051 } 1049 }
1052 }, 1050 },
1053 "path": "v1/{+resource}:getEffectiveOrgPolicy", 1051 "path": "v1/{+resource}:getEffectiveOrgPolicy",
1054 "request": { 1052 "request": {
1055 "$ref": "GetEffectiveOrgPolicyRequest" 1053 "$ref": "GetEffectiveOrgPolicyRequest"
1056 }, 1054 },
1057 "response": { 1055 "response": {
1058 "$ref": "OrgPolicy" 1056 "$ref": "OrgPolicy"
1059 }, 1057 },
1060 "scopes": [ 1058 "scopes": [
1061 "https://www.googleapis.com/auth/cloud-platform", 1059 "https://www.googleapis.com/auth/cloud-platform",
1062 "https://www.googleapis.com/auth/cloud-platform.read-onl y" 1060 "https://www.googleapis.com/auth/cloud-platform.read-onl y"
1063 ] 1061 ]
1064 }, 1062 },
1065 "undelete": { 1063 "clearOrgPolicy": {
1066 "description": "Restores the Project identified by the speci fied\n`project_id` (for example, `my-project-123`).\nYou can only use this metho d for a Project that has a lifecycle state of\nDELETE_REQUESTED.\nAfter deletion starts, the Project cannot be restored.\n\nThe caller must have modify permissi ons for this Project.", 1064 "description": "Clears a `Policy` from a resource.",
1067 "httpMethod": "POST", 1065 "httpMethod": "POST",
1068 "id": "cloudresourcemanager.projects.undelete", 1066 "id": "cloudresourcemanager.folders.clearOrgPolicy",
1069 "parameterOrder": [ 1067 "parameterOrder": [
1070 "projectId" 1068 "resource"
1071 ], 1069 ],
1072 "parameters": { 1070 "parameters": {
1073 "projectId": { 1071 "resource": {
1074 "description": "The project ID (for example, `foo-ba r-123`).\n\nRequired.", 1072 "description": "Name of the resource for the `Policy ` to clear.",
1075 "location": "path", 1073 "location": "path",
1074 "pattern": "^folders/[^/]+$",
1076 "required": true, 1075 "required": true,
1077 "type": "string" 1076 "type": "string"
1078 } 1077 }
1079 }, 1078 },
1080 "path": "v1/projects/{projectId}:undelete", 1079 "path": "v1/{+resource}:clearOrgPolicy",
1081 "request": { 1080 "request": {
1082 "$ref": "UndeleteProjectRequest" 1081 "$ref": "ClearOrgPolicyRequest"
1083 }, 1082 },
1084 "response": { 1083 "response": {
1085 "$ref": "Empty" 1084 "$ref": "Empty"
1086 }, 1085 },
1087 "scopes": [ 1086 "scopes": [
1088 "https://www.googleapis.com/auth/cloud-platform" 1087 "https://www.googleapis.com/auth/cloud-platform"
1089 ] 1088 ]
1090 }, 1089 },
1091 "update": { 1090 "setOrgPolicy": {
1092 "description": "Updates the attributes of the Project identi fied by the specified\n`project_id` (for example, `my-project-123`).\n\nThe call er must have modify permissions for this Project.", 1091 "description": "Updates the specified `Policy` on the resour ce. Creates a new `Policy` for\nthat `Constraint` on the resource if one does no t exist.\n\nNot supplying an `etag` on the request `Policy` results in an uncond itional\nwrite of the `Policy`.",
1093 "httpMethod": "PUT", 1092 "httpMethod": "POST",
1094 "id": "cloudresourcemanager.projects.update", 1093 "id": "cloudresourcemanager.folders.setOrgPolicy",
1095 "parameterOrder": [ 1094 "parameterOrder": [
1096 "projectId" 1095 "resource"
1097 ], 1096 ],
1098 "parameters": { 1097 "parameters": {
1099 "projectId": { 1098 "resource": {
1100 "description": "The project ID (for example, `my-pro ject-123`).\n\nRequired.", 1099 "description": "Resource name of the resource to att ach the `Policy`.",
1101 "location": "path", 1100 "location": "path",
1101 "pattern": "^folders/[^/]+$",
1102 "required": true, 1102 "required": true,
1103 "type": "string" 1103 "type": "string"
1104 } 1104 }
1105 }, 1105 },
1106 "path": "v1/projects/{projectId}", 1106 "path": "v1/{+resource}:setOrgPolicy",
1107 "request": { 1107 "request": {
1108 "$ref": "Project" 1108 "$ref": "SetOrgPolicyRequest"
1109 }, 1109 },
1110 "response": { 1110 "response": {
1111 "$ref": "Project" 1111 "$ref": "OrgPolicy"
1112 }, 1112 },
1113 "scopes": [ 1113 "scopes": [
1114 "https://www.googleapis.com/auth/cloud-platform" 1114 "https://www.googleapis.com/auth/cloud-platform"
1115 ] 1115 ]
1116 } 1116 }
1117 } 1117 }
1118 } 1118 }
1119 }, 1119 },
1120 "revision": "20170726", 1120 "revision": "20170814",
1121 "rootUrl": "https://cloudresourcemanager.googleapis.com/", 1121 "rootUrl": "https://cloudresourcemanager.googleapis.com/",
1122 "schemas": { 1122 "schemas": {
1123 "ProjectCreationStatus": { 1123 "GetAncestryRequest": {
1124 "description": "A status object which is used as the `metadata` fiel d for the Operation\nreturned by CreateProject. It provides insight for when sig nificant phases of\nProject creation have completed.", 1124 "description": "The request sent to the\nGetAncestry\nmethod.",
1125 "id": "ProjectCreationStatus", 1125 "id": "GetAncestryRequest",
1126 "properties": {
1127 "ready": {
1128 "description": "True if the project creation process is comp lete.",
1129 "type": "boolean"
1130 },
1131 "gettable": {
1132 "description": "True if the project can be retrieved using G etProject. No other operations\non the project are guaranteed to work until the project creation is\ncomplete.",
1133 "type": "boolean"
1134 },
1135 "createTime": {
1136 "description": "Creation time of the project creation workfl ow.",
1137 "format": "google-datetime",
1138 "type": "string"
1139 }
1140 },
1141 "type": "object"
1142 },
1143 "BooleanConstraint": {
1144 "description": "A `Constraint` that is either enforced or not.\n\nFo r example a constraint `constraints/compute.disableSerialPortAccess`.\nIf it is enforced on a VM instance, serial port connections will not be\nopened to that i nstance.",
1145 "id": "BooleanConstraint",
1146 "properties": {}, 1126 "properties": {},
1147 "type": "object" 1127 "type": "object"
1148 }, 1128 },
1149 "GetIamPolicyRequest": { 1129 "TestIamPermissionsRequest": {
1150 "description": "Request message for `GetIamPolicy` method.", 1130 "description": "Request message for `TestIamPermissions` method.",
1151 "id": "GetIamPolicyRequest", 1131 "id": "TestIamPermissionsRequest",
1152 "properties": {},
1153 "type": "object"
1154 },
1155 "TestIamPermissionsResponse": {
1156 "description": "Response message for `TestIamPermissions` method.",
1157 "id": "TestIamPermissionsResponse",
1158 "properties": { 1132 "properties": {
1159 "permissions": { 1133 "permissions": {
1160 "description": "A subset of `TestPermissionsRequest.permissi ons` that the caller is\nallowed.", 1134 "description": "The set of permissions to check for the `res ource`. Permissions with\nwildcards (such as '*' or 'storage.*') are not allowed . For more\ninformation see\n[IAM Overview](https://cloud.google.com/iam/docs/ov erview#permissions).",
1161 "items": { 1135 "items": {
1162 "type": "string" 1136 "type": "string"
1163 }, 1137 },
1164 "type": "array" 1138 "type": "array"
1165 } 1139 }
1166 }, 1140 },
1167 "type": "object" 1141 "type": "object"
1168 }, 1142 },
1143 "ListAvailableOrgPolicyConstraintsRequest": {
1144 "description": "The request sent to the [ListAvailableOrgPolicyConst raints]\ngoogle.cloud.OrgPolicy.v1.ListAvailableOrgPolicyConstraints] method.",
1145 "id": "ListAvailableOrgPolicyConstraintsRequest",
1146 "properties": {
1147 "pageSize": {
1148 "description": "Size of the pages to be returned. This is cu rrently unsupported and will\nbe ignored. The server may at any point start usin g this field to limit\npage size.",
1149 "format": "int32",
1150 "type": "integer"
1151 },
1152 "pageToken": {
1153 "description": "Page token used to retrieve the next page. T his is currently unsupported\nand will be ignored. The server may at any point s tart using this field.",
1154 "type": "string"
1155 }
1156 },
1157 "type": "object"
1158 },
1159 "Policy": {
1160 "description": "Defines an Identity and Access Management (IAM) poli cy. It is used to\nspecify access control policies for Cloud Platform resources. \n\n\nA `Policy` consists of a list of `bindings`. A `Binding` binds a list of\n `members` to a `role`, where the members can be user accounts, Google groups,\nG oogle domains, and service accounts. A `role` is a named list of permissions\nde fined by IAM.\n\n**Example**\n\n {\n \"bindings\": [\n {\n \"role\": \"roles/owner\",\n \"members\": [\n \"user:mike @example.com\",\n \"group:admins@example.com\",\n \"domain :google.com\",\n \"serviceAccount:my-other-app@appspot.gserviceaccoun t.com\",\n ]\n },\n {\n \"role\": \"roles/viewer \",\n \"members\": [\"user:sean@example.com\"]\n }\n ]\n }\n\nFor a description of IAM and its features, see the\n[IAM developer's guide ](https://cloud.google.com/iam).",
1161 "id": "Policy",
1162 "properties": {
1163 "etag": {
1164 "description": "`etag` is used for optimistic concurrency co ntrol as a way to help\nprevent simultaneous updates of a policy from overwritin g each other.\nIt is strongly suggested that systems make use of the `etag` in t he\nread-modify-write cycle to perform policy updates in order to avoid race\nco nditions: An `etag` is returned in the response to `getIamPolicy`, and\nsystems are expected to put that etag in the request to `setIamPolicy` to\nensure that t heir change will be applied to the same version of the policy.\n\nIf no `etag` i s provided in the call to `setIamPolicy`, then the existing\npolicy is overwritt en blindly.",
1165 "format": "byte",
1166 "type": "string"
1167 },
1168 "version": {
1169 "description": "Version of the `Policy`. The default version is 0.",
1170 "format": "int32",
1171 "type": "integer"
1172 },
1173 "auditConfigs": {
1174 "description": "Specifies cloud audit logging configuration for this policy.",
1175 "items": {
1176 "$ref": "AuditConfig"
1177 },
1178 "type": "array"
1179 },
1180 "bindings": {
1181 "description": "Associates a list of `members` to a `role`.\ n`bindings` with no members will result in an error.",
1182 "items": {
1183 "$ref": "Binding"
1184 },
1185 "type": "array"
1186 }
1187 },
1188 "type": "object"
1189 },
1190 "FolderOperation": {
1191 "description": "Metadata describing a long running folder operation" ,
1192 "id": "FolderOperation",
1193 "properties": {
1194 "operationType": {
1195 "description": "The type of this operation.",
1196 "enum": [
1197 "OPERATION_TYPE_UNSPECIFIED",
1198 "CREATE",
1199 "MOVE"
1200 ],
1201 "enumDescriptions": [
1202 "Operation type not specified.",
1203 "A create folder operation.",
1204 "A move folder operation."
1205 ],
1206 "type": "string"
1207 },
1208 "sourceParent": {
1209 "description": "The resource name of the folder's parent.\nO nly applicable when the operation_type is MOVE.",
1210 "type": "string"
1211 },
1212 "displayName": {
1213 "description": "The display name of the folder.",
1214 "type": "string"
1215 },
1216 "destinationParent": {
1217 "description": "The resource name of the folder or organizat ion we are either creating\nthe folder under or moving the folder to.",
1218 "type": "string"
1219 }
1220 },
1221 "type": "object"
1222 },
1223 "ResourceId": {
1224 "description": "A container to reference an id for any resource type . A `resource` in Google\nCloud Platform is a generic term for something you (a developer) may want to\ninteract with through one of our API's. Some examples ar e an App Engine app,\na Compute Engine instance, a Cloud SQL database, and so on .",
1225 "id": "ResourceId",
1226 "properties": {
1227 "type": {
1228 "description": "Required field representing the resource typ e this id is for.\nAt present, the valid types are: \"organization\"",
1229 "type": "string"
1230 },
1231 "id": {
1232 "description": "Required field for the type-specific id. Thi s should correspond to the id\nused in the type-specific API's.",
1233 "type": "string"
1234 }
1235 },
1236 "type": "object"
1237 },
1238 "GetEffectiveOrgPolicyRequest": {
1239 "description": "The request sent to the GetEffectiveOrgPolicy method .",
1240 "id": "GetEffectiveOrgPolicyRequest",
1241 "properties": {
1242 "constraint": {
1243 "description": "The name of the `Constraint` to compute the effective `Policy`.",
1244 "type": "string"
1245 }
1246 },
1247 "type": "object"
1248 },
1249 "ListOrgPoliciesRequest": {
1250 "description": "The request sent to the ListOrgPolicies method.",
1251 "id": "ListOrgPoliciesRequest",
1252 "properties": {
1253 "pageToken": {
1254 "description": "Page token used to retrieve the next page. T his is currently unsupported\nand will be ignored. The server may at any point s tart using this field.",
1255 "type": "string"
1256 },
1257 "pageSize": {
1258 "description": "Size of the pages to be returned. This is cu rrently unsupported and will\nbe ignored. The server may at any point start usin g this field to limit\npage size.",
1259 "format": "int32",
1260 "type": "integer"
1261 }
1262 },
1263 "type": "object"
1264 },
1265 "Operation": {
1266 "description": "This resource represents a long-running operation th at is the result of a\nnetwork API call.",
1267 "id": "Operation",
1268 "properties": {
1269 "error": {
1270 "$ref": "Status",
1271 "description": "The error result of the operation in case of failure or cancellation."
1272 },
1273 "metadata": {
1274 "additionalProperties": {
1275 "description": "Properties of the object. Contains field @type with type URL.",
1276 "type": "any"
1277 },
1278 "description": "Service-specific metadata associated with th e operation. It typically\ncontains progress information and common metadata su ch as create time.\nSome services might not provide such metadata. Any method t hat returns a\nlong-running operation should document the metadata type, if any. ",
1279 "type": "object"
1280 },
1281 "done": {
1282 "description": "If the value is `false`, it means the operat ion is still in progress.\nIf true, the operation is completed, and either `erro r` or `response` is\navailable.",
1283 "type": "boolean"
1284 },
1285 "response": {
1286 "additionalProperties": {
1287 "description": "Properties of the object. Contains field @type with type URL.",
1288 "type": "any"
1289 },
1290 "description": "The normal response of the operation in case of success. If the original\nmethod returns no data on success, such as `Delet e`, the response is\n`google.protobuf.Empty`. If the original method is standar d\n`Get`/`Create`/`Update`, the response should be the resource. For other\nmet hods, the response should have the type `XxxResponse`, where `Xxx`\nis the origi nal method name. For example, if the original method name\nis `TakeSnapshot()`, the inferred response type is\n`TakeSnapshotResponse`.",
1291 "type": "object"
1292 },
1293 "name": {
1294 "description": "The server-assigned name, which is only uniq ue within the same service that\noriginally returns it. If you use the default H TTP mapping, the\n`name` should have the format of `operations/some/unique/name` .",
1295 "type": "string"
1296 }
1297 },
1298 "type": "object"
1299 },
1300 "AuditConfig": {
1301 "description": "Specifies the audit configuration for a service.\nTh e configuration determines which permission types are logged, and what\nidentiti es, if any, are exempted from logging.\nAn AuditConfig must have one or more Aud itLogConfigs.\n\nIf there are AuditConfigs for both `allServices` and a specific service,\nthe union of the two AuditConfigs is used for that service: the log_t ypes\nspecified in each AuditConfig are enabled, and the exempted_members in eac h\nAuditConfig are exempted.\n\nExample Policy with multiple AuditConfigs:\n\n {\n \"audit_configs\": [\n {\n \"service\": \"allServices \"\n \"audit_log_configs\": [\n {\n \"log_type\ ": \"DATA_READ\",\n \"exempted_members\": [\n \"user :foo@gmail.com\"\n ]\n },\n {\n \"log_type\": \"DATA_WRITE\",\n },\n {\n \"lo g_type\": \"ADMIN_READ\",\n }\n ]\n },\n {\n \"service\": \"fooservice.googleapis.com\"\n \"audit_log_config s\": [\n {\n \"log_type\": \"DATA_READ\",\n } ,\n {\n \"log_type\": \"DATA_WRITE\",\n \"e xempted_members\": [\n \"user:bar@gmail.com\"\n ]\n }\n ]\n }\n ]\n }\n\nFor fooservice, this pol icy enables DATA_READ, DATA_WRITE and ADMIN_READ\nlogging. It also exempts foo@g mail.com from DATA_READ logging, and\nbar@gmail.com from DATA_WRITE logging.",
1302 "id": "AuditConfig",
1303 "properties": {
1304 "service": {
1305 "description": "Specifies a service that will be enabled for audit logging.\nFor example, `storage.googleapis.com`, `cloudsql.googleapis.com `.\n`allServices` is a special value that covers all services.",
1306 "type": "string"
1307 },
1308 "auditLogConfigs": {
1309 "description": "The configuration for logging of each type o f permission.\nNext ID: 4",
1310 "items": {
1311 "$ref": "AuditLogConfig"
1312 },
1313 "type": "array"
1314 }
1315 },
1316 "type": "object"
1317 },
1318 "Constraint": {
1319 "description": "A `Constraint` describes a way in which a resource's configuration can be\nrestricted. For example, it controls which cloud services can be activated\nacross an organization, or whether a Compute Engine instance can have\nserial port connections established. `Constraints` can be configured b y the\norganization's policy adminstrator to fit the needs of the organzation by \nsetting Policies for `Constraints` at different locations in the\norganization 's resource hierarchy. Policies are inherited down the resource\nhierarchy from higher levels, but can also be overridden. For details about\nthe inheritance ru les please read about\nPolicies.\n\n`Constraints` have a default behavior determ ined by the `constraint_default`\nfield, which is the enforcement behavior that is used in the absence of a\n`Policy` being defined or inherited for the resourc e in question.",
1320 "id": "Constraint",
1321 "properties": {
1322 "description": {
1323 "description": "Detailed description of what this `Constrain t` controls as well as how and\nwhere it is enforced.\n\nMutable.",
1324 "type": "string"
1325 },
1326 "displayName": {
1327 "description": "The human readable name.\n\nMutable.",
1328 "type": "string"
1329 },
1330 "booleanConstraint": {
1331 "$ref": "BooleanConstraint",
1332 "description": "Defines this constraint as being a BooleanCo nstraint."
1333 },
1334 "constraintDefault": {
1335 "description": "The evaluation behavior of this constraint i n the absense of 'Policy'.",
1336 "enum": [
1337 "CONSTRAINT_DEFAULT_UNSPECIFIED",
1338 "ALLOW",
1339 "DENY"
1340 ],
1341 "enumDescriptions": [
1342 "This is only used for distinguishing unset values and s hould never be\nused.",
1343 "Indicate that all values are allowed for list constrain ts.\nIndicate that enforcement is off for boolean constraints.",
1344 "Indicate that all values are denied for list constraint s.\nIndicate that enforcement is on for boolean constraints."
1345 ],
1346 "type": "string"
1347 },
1348 "name": {
1349 "description": "Immutable value, required to globally be uni que. For example,\n`constraints/serviceuser.services`",
1350 "type": "string"
1351 },
1352 "version": {
1353 "description": "Version of the `Constraint`. Default version is 0;",
1354 "format": "int32",
1355 "type": "integer"
1356 },
1357 "listConstraint": {
1358 "$ref": "ListConstraint",
1359 "description": "Defines this constraint as being a ListConst raint."
1360 }
1361 },
1362 "type": "object"
1363 },
1364 "ListLiensResponse": {
1365 "description": "The response message for Liens.ListLiens.",
1366 "id": "ListLiensResponse",
1367 "properties": {
1368 "liens": {
1369 "description": "A list of Liens.",
1370 "items": {
1371 "$ref": "Lien"
1372 },
1373 "type": "array"
1374 },
1375 "nextPageToken": {
1376 "description": "Token to retrieve the next page of results, or empty if there are no more\nresults in the list.",
1377 "type": "string"
1378 }
1379 },
1380 "type": "object"
1381 },
1382 "Status": {
1383 "description": "The `Status` type defines a logical error model that is suitable for different\nprogramming environments, including REST APIs and RP C APIs. It is used by\n[gRPC](https://github.com/grpc). The error model is desig ned to be:\n\n- Simple to use and understand for most users\n- Flexible enough t o meet unexpected needs\n\n# Overview\n\nThe `Status` message contains three pie ces of data: error code, error message,\nand error details. The error code shoul d be an enum value of\ngoogle.rpc.Code, but it may accept additional error codes if needed. The\nerror message should be a developer-facing English message tha t helps\ndevelopers *understand* and *resolve* the error. If a localized user-fa cing\nerror message is needed, put the localized message in the error details or \nlocalize it in the client. The optional error details may contain arbitrary\ni nformation about the error. There is a predefined set of error detail types\nin the package `google.rpc` that can be used for common error conditions.\n\n# Lang uage mapping\n\nThe `Status` message is the logical representation of the error model, but it\nis not necessarily the actual wire format. When the `Status` mess age is\nexposed in different client libraries and different wire protocols, it c an be\nmapped differently. For example, it will likely be mapped to some excepti ons\nin Java, but more likely mapped to some error codes in C.\n\n# Other uses\n \nThe error model and the `Status` message can be used in a variety of\nenvironm ents, either with or without APIs, to provide a\nconsistent developer experience across different environments.\n\nExample uses of this error model include:\n\n - Partial errors. If a service needs to return partial errors to the client,\n it may embed the `Status` in the normal response to indicate the partial\n errors.\n\n- Workflow errors. A typical workflow has multiple steps. Each step m ay\n have a `Status` message for error reporting.\n\n- Batch operations. If a client uses batch request and batch response, the\n `Status` message should be used directly inside batch response, one for\n each error sub-response.\n\ n- Asynchronous operations. If an API call embeds asynchronous operation\n re sults in its response, the status of those operations should be\n represented directly using the `Status` message.\n\n- Logging. If some API errors are store d in logs, the message `Status` could\n be used directly after any stripping needed for security/privacy reasons.",
1384 "id": "Status",
1385 "properties": {
1386 "details": {
1387 "description": "A list of messages that carry the error deta ils. There is a common set of\nmessage types for APIs to use.",
1388 "items": {
1389 "additionalProperties": {
1390 "description": "Properties of the object. Contains f ield @type with type URL.",
1391 "type": "any"
1392 },
1393 "type": "object"
1394 },
1395 "type": "array"
1396 },
1397 "code": {
1398 "description": "The status code, which should be an enum val ue of google.rpc.Code.",
1399 "format": "int32",
1400 "type": "integer"
1401 },
1402 "message": {
1403 "description": "A developer-facing error message, which shou ld be in English. Any\nuser-facing error message should be localized and sent in the\ngoogle.rpc.Status.details field, or localized by the client.",
1404 "type": "string"
1405 }
1406 },
1407 "type": "object"
1408 },
1409 "Binding": {
1410 "description": "Associates `members` with a `role`.",
1411 "id": "Binding",
1412 "properties": {
1413 "members": {
1414 "description": "Specifies the identities requesting access f or a Cloud Platform resource.\n`members` can have the following values:\n\n* `al lUsers`: A special identifier that represents anyone who is\n on the internet; with or without a Google account.\n\n* `allAuthenticatedUsers`: A special ident ifier that represents anyone\n who is authenticated with a Google account or a service account.\n\n* `user:{emailid}`: An email address that represents a spec ific Google\n account. For example, `alice@gmail.com` or `joe@example.com`.\n\ n\n* `serviceAccount:{emailid}`: An email address that represents a service\n account. For example, `my-other-app@appspot.gserviceaccount.com`.\n\n* `group:{e mailid}`: An email address that represents a Google group.\n For example, `adm ins@example.com`.\n\n\n* `domain:{domain}`: A Google Apps domain name that repre sents all the\n users of that domain. For example, `google.com` or `example.co m`.\n\n",
1415 "items": {
1416 "type": "string"
1417 },
1418 "type": "array"
1419 },
1420 "role": {
1421 "description": "Role that is assigned to `members`.\nFor exa mple, `roles/viewer`, `roles/editor`, or `roles/owner`.\nRequired",
1422 "type": "string"
1423 }
1424 },
1425 "type": "object"
1426 },
1427 "RestoreDefault": {
1428 "description": "Ignores policies set above this resource and restore s the\n`constraint_default` enforcement behavior of the specific `Constraint` at \nthis resource.\n\nSuppose that `constraint_default` is set to `ALLOW` for the\ n`Constraint` `constraints/serviceuser.services`. Suppose that organization\nfoo .com sets a `Policy` at their Organization resource node that restricts\nthe all owed service activations to deny all service activations. They\ncould then set a `Policy` with the `policy_type` `restore_default` on\nseveral experimental proj ects, restoring the `constraint_default`\nenforcement of the `Constraint` for on ly those projects, allowing those\nprojects to have all services activated.",
1429 "id": "RestoreDefault",
1430 "properties": {},
1431 "type": "object"
1432 },
1433 "GetOrgPolicyRequest": {
1434 "description": "The request sent to the GetOrgPolicy method.",
1435 "id": "GetOrgPolicyRequest",
1436 "properties": {
1437 "constraint": {
1438 "description": "Name of the `Constraint` to get the `Policy` .",
1439 "type": "string"
1440 }
1441 },
1442 "type": "object"
1443 },
1444 "ClearOrgPolicyRequest": {
1445 "description": "The request sent to the ClearOrgPolicy method.",
1446 "id": "ClearOrgPolicyRequest",
1447 "properties": {
1448 "etag": {
1449 "description": "The current version, for concurrency control . Not sending an `etag`\nwill cause the `Policy` to be cleared blindly.",
1450 "format": "byte",
1451 "type": "string"
1452 },
1453 "constraint": {
1454 "description": "Name of the `Constraint` of the `Policy` to clear.",
1455 "type": "string"
1456 }
1457 },
1458 "type": "object"
1459 },
1460 "UndeleteProjectRequest": {
1461 "description": "The request sent to the UndeleteProject\nmethod.",
1462 "id": "UndeleteProjectRequest",
1463 "properties": {},
1464 "type": "object"
1465 },
1466 "ProjectCreationStatus": {
1467 "description": "A status object which is used as the `metadata` fiel d for the Operation\nreturned by CreateProject. It provides insight for when sig nificant phases of\nProject creation have completed.",
1468 "id": "ProjectCreationStatus",
1469 "properties": {
1470 "gettable": {
1471 "description": "True if the project can be retrieved using G etProject. No other operations\non the project are guaranteed to work until the project creation is\ncomplete.",
1472 "type": "boolean"
1473 },
1474 "createTime": {
1475 "description": "Creation time of the project creation workfl ow.",
1476 "format": "google-datetime",
1477 "type": "string"
1478 },
1479 "ready": {
1480 "description": "True if the project creation process is comp lete.",
1481 "type": "boolean"
1482 }
1483 },
1484 "type": "object"
1485 },
1486 "BooleanConstraint": {
1487 "description": "A `Constraint` that is either enforced or not.\n\nFo r example a constraint `constraints/compute.disableSerialPortAccess`.\nIf it is enforced on a VM instance, serial port connections will not be\nopened to that i nstance.",
1488 "id": "BooleanConstraint",
1489 "properties": {},
1490 "type": "object"
1491 },
1492 "GetIamPolicyRequest": {
1493 "description": "Request message for `GetIamPolicy` method.",
1494 "id": "GetIamPolicyRequest",
1495 "properties": {},
1496 "type": "object"
1497 },
1498 "TestIamPermissionsResponse": {
1499 "description": "Response message for `TestIamPermissions` method.",
1500 "id": "TestIamPermissionsResponse",
1501 "properties": {
1502 "permissions": {
1503 "description": "A subset of `TestPermissionsRequest.permissi ons` that the caller is\nallowed.",
1504 "items": {
1505 "type": "string"
1506 },
1507 "type": "array"
1508 }
1509 },
1510 "type": "object"
1511 },
1169 "OrganizationOwner": { 1512 "OrganizationOwner": {
1170 "description": "The entity that owns an Organization. The lifetime o f the Organization and\nall of its descendants are bound to the `OrganizationOwn er`. If the\n`OrganizationOwner` is deleted, the Organization and all its descen dants will\nbe deleted.", 1513 "description": "The entity that owns an Organization. The lifetime o f the Organization and\nall of its descendants are bound to the `OrganizationOwn er`. If the\n`OrganizationOwner` is deleted, the Organization and all its descen dants will\nbe deleted.",
1171 "id": "OrganizationOwner", 1514 "id": "OrganizationOwner",
1172 "properties": { 1515 "properties": {
1173 "directoryCustomerId": { 1516 "directoryCustomerId": {
1174 "description": "The Google for Work customer id used in the Directory API.", 1517 "description": "The Google for Work customer id used in the Directory API.",
1175 "type": "string" 1518 "type": "string"
1176 } 1519 }
1177 }, 1520 },
1178 "type": "object" 1521 "type": "object"
1179 }, 1522 },
1180 "ListProjectsResponse": { 1523 "ListProjectsResponse": {
1181 "description": "A page of the response received from the\nListProjec ts\nmethod.\n\nA paginated response where more pages are available has\n`next_pa ge_token` set. This token can be used in a subsequent request to\nretrieve the n ext request page.", 1524 "description": "A page of the response received from the\nListProjec ts\nmethod.\n\nA paginated response where more pages are available has\n`next_pa ge_token` set. This token can be used in a subsequent request to\nretrieve the n ext request page.",
1182 "id": "ListProjectsResponse", 1525 "id": "ListProjectsResponse",
1183 "properties": { 1526 "properties": {
1527 "projects": {
1528 "description": "The list of Projects that matched the list f ilter. This list can\nbe paginated.",
1529 "items": {
1530 "$ref": "Project"
1531 },
1532 "type": "array"
1533 },
1184 "nextPageToken": { 1534 "nextPageToken": {
1185 "description": "Pagination token.\n\nIf the result set is to o large to fit in a single response, this token\nis returned. It encodes the pos ition of the current result cursor.\nFeeding this value into a new list request with the `page_token` parameter\ngives the next page of the results.\n\nWhen `ne xt_page_token` is not filled in, there is no next page and\nthe list returned is the last page in the result set.\n\nPagination tokens have a limited lifetime." , 1535 "description": "Pagination token.\n\nIf the result set is to o large to fit in a single response, this token\nis returned. It encodes the pos ition of the current result cursor.\nFeeding this value into a new list request with the `page_token` parameter\ngives the next page of the results.\n\nWhen `ne xt_page_token` is not filled in, there is no next page and\nthe list returned is the last page in the result set.\n\nPagination tokens have a limited lifetime." ,
1186 "type": "string" 1536 "type": "string"
1187 },
1188 "projects": {
1189 "description": "The list of Projects that matched the list f ilter. This list can\nbe paginated.",
1190 "items": {
1191 "$ref": "Project"
1192 },
1193 "type": "array"
1194 } 1537 }
1195 }, 1538 },
1196 "type": "object" 1539 "type": "object"
1197 }, 1540 },
1198 "Project": { 1541 "Project": {
1199 "description": "A Project is a high-level Google Cloud Platform enti ty. It is a\ncontainer for ACLs, APIs, App Engine Apps, VMs, and other\nGoogle Cloud Platform resources.", 1542 "description": "A Project is a high-level Google Cloud Platform enti ty. It is a\ncontainer for ACLs, APIs, App Engine Apps, VMs, and other\nGoogle Cloud Platform resources.",
1200 "id": "Project", 1543 "id": "Project",
1201 "properties": { 1544 "properties": {
1202 "name": {
1203 "description": "The user-assigned display name of the Projec t.\nIt must be 4 to 30 characters.\nAllowed characters are: lowercase and upperc ase letters, numbers,\nhyphen, single-quote, double-quote, space, and exclamatio n point.\n\nExample: <code>My Project</code>\nRead-write.",
1204 "type": "string"
1205 },
1206 "projectId": { 1545 "projectId": {
1207 "description": "The unique, user-assigned ID of the Project. \nIt must be 6 to 30 lowercase letters, digits, or hyphens.\nIt must start with a letter.\nTrailing hyphens are prohibited.\n\nExample: <code>tokyo-rain-123</co de>\nRead-only after creation.", 1546 "description": "The unique, user-assigned ID of the Project. \nIt must be 6 to 30 lowercase letters, digits, or hyphens.\nIt must start with a letter.\nTrailing hyphens are prohibited.\n\nExample: <code>tokyo-rain-123</co de>\nRead-only after creation.",
1208 "type": "string" 1547 "type": "string"
1209 }, 1548 },
1210 "lifecycleState": { 1549 "lifecycleState": {
1211 "description": "The Project lifecycle state.\n\nRead-only.", 1550 "description": "The Project lifecycle state.\n\nRead-only.",
1212 "enum": [ 1551 "enum": [
1213 "LIFECYCLE_STATE_UNSPECIFIED", 1552 "LIFECYCLE_STATE_UNSPECIFIED",
1214 "ACTIVE", 1553 "ACTIVE",
1215 "DELETE_REQUESTED", 1554 "DELETE_REQUESTED",
1216 "DELETE_IN_PROGRESS" 1555 "DELETE_IN_PROGRESS"
1217 ], 1556 ],
1218 "enumDescriptions": [ 1557 "enumDescriptions": [
1219 "Unspecified state. This is only used/useful for distin guishing\nunset values.", 1558 "Unspecified state. This is only used/useful for distin guishing\nunset values.",
1220 "The normal and active state.", 1559 "The normal and active state.",
1221 "The project has been marked for deletion by the user\n( by invoking\nDeleteProject)\nor by the system (Google Cloud Platform).\nThis can generally be reversed by invoking UndeleteProject.", 1560 "The project has been marked for deletion by the user\n( by invoking\nDeleteProject)\nor by the system (Google Cloud Platform).\nThis can generally be reversed by invoking UndeleteProject.",
1222 "This lifecycle state is no longer used and not returned by the API." 1561 "This lifecycle state is no longer used and not returned by the API."
1223 ], 1562 ],
1224 "type": "string" 1563 "type": "string"
1225 }, 1564 },
1226 "projectNumber": { 1565 "projectNumber": {
1227 "description": "The number uniquely identifying the project. \n\nExample: <code>415104041262</code>\nRead-only.", 1566 "description": "The number uniquely identifying the project. \n\nExample: <code>415104041262</code>\nRead-only.",
1228 "format": "int64", 1567 "format": "int64",
1229 "type": "string" 1568 "type": "string"
1230 }, 1569 },
1231 "parent": { 1570 "parent": {
1232 "$ref": "ResourceId", 1571 "$ref": "ResourceId",
1233 "description": "An optional reference to a parent Resource.\ n\nThe only supported parent type is \"organization\". Once set, the parent\ncan not be modified. The `parent` can be set on creation or using the\n`UpdateProjec t` method; the end user must have the\n`resourcemanager.projects.create` permiss ion on the parent.\n\nRead-write." 1572 "description": "An optional reference to a parent Resource.\ n\nThe only supported parent type is \"organization\". Once set, the parent\ncan not be modified. The `parent` can be set on creation or using the\n`UpdateProjec t` method; the end user must have the\n`resourcemanager.projects.create` permiss ion on the parent.\n\nRead-write."
1234 }, 1573 },
1574 "labels": {
1575 "additionalProperties": {
1576 "type": "string"
1577 },
1578 "description": "The labels associated with this Project.\n\n Label keys must be between 1 and 63 characters long and must conform\nto the fol lowing regular expression: \\[a-z\\](\\[-a-z0-9\\]*\\[a-z0-9\\])?.\n\nLabel valu es must be between 0 and 63 characters long and must conform\nto the regular exp ression (\\[a-z\\](\\[-a-z0-9\\]*\\[a-z0-9\\])?)?.\n\nNo more than 256 labels ca n be associated with a given resource.\n\nClients should store labels in a repre sentation such as JSON that does not\ndepend on specific characters being disall owed.\n\nExample: <code>\"environment\" : \"dev\"</code>\nRead-write.",
1579 "type": "object"
1580 },
1235 "createTime": { 1581 "createTime": {
1236 "description": "Creation time.\n\nRead-only.", 1582 "description": "Creation time.\n\nRead-only.",
1237 "format": "google-datetime", 1583 "format": "google-datetime",
1238 "type": "string" 1584 "type": "string"
1239 }, 1585 },
1240 "labels": { 1586 "name": {
1241 "additionalProperties": { 1587 "description": "The user-assigned display name of the Projec t.\nIt must be 4 to 30 characters.\nAllowed characters are: lowercase and upperc ase letters, numbers,\nhyphen, single-quote, double-quote, space, and exclamatio n point.\n\nExample: <code>My Project</code>\nRead-write.",
1242 "type": "string" 1588 "type": "string"
1243 }, 1589 }
1244 "description": "The labels associated with this Project.\n\n Label keys must be between 1 and 63 characters long and must conform\nto the fol lowing regular expression: \\[a-z\\](\\[-a-z0-9\\]*\\[a-z0-9\\])?.\n\nLabel valu es must be between 0 and 63 characters long and must conform\nto the regular exp ression (\\[a-z\\](\\[-a-z0-9\\]*\\[a-z0-9\\])?)?.\n\nNo more than 256 labels ca n be associated with a given resource.\n\nClients should store labels in a repre sentation such as JSON that does not\ndepend on specific characters being disall owed.\n\nExample: <code>\"environment\" : \"dev\"</code>\nRead-write.", 1590 },
1245 "type": "object" 1591 "type": "object"
1592 },
1593 "SearchOrganizationsResponse": {
1594 "description": "The response returned from the `SearchOrganizations` method.",
1595 "id": "SearchOrganizationsResponse",
1596 "properties": {
1597 "organizations": {
1598 "description": "The list of Organizations that matched the s earch query, possibly\npaginated.",
1599 "items": {
1600 "$ref": "Organization"
1601 },
1602 "type": "array"
1603 },
1604 "nextPageToken": {
1605 "description": "A pagination token to be used to retrieve th e next page of results. If the\nresult is too large to fit within the page size specified in the request,\nthis field will be set with a token that can be used to fetch the next page\nof results. If this field is empty, it indicates that th is response\ncontains the last page of results.",
1606 "type": "string"
1246 } 1607 }
1247 }, 1608 },
1248 "type": "object" 1609 "type": "object"
1249 }, 1610 },
1250 "ListOrgPoliciesResponse": { 1611 "ListOrgPoliciesResponse": {
1251 "description": "The response returned from the ListOrgPolicies metho d. It will be empty\nif no `Policies` are set on the resource.", 1612 "description": "The response returned from the ListOrgPolicies metho d. It will be empty\nif no `Policies` are set on the resource.",
1252 "id": "ListOrgPoliciesResponse", 1613 "id": "ListOrgPoliciesResponse",
1253 "properties": { 1614 "properties": {
1254 "policies": { 1615 "policies": {
1255 "description": "The `Policies` that are set on the resource. It will be empty if no\n`Policies` are set.", 1616 "description": "The `Policies` that are set on the resource. It will be empty if no\n`Policies` are set.",
1256 "items": { 1617 "items": {
1257 "$ref": "OrgPolicy" 1618 "$ref": "OrgPolicy"
1258 }, 1619 },
1259 "type": "array" 1620 "type": "array"
1260 }, 1621 },
1261 "nextPageToken": { 1622 "nextPageToken": {
1262 "description": "Page token used to retrieve the next page. T his is currently not used, but\nthe server may at any point start supplying a va lid token.", 1623 "description": "Page token used to retrieve the next page. T his is currently not used, but\nthe server may at any point start supplying a va lid token.",
1263 "type": "string" 1624 "type": "string"
1264 } 1625 }
1265 }, 1626 },
1266 "type": "object" 1627 "type": "object"
1267 }, 1628 },
1268 "SearchOrganizationsResponse": {
1269 "description": "The response returned from the `SearchOrganizations` method.",
1270 "id": "SearchOrganizationsResponse",
1271 "properties": {
1272 "nextPageToken": {
1273 "description": "A pagination token to be used to retrieve th e next page of results. If the\nresult is too large to fit within the page size specified in the request,\nthis field will be set with a token that can be used to fetch the next page\nof results. If this field is empty, it indicates that th is response\ncontains the last page of results.",
1274 "type": "string"
1275 },
1276 "organizations": {
1277 "description": "The list of Organizations that matched the s earch query, possibly\npaginated.",
1278 "items": {
1279 "$ref": "Organization"
1280 },
1281 "type": "array"
1282 }
1283 },
1284 "type": "object"
1285 },
1286 "FolderOperationError": { 1629 "FolderOperationError": {
1287 "description": "A classification of the Folder Operation error.", 1630 "description": "A classification of the Folder Operation error.",
1288 "id": "FolderOperationError", 1631 "id": "FolderOperationError",
1289 "properties": { 1632 "properties": {
1290 "errorMessageId": { 1633 "errorMessageId": {
1291 "description": "The type of operation error experienced.", 1634 "description": "The type of operation error experienced.",
1292 "enum": [ 1635 "enum": [
1293 "ERROR_TYPE_UNSPECIFIED", 1636 "ERROR_TYPE_UNSPECIFIED",
1294 "ACTIVE_FOLDER_HEIGHT_VIOLATION", 1637 "ACTIVE_FOLDER_HEIGHT_VIOLATION",
1295 "MAX_CHILD_FOLDERS_VIOLATION", 1638 "MAX_CHILD_FOLDERS_VIOLATION",
(...skipping 15 matching lines...) Expand all
1311 "The attempted action would introduce cycle in resource path.", 1654 "The attempted action would introduce cycle in resource path.",
1312 "The attempted action would move a folder that is alread y being moved.", 1655 "The attempted action would move a folder that is alread y being moved.",
1313 "The folder the caller is trying to delete contains acti ve resources.", 1656 "The folder the caller is trying to delete contains acti ve resources.",
1314 "The attempted action would violate the max deleted fold er depth\nconstraint." 1657 "The attempted action would violate the max deleted fold er depth\nconstraint."
1315 ], 1658 ],
1316 "type": "string" 1659 "type": "string"
1317 } 1660 }
1318 }, 1661 },
1319 "type": "object" 1662 "type": "object"
1320 }, 1663 },
1664 "BooleanPolicy": {
1665 "description": "Used in `policy_type` to specify how `boolean_policy ` will behave at this\nresource.",
1666 "id": "BooleanPolicy",
1667 "properties": {
1668 "enforced": {
1669 "description": "If `true`, then the `Policy` is enforced. If `false`, then any\nconfiguration is acceptable.\n\nSuppose you have a `Constrai nt` `constraints/compute.disableSerialPortAccess`\nwith `constraint_default` set to `ALLOW`. A `Policy` for that\n`Constraint` exhibits the following behavior:\ n - If the `Policy` at this resource has enforced set to `false`, serial\n p ort connection attempts will be allowed.\n - If the `Policy` at this resource h as enforced set to `true`, serial\n port connection attempts will be refused. \n - If the `Policy` at this resource is `RestoreDefault`, serial port\n con nection attempts will be allowed.\n - If no `Policy` is set at this resource or anywhere higher in the\n resource hierarchy, serial port connection attempts will be allowed.\n - If no `Policy` is set at this resource, but one exists hi gher in the\n resource hierarchy, the behavior is as if the`Policy` were set at\n this resource.\n\nThe following examples demonstrate the different possi ble layerings:\n\nExample 1 (nearest `Constraint` wins):\n `organizations/foo` has a `Policy` with:\n {enforced: false}\n `projects/bar` has no `Policy` se t.\nThe constraint at `projects/bar` and `organizations/foo` will not be\nenforc ed.\n\nExample 2 (enforcement gets replaced):\n `organizations/foo` has a `Poli cy` with:\n {enforced: false}\n `projects/bar` has a `Policy` with:\n {en forced: true}\nThe constraint at `organizations/foo` is not enforced.\nThe const raint at `projects/bar` is enforced.\n\nExample 3 (RestoreDefault):\n `organiza tions/foo` has a `Policy` with:\n {enforced: true}\n `projects/bar` has a `P olicy` with:\n {RestoreDefault: {}}\nThe constraint at `organizations/foo` is enforced.\nThe constraint at `projects/bar` is not enforced, because\n`constrai nt_default` for the `Constraint` is `ALLOW`.",
1670 "type": "boolean"
1671 }
1672 },
1673 "type": "object"
1674 },
1321 "OrgPolicy": { 1675 "OrgPolicy": {
1322 "description": "Defines a Cloud Organization `Policy` which is used to specify `Constraints`\nfor configurations of Cloud Platform resources.", 1676 "description": "Defines a Cloud Organization `Policy` which is used to specify `Constraints`\nfor configurations of Cloud Platform resources.",
1323 "id": "OrgPolicy", 1677 "id": "OrgPolicy",
1324 "properties": { 1678 "properties": {
1325 "version": { 1679 "version": {
1326 "description": "Version of the `Policy`. Default version is 0;", 1680 "description": "Version of the `Policy`. Default version is 0;",
1327 "format": "int32", 1681 "format": "int32",
1328 "type": "integer" 1682 "type": "integer"
1329 }, 1683 },
1330 "restoreDefault": { 1684 "restoreDefault": {
(...skipping 18 matching lines...) Expand all
1349 "description": "For boolean `Constraints`, whether to enforc e the `Constraint` or not." 1703 "description": "For boolean `Constraints`, whether to enforc e the `Constraint` or not."
1350 }, 1704 },
1351 "updateTime": { 1705 "updateTime": {
1352 "description": "The time stamp the `Policy` was previously u pdated. This is set by the\nserver, not specified by the caller, and represents the last time a call to\n`SetOrgPolicy` was made for that `Policy`. Any value se t by the client will\nbe ignored.", 1706 "description": "The time stamp the `Policy` was previously u pdated. This is set by the\nserver, not specified by the caller, and represents the last time a call to\n`SetOrgPolicy` was made for that `Policy`. Any value se t by the client will\nbe ignored.",
1353 "format": "google-datetime", 1707 "format": "google-datetime",
1354 "type": "string" 1708 "type": "string"
1355 } 1709 }
1356 }, 1710 },
1357 "type": "object" 1711 "type": "object"
1358 }, 1712 },
1359 "BooleanPolicy": {
1360 "description": "Used in `policy_type` to specify how `boolean_policy ` will behave at this\nresource.",
1361 "id": "BooleanPolicy",
1362 "properties": {
1363 "enforced": {
1364 "description": "If `true`, then the `Policy` is enforced. If `false`, then any\nconfiguration is acceptable.\n\nSuppose you have a `Constrai nt` `constraints/compute.disableSerialPortAccess`\nwith `constraint_default` set to `ALLOW`. A `Policy` for that\n`Constraint` exhibits the following behavior:\ n - If the `Policy` at this resource has enforced set to `false`, serial\n p ort connection attempts will be allowed.\n - If the `Policy` at this resource h as enforced set to `true`, serial\n port connection attempts will be refused. \n - If the `Policy` at this resource is `RestoreDefault`, serial port\n con nection attempts will be allowed.\n - If no `Policy` is set at this resource or anywhere higher in the\n resource hierarchy, serial port connection attempts will be allowed.\n - If no `Policy` is set at this resource, but one exists hi gher in the\n resource hierarchy, the behavior is as if the`Policy` were set at\n this resource.\n\nThe following examples demonstrate the different possi ble layerings:\n\nExample 1 (nearest `Constraint` wins):\n `organizations/foo` has a `Policy` with:\n {enforced: false}\n `projects/bar` has no `Policy` se t.\nThe constraint at `projects/bar` and `organizations/foo` will not be\nenforc ed.\n\nExample 2 (enforcement gets replaced):\n `organizations/foo` has a `Poli cy` with:\n {enforced: false}\n `projects/bar` has a `Policy` with:\n {en forced: true}\nThe constraint at `organizations/foo` is not enforced.\nThe const raint at `projects/bar` is enforced.\n\nExample 3 (RestoreDefault):\n `organiza tions/foo` has a `Policy` with:\n {enforced: true}\n `projects/bar` has a `P olicy` with:\n {RestoreDefault: {}}\nThe constraint at `organizations/foo` is enforced.\nThe constraint at `projects/bar` is not enforced, because\n`constrai nt_default` for the `Constraint` is `ALLOW`.",
1365 "type": "boolean"
1366 }
1367 },
1368 "type": "object"
1369 },
1370 "Lien": { 1713 "Lien": {
1371 "description": "A Lien represents an encumbrance on the actions that can be performed on a\nresource.", 1714 "description": "A Lien represents an encumbrance on the actions that can be performed on a\nresource.",
1372 "id": "Lien", 1715 "id": "Lien",
1373 "properties": { 1716 "properties": {
1374 "parent": { 1717 "parent": {
1375 "description": "A reference to the resource this Lien is att ached to. The server will\nvalidate the parent against those for which Liens are supported.\n\nExample: `projects/1234`", 1718 "description": "A reference to the resource this Lien is att ached to. The server will\nvalidate the parent against those for which Liens are supported.\n\nExample: `projects/1234`",
1376 "type": "string" 1719 "type": "string"
1377 }, 1720 },
1378 "createTime": { 1721 "createTime": {
1379 "description": "The creation time of this Lien.", 1722 "description": "The creation time of this Lien.",
(...skipping 74 matching lines...) Expand 10 before | Expand all | Expand 10 after
1454 "Empty": { 1797 "Empty": {
1455 "description": "A generic empty message that you can re-use to avoid defining duplicated\nempty messages in your APIs. A typical example is to use i t as the request\nor the response type of an API method. For instance:\n\n se rvice Foo {\n rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty );\n }\n\nThe JSON representation for `Empty` is empty JSON object `{}`.", 1798 "description": "A generic empty message that you can re-use to avoid defining duplicated\nempty messages in your APIs. A typical example is to use i t as the request\nor the response type of an API method. For instance:\n\n se rvice Foo {\n rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty );\n }\n\nThe JSON representation for `Empty` is empty JSON object `{}`.",
1456 "id": "Empty", 1799 "id": "Empty",
1457 "properties": {}, 1800 "properties": {},
1458 "type": "object" 1801 "type": "object"
1459 }, 1802 },
1460 "Organization": { 1803 "Organization": {
1461 "description": "The root node in the resource hierarchy to which a p articular entity's\n(e.g., company) resources belong.", 1804 "description": "The root node in the resource hierarchy to which a p articular entity's\n(e.g., company) resources belong.",
1462 "id": "Organization", 1805 "id": "Organization",
1463 "properties": { 1806 "properties": {
1464 "creationTime": {
1465 "description": "Timestamp when the Organization was created. Assigned by the server.\n@OutputOnly",
1466 "format": "google-datetime",
1467 "type": "string"
1468 },
1469 "lifecycleState": { 1807 "lifecycleState": {
1470 "description": "The organization's current lifecycle state. Assigned by the server.\n@OutputOnly", 1808 "description": "The organization's current lifecycle state. Assigned by the server.\n@OutputOnly",
1471 "enum": [ 1809 "enum": [
1472 "LIFECYCLE_STATE_UNSPECIFIED", 1810 "LIFECYCLE_STATE_UNSPECIFIED",
1473 "ACTIVE", 1811 "ACTIVE",
1474 "DELETE_REQUESTED" 1812 "DELETE_REQUESTED"
1475 ], 1813 ],
1476 "enumDescriptions": [ 1814 "enumDescriptions": [
1477 "Unspecified state. This is only useful for distinguish ing unset values.", 1815 "Unspecified state. This is only useful for distinguish ing unset values.",
1478 "The normal and active state.", 1816 "The normal and active state.",
1479 "The organization has been marked for deletion by the us er." 1817 "The organization has been marked for deletion by the us er."
1480 ], 1818 ],
1481 "type": "string" 1819 "type": "string"
1482 }, 1820 },
1483 "owner": { 1821 "owner": {
1484 "$ref": "OrganizationOwner", 1822 "$ref": "OrganizationOwner",
1485 "description": "The owner of this Organization. The owner sh ould be specified on\ncreation. Once set, it cannot be changed.\nThis field is r equired." 1823 "description": "The owner of this Organization. The owner sh ould be specified on\ncreation. Once set, it cannot be changed.\nThis field is r equired."
1486 }, 1824 },
1487 "name": { 1825 "name": {
1488 "description": "Output Only. The resource name of the organi zation. This is the\norganization's relative path in the API. Its format is\n\"o rganizations/[organization_id]\". For example, \"organizations/1234\".", 1826 "description": "Output Only. The resource name of the organi zation. This is the\norganization's relative path in the API. Its format is\n\"o rganizations/[organization_id]\". For example, \"organizations/1234\".",
1489 "type": "string" 1827 "type": "string"
1490 }, 1828 },
1491 "displayName": { 1829 "displayName": {
1492 "description": "A friendly string to be used to refer to the Organization in the UI.\nAssigned by the server, set to the primary domain of t he G Suite\ncustomer that owns the organization.\n@OutputOnly", 1830 "description": "A friendly string to be used to refer to the Organization in the UI.\nAssigned by the server, set to the primary domain of t he G Suite\ncustomer that owns the organization.\n@OutputOnly",
1493 "type": "string" 1831 "type": "string"
1832 },
1833 "creationTime": {
1834 "description": "Timestamp when the Organization was created. Assigned by the server.\n@OutputOnly",
1835 "format": "google-datetime",
1836 "type": "string"
1494 } 1837 }
1495 }, 1838 },
1496 "type": "object" 1839 "type": "object"
1497 }, 1840 },
1498 "ListAvailableOrgPolicyConstraintsResponse": { 1841 "ListAvailableOrgPolicyConstraintsResponse": {
1499 "description": "The response returned from the ListAvailableOrgPolic yConstraints method.\nReturns all `Constraints` that could be set at this level of the hierarchy\n(contrast with the response from `ListPolicies`, which returns all policies\nwhich are set).", 1842 "description": "The response returned from the ListAvailableOrgPolic yConstraints method.\nReturns all `Constraints` that could be set at this level of the hierarchy\n(contrast with the response from `ListPolicies`, which returns all policies\nwhich are set).",
1500 "id": "ListAvailableOrgPolicyConstraintsResponse", 1843 "id": "ListAvailableOrgPolicyConstraintsResponse",
1501 "properties": { 1844 "properties": {
1502 "constraints": { 1845 "constraints": {
1503 "description": "The collection of constraints that are setta ble on the request resource.", 1846 "description": "The collection of constraints that are setta ble on the request resource.",
1504 "items": { 1847 "items": {
1505 "$ref": "Constraint" 1848 "$ref": "Constraint"
1506 }, 1849 },
1507 "type": "array" 1850 "type": "array"
1508 }, 1851 },
1509 "nextPageToken": { 1852 "nextPageToken": {
1510 "description": "Page token used to retrieve the next page. T his is currently not used.", 1853 "description": "Page token used to retrieve the next page. T his is currently not used.",
1511 "type": "string" 1854 "type": "string"
1512 } 1855 }
1513 }, 1856 },
1514 "type": "object" 1857 "type": "object"
1515 }, 1858 },
1516 "ListPolicy": { 1859 "ListPolicy": {
1517 "description": "Used in `policy_type` to specify how `list_policy` b ehaves at this\nresource.\n\nA `ListPolicy` can define specific values that are allowed or denied by\nsetting either the `allowed_values` or `denied_values` fie lds. It can also\nbe used to allow or deny all values, by setting the `all_value s` field. If\n`all_values` is `ALL_VALUES_UNSPECIFIED`, exactly one of `allowed_ values`\nor `denied_values` must be set (attempting to set both or neither will\ nresult in a failed request). If `all_values` is set to either `ALLOW` or\n`DENY `, `allowed_values` and `denied_values` must be unset.", 1860 "description": "Used in `policy_type` to specify how `list_policy` b ehaves at this\nresource.\n\nA `ListPolicy` can define specific values that are allowed or denied by\nsetting either the `allowed_values` or `denied_values` fie lds. It can also\nbe used to allow or deny all values, by setting the `all_value s` field. If\n`all_values` is `ALL_VALUES_UNSPECIFIED`, exactly one of `allowed_ values`\nor `denied_values` must be set (attempting to set both or neither will\ nresult in a failed request). If `all_values` is set to either `ALLOW` or\n`DENY `, `allowed_values` and `denied_values` must be unset.",
1518 "id": "ListPolicy", 1861 "id": "ListPolicy",
1519 "properties": { 1862 "properties": {
1863 "deniedValues": {
1864 "description": "List of values denied at this resource. Can only be set if no values are\nset for `allowed_values` and `all_values` is set t o\n`ALL_VALUES_UNSPECIFIED`.",
1865 "items": {
1866 "type": "string"
1867 },
1868 "type": "array"
1869 },
1520 "allValues": { 1870 "allValues": {
1521 "description": "The policy all_values state.", 1871 "description": "The policy all_values state.",
1522 "enum": [ 1872 "enum": [
1523 "ALL_VALUES_UNSPECIFIED", 1873 "ALL_VALUES_UNSPECIFIED",
1524 "ALLOW", 1874 "ALLOW",
1525 "DENY" 1875 "DENY"
1526 ], 1876 ],
1527 "enumDescriptions": [ 1877 "enumDescriptions": [
1528 "Indicates that either allowed_values or denied_values m ust be set.", 1878 "Indicates that either allowed_values or denied_values m ust be set.",
1529 "A policy with this set allows all values.", 1879 "A policy with this set allows all values.",
1530 "A policy with this set denies all values." 1880 "A policy with this set denies all values."
1531 ], 1881 ],
1532 "type": "string" 1882 "type": "string"
1533 }, 1883 },
1534 "allowedValues": { 1884 "allowedValues": {
1535 "description": "List of values allowed at this resource. Ca n only be set if no values\nare set for `denied_values` and `all_values` is set to\n`ALL_VALUES_UNSPECIFIED`.", 1885 "description": "List of values allowed at this resource. Ca n only be set if no values\nare set for `denied_values` and `all_values` is set to\n`ALL_VALUES_UNSPECIFIED`.",
1536 "items": { 1886 "items": {
1537 "type": "string" 1887 "type": "string"
1538 }, 1888 },
1539 "type": "array" 1889 "type": "array"
1540 }, 1890 },
1541 "inheritFromParent": { 1891 "inheritFromParent": {
1542 "description": "Determines the inheritance behavior for this `Policy`.\n\nBy default, a `ListPolicy` set at a resource supercedes any `Polic y` set\nanywhere up the resource hierarchy. However, if `inherit_from_parent` is \nset to `true`, then the values from the effective `Policy` of the parent\nreso urce are inherited, meaning the values set in this `Policy` are\nadded to the va lues inherited up the hierarchy.\n\nSetting `Policy` hierarchies that inherit bo th allowed values and denied\nvalues isn't recommended in most circumstances to keep the configuration\nsimple and understandable. However, it is possible to se t a `Policy` with\n`allowed_values` set that inherits a `Policy` with `denied_va lues` set.\nIn this case, the values that are allowed must be in `allowed_values ` and\nnot present in `denied_values`.\n\nFor example, suppose you have a `Const raint`\n`constraints/serviceuser.services`, which has a `constraint_type` of\n`l ist_constraint`, and with `constraint_default` set to `ALLOW`.\nSuppose that at the Organization level, a `Policy` is applied that\nrestricts the allowed API ac tivations to {`E1`, `E2`}. Then, if a\n`Policy` is applied to a project below th e Organization that has\n`inherit_from_parent` set to `false` and field all_valu es set to DENY,\nthen an attempt to activate any API will be denied.\n\nThe foll owing examples demonstrate different possible layerings:\n\nExample 1 (no inheri ted values):\n `organizations/foo` has a `Policy` with values:\n {allowed_va lues: “E1” allowed_values:”E2”}\n ``projects/bar`` has `inherit_from_parent` `f alse` and values:\n {allowed_values: \"E3\" allowed_values: \"E4\"}\nThe acce pted values at `organizations/foo` are `E1`, `E2`.\nThe accepted values at `proj ects/bar` are `E3`, and `E4`.\n\nExample 2 (inherited values):\n `organizations /foo` has a `Policy` with values:\n {allowed_values: “E1” allowed_values:”E2” }\n `projects/bar` has a `Policy` with values:\n {value: “E3” value: ”E4” in herit_from_parent: true}\nThe accepted values at `organizations/foo` are `E1`, ` E2`.\nThe accepted values at `projects/bar` are `E1`, `E2`, `E3`, and `E4`.\n\nE xample 3 (inheriting both allowed and denied values):\n `organizations/foo` has a `Policy` with values:\n {allowed_values: \"E1\" allowed_values: \"E2\"}\n `projects/bar` has a `Policy` with:\n {denied_values: \"E1\"}\nThe accepted values at `organizations/foo` are `E1`, `E2`.\nThe value accepted at `projects/b ar` is `E2`.\n\nExample 4 (RestoreDefault):\n `organizations/foo` has a `Policy ` with values:\n {allowed_values: “E1” allowed_values:”E2”}\n `projects/bar` has a `Policy` with values:\n {RestoreDefault: {}}\nThe accepted values at ` organizations/foo` are `E1`, `E2`.\nThe accepted values at `projects/bar` are ei ther all or none depending on\nthe value of `constraint_default` (if `ALLOW`, al l; if\n`DENY`, none).\n\nExample 5 (no policy inherits parent policy):\n `organ izations/foo` has no `Policy` set.\n `projects/bar` has no `Policy` set.\nThe a ccepted values at both levels are either all or none depending on\nthe value of `constraint_default` (if `ALLOW`, all; if\n`DENY`, none).\n\nExample 6 (ListCons traint allowing all):\n `organizations/foo` has a `Policy` with values:\n {a llowed_values: “E1” allowed_values: ”E2”}\n `projects/bar` has a `Policy` with: \n {all: ALLOW}\nThe accepted values at `organizations/foo` are `E1`, E2`.\nA ny value is accepted at `projects/bar`.\n\nExample 7 (ListConstraint allowing no ne):\n `organizations/foo` has a `Policy` with values:\n {allowed_values: “E 1” allowed_values: ”E2”}\n `projects/bar` has a `Policy` with:\n {all: DENY} \nThe accepted values at `organizations/foo` are `E1`, E2`.\nNo value is accepte d at `projects/bar`.", 1892 "description": "Determines the inheritance behavior for this `Policy`.\n\nBy default, a `ListPolicy` set at a resource supercedes any `Polic y` set\nanywhere up the resource hierarchy. However, if `inherit_from_parent` is \nset to `true`, then the values from the effective `Policy` of the parent\nreso urce are inherited, meaning the values set in this `Policy` are\nadded to the va lues inherited up the hierarchy.\n\nSetting `Policy` hierarchies that inherit bo th allowed values and denied\nvalues isn't recommended in most circumstances to keep the configuration\nsimple and understandable. However, it is possible to se t a `Policy` with\n`allowed_values` set that inherits a `Policy` with `denied_va lues` set.\nIn this case, the values that are allowed must be in `allowed_values ` and\nnot present in `denied_values`.\n\nFor example, suppose you have a `Const raint`\n`constraints/serviceuser.services`, which has a `constraint_type` of\n`l ist_constraint`, and with `constraint_default` set to `ALLOW`.\nSuppose that at the Organization level, a `Policy` is applied that\nrestricts the allowed API ac tivations to {`E1`, `E2`}. Then, if a\n`Policy` is applied to a project below th e Organization that has\n`inherit_from_parent` set to `false` and field all_valu es set to DENY,\nthen an attempt to activate any API will be denied.\n\nThe foll owing examples demonstrate different possible layerings:\n\nExample 1 (no inheri ted values):\n `organizations/foo` has a `Policy` with values:\n {allowed_va lues: “E1” allowed_values:”E2”}\n ``projects/bar`` has `inherit_from_parent` `f alse` and values:\n {allowed_values: \"E3\" allowed_values: \"E4\"}\nThe acce pted values at `organizations/foo` are `E1`, `E2`.\nThe accepted values at `proj ects/bar` are `E3`, and `E4`.\n\nExample 2 (inherited values):\n `organizations /foo` has a `Policy` with values:\n {allowed_values: “E1” allowed_values:”E2” }\n `projects/bar` has a `Policy` with values:\n {value: “E3” value: ”E4” in herit_from_parent: true}\nThe accepted values at `organizations/foo` are `E1`, ` E2`.\nThe accepted values at `projects/bar` are `E1`, `E2`, `E3`, and `E4`.\n\nE xample 3 (inheriting both allowed and denied values):\n `organizations/foo` has a `Policy` with values:\n {allowed_values: \"E1\" allowed_values: \"E2\"}\n `projects/bar` has a `Policy` with:\n {denied_values: \"E1\"}\nThe accepted values at `organizations/foo` are `E1`, `E2`.\nThe value accepted at `projects/b ar` is `E2`.\n\nExample 4 (RestoreDefault):\n `organizations/foo` has a `Policy ` with values:\n {allowed_values: “E1” allowed_values:”E2”}\n `projects/bar` has a `Policy` with values:\n {RestoreDefault: {}}\nThe accepted values at ` organizations/foo` are `E1`, `E2`.\nThe accepted values at `projects/bar` are ei ther all or none depending on\nthe value of `constraint_default` (if `ALLOW`, al l; if\n`DENY`, none).\n\nExample 5 (no policy inherits parent policy):\n `organ izations/foo` has no `Policy` set.\n `projects/bar` has no `Policy` set.\nThe a ccepted values at both levels are either all or none depending on\nthe value of `constraint_default` (if `ALLOW`, all; if\n`DENY`, none).\n\nExample 6 (ListCons traint allowing all):\n `organizations/foo` has a `Policy` with values:\n {a llowed_values: “E1” allowed_values: ”E2”}\n `projects/bar` has a `Policy` with: \n {all: ALLOW}\nThe accepted values at `organizations/foo` are `E1`, E2`.\nA ny value is accepted at `projects/bar`.\n\nExample 7 (ListConstraint allowing no ne):\n `organizations/foo` has a `Policy` with values:\n {allowed_values: “E 1” allowed_values: ”E2”}\n `projects/bar` has a `Policy` with:\n {all: DENY} \nThe accepted values at `organizations/foo` are `E1`, E2`.\nNo value is accepte d at `projects/bar`.",
1543 "type": "boolean" 1893 "type": "boolean"
1544 }, 1894 },
1545 "suggestedValue": { 1895 "suggestedValue": {
1546 "description": "Optional. The Google Cloud Console will try to default to a configuration\nthat matches the value specified in this `Policy` . If `suggested_value`\nis not set, it will inherit the value specified higher i n the hierarchy,\nunless `inherit_from_parent` is `false`.", 1896 "description": "Optional. The Google Cloud Console will try to default to a configuration\nthat matches the value specified in this `Policy` . If `suggested_value`\nis not set, it will inherit the value specified higher i n the hierarchy,\nunless `inherit_from_parent` is `false`.",
1547 "type": "string" 1897 "type": "string"
1548 },
1549 "deniedValues": {
1550 "description": "List of values denied at this resource. Can only be set if no values are\nset for `allowed_values` and `all_values` is set t o\n`ALL_VALUES_UNSPECIFIED`.",
1551 "items": {
1552 "type": "string"
1553 },
1554 "type": "array"
1555 } 1898 }
1556 }, 1899 },
1557 "type": "object" 1900 "type": "object"
1558 }, 1901 },
1559 "GetAncestryResponse": { 1902 "GetAncestryResponse": {
1560 "description": "Response from the GetAncestry method.", 1903 "description": "Response from the GetAncestry method.",
1561 "id": "GetAncestryResponse", 1904 "id": "GetAncestryResponse",
1562 "properties": { 1905 "properties": {
1563 "ancestor": { 1906 "ancestor": {
1564 "description": "Ancestors are ordered from bottom to top of the resource hierarchy. The\nfirst ancestor is the project itself, followed by t he project's parent,\netc.", 1907 "description": "Ancestors are ordered from bottom to top of the resource hierarchy. The\nfirst ancestor is the project itself, followed by t he project's parent,\netc.",
(...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after
1597 }, 1940 },
1598 "type": "array" 1941 "type": "array"
1599 } 1942 }
1600 }, 1943 },
1601 "type": "object" 1944 "type": "object"
1602 }, 1945 },
1603 "SearchOrganizationsRequest": { 1946 "SearchOrganizationsRequest": {
1604 "description": "The request sent to the `SearchOrganizations` method .", 1947 "description": "The request sent to the `SearchOrganizations` method .",
1605 "id": "SearchOrganizationsRequest", 1948 "id": "SearchOrganizationsRequest",
1606 "properties": { 1949 "properties": {
1607 "pageToken": {
1608 "description": "A pagination token returned from a previous call to `SearchOrganizations`\nthat indicates from where listing should continue .\nThis field is optional.",
1609 "type": "string"
1610 },
1611 "pageSize": { 1950 "pageSize": {
1612 "description": "The maximum number of Organizations to retur n in the response.\nThis field is optional.", 1951 "description": "The maximum number of Organizations to retur n in the response.\nThis field is optional.",
1613 "format": "int32", 1952 "format": "int32",
1614 "type": "integer" 1953 "type": "integer"
1615 }, 1954 },
1616 "filter": { 1955 "filter": {
1617 "description": "An optional query string used to filter the Organizations to return in\nthe response. Filter rules are case-insensitive.\n\n \nOrganizations may be filtered by `owner.directoryCustomerId` or by\n`domain`, where the domain is a Google for Work domain, for example:\n\n|Filter|Descriptio n|\n|------|-----------|\n|owner.directorycustomerid:123456789|Organizations wit h\n`owner.directory_customer_id` equal to `123456789`.|\n|domain:google.com|Orga nizations corresponding to the domain `google.com`.|\n\nThis field is optional." , 1956 "description": "An optional query string used to filter the Organizations to return in\nthe response. Filter rules are case-insensitive.\n\n \nOrganizations may be filtered by `owner.directoryCustomerId` or by\n`domain`, where the domain is a Google for Work domain, for example:\n\n|Filter|Descriptio n|\n|------|-----------|\n|owner.directorycustomerid:123456789|Organizations wit h\n`owner.directory_customer_id` equal to `123456789`.|\n|domain:google.com|Orga nizations corresponding to the domain `google.com`.|\n\nThis field is optional." ,
1618 "type": "string" 1957 "type": "string"
1619 } 1958 },
1620 },
1621 "type": "object"
1622 },
1623 "GetAncestryRequest": {
1624 "description": "The request sent to the\nGetAncestry\nmethod.",
1625 "id": "GetAncestryRequest",
1626 "properties": {},
1627 "type": "object"
1628 },
1629 "TestIamPermissionsRequest": {
1630 "description": "Request message for `TestIamPermissions` method.",
1631 "id": "TestIamPermissionsRequest",
1632 "properties": {
1633 "permissions": {
1634 "description": "The set of permissions to check for the `res ource`. Permissions with\nwildcards (such as '*' or 'storage.*') are not allowed . For more\ninformation see\n[IAM Overview](https://cloud.google.com/iam/docs/ov erview#permissions).",
1635 "items": {
1636 "type": "string"
1637 },
1638 "type": "array"
1639 }
1640 },
1641 "type": "object"
1642 },
1643 "ListAvailableOrgPolicyConstraintsRequest": {
1644 "description": "The request sent to the [ListAvailableOrgPolicyConst raints]\ngoogle.cloud.OrgPolicy.v1.ListAvailableOrgPolicyConstraints] method.",
1645 "id": "ListAvailableOrgPolicyConstraintsRequest",
1646 "properties": {
1647 "pageToken": { 1959 "pageToken": {
1648 "description": "Page token used to retrieve the next page. T his is currently unsupported\nand will be ignored. The server may at any point s tart using this field.", 1960 "description": "A pagination token returned from a previous call to `SearchOrganizations`\nthat indicates from where listing should continue .\nThis field is optional.",
1649 "type": "string" 1961 "type": "string"
1650 }, 1962 }
1651 "pageSize": { 1963 },
1652 "description": "Size of the pages to be returned. This is cu rrently unsupported and will\nbe ignored. The server may at any point start usin g this field to limit\npage size.",
1653 "format": "int32",
1654 "type": "integer"
1655 }
1656 },
1657 "type": "object"
1658 },
1659 "Policy": {
1660 "description": "Defines an Identity and Access Management (IAM) poli cy. It is used to\nspecify access control policies for Cloud Platform resources. \n\n\nA `Policy` consists of a list of `bindings`. A `Binding` binds a list of\n `members` to a `role`, where the members can be user accounts, Google groups,\nG oogle domains, and service accounts. A `role` is a named list of permissions\nde fined by IAM.\n\n**Example**\n\n {\n \"bindings\": [\n {\n \"role\": \"roles/owner\",\n \"members\": [\n \"user:mike @example.com\",\n \"group:admins@example.com\",\n \"domain :google.com\",\n \"serviceAccount:my-other-app@appspot.gserviceaccoun t.com\",\n ]\n },\n {\n \"role\": \"roles/viewer \",\n \"members\": [\"user:sean@example.com\"]\n }\n ]\n }\n\nFor a description of IAM and its features, see the\n[IAM developer's guide ](https://cloud.google.com/iam).",
1661 "id": "Policy",
1662 "properties": {
1663 "bindings": {
1664 "description": "Associates a list of `members` to a `role`.\ n`bindings` with no members will result in an error.",
1665 "items": {
1666 "$ref": "Binding"
1667 },
1668 "type": "array"
1669 },
1670 "etag": {
1671 "description": "`etag` is used for optimistic concurrency co ntrol as a way to help\nprevent simultaneous updates of a policy from overwritin g each other.\nIt is strongly suggested that systems make use of the `etag` in t he\nread-modify-write cycle to perform policy updates in order to avoid race\nco nditions: An `etag` is returned in the response to `getIamPolicy`, and\nsystems are expected to put that etag in the request to `setIamPolicy` to\nensure that t heir change will be applied to the same version of the policy.\n\nIf no `etag` i s provided in the call to `setIamPolicy`, then the existing\npolicy is overwritt en blindly.",
1672 "format": "byte",
1673 "type": "string"
1674 },
1675 "version": {
1676 "description": "Version of the `Policy`. The default version is 0.",
1677 "format": "int32",
1678 "type": "integer"
1679 },
1680 "auditConfigs": {
1681 "description": "Specifies cloud audit logging configuration for this policy.",
1682 "items": {
1683 "$ref": "AuditConfig"
1684 },
1685 "type": "array"
1686 }
1687 },
1688 "type": "object"
1689 },
1690 "FolderOperation": {
1691 "description": "Metadata describing a long running folder operation" ,
1692 "id": "FolderOperation",
1693 "properties": {
1694 "sourceParent": {
1695 "description": "The resource name of the folder's parent.\nO nly applicable when the operation_type is MOVE.",
1696 "type": "string"
1697 },
1698 "displayName": {
1699 "description": "The display name of the folder.",
1700 "type": "string"
1701 },
1702 "destinationParent": {
1703 "description": "The resource name of the folder or organizat ion we are either creating\nthe folder under or moving the folder to.",
1704 "type": "string"
1705 },
1706 "operationType": {
1707 "description": "The type of this operation.",
1708 "enum": [
1709 "OPERATION_TYPE_UNSPECIFIED",
1710 "CREATE",
1711 "MOVE"
1712 ],
1713 "enumDescriptions": [
1714 "Operation type not specified.",
1715 "A create folder operation.",
1716 "A move folder operation."
1717 ],
1718 "type": "string"
1719 }
1720 },
1721 "type": "object"
1722 },
1723 "ResourceId": {
1724 "description": "A container to reference an id for any resource type . A `resource` in Google\nCloud Platform is a generic term for something you (a developer) may want to\ninteract with through one of our API's. Some examples ar e an App Engine app,\na Compute Engine instance, a Cloud SQL database, and so on .",
1725 "id": "ResourceId",
1726 "properties": {
1727 "id": {
1728 "description": "Required field for the type-specific id. Thi s should correspond to the id\nused in the type-specific API's.",
1729 "type": "string"
1730 },
1731 "type": {
1732 "description": "Required field representing the resource typ e this id is for.\nAt present, the valid types are: \"organization\"",
1733 "type": "string"
1734 }
1735 },
1736 "type": "object"
1737 },
1738 "GetEffectiveOrgPolicyRequest": {
1739 "description": "The request sent to the GetEffectiveOrgPolicy method .",
1740 "id": "GetEffectiveOrgPolicyRequest",
1741 "properties": {
1742 "constraint": {
1743 "description": "The name of the `Constraint` to compute the effective `Policy`.",
1744 "type": "string"
1745 }
1746 },
1747 "type": "object"
1748 },
1749 "ListOrgPoliciesRequest": {
1750 "description": "The request sent to the ListOrgPolicies method.",
1751 "id": "ListOrgPoliciesRequest",
1752 "properties": {
1753 "pageToken": {
1754 "description": "Page token used to retrieve the next page. T his is currently unsupported\nand will be ignored. The server may at any point s tart using this field.",
1755 "type": "string"
1756 },
1757 "pageSize": {
1758 "description": "Size of the pages to be returned. This is cu rrently unsupported and will\nbe ignored. The server may at any point start usin g this field to limit\npage size.",
1759 "format": "int32",
1760 "type": "integer"
1761 }
1762 },
1763 "type": "object"
1764 },
1765 "Operation": {
1766 "description": "This resource represents a long-running operation th at is the result of a\nnetwork API call.",
1767 "id": "Operation",
1768 "properties": {
1769 "done": {
1770 "description": "If the value is `false`, it means the operat ion is still in progress.\nIf true, the operation is completed, and either `erro r` or `response` is\navailable.",
1771 "type": "boolean"
1772 },
1773 "response": {
1774 "additionalProperties": {
1775 "description": "Properties of the object. Contains field @type with type URL.",
1776 "type": "any"
1777 },
1778 "description": "The normal response of the operation in case of success. If the original\nmethod returns no data on success, such as `Delet e`, the response is\n`google.protobuf.Empty`. If the original method is standar d\n`Get`/`Create`/`Update`, the response should be the resource. For other\nmet hods, the response should have the type `XxxResponse`, where `Xxx`\nis the origi nal method name. For example, if the original method name\nis `TakeSnapshot()`, the inferred response type is\n`TakeSnapshotResponse`.",
1779 "type": "object"
1780 },
1781 "name": {
1782 "description": "The server-assigned name, which is only uniq ue within the same service that\noriginally returns it. If you use the default H TTP mapping, the\n`name` should have the format of `operations/some/unique/name` .",
1783 "type": "string"
1784 },
1785 "error": {
1786 "$ref": "Status",
1787 "description": "The error result of the operation in case of failure or cancellation."
1788 },
1789 "metadata": {
1790 "additionalProperties": {
1791 "description": "Properties of the object. Contains field @type with type URL.",
1792 "type": "any"
1793 },
1794 "description": "Service-specific metadata associated with th e operation. It typically\ncontains progress information and common metadata su ch as create time.\nSome services might not provide such metadata. Any method t hat returns a\nlong-running operation should document the metadata type, if any. ",
1795 "type": "object"
1796 }
1797 },
1798 "type": "object"
1799 },
1800 "AuditConfig": {
1801 "description": "Specifies the audit configuration for a service.\nTh e configuration determines which permission types are logged, and what\nidentiti es, if any, are exempted from logging.\nAn AuditConfig must have one or more Aud itLogConfigs.\n\nIf there are AuditConfigs for both `allServices` and a specific service,\nthe union of the two AuditConfigs is used for that service: the log_t ypes\nspecified in each AuditConfig are enabled, and the exempted_members in eac h\nAuditConfig are exempted.\n\nExample Policy with multiple AuditConfigs:\n\n {\n \"audit_configs\": [\n {\n \"service\": \"allServices \"\n \"audit_log_configs\": [\n {\n \"log_type\ ": \"DATA_READ\",\n \"exempted_members\": [\n \"user :foo@gmail.com\"\n ]\n },\n {\n \"log_type\": \"DATA_WRITE\",\n },\n {\n \"lo g_type\": \"ADMIN_READ\",\n }\n ]\n },\n {\n \"service\": \"fooservice.googleapis.com\"\n \"audit_log_config s\": [\n {\n \"log_type\": \"DATA_READ\",\n } ,\n {\n \"log_type\": \"DATA_WRITE\",\n \"e xempted_members\": [\n \"user:bar@gmail.com\"\n ]\n }\n ]\n }\n ]\n }\n\nFor fooservice, this pol icy enables DATA_READ, DATA_WRITE and ADMIN_READ\nlogging. It also exempts foo@g mail.com from DATA_READ logging, and\nbar@gmail.com from DATA_WRITE logging.",
1802 "id": "AuditConfig",
1803 "properties": {
1804 "service": {
1805 "description": "Specifies a service that will be enabled for audit logging.\nFor example, `storage.googleapis.com`, `cloudsql.googleapis.com `.\n`allServices` is a special value that covers all services.",
1806 "type": "string"
1807 },
1808 "auditLogConfigs": {
1809 "description": "The configuration for logging of each type o f permission.\nNext ID: 4",
1810 "items": {
1811 "$ref": "AuditLogConfig"
1812 },
1813 "type": "array"
1814 }
1815 },
1816 "type": "object"
1817 },
1818 "Status": {
1819 "description": "The `Status` type defines a logical error model that is suitable for different\nprogramming environments, including REST APIs and RP C APIs. It is used by\n[gRPC](https://github.com/grpc). The error model is desig ned to be:\n\n- Simple to use and understand for most users\n- Flexible enough t o meet unexpected needs\n\n# Overview\n\nThe `Status` message contains three pie ces of data: error code, error message,\nand error details. The error code shoul d be an enum value of\ngoogle.rpc.Code, but it may accept additional error codes if needed. The\nerror message should be a developer-facing English message tha t helps\ndevelopers *understand* and *resolve* the error. If a localized user-fa cing\nerror message is needed, put the localized message in the error details or \nlocalize it in the client. The optional error details may contain arbitrary\ni nformation about the error. There is a predefined set of error detail types\nin the package `google.rpc` that can be used for common error conditions.\n\n# Lang uage mapping\n\nThe `Status` message is the logical representation of the error model, but it\nis not necessarily the actual wire format. When the `Status` mess age is\nexposed in different client libraries and different wire protocols, it c an be\nmapped differently. For example, it will likely be mapped to some excepti ons\nin Java, but more likely mapped to some error codes in C.\n\n# Other uses\n \nThe error model and the `Status` message can be used in a variety of\nenvironm ents, either with or without APIs, to provide a\nconsistent developer experience across different environments.\n\nExample uses of this error model include:\n\n - Partial errors. If a service needs to return partial errors to the client,\n it may embed the `Status` in the normal response to indicate the partial\n errors.\n\n- Workflow errors. A typical workflow has multiple steps. Each step m ay\n have a `Status` message for error reporting.\n\n- Batch operations. If a client uses batch request and batch response, the\n `Status` message should be used directly inside batch response, one for\n each error sub-response.\n\ n- Asynchronous operations. If an API call embeds asynchronous operation\n re sults in its response, the status of those operations should be\n represented directly using the `Status` message.\n\n- Logging. If some API errors are store d in logs, the message `Status` could\n be used directly after any stripping needed for security/privacy reasons.",
1820 "id": "Status",
1821 "properties": {
1822 "code": {
1823 "description": "The status code, which should be an enum val ue of google.rpc.Code.",
1824 "format": "int32",
1825 "type": "integer"
1826 },
1827 "message": {
1828 "description": "A developer-facing error message, which shou ld be in English. Any\nuser-facing error message should be localized and sent in the\ngoogle.rpc.Status.details field, or localized by the client.",
1829 "type": "string"
1830 },
1831 "details": {
1832 "description": "A list of messages that carry the error deta ils. There is a common set of\nmessage types for APIs to use.",
1833 "items": {
1834 "additionalProperties": {
1835 "description": "Properties of the object. Contains f ield @type with type URL.",
1836 "type": "any"
1837 },
1838 "type": "object"
1839 },
1840 "type": "array"
1841 }
1842 },
1843 "type": "object"
1844 },
1845 "ListLiensResponse": {
1846 "description": "The response message for Liens.ListLiens.",
1847 "id": "ListLiensResponse",
1848 "properties": {
1849 "nextPageToken": {
1850 "description": "Token to retrieve the next page of results, or empty if there are no more\nresults in the list.",
1851 "type": "string"
1852 },
1853 "liens": {
1854 "description": "A list of Liens.",
1855 "items": {
1856 "$ref": "Lien"
1857 },
1858 "type": "array"
1859 }
1860 },
1861 "type": "object"
1862 },
1863 "Constraint": {
1864 "description": "A `Constraint` describes a way in which a resource's configuration can be\nrestricted. For example, it controls which cloud services can be activated\nacross an organization, or whether a Compute Engine instance can have\nserial port connections established. `Constraints` can be configured b y the\norganization's policy adminstrator to fit the needs of the organzation by \nsetting Policies for `Constraints` at different locations in the\norganization 's resource hierarchy. Policies are inherited down the resource\nhierarchy from higher levels, but can also be overridden. For details about\nthe inheritance ru les please read about\nPolicies.\n\n`Constraints` have a default behavior determ ined by the `constraint_default`\nfield, which is the enforcement behavior that is used in the absence of a\n`Policy` being defined or inherited for the resourc e in question.",
1865 "id": "Constraint",
1866 "properties": {
1867 "listConstraint": {
1868 "$ref": "ListConstraint",
1869 "description": "Defines this constraint as being a ListConst raint."
1870 },
1871 "version": {
1872 "description": "Version of the `Constraint`. Default version is 0;",
1873 "format": "int32",
1874 "type": "integer"
1875 },
1876 "displayName": {
1877 "description": "The human readable name.\n\nMutable.",
1878 "type": "string"
1879 },
1880 "description": {
1881 "description": "Detailed description of what this `Constrain t` controls as well as how and\nwhere it is enforced.\n\nMutable.",
1882 "type": "string"
1883 },
1884 "booleanConstraint": {
1885 "$ref": "BooleanConstraint",
1886 "description": "Defines this constraint as being a BooleanCo nstraint."
1887 },
1888 "constraintDefault": {
1889 "description": "The evaluation behavior of this constraint i n the absense of 'Policy'.",
1890 "enum": [
1891 "CONSTRAINT_DEFAULT_UNSPECIFIED",
1892 "ALLOW",
1893 "DENY"
1894 ],
1895 "enumDescriptions": [
1896 "This is only used for distinguishing unset values and s hould never be\nused.",
1897 "Indicate that all values are allowed for list constrain ts.\nIndicate that enforcement is off for boolean constraints.",
1898 "Indicate that all values are denied for list constraint s.\nIndicate that enforcement is on for boolean constraints."
1899 ],
1900 "type": "string"
1901 },
1902 "name": {
1903 "description": "Immutable value, required to globally be uni que. For example,\n`constraints/serviceuser.services`",
1904 "type": "string"
1905 }
1906 },
1907 "type": "object"
1908 },
1909 "Binding": {
1910 "description": "Associates `members` with a `role`.",
1911 "id": "Binding",
1912 "properties": {
1913 "members": {
1914 "description": "Specifies the identities requesting access f or a Cloud Platform resource.\n`members` can have the following values:\n\n* `al lUsers`: A special identifier that represents anyone who is\n on the internet; with or without a Google account.\n\n* `allAuthenticatedUsers`: A special ident ifier that represents anyone\n who is authenticated with a Google account or a service account.\n\n* `user:{emailid}`: An email address that represents a spec ific Google\n account. For example, `alice@gmail.com` or `joe@example.com`.\n\ n\n* `serviceAccount:{emailid}`: An email address that represents a service\n account. For example, `my-other-app@appspot.gserviceaccount.com`.\n\n* `group:{e mailid}`: An email address that represents a Google group.\n For example, `adm ins@example.com`.\n\n\n* `domain:{domain}`: A Google Apps domain name that repre sents all the\n users of that domain. For example, `google.com` or `example.co m`.\n\n",
1915 "items": {
1916 "type": "string"
1917 },
1918 "type": "array"
1919 },
1920 "role": {
1921 "description": "Role that is assigned to `members`.\nFor exa mple, `roles/viewer`, `roles/editor`, or `roles/owner`.\nRequired",
1922 "type": "string"
1923 }
1924 },
1925 "type": "object"
1926 },
1927 "RestoreDefault": {
1928 "description": "Ignores policies set above this resource and restore s the\n`constraint_default` enforcement behavior of the specific `Constraint` at \nthis resource.\n\nSuppose that `constraint_default` is set to `ALLOW` for the\ n`Constraint` `constraints/serviceuser.services`. Suppose that organization\nfoo .com sets a `Policy` at their Organization resource node that restricts\nthe all owed service activations to deny all service activations. They\ncould then set a `Policy` with the `policy_type` `restore_default` on\nseveral experimental proj ects, restoring the `constraint_default`\nenforcement of the `Constraint` for on ly those projects, allowing those\nprojects to have all services activated.",
1929 "id": "RestoreDefault",
1930 "properties": {},
1931 "type": "object"
1932 },
1933 "GetOrgPolicyRequest": {
1934 "description": "The request sent to the GetOrgPolicy method.",
1935 "id": "GetOrgPolicyRequest",
1936 "properties": {
1937 "constraint": {
1938 "description": "Name of the `Constraint` to get the `Policy` .",
1939 "type": "string"
1940 }
1941 },
1942 "type": "object"
1943 },
1944 "UndeleteProjectRequest": {
1945 "description": "The request sent to the UndeleteProject\nmethod.",
1946 "id": "UndeleteProjectRequest",
1947 "properties": {},
1948 "type": "object"
1949 },
1950 "ClearOrgPolicyRequest": {
1951 "description": "The request sent to the ClearOrgPolicy method.",
1952 "id": "ClearOrgPolicyRequest",
1953 "properties": {
1954 "etag": {
1955 "description": "The current version, for concurrency control . Not sending an `etag`\nwill cause the `Policy` to be cleared blindly.",
1956 "format": "byte",
1957 "type": "string"
1958 },
1959 "constraint": {
1960 "description": "Name of the `Constraint` of the `Policy` to clear.",
1961 "type": "string"
1962 }
1963 },
1964 "type": "object" 1964 "type": "object"
1965 } 1965 }
1966 }, 1966 },
1967 "servicePath": "", 1967 "servicePath": "",
1968 "title": "Google Cloud Resource Manager API", 1968 "title": "Google Cloud Resource Manager API",
1969 "version": "v1" 1969 "version": "v1"
1970 } 1970 }
OLDNEW
« no previous file with comments | « discovery/googleapis/cloudkms__v1.json ('k') | discovery/googleapis/cloudresourcemanager__v2beta1.json » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698