From b46f3480cca801a58da10cb5891430696ea318c6 Mon Sep 17 00:00:00 2001 From: Yoshi Automation Bot Date: Fri, 13 Dec 2024 06:34:02 -0800 Subject: [PATCH] feat(all): auto-regenerate discovery clients (#2916) --- admin/directory/v1/admin-api.json | 4 +- admin/directory/v1/admin-gen.go | 34 +- .../v1/blockchainnodeengine-api.json | 4 +- .../v1/blockchainnodeengine-gen.go | 2 +- chat/v1/chat-api.json | 78 +- chat/v1/chat-gen.go | 122 +- chromemanagement/v1/chromemanagement-api.json | 98 +- chromemanagement/v1/chromemanagement-gen.go | 48 +- classroom/v1/classroom-api.json | 154 +-- classroom/v1/classroom-gen.go | 9 - cloudfunctions/v2/cloudfunctions-api.json | 8 +- cloudfunctions/v2/cloudfunctions-gen.go | 1 + .../v2alpha/cloudfunctions-api.json | 8 +- cloudfunctions/v2alpha/cloudfunctions-gen.go | 1 + cloudfunctions/v2beta/cloudfunctions-api.json | 8 +- cloudfunctions/v2beta/cloudfunctions-gen.go | 1 + cloudidentity/v1beta1/cloudidentity-api.json | 19 +- cloudidentity/v1beta1/cloudidentity-gen.go | 8 - datastore/v1/datastore-api.json | 4 +- datastore/v1/datastore-gen.go | 2 +- firestore/v1/firestore-api.json | 4 +- firestore/v1/firestore-gen.go | 2 +- go.work.sum | 1 + healthcare/v1/healthcare-api.json | 542 +++++++- healthcare/v1/healthcare-gen.go | 1141 ++++++++++++++++- healthcare/v1beta1/healthcare-api.json | 27 +- healthcare/v1beta1/healthcare-gen.go | 53 +- .../products_v1beta/merchantapi-api.json | 4 +- .../products_v1beta/merchantapi-gen.go | 3 +- oslogin/v1alpha/oslogin-api.json | 4 +- oslogin/v1alpha/oslogin-gen.go | 7 +- parallelstore/v1/parallelstore-api.json | 4 +- parallelstore/v1/parallelstore-gen.go | 2 +- parallelstore/v1beta/parallelstore-api.json | 4 +- parallelstore/v1beta/parallelstore-gen.go | 2 +- .../v1/recaptchaenterprise-api.json | 6 +- .../v1/recaptchaenterprise-gen.go | 10 +- secretmanager/v1beta1/secretmanager-api.json | 4 +- secretmanager/v1beta1/secretmanager-gen.go | 2 +- sqladmin/v1/sqladmin-api.json | 76 +- sqladmin/v1/sqladmin-gen.go | 109 +- sqladmin/v1beta4/sqladmin-api.json | 76 +- sqladmin/v1beta4/sqladmin-gen.go | 111 +- 43 files changed, 2451 insertions(+), 356 deletions(-) diff --git a/admin/directory/v1/admin-api.json b/admin/directory/v1/admin-api.json index 5c3159f4883..20b8b846707 100644 --- a/admin/directory/v1/admin-api.json +++ b/admin/directory/v1/admin-api.json @@ -4671,7 +4671,7 @@ } } }, - "revision": "20241126", + "revision": "20241210", "rootUrl": "https://admin.googleapis.com/", "schemas": { "Alias": { @@ -7494,7 +7494,7 @@ "type": "string" }, "condition": { - "description": "Optional. Note: Feature is available to Enterprise Standard, Enterprise Plus, Google Workspace for Education Plus and Cloud Identity Premium customers. No additional setup is needed to use the feature. The condition associated with this role assignment. A `RoleAssignment` with the `condition` field set will only take effect when the resource being accessed meets the condition. If `condition` is empty, the role (`role_id`) is applied to the actor (`assigned_to`) at the scope (`scope_type`) unconditionally. Currently, only two conditions are supported: - To make the `RoleAssignment` only applicable to [Security Groups](https://cloud.google.com/identity/docs/groups#group_types): `api.getAttribute('cloudidentity.googleapis.com/groups.labels', []).hasAny(['groups.security']) \u0026\u0026 resource.type == 'cloudidentity.googleapis.com/Group'` - To make the `RoleAssignment` not applicable to [Security Groups](https://cloud.google.com/identity/docs/groups#group_types): `!api.getAttribute('cloudidentity.googleapis.com/groups.labels', []).hasAny(['groups.security']) \u0026\u0026 resource.type == 'cloudidentity.googleapis.com/Group'` Currently, the two condition strings have to be verbatim and they only work with the following [pre-built administrator roles](https://support.google.com/a/answer/2405986): - Groups Editor - Groups Reader The condition follows [Cloud IAM condition syntax](https://cloud.google.com/iam/docs/conditions-overview).", + "description": "Optional. The condition associated with this role assignment. Note: Feature is available to Enterprise Standard, Enterprise Plus, Google Workspace for Education Plus and Cloud Identity Premium customers. A `RoleAssignment` with the `condition` field set will only take effect when the resource being accessed meets the condition. If `condition` is empty, the role (`role_id`) is applied to the actor (`assigned_to`) at the scope (`scope_type`) unconditionally. Currently, the following conditions are supported: - To make the `RoleAssignment` only applicable to [Security Groups](https://cloud.google.com/identity/docs/groups#group_types): `api.getAttribute('cloudidentity.googleapis.com/groups.labels', []).hasAny(['groups.security']) \u0026\u0026 resource.type == 'cloudidentity.googleapis.com/Group'` - To make the `RoleAssignment` not applicable to [Security Groups](https://cloud.google.com/identity/docs/groups#group_types): `!api.getAttribute('cloudidentity.googleapis.com/groups.labels', []).hasAny(['groups.security']) \u0026\u0026 resource.type == 'cloudidentity.googleapis.com/Group'` Currently, the condition strings have to be verbatim and they only work with the following [pre-built administrator roles](https://support.google.com/a/answer/2405986): - Groups Editor - Groups Reader The condition follows [Cloud IAM condition syntax](https://cloud.google.com/iam/docs/conditions-overview). Additional conditions related to Locked Groups are available under Open Beta. - To make the `RoleAssignment` not applicable to [Locked Groups](https://cloud.google.com/identity/docs/groups#group_types): `!api.getAttribute('cloudidentity.googleapis.com/groups.labels', []).hasAny(['groups.locked']) \u0026\u0026 resource.type == 'cloudidentity.googleapis.com/Group'` This condition can also be used in conjunction with a Security-related condition.", "type": "string" }, "etag": { diff --git a/admin/directory/v1/admin-gen.go b/admin/directory/v1/admin-gen.go index aba0cfdf267..c31d5ad27c9 100644 --- a/admin/directory/v1/admin-gen.go +++ b/admin/directory/v1/admin-gen.go @@ -4014,15 +4014,14 @@ type RoleAssignment struct { // "user" - An individual user within the domain. // "group" - A group within the domain. AssigneeType string `json:"assigneeType,omitempty"` - // Condition: Optional. Note: Feature is available to Enterprise Standard, - // Enterprise Plus, Google Workspace for Education Plus and Cloud Identity - // Premium customers. No additional setup is needed to use the feature. The - // condition associated with this role assignment. A `RoleAssignment` with the - // `condition` field set will only take effect when the resource being accessed - // meets the condition. If `condition` is empty, the role (`role_id`) is - // applied to the actor (`assigned_to`) at the scope (`scope_type`) - // unconditionally. Currently, only two conditions are supported: - To make the - // `RoleAssignment` only applicable to Security Groups + // Condition: Optional. The condition associated with this role assignment. + // Note: Feature is available to Enterprise Standard, Enterprise Plus, Google + // Workspace for Education Plus and Cloud Identity Premium customers. A + // `RoleAssignment` with the `condition` field set will only take effect when + // the resource being accessed meets the condition. If `condition` is empty, + // the role (`role_id`) is applied to the actor (`assigned_to`) at the scope + // (`scope_type`) unconditionally. Currently, the following conditions are + // supported: - To make the `RoleAssignment` only applicable to Security Groups // (https://cloud.google.com/identity/docs/groups#group_types): // `api.getAttribute('cloudidentity.googleapis.com/groups.labels', // []).hasAny(['groups.security']) && resource.type == @@ -4031,11 +4030,18 @@ type RoleAssignment struct { // (https://cloud.google.com/identity/docs/groups#group_types): // `!api.getAttribute('cloudidentity.googleapis.com/groups.labels', // []).hasAny(['groups.security']) && resource.type == - // 'cloudidentity.googleapis.com/Group'` Currently, the two condition strings - // have to be verbatim and they only work with the following pre-built - // administrator roles (https://support.google.com/a/answer/2405986): - Groups - // Editor - Groups Reader The condition follows Cloud IAM condition syntax - // (https://cloud.google.com/iam/docs/conditions-overview). + // 'cloudidentity.googleapis.com/Group'` Currently, the condition strings have + // to be verbatim and they only work with the following pre-built administrator + // roles (https://support.google.com/a/answer/2405986): - Groups Editor - + // Groups Reader The condition follows Cloud IAM condition syntax + // (https://cloud.google.com/iam/docs/conditions-overview). Additional + // conditions related to Locked Groups are available under Open Beta. - To make + // the `RoleAssignment` not applicable to Locked Groups + // (https://cloud.google.com/identity/docs/groups#group_types): + // `!api.getAttribute('cloudidentity.googleapis.com/groups.labels', + // []).hasAny(['groups.locked']) && resource.type == + // 'cloudidentity.googleapis.com/Group'` This condition can also be used in + // conjunction with a Security-related condition. Condition string `json:"condition,omitempty"` // Etag: ETag of the resource. Etag string `json:"etag,omitempty"` diff --git a/blockchainnodeengine/v1/blockchainnodeengine-api.json b/blockchainnodeengine/v1/blockchainnodeengine-api.json index c512776645c..ff9c0e74805 100644 --- a/blockchainnodeengine/v1/blockchainnodeengine-api.json +++ b/blockchainnodeengine/v1/blockchainnodeengine-api.json @@ -362,7 +362,7 @@ "operations": { "methods": { "cancel": { - "description": "Starts asynchronous cancellation on a long-running operation. The server makes a best effort to cancel the operation, but success is not guaranteed. If the server doesn't support this method, it returns `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation or other methods to check whether the cancellation succeeded or whether the operation completed despite cancellation. On successful cancellation, the operation is not deleted; instead, it becomes an operation with an Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`.", + "description": "Starts asynchronous cancellation on a long-running operation. The server makes a best effort to cancel the operation, but success is not guaranteed. If the server doesn't support this method, it returns `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation or other methods to check whether the cancellation succeeded or whether the operation completed despite cancellation. On successful cancellation, the operation is not deleted; instead, it becomes an operation with an Operation.error value with a google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`.", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel", "httpMethod": "POST", "id": "blockchainnodeengine.projects.locations.operations.cancel", @@ -487,7 +487,7 @@ } } }, - "revision": "20240504", + "revision": "20241204", "rootUrl": "https://blockchainnodeengine.googleapis.com/", "schemas": { "BlockchainNode": { diff --git a/blockchainnodeengine/v1/blockchainnodeengine-gen.go b/blockchainnodeengine/v1/blockchainnodeengine-gen.go index a233ddd2e9d..a2831264db1 100644 --- a/blockchainnodeengine/v1/blockchainnodeengine-gen.go +++ b/blockchainnodeengine/v1/blockchainnodeengine-gen.go @@ -1673,7 +1673,7 @@ type ProjectsLocationsOperationsCancelCall struct { // other methods to check whether the cancellation succeeded or whether the // operation completed despite cancellation. On successful cancellation, the // operation is not deleted; instead, it becomes an operation with an -// Operation.error value with a google.rpc.Status.code of 1, corresponding to +// Operation.error value with a google.rpc.Status.code of `1`, corresponding to // `Code.CANCELLED`. // // - name: The name of the operation resource to be cancelled. diff --git a/chat/v1/chat-api.json b/chat/v1/chat-api.json index 094d4e4a854..6e14f4eaedc 100644 --- a/chat/v1/chat-api.json +++ b/chat/v1/chat-api.json @@ -48,22 +48,22 @@ "description": "View members in Google Chat conversations." }, "https://www.googleapis.com/auth/chat.messages": { - "description": "See, compose, send, update, and delete messages and their associated attachments, and add, see, and delete reactions to messages." + "description": "See, compose, send, update, and delete messages as well as their message content; add, see, and delete reactions to messages." }, "https://www.googleapis.com/auth/chat.messages.create": { "description": "Compose and send messages in Google Chat" }, "https://www.googleapis.com/auth/chat.messages.reactions": { - "description": "See, add, and delete reactions to messages in Google Chat" + "description": "See, add, and delete reactions as well as their reaction content to messages in Google Chat" }, "https://www.googleapis.com/auth/chat.messages.reactions.create": { "description": "Add reactions to messages in Google Chat" }, "https://www.googleapis.com/auth/chat.messages.reactions.readonly": { - "description": "View reactions to messages in Google Chat" + "description": "View reactions as well as their reaction content to messages in Google Chat" }, "https://www.googleapis.com/auth/chat.messages.readonly": { - "description": "See messages and their associated reactions and attachments in Google Chat" + "description": "See messages as well as their reactions and message content in Google Chat" }, "https://www.googleapis.com/auth/chat.spaces": { "description": "Create conversations and spaces and see or update metadata (including history settings and access settings) in Google Chat" @@ -1344,7 +1344,7 @@ } } }, - "revision": "20241203", + "revision": "20241208", "rootUrl": "https://chat.googleapis.com/", "schemas": { "AccessSettings": { @@ -2320,7 +2320,7 @@ "type": "object" }, "GoogleAppsCardV1Card": { - "description": "A card interface displayed in a Google Chat message or Google Workspace Add-on. Cards support a defined layout, interactive UI elements like buttons, and rich media like images. Use cards to present detailed information, gather information from users, and guide users to take a next step. [Card builder](https://addons.gsuite.google.com/uikit/builder) To learn how to build cards, see the following documentation: * For Google Chat apps, see [Design the components of a card or dialog](https://developers.google.com/workspace/chat/design-components-card-dialog). * For Google Workspace Add-ons, see [Card-based interfaces](https://developers.google.com/apps-script/add-ons/concepts/cards). **Example: Card message for a Google Chat app** ![Example contact card](https://developers.google.com/workspace/chat/images/card_api_reference.png) To create the sample card message in Google Chat, use the following JSON: ``` { \"cardsV2\": [ { \"cardId\": \"unique-card-id\", \"card\": { \"header\": { \"title\": \"Sasha\", \"subtitle\": \"Software Engineer\", \"imageUrl\": \"https://developers.google.com/workspace/chat/images/quickstart-app-avatar.png\", \"imageType\": \"CIRCLE\", \"imageAltText\": \"Avatar for Sasha\" }, \"sections\": [ { \"header\": \"Contact Info\", \"collapsible\": true, \"uncollapsibleWidgetsCount\": 1, \"widgets\": [ { \"decoratedText\": { \"startIcon\": { \"knownIcon\": \"EMAIL\" }, \"text\": \"sasha@example.com\" } }, { \"decoratedText\": { \"startIcon\": { \"knownIcon\": \"PERSON\" }, \"text\": \"Online\" } }, { \"decoratedText\": { \"startIcon\": { \"knownIcon\": \"PHONE\" }, \"text\": \"+1 (555) 555-1234\" } }, { \"buttonList\": { \"buttons\": [ { \"text\": \"Share\", \"onClick\": { \"openLink\": { \"url\": \"https://example.com/share\" } } }, { \"text\": \"Edit\", \"onClick\": { \"action\": { \"function\": \"goToView\", \"parameters\": [ { \"key\": \"viewType\", \"value\": \"EDIT\" } ] } } } ] } } ] } ] } } ] } ```", + "description": "A card interface displayed in a Google Chat message or Google Workspace Add-on. Cards support a defined layout, interactive UI elements like buttons, and rich media like images. Use cards to present detailed information, gather information from users, and guide users to take a next step. [Card builder](https://addons.gsuite.google.com/uikit/builder) To learn how to build cards, see the following documentation: * For Google Chat apps, see [Design the components of a card or dialog](https://developers.google.com/workspace/chat/design-components-card-dialog). * For Google Workspace Add-ons, see [Card-based interfaces](https://developers.google.com/apps-script/add-ons/concepts/cards). Note: You can add up to 100 widgets per card. Any widgets beyond this limit are ignored. This limit applies to both card messages and dialogs in Google Chat apps, and to cards in Google Workspace Add-ons. **Example: Card message for a Google Chat app** ![Example contact card](https://developers.google.com/workspace/chat/images/card_api_reference.png) To create the sample card message in Google Chat, use the following JSON: ``` { \"cardsV2\": [ { \"cardId\": \"unique-card-id\", \"card\": { \"header\": { \"title\": \"Sasha\", \"subtitle\": \"Software Engineer\", \"imageUrl\": \"https://developers.google.com/workspace/chat/images/quickstart-app-avatar.png\", \"imageType\": \"CIRCLE\", \"imageAltText\": \"Avatar for Sasha\" }, \"sections\": [ { \"header\": \"Contact Info\", \"collapsible\": true, \"uncollapsibleWidgetsCount\": 1, \"widgets\": [ { \"decoratedText\": { \"startIcon\": { \"knownIcon\": \"EMAIL\" }, \"text\": \"sasha@example.com\" } }, { \"decoratedText\": { \"startIcon\": { \"knownIcon\": \"PERSON\" }, \"text\": \"Online\" } }, { \"decoratedText\": { \"startIcon\": { \"knownIcon\": \"PHONE\" }, \"text\": \"+1 (555) 555-1234\" } }, { \"buttonList\": { \"buttons\": [ { \"text\": \"Share\", \"onClick\": { \"openLink\": { \"url\": \"https://example.com/share\" } } }, { \"text\": \"Edit\", \"onClick\": { \"action\": { \"function\": \"goToView\", \"parameters\": [ { \"key\": \"viewType\", \"value\": \"EDIT\" } ] } } } ] } } ] } ] } } ] } ```", "id": "GoogleAppsCardV1Card", "properties": { "cardActions": { @@ -2449,6 +2449,41 @@ }, "type": "object" }, + "GoogleAppsCardV1Carousel": { + "description": "[Developer Preview](https://developers.google.com/workspace/preview): A carousel, also known as a slider, rotates and displays a list of widgets in a slideshow format, with buttons navigating to the previous or next widget. For example, this is a JSON representation of a carousel that contains three text paragraph widgets. ``` { \"carouselCards\": [ { \"widgets\": [ { \"textParagraph\": { \"text\": \"First text paragraph in carousel\", } } ] }, { \"widgets\": [ { \"textParagraph\": { \"text\": \"Second text paragraph in carousel\", } } ] }, { \"widgets\": [ { \"textParagraph\": { \"text\": \"Third text paragraph in carousel\", } } ] } ] } ``` [Google Chat apps](https://developers.google.com/workspace/chat):", + "id": "GoogleAppsCardV1Carousel", + "properties": { + "carouselCards": { + "description": "A list of cards included in the carousel.", + "items": { + "$ref": "GoogleAppsCardV1CarouselCard" + }, + "type": "array" + } + }, + "type": "object" + }, + "GoogleAppsCardV1CarouselCard": { + "description": "[Developer Preview](https://developers.google.com/workspace/preview): A card that can be displayed as a carousel item. [Google Chat apps](https://developers.google.com/workspace/chat):", + "id": "GoogleAppsCardV1CarouselCard", + "properties": { + "footerWidgets": { + "description": "A list of widgets displayed at the bottom of the carousel card. The widgets are displayed in the order that they are specified.", + "items": { + "$ref": "GoogleAppsCardV1NestedWidget" + }, + "type": "array" + }, + "widgets": { + "description": "A list of widgets displayed in the carousel card. The widgets are displayed in the order that they are specified.", + "items": { + "$ref": "GoogleAppsCardV1NestedWidget" + }, + "type": "array" + } + }, + "type": "object" + }, "GoogleAppsCardV1Chip": { "description": "A text, icon, or text and icon chip that users can click. [Google Chat apps](https://developers.google.com/workspace/chat):", "id": "GoogleAppsCardV1Chip", @@ -2911,6 +2946,25 @@ }, "type": "object" }, + "GoogleAppsCardV1NestedWidget": { + "description": "[Developer Preview](https://developers.google.com/workspace/preview): A list of widgets that can be displayed in a containing layout, such as a `CarouselCard`. [Google Chat apps](https://developers.google.com/workspace/chat):", + "id": "GoogleAppsCardV1NestedWidget", + "properties": { + "buttonList": { + "$ref": "GoogleAppsCardV1ButtonList", + "description": "A button list widget." + }, + "image": { + "$ref": "GoogleAppsCardV1Image", + "description": "An image widget." + }, + "textParagraph": { + "$ref": "GoogleAppsCardV1TextParagraph", + "description": "A text paragraph widget." + } + }, + "type": "object" + }, "GoogleAppsCardV1OnClick": { "description": "Represents how to respond when users click an interactive element on a card, such as a button. [Google Workspace Add-ons and Chat apps](https://developers.google.com/workspace/extend):", "id": "GoogleAppsCardV1OnClick", @@ -3290,6 +3344,10 @@ "$ref": "GoogleAppsCardV1ButtonList", "description": "A list of buttons. For example, the following JSON creates two buttons. The first is a blue text button and the second is an image button that opens a link: ``` \"buttonList\": { \"buttons\": [ { \"text\": \"Edit\", \"color\": { \"red\": 0, \"green\": 0, \"blue\": 1, }, \"disabled\": true, }, { \"icon\": { \"knownIcon\": \"INVITE\", \"altText\": \"check calendar\" }, \"onClick\": { \"openLink\": { \"url\": \"https://example.com/calendar\" } } } ] } ```" }, + "carousel": { + "$ref": "GoogleAppsCardV1Carousel", + "description": "A carousel contains a collection of nested widgets. For example, this is a JSON representation of a carousel that contains two text paragraphs. ``` { \"widgets\": [ { \"textParagraph\": { \"text\": \"First text paragraph in the carousel.\" } }, { \"textParagraph\": { \"text\": \"Second text paragraph in the carousel.\" } } ] } ```" + }, "chipList": { "$ref": "GoogleAppsCardV1ChipList", "description": "A list of chips. For example, the following JSON creates two chips. The first is a text chip and the second is an icon chip that opens a link: ``` \"chipList\": { \"chips\": [ { \"text\": \"Edit\", \"disabled\": true, }, { \"icon\": { \"knownIcon\": \"INVITE\", \"altText\": \"check calendar\" }, \"onClick\": { \"openLink\": { \"url\": \"https://example.com/calendar\" } } } ] } ``` [Google Chat apps](https://developers.google.com/workspace/chat):" @@ -4401,7 +4459,7 @@ "id": "SetUpSpaceRequest", "properties": { "memberships": { - "description": "Optional. The Google Chat users or groups to invite to join the space. Omit the calling user, as they are added automatically. The set currently allows up to 20 memberships (in addition to the caller). For human membership, the `Membership.member` field must contain a `user` with `name` populated (format: `users/{user}`) and `type` set to `User.Type.HUMAN`. You can only add human users when setting up a space (adding Chat apps is only supported for direct message setup with the calling app). You can also add members using the user's email as an alias for {user}. For example, the `user.name` can be `users/example@gmail.com`. To invite Gmail users or users from external Google Workspace domains, user's email must be used for `{user}`. For Google group membership, the `Membership.group_member` field must contain a `group` with `name` populated (format `groups/{group}`). You can only add Google groups when setting `Space.spaceType` to `SPACE`. Optional when setting `Space.spaceType` to `SPACE`. Required when setting `Space.spaceType` to `GROUP_CHAT`, along with at least two memberships. Required when setting `Space.spaceType` to `DIRECT_MESSAGE` with a human user, along with exactly one membership. Must be empty when creating a 1:1 conversation between a human and the calling Chat app (when setting `Space.spaceType` to `DIRECT_MESSAGE` and `Space.singleUserBotDm` to `true`).", + "description": "Optional. The Google Chat users or groups to invite to join the space. Omit the calling user, as they are added automatically. The set currently allows up to 49 memberships (in addition to the caller). For human membership, the `Membership.member` field must contain a `user` with `name` populated (format: `users/{user}`) and `type` set to `User.Type.HUMAN`. You can only add human users when setting up a space (adding Chat apps is only supported for direct message setup with the calling app). You can also add members using the user's email as an alias for {user}. For example, the `user.name` can be `users/example@gmail.com`. To invite Gmail users or users from external Google Workspace domains, user's email must be used for `{user}`. For Google group membership, the `Membership.group_member` field must contain a `group` with `name` populated (format `groups/{group}`). You can only add Google groups when setting `Space.spaceType` to `SPACE`. Optional when setting `Space.spaceType` to `SPACE`. Required when setting `Space.spaceType` to `GROUP_CHAT`, along with at least two memberships. Required when setting `Space.spaceType` to `DIRECT_MESSAGE` with a human user, along with exactly one membership. Must be empty when creating a 1:1 conversation between a human and the calling Chat app (when setting `Space.spaceType` to `DIRECT_MESSAGE` and `Space.singleUserBotDm` to `true`).", "items": { "$ref": "Membership" }, @@ -4498,6 +4556,12 @@ "description": "Optional. Whether this space is created in `Import Mode` as part of a data migration into Google Workspace. While spaces are being imported, they aren't visible to users until the import is complete. Creating a space in `Import Mode`requires [user authentication](https://developers.google.com/workspace/chat/authenticate-authorize-chat-user).", "type": "boolean" }, + "importModeExpireTime": { + "description": "Output only. The time when the space will be automatically deleted by the system if it remains in import mode. Each space created in import mode must exit this mode before this expire time using `spaces.completeImport`. This field is only populated for spaces that were created with import mode.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + }, "lastActiveTime": { "description": "Output only. Timestamp of the last message in the space.", "format": "google-datetime", diff --git a/chat/v1/chat-gen.go b/chat/v1/chat-gen.go index bcb9693f1c1..01cbfa3f83b 100644 --- a/chat/v1/chat-gen.go +++ b/chat/v1/chat-gen.go @@ -155,23 +155,24 @@ const ( // View members in Google Chat conversations. ChatMembershipsReadonlyScope = "https://www.googleapis.com/auth/chat.memberships.readonly" - // See, compose, send, update, and delete messages and their associated - // attachments, and add, see, and delete reactions to messages. + // See, compose, send, update, and delete messages as well as their message + // content; add, see, and delete reactions to messages. ChatMessagesScope = "https://www.googleapis.com/auth/chat.messages" // Compose and send messages in Google Chat ChatMessagesCreateScope = "https://www.googleapis.com/auth/chat.messages.create" - // See, add, and delete reactions to messages in Google Chat + // See, add, and delete reactions as well as their reaction content to messages + // in Google Chat ChatMessagesReactionsScope = "https://www.googleapis.com/auth/chat.messages.reactions" // Add reactions to messages in Google Chat ChatMessagesReactionsCreateScope = "https://www.googleapis.com/auth/chat.messages.reactions.create" - // View reactions to messages in Google Chat + // View reactions as well as their reaction content to messages in Google Chat ChatMessagesReactionsReadonlyScope = "https://www.googleapis.com/auth/chat.messages.reactions.readonly" - // See messages and their associated reactions and attachments in Google Chat + // See messages as well as their reactions and message content in Google Chat ChatMessagesReadonlyScope = "https://www.googleapis.com/auth/chat.messages.readonly" // Create conversations and spaces and see or update metadata (including @@ -1914,8 +1915,11 @@ func (s GoogleAppsCardV1ButtonList) MarshalJSON() ([]byte, error) { // Chat apps, see Design the components of a card or dialog // (https://developers.google.com/workspace/chat/design-components-card-dialog). // * For Google Workspace Add-ons, see Card-based interfaces -// (https://developers.google.com/apps-script/add-ons/concepts/cards). -// **Example: Card message for a Google Chat app** !Example contact card +// (https://developers.google.com/apps-script/add-ons/concepts/cards). Note: +// You can add up to 100 widgets per card. Any widgets beyond this limit are +// ignored. This limit applies to both card messages and dialogs in Google Chat +// apps, and to cards in Google Workspace Add-ons. **Example: Card message for +// a Google Chat app** !Example contact card // (https://developers.google.com/workspace/chat/images/card_api_reference.png) // To create the sample card message in Google Chat, use the following JSON: // ``` { "cardsV2": [ { "cardId": "unique-card-id", "card": { "header": { @@ -2118,6 +2122,67 @@ func (s GoogleAppsCardV1CardHeader) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) } +// GoogleAppsCardV1Carousel: Developer Preview +// (https://developers.google.com/workspace/preview): A carousel, also known as +// a slider, rotates and displays a list of widgets in a slideshow format, with +// buttons navigating to the previous or next widget. For example, this is a +// JSON representation of a carousel that contains three text paragraph +// widgets. ``` { "carouselCards": [ { "widgets": [ { "textParagraph": { +// "text": "First text paragraph in carousel", } } ] }, { "widgets": [ { +// "textParagraph": { "text": "Second text paragraph in carousel", } } ] }, { +// "widgets": [ { "textParagraph": { "text": "Third text paragraph in +// carousel", } } ] } ] } ``` Google Chat apps +// (https://developers.google.com/workspace/chat): +type GoogleAppsCardV1Carousel struct { + // CarouselCards: A list of cards included in the carousel. + CarouselCards []*GoogleAppsCardV1CarouselCard `json:"carouselCards,omitempty"` + // ForceSendFields is a list of field names (e.g. "CarouselCards") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "CarouselCards") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s GoogleAppsCardV1Carousel) MarshalJSON() ([]byte, error) { + type NoMethod GoogleAppsCardV1Carousel + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// GoogleAppsCardV1CarouselCard: Developer Preview +// (https://developers.google.com/workspace/preview): A card that can be +// displayed as a carousel item. Google Chat apps +// (https://developers.google.com/workspace/chat): +type GoogleAppsCardV1CarouselCard struct { + // FooterWidgets: A list of widgets displayed at the bottom of the carousel + // card. The widgets are displayed in the order that they are specified. + FooterWidgets []*GoogleAppsCardV1NestedWidget `json:"footerWidgets,omitempty"` + // Widgets: A list of widgets displayed in the carousel card. The widgets are + // displayed in the order that they are specified. + Widgets []*GoogleAppsCardV1NestedWidget `json:"widgets,omitempty"` + // ForceSendFields is a list of field names (e.g. "FooterWidgets") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "FooterWidgets") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s GoogleAppsCardV1CarouselCard) MarshalJSON() ([]byte, error) { + type NoMethod GoogleAppsCardV1CarouselCard + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + // GoogleAppsCardV1Chip: A text, icon, or text and icon chip that users can // click. Google Chat apps (https://developers.google.com/workspace/chat): type GoogleAppsCardV1Chip struct { @@ -2776,6 +2841,35 @@ func (s GoogleAppsCardV1MaterialIcon) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) } +// GoogleAppsCardV1NestedWidget: Developer Preview +// (https://developers.google.com/workspace/preview): A list of widgets that +// can be displayed in a containing layout, such as a `CarouselCard`. Google +// Chat apps (https://developers.google.com/workspace/chat): +type GoogleAppsCardV1NestedWidget struct { + // ButtonList: A button list widget. + ButtonList *GoogleAppsCardV1ButtonList `json:"buttonList,omitempty"` + // Image: An image widget. + Image *GoogleAppsCardV1Image `json:"image,omitempty"` + // TextParagraph: A text paragraph widget. + TextParagraph *GoogleAppsCardV1TextParagraph `json:"textParagraph,omitempty"` + // ForceSendFields is a list of field names (e.g. "ButtonList") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "ButtonList") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s GoogleAppsCardV1NestedWidget) MarshalJSON() ([]byte, error) { + type NoMethod GoogleAppsCardV1NestedWidget + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + // GoogleAppsCardV1OnClick: Represents how to respond when users click an // interactive element on a card, such as a button. Google Workspace Add-ons // and Chat apps (https://developers.google.com/workspace/extend): @@ -3375,6 +3469,12 @@ type GoogleAppsCardV1Widget struct { // "icon": { "knownIcon": "INVITE", "altText": "check calendar" }, "onClick": { // "openLink": { "url": "https://example.com/calendar" } } } ] } ``` ButtonList *GoogleAppsCardV1ButtonList `json:"buttonList,omitempty"` + // Carousel: A carousel contains a collection of nested widgets. For example, + // this is a JSON representation of a carousel that contains two text + // paragraphs. ``` { "widgets": [ { "textParagraph": { "text": "First text + // paragraph in the carousel." } }, { "textParagraph": { "text": "Second text + // paragraph in the carousel." } } ] } ``` + Carousel *GoogleAppsCardV1Carousel `json:"carousel,omitempty"` // ChipList: A list of chips. For example, the following JSON creates two // chips. The first is a text chip and the second is an icon chip that opens a // link: ``` "chipList": { "chips": [ { "text": "Edit", "disabled": true, }, { @@ -4934,7 +5034,7 @@ func (s SelectionItems) MarshalJSON() ([]byte, error) { type SetUpSpaceRequest struct { // Memberships: Optional. The Google Chat users or groups to invite to join the // space. Omit the calling user, as they are added automatically. The set - // currently allows up to 20 memberships (in addition to the caller). For human + // currently allows up to 49 memberships (in addition to the caller). For human // membership, the `Membership.member` field must contain a `user` with `name` // populated (format: `users/{user}`) and `type` set to `User.Type.HUMAN`. You // can only add human users when setting up a space (adding Chat apps is only @@ -5093,6 +5193,12 @@ type Space struct { // in `Import Mode`requires user authentication // (https://developers.google.com/workspace/chat/authenticate-authorize-chat-user). ImportMode bool `json:"importMode,omitempty"` + // ImportModeExpireTime: Output only. The time when the space will be + // automatically deleted by the system if it remains in import mode. Each space + // created in import mode must exit this mode before this expire time using + // `spaces.completeImport`. This field is only populated for spaces that were + // created with import mode. + ImportModeExpireTime string `json:"importModeExpireTime,omitempty"` // LastActiveTime: Output only. Timestamp of the last message in the space. LastActiveTime string `json:"lastActiveTime,omitempty"` // MembershipCount: Output only. The count of joined memberships grouped by diff --git a/chromemanagement/v1/chromemanagement-api.json b/chromemanagement/v1/chromemanagement-api.json index 2cc794a8eda..43104e77312 100644 --- a/chromemanagement/v1/chromemanagement-api.json +++ b/chromemanagement/v1/chromemanagement-api.json @@ -1263,7 +1263,7 @@ } } }, - "revision": "20241121", + "revision": "20241210", "rootUrl": "https://chromemanagement.googleapis.com/", "schemas": { "GoogleChromeManagementV1AndroidAppInfo": { @@ -1462,6 +1462,24 @@ "APPLICATION_TYPE_STANDALONE_BROWSER_EXTENSION", "APPLICATION_TYPE_BRUSCHETTA" ], + "enumDeprecated": [ + false, + false, + false, + false, + false, + false, + false, + false, + true, + false, + false, + false, + true, + false, + true, + false + ], "enumDescriptions": [ "Application type unknown.", "Application type arc (Android app).", @@ -1471,13 +1489,13 @@ "Application type web.", "Application type Mac OS.", "Application type Plugin VM.", - "Application type standalone browser (Lacros browser app).", + "Deprecated. This vaule is no longer used. Application type standalone browser (Lacros browser app).", "Application type remote.", "Application type borealis.", "Application type system web.", - "Application type standalone browser chrome app (hosted in Lacros).", + "Deprecated. This vaule is no longer used. Application type standalone browser chrome app.", "Application type extension.", - "Application type standalone browser extension.", + "Deprecated. This vaule is no longer used. Application type standalone browser extension.", "Application type bruschetta." ], "type": "string" @@ -3793,6 +3811,24 @@ "APPLICATION_TYPE_STANDALONE_BROWSER_EXTENSION", "APPLICATION_TYPE_BRUSCHETTA" ], + "enumDeprecated": [ + false, + false, + false, + false, + false, + false, + false, + false, + true, + false, + false, + false, + true, + false, + true, + false + ], "enumDescriptions": [ "Application type unknown.", "Application type arc (Android app).", @@ -3802,13 +3838,13 @@ "Application type web.", "Application type Mac OS.", "Application type Plugin VM.", - "Application type standalone browser (Lacros browser app).", + "Deprecated. This vaule is no longer used. Application type standalone browser (Lacros browser app).", "Application type remote.", "Application type borealis.", "Application type system web.", - "Application type standalone browser chrome app (hosted in Lacros).", + "Deprecated. This vaule is no longer used. Application type standalone browser chrome app.", "Application type extension.", - "Application type standalone browser extension.", + "Deprecated. This vaule is no longer used. Application type standalone browser extension.", "Application type bruschetta." ], "type": "string" @@ -3940,6 +3976,24 @@ "APPLICATION_TYPE_STANDALONE_BROWSER_EXTENSION", "APPLICATION_TYPE_BRUSCHETTA" ], + "enumDeprecated": [ + false, + false, + false, + false, + false, + false, + false, + false, + true, + false, + false, + false, + true, + false, + true, + false + ], "enumDescriptions": [ "Application type unknown.", "Application type arc (Android app).", @@ -3949,13 +4003,13 @@ "Application type web.", "Application type Mac OS.", "Application type Plugin VM.", - "Application type standalone browser (Lacros browser app).", + "Deprecated. This vaule is no longer used. Application type standalone browser (Lacros browser app).", "Application type remote.", "Application type borealis.", "Application type system web.", - "Application type standalone browser chrome app (hosted in Lacros).", + "Deprecated. This vaule is no longer used. Application type standalone browser chrome app.", "Application type extension.", - "Application type standalone browser extension.", + "Deprecated. This vaule is no longer used. Application type standalone browser extension.", "Application type bruschetta." ], "type": "string" @@ -3991,6 +4045,24 @@ "APPLICATION_TYPE_STANDALONE_BROWSER_EXTENSION", "APPLICATION_TYPE_BRUSCHETTA" ], + "enumDeprecated": [ + false, + false, + false, + false, + false, + false, + false, + false, + true, + false, + false, + false, + true, + false, + true, + false + ], "enumDescriptions": [ "Application type unknown.", "Application type arc (Android app).", @@ -4000,13 +4072,13 @@ "Application type web.", "Application type Mac OS.", "Application type Plugin VM.", - "Application type standalone browser (Lacros browser app).", + "Deprecated. This vaule is no longer used. Application type standalone browser (Lacros browser app).", "Application type remote.", "Application type borealis.", "Application type system web.", - "Application type standalone browser chrome app (hosted in Lacros).", + "Deprecated. This vaule is no longer used. Application type standalone browser chrome app.", "Application type extension.", - "Application type standalone browser extension.", + "Deprecated. This vaule is no longer used. Application type standalone browser extension.", "Application type bruschetta." ], "type": "string" diff --git a/chromemanagement/v1/chromemanagement-gen.go b/chromemanagement/v1/chromemanagement-gen.go index 1f072cc9edf..0b5ca8a8ec8 100644 --- a/chromemanagement/v1/chromemanagement-gen.go +++ b/chromemanagement/v1/chromemanagement-gen.go @@ -489,16 +489,16 @@ type GoogleChromeManagementV1AppUsageData struct { // "APPLICATION_TYPE_WEB" - Application type web. // "APPLICATION_TYPE_MAC_OS" - Application type Mac OS. // "APPLICATION_TYPE_PLUGIN_VM" - Application type Plugin VM. - // "APPLICATION_TYPE_STANDALONE_BROWSER" - Application type standalone - // browser (Lacros browser app). + // "APPLICATION_TYPE_STANDALONE_BROWSER" - Deprecated. This vaule is no + // longer used. Application type standalone browser (Lacros browser app). // "APPLICATION_TYPE_REMOTE" - Application type remote. // "APPLICATION_TYPE_BOREALIS" - Application type borealis. // "APPLICATION_TYPE_SYSTEM_WEB" - Application type system web. - // "APPLICATION_TYPE_STANDALONE_BROWSER_CHROME_APP" - Application type - // standalone browser chrome app (hosted in Lacros). + // "APPLICATION_TYPE_STANDALONE_BROWSER_CHROME_APP" - Deprecated. This vaule + // is no longer used. Application type standalone browser chrome app. // "APPLICATION_TYPE_EXTENSION" - Application type extension. - // "APPLICATION_TYPE_STANDALONE_BROWSER_EXTENSION" - Application type - // standalone browser extension. + // "APPLICATION_TYPE_STANDALONE_BROWSER_EXTENSION" - Deprecated. This vaule + // is no longer used. Application type standalone browser extension. // "APPLICATION_TYPE_BRUSCHETTA" - Application type bruschetta. AppType string `json:"appType,omitempty"` // RunningDuration: App foreground running time. @@ -2983,16 +2983,16 @@ type GoogleChromeManagementV1TelemetryAppInstallEvent struct { // "APPLICATION_TYPE_WEB" - Application type web. // "APPLICATION_TYPE_MAC_OS" - Application type Mac OS. // "APPLICATION_TYPE_PLUGIN_VM" - Application type Plugin VM. - // "APPLICATION_TYPE_STANDALONE_BROWSER" - Application type standalone - // browser (Lacros browser app). + // "APPLICATION_TYPE_STANDALONE_BROWSER" - Deprecated. This vaule is no + // longer used. Application type standalone browser (Lacros browser app). // "APPLICATION_TYPE_REMOTE" - Application type remote. // "APPLICATION_TYPE_BOREALIS" - Application type borealis. // "APPLICATION_TYPE_SYSTEM_WEB" - Application type system web. - // "APPLICATION_TYPE_STANDALONE_BROWSER_CHROME_APP" - Application type - // standalone browser chrome app (hosted in Lacros). + // "APPLICATION_TYPE_STANDALONE_BROWSER_CHROME_APP" - Deprecated. This vaule + // is no longer used. Application type standalone browser chrome app. // "APPLICATION_TYPE_EXTENSION" - Application type extension. - // "APPLICATION_TYPE_STANDALONE_BROWSER_EXTENSION" - Application type - // standalone browser extension. + // "APPLICATION_TYPE_STANDALONE_BROWSER_EXTENSION" - Deprecated. This vaule + // is no longer used. Application type standalone browser extension. // "APPLICATION_TYPE_BRUSCHETTA" - Application type bruschetta. AppType string `json:"appType,omitempty"` // ForceSendFields is a list of field names (e.g. "AppId") to unconditionally @@ -3115,16 +3115,16 @@ type GoogleChromeManagementV1TelemetryAppLaunchEvent struct { // "APPLICATION_TYPE_WEB" - Application type web. // "APPLICATION_TYPE_MAC_OS" - Application type Mac OS. // "APPLICATION_TYPE_PLUGIN_VM" - Application type Plugin VM. - // "APPLICATION_TYPE_STANDALONE_BROWSER" - Application type standalone - // browser (Lacros browser app). + // "APPLICATION_TYPE_STANDALONE_BROWSER" - Deprecated. This vaule is no + // longer used. Application type standalone browser (Lacros browser app). // "APPLICATION_TYPE_REMOTE" - Application type remote. // "APPLICATION_TYPE_BOREALIS" - Application type borealis. // "APPLICATION_TYPE_SYSTEM_WEB" - Application type system web. - // "APPLICATION_TYPE_STANDALONE_BROWSER_CHROME_APP" - Application type - // standalone browser chrome app (hosted in Lacros). + // "APPLICATION_TYPE_STANDALONE_BROWSER_CHROME_APP" - Deprecated. This vaule + // is no longer used. Application type standalone browser chrome app. // "APPLICATION_TYPE_EXTENSION" - Application type extension. - // "APPLICATION_TYPE_STANDALONE_BROWSER_EXTENSION" - Application type - // standalone browser extension. + // "APPLICATION_TYPE_STANDALONE_BROWSER_EXTENSION" - Deprecated. This vaule + // is no longer used. Application type standalone browser extension. // "APPLICATION_TYPE_BRUSCHETTA" - Application type bruschetta. AppType string `json:"appType,omitempty"` // ForceSendFields is a list of field names (e.g. "AppId") to unconditionally @@ -3161,16 +3161,16 @@ type GoogleChromeManagementV1TelemetryAppUninstallEvent struct { // "APPLICATION_TYPE_WEB" - Application type web. // "APPLICATION_TYPE_MAC_OS" - Application type Mac OS. // "APPLICATION_TYPE_PLUGIN_VM" - Application type Plugin VM. - // "APPLICATION_TYPE_STANDALONE_BROWSER" - Application type standalone - // browser (Lacros browser app). + // "APPLICATION_TYPE_STANDALONE_BROWSER" - Deprecated. This vaule is no + // longer used. Application type standalone browser (Lacros browser app). // "APPLICATION_TYPE_REMOTE" - Application type remote. // "APPLICATION_TYPE_BOREALIS" - Application type borealis. // "APPLICATION_TYPE_SYSTEM_WEB" - Application type system web. - // "APPLICATION_TYPE_STANDALONE_BROWSER_CHROME_APP" - Application type - // standalone browser chrome app (hosted in Lacros). + // "APPLICATION_TYPE_STANDALONE_BROWSER_CHROME_APP" - Deprecated. This vaule + // is no longer used. Application type standalone browser chrome app. // "APPLICATION_TYPE_EXTENSION" - Application type extension. - // "APPLICATION_TYPE_STANDALONE_BROWSER_EXTENSION" - Application type - // standalone browser extension. + // "APPLICATION_TYPE_STANDALONE_BROWSER_EXTENSION" - Deprecated. This vaule + // is no longer used. Application type standalone browser extension. // "APPLICATION_TYPE_BRUSCHETTA" - Application type bruschetta. AppType string `json:"appType,omitempty"` // AppUninstallSource: App uninstall source. diff --git a/classroom/v1/classroom-api.json b/classroom/v1/classroom-api.json index 8b9db308f1f..75d2143507c 100644 --- a/classroom/v1/classroom-api.json +++ b/classroom/v1/classroom-api.json @@ -2,12 +2,6 @@ "auth": { "oauth2": { "scopes": { - "https://www.googleapis.com/auth/classroom.addons.student": { - "description": "See and update its own attachments to posts in Google Classroom" - }, - "https://www.googleapis.com/auth/classroom.addons.teacher": { - "description": "See, create, and update its own attachments to posts in classes you teach in Google Classroom" - }, "https://www.googleapis.com/auth/classroom.announcements": { "description": "View and manage announcements in Google Classroom" }, @@ -596,11 +590,7 @@ "path": "v1/courses/{courseId}/announcements/{itemId}/addOnContext", "response": { "$ref": "AddOnContext" - }, - "scopes": [ - "https://www.googleapis.com/auth/classroom.addons.student", - "https://www.googleapis.com/auth/classroom.addons.teacher" - ] + } }, "list": { "description": "Returns a list of announcements that the requester is permitted to view. Course students may only view `PUBLISHED` announcements. Course teachers and domain administrators may view all announcements. This method returns the following error codes: * `PERMISSION_DENIED` if the requesting user is not permitted to access the requested course or for access errors. * `INVALID_ARGUMENT` if the request is malformed. * `NOT_FOUND` if the requested course does not exist.", @@ -779,10 +769,7 @@ }, "response": { "$ref": "AddOnAttachment" - }, - "scopes": [ - "https://www.googleapis.com/auth/classroom.addons.teacher" - ] + } }, "delete": { "description": "Deletes an add-on attachment. Requires the add-on to have been the original creator of the attachment. This method returns the following error codes: * `PERMISSION_DENIED` for access errors. * `INVALID_ARGUMENT` if the request is malformed. * `NOT_FOUND` if one of the identified resources does not exist.", @@ -823,10 +810,7 @@ "path": "v1/courses/{courseId}/announcements/{itemId}/addOnAttachments/{attachmentId}", "response": { "$ref": "Empty" - }, - "scopes": [ - "https://www.googleapis.com/auth/classroom.addons.teacher" - ] + } }, "get": { "description": "Returns an add-on attachment. Requires the add-on requesting the attachment to be the original creator of the attachment. This method returns the following error codes: * `PERMISSION_DENIED` for access errors. * `INVALID_ARGUMENT` if the request is malformed. * `NOT_FOUND` if one of the identified resources does not exist.", @@ -867,11 +851,7 @@ "path": "v1/courses/{courseId}/announcements/{itemId}/addOnAttachments/{attachmentId}", "response": { "$ref": "AddOnAttachment" - }, - "scopes": [ - "https://www.googleapis.com/auth/classroom.addons.student", - "https://www.googleapis.com/auth/classroom.addons.teacher" - ] + } }, "list": { "description": "Returns all attachments created by an add-on under the post. Requires the add-on to have active attachments on the post or have permission to create new attachments on the post. This method returns the following error codes: * `PERMISSION_DENIED` for access errors. * `INVALID_ARGUMENT` if the request is malformed. * `NOT_FOUND` if one of the identified resources does not exist.", @@ -916,11 +896,7 @@ "path": "v1/courses/{courseId}/announcements/{itemId}/addOnAttachments", "response": { "$ref": "ListAddOnAttachmentsResponse" - }, - "scopes": [ - "https://www.googleapis.com/auth/classroom.addons.student", - "https://www.googleapis.com/auth/classroom.addons.teacher" - ] + } }, "patch": { "description": "Updates an add-on attachment. Requires the add-on to have been the original creator of the attachment. This method returns the following error codes: * `PERMISSION_DENIED` for access errors. * `INVALID_ARGUMENT` if the request is malformed. * `NOT_FOUND` if one of the identified resources does not exist.", @@ -969,10 +945,7 @@ }, "response": { "$ref": "AddOnAttachment" - }, - "scopes": [ - "https://www.googleapis.com/auth/classroom.addons.teacher" - ] + } } } } @@ -1114,11 +1087,7 @@ "path": "v1/courses/{courseId}/courseWork/{itemId}/addOnContext", "response": { "$ref": "AddOnContext" - }, - "scopes": [ - "https://www.googleapis.com/auth/classroom.addons.student", - "https://www.googleapis.com/auth/classroom.addons.teacher" - ] + } }, "list": { "description": "Returns a list of course work that the requester is permitted to view. Course students may only view `PUBLISHED` course work. Course teachers and domain administrators may view all course work. This method returns the following error codes: * `PERMISSION_DENIED` if the requesting user is not permitted to access the requested course or for access errors. * `INVALID_ARGUMENT` if the request is malformed. * `NOT_FOUND` if the requested course does not exist.", @@ -1344,10 +1313,7 @@ }, "response": { "$ref": "AddOnAttachment" - }, - "scopes": [ - "https://www.googleapis.com/auth/classroom.addons.teacher" - ] + } }, "delete": { "description": "Deletes an add-on attachment. Requires the add-on to have been the original creator of the attachment. This method returns the following error codes: * `PERMISSION_DENIED` for access errors. * `INVALID_ARGUMENT` if the request is malformed. * `NOT_FOUND` if one of the identified resources does not exist.", @@ -1388,10 +1354,7 @@ "path": "v1/courses/{courseId}/courseWork/{itemId}/addOnAttachments/{attachmentId}", "response": { "$ref": "Empty" - }, - "scopes": [ - "https://www.googleapis.com/auth/classroom.addons.teacher" - ] + } }, "get": { "description": "Returns an add-on attachment. Requires the add-on requesting the attachment to be the original creator of the attachment. This method returns the following error codes: * `PERMISSION_DENIED` for access errors. * `INVALID_ARGUMENT` if the request is malformed. * `NOT_FOUND` if one of the identified resources does not exist.", @@ -1432,11 +1395,7 @@ "path": "v1/courses/{courseId}/courseWork/{itemId}/addOnAttachments/{attachmentId}", "response": { "$ref": "AddOnAttachment" - }, - "scopes": [ - "https://www.googleapis.com/auth/classroom.addons.student", - "https://www.googleapis.com/auth/classroom.addons.teacher" - ] + } }, "list": { "description": "Returns all attachments created by an add-on under the post. Requires the add-on to have active attachments on the post or have permission to create new attachments on the post. This method returns the following error codes: * `PERMISSION_DENIED` for access errors. * `INVALID_ARGUMENT` if the request is malformed. * `NOT_FOUND` if one of the identified resources does not exist.", @@ -1481,11 +1440,7 @@ "path": "v1/courses/{courseId}/courseWork/{itemId}/addOnAttachments", "response": { "$ref": "ListAddOnAttachmentsResponse" - }, - "scopes": [ - "https://www.googleapis.com/auth/classroom.addons.student", - "https://www.googleapis.com/auth/classroom.addons.teacher" - ] + } }, "patch": { "description": "Updates an add-on attachment. Requires the add-on to have been the original creator of the attachment. This method returns the following error codes: * `PERMISSION_DENIED` for access errors. * `INVALID_ARGUMENT` if the request is malformed. * `NOT_FOUND` if one of the identified resources does not exist.", @@ -1534,10 +1489,7 @@ }, "response": { "$ref": "AddOnAttachment" - }, - "scopes": [ - "https://www.googleapis.com/auth/classroom.addons.teacher" - ] + } } }, "resources": { @@ -1591,8 +1543,6 @@ "$ref": "AddOnAttachmentStudentSubmission" }, "scopes": [ - "https://www.googleapis.com/auth/classroom.addons.student", - "https://www.googleapis.com/auth/classroom.addons.teacher", "https://www.googleapis.com/auth/classroom.student-submissions.students.readonly" ] }, @@ -1651,10 +1601,7 @@ }, "response": { "$ref": "AddOnAttachmentStudentSubmission" - }, - "scopes": [ - "https://www.googleapis.com/auth/classroom.addons.teacher" - ] + } } } } @@ -2354,11 +2301,7 @@ "path": "v1/courses/{courseId}/courseWorkMaterials/{itemId}/addOnContext", "response": { "$ref": "AddOnContext" - }, - "scopes": [ - "https://www.googleapis.com/auth/classroom.addons.student", - "https://www.googleapis.com/auth/classroom.addons.teacher" - ] + } }, "list": { "description": "Returns a list of course work material that the requester is permitted to view. Course students may only view `PUBLISHED` course work material. Course teachers and domain administrators may view all course work material. This method returns the following error codes: * `PERMISSION_DENIED` if the requesting user is not permitted to access the requested course or for access errors. * `INVALID_ARGUMENT` if the request is malformed. * `NOT_FOUND` if the requested course does not exist.", @@ -2513,10 +2456,7 @@ }, "response": { "$ref": "AddOnAttachment" - }, - "scopes": [ - "https://www.googleapis.com/auth/classroom.addons.teacher" - ] + } }, "delete": { "description": "Deletes an add-on attachment. Requires the add-on to have been the original creator of the attachment. This method returns the following error codes: * `PERMISSION_DENIED` for access errors. * `INVALID_ARGUMENT` if the request is malformed. * `NOT_FOUND` if one of the identified resources does not exist.", @@ -2557,10 +2497,7 @@ "path": "v1/courses/{courseId}/courseWorkMaterials/{itemId}/addOnAttachments/{attachmentId}", "response": { "$ref": "Empty" - }, - "scopes": [ - "https://www.googleapis.com/auth/classroom.addons.teacher" - ] + } }, "get": { "description": "Returns an add-on attachment. Requires the add-on requesting the attachment to be the original creator of the attachment. This method returns the following error codes: * `PERMISSION_DENIED` for access errors. * `INVALID_ARGUMENT` if the request is malformed. * `NOT_FOUND` if one of the identified resources does not exist.", @@ -2601,11 +2538,7 @@ "path": "v1/courses/{courseId}/courseWorkMaterials/{itemId}/addOnAttachments/{attachmentId}", "response": { "$ref": "AddOnAttachment" - }, - "scopes": [ - "https://www.googleapis.com/auth/classroom.addons.student", - "https://www.googleapis.com/auth/classroom.addons.teacher" - ] + } }, "list": { "description": "Returns all attachments created by an add-on under the post. Requires the add-on to have active attachments on the post or have permission to create new attachments on the post. This method returns the following error codes: * `PERMISSION_DENIED` for access errors. * `INVALID_ARGUMENT` if the request is malformed. * `NOT_FOUND` if one of the identified resources does not exist.", @@ -2650,11 +2583,7 @@ "path": "v1/courses/{courseId}/courseWorkMaterials/{itemId}/addOnAttachments", "response": { "$ref": "ListAddOnAttachmentsResponse" - }, - "scopes": [ - "https://www.googleapis.com/auth/classroom.addons.student", - "https://www.googleapis.com/auth/classroom.addons.teacher" - ] + } }, "patch": { "description": "Updates an add-on attachment. Requires the add-on to have been the original creator of the attachment. This method returns the following error codes: * `PERMISSION_DENIED` for access errors. * `INVALID_ARGUMENT` if the request is malformed. * `NOT_FOUND` if one of the identified resources does not exist.", @@ -2703,10 +2632,7 @@ }, "response": { "$ref": "AddOnAttachment" - }, - "scopes": [ - "https://www.googleapis.com/auth/classroom.addons.teacher" - ] + } } } } @@ -2755,11 +2681,7 @@ "path": "v1/courses/{courseId}/posts/{postId}/addOnContext", "response": { "$ref": "AddOnContext" - }, - "scopes": [ - "https://www.googleapis.com/auth/classroom.addons.student", - "https://www.googleapis.com/auth/classroom.addons.teacher" - ] + } } }, "resources": { @@ -2804,10 +2726,7 @@ }, "response": { "$ref": "AddOnAttachment" - }, - "scopes": [ - "https://www.googleapis.com/auth/classroom.addons.teacher" - ] + } }, "delete": { "description": "Deletes an add-on attachment. Requires the add-on to have been the original creator of the attachment. This method returns the following error codes: * `PERMISSION_DENIED` for access errors. * `INVALID_ARGUMENT` if the request is malformed. * `NOT_FOUND` if one of the identified resources does not exist.", @@ -2847,10 +2766,7 @@ "path": "v1/courses/{courseId}/posts/{postId}/addOnAttachments/{attachmentId}", "response": { "$ref": "Empty" - }, - "scopes": [ - "https://www.googleapis.com/auth/classroom.addons.teacher" - ] + } }, "get": { "description": "Returns an add-on attachment. Requires the add-on requesting the attachment to be the original creator of the attachment. This method returns the following error codes: * `PERMISSION_DENIED` for access errors. * `INVALID_ARGUMENT` if the request is malformed. * `NOT_FOUND` if one of the identified resources does not exist.", @@ -2890,11 +2806,7 @@ "path": "v1/courses/{courseId}/posts/{postId}/addOnAttachments/{attachmentId}", "response": { "$ref": "AddOnAttachment" - }, - "scopes": [ - "https://www.googleapis.com/auth/classroom.addons.student", - "https://www.googleapis.com/auth/classroom.addons.teacher" - ] + } }, "list": { "description": "Returns all attachments created by an add-on under the post. Requires the add-on to have active attachments on the post or have permission to create new attachments on the post. This method returns the following error codes: * `PERMISSION_DENIED` for access errors. * `INVALID_ARGUMENT` if the request is malformed. * `NOT_FOUND` if one of the identified resources does not exist.", @@ -2938,11 +2850,7 @@ "path": "v1/courses/{courseId}/posts/{postId}/addOnAttachments", "response": { "$ref": "ListAddOnAttachmentsResponse" - }, - "scopes": [ - "https://www.googleapis.com/auth/classroom.addons.student", - "https://www.googleapis.com/auth/classroom.addons.teacher" - ] + } }, "patch": { "description": "Updates an add-on attachment. Requires the add-on to have been the original creator of the attachment. This method returns the following error codes: * `PERMISSION_DENIED` for access errors. * `INVALID_ARGUMENT` if the request is malformed. * `NOT_FOUND` if one of the identified resources does not exist.", @@ -2991,10 +2899,7 @@ }, "response": { "$ref": "AddOnAttachment" - }, - "scopes": [ - "https://www.googleapis.com/auth/classroom.addons.teacher" - ] + } } }, "resources": { @@ -3047,8 +2952,6 @@ "$ref": "AddOnAttachmentStudentSubmission" }, "scopes": [ - "https://www.googleapis.com/auth/classroom.addons.student", - "https://www.googleapis.com/auth/classroom.addons.teacher", "https://www.googleapis.com/auth/classroom.student-submissions.students.readonly" ] }, @@ -3106,10 +3009,7 @@ }, "response": { "$ref": "AddOnAttachmentStudentSubmission" - }, - "scopes": [ - "https://www.googleapis.com/auth/classroom.addons.teacher" - ] + } } } } @@ -4049,7 +3949,7 @@ } } }, - "revision": "20241208", + "revision": "20241209", "rootUrl": "https://classroom.googleapis.com/", "schemas": { "AddOnAttachment": { diff --git a/classroom/v1/classroom-gen.go b/classroom/v1/classroom-gen.go index 92433aae7fa..7ea23ee0fe9 100644 --- a/classroom/v1/classroom-gen.go +++ b/classroom/v1/classroom-gen.go @@ -100,13 +100,6 @@ const mtlsBasePath = "https://classroom.mtls.googleapis.com/" // OAuth2 scopes used by this API. const ( - // See and update its own attachments to posts in Google Classroom - ClassroomAddonsStudentScope = "https://www.googleapis.com/auth/classroom.addons.student" - - // See, create, and update its own attachments to posts in classes you teach in - // Google Classroom - ClassroomAddonsTeacherScope = "https://www.googleapis.com/auth/classroom.addons.teacher" - // View and manage announcements in Google Classroom ClassroomAnnouncementsScope = "https://www.googleapis.com/auth/classroom.announcements" @@ -181,8 +174,6 @@ const ( // NewService creates a new Service. func NewService(ctx context.Context, opts ...option.ClientOption) (*Service, error) { scopesOption := internaloption.WithDefaultScopes( - "https://www.googleapis.com/auth/classroom.addons.student", - "https://www.googleapis.com/auth/classroom.addons.teacher", "https://www.googleapis.com/auth/classroom.announcements", "https://www.googleapis.com/auth/classroom.announcements.readonly", "https://www.googleapis.com/auth/classroom.courses", diff --git a/cloudfunctions/v2/cloudfunctions-api.json b/cloudfunctions/v2/cloudfunctions-api.json index 43b4401dee2..dae5ec17f79 100644 --- a/cloudfunctions/v2/cloudfunctions-api.json +++ b/cloudfunctions/v2/cloudfunctions-api.json @@ -716,7 +716,7 @@ } } }, - "revision": "20241117", + "revision": "20241205", "rootUrl": "https://cloudfunctions.googleapis.com/", "schemas": { "AbortFunctionUpgradeRequest": { @@ -1226,7 +1226,8 @@ "ROLLBACK_FUNCTION_UPGRADE_TRAFFIC", "SETUP_FUNCTION_UPGRADE_CONFIG", "ABORT_FUNCTION_UPGRADE", - "COMMIT_FUNCTION_UPGRADE" + "COMMIT_FUNCTION_UPGRADE", + "DETACH_FUNCTION" ], "enumDescriptions": [ "Unspecified", @@ -1237,7 +1238,8 @@ "RollbackFunctionUpgradeTraffic", "SetupFunctionUpgradeConfig", "AbortFunctionUpgrade", - "CommitFunctionUpgrade" + "CommitFunctionUpgrade", + "DetachFunction" ], "type": "string" }, diff --git a/cloudfunctions/v2/cloudfunctions-gen.go b/cloudfunctions/v2/cloudfunctions-gen.go index ea60ed968e3..0b60df749ae 100644 --- a/cloudfunctions/v2/cloudfunctions-gen.go +++ b/cloudfunctions/v2/cloudfunctions-gen.go @@ -907,6 +907,7 @@ type GoogleCloudFunctionsV2OperationMetadata struct { // "SETUP_FUNCTION_UPGRADE_CONFIG" - SetupFunctionUpgradeConfig // "ABORT_FUNCTION_UPGRADE" - AbortFunctionUpgrade // "COMMIT_FUNCTION_UPGRADE" - CommitFunctionUpgrade + // "DETACH_FUNCTION" - DetachFunction OperationType string `json:"operationType,omitempty"` // RequestResource: The original request that started the operation. RequestResource googleapi.RawMessage `json:"requestResource,omitempty"` diff --git a/cloudfunctions/v2alpha/cloudfunctions-api.json b/cloudfunctions/v2alpha/cloudfunctions-api.json index a27ac278cb2..92446fb3a25 100644 --- a/cloudfunctions/v2alpha/cloudfunctions-api.json +++ b/cloudfunctions/v2alpha/cloudfunctions-api.json @@ -716,7 +716,7 @@ } } }, - "revision": "20241117", + "revision": "20241205", "rootUrl": "https://cloudfunctions.googleapis.com/", "schemas": { "AbortFunctionUpgradeRequest": { @@ -1226,7 +1226,8 @@ "ROLLBACK_FUNCTION_UPGRADE_TRAFFIC", "SETUP_FUNCTION_UPGRADE_CONFIG", "ABORT_FUNCTION_UPGRADE", - "COMMIT_FUNCTION_UPGRADE" + "COMMIT_FUNCTION_UPGRADE", + "DETACH_FUNCTION" ], "enumDescriptions": [ "Unspecified", @@ -1237,7 +1238,8 @@ "RollbackFunctionUpgradeTraffic", "SetupFunctionUpgradeConfig", "AbortFunctionUpgrade", - "CommitFunctionUpgrade" + "CommitFunctionUpgrade", + "DetachFunction" ], "type": "string" }, diff --git a/cloudfunctions/v2alpha/cloudfunctions-gen.go b/cloudfunctions/v2alpha/cloudfunctions-gen.go index cf06845e93c..b7e9858c647 100644 --- a/cloudfunctions/v2alpha/cloudfunctions-gen.go +++ b/cloudfunctions/v2alpha/cloudfunctions-gen.go @@ -907,6 +907,7 @@ type GoogleCloudFunctionsV2alphaOperationMetadata struct { // "SETUP_FUNCTION_UPGRADE_CONFIG" - SetupFunctionUpgradeConfig // "ABORT_FUNCTION_UPGRADE" - AbortFunctionUpgrade // "COMMIT_FUNCTION_UPGRADE" - CommitFunctionUpgrade + // "DETACH_FUNCTION" - DetachFunction OperationType string `json:"operationType,omitempty"` // RequestResource: The original request that started the operation. RequestResource googleapi.RawMessage `json:"requestResource,omitempty"` diff --git a/cloudfunctions/v2beta/cloudfunctions-api.json b/cloudfunctions/v2beta/cloudfunctions-api.json index 7f408df7b65..2e7252fedfe 100644 --- a/cloudfunctions/v2beta/cloudfunctions-api.json +++ b/cloudfunctions/v2beta/cloudfunctions-api.json @@ -716,7 +716,7 @@ } } }, - "revision": "20241117", + "revision": "20241205", "rootUrl": "https://cloudfunctions.googleapis.com/", "schemas": { "AbortFunctionUpgradeRequest": { @@ -1226,7 +1226,8 @@ "ROLLBACK_FUNCTION_UPGRADE_TRAFFIC", "SETUP_FUNCTION_UPGRADE_CONFIG", "ABORT_FUNCTION_UPGRADE", - "COMMIT_FUNCTION_UPGRADE" + "COMMIT_FUNCTION_UPGRADE", + "DETACH_FUNCTION" ], "enumDescriptions": [ "Unspecified", @@ -1237,7 +1238,8 @@ "RollbackFunctionUpgradeTraffic", "SetupFunctionUpgradeConfig", "AbortFunctionUpgrade", - "CommitFunctionUpgrade" + "CommitFunctionUpgrade", + "DetachFunction" ], "type": "string" }, diff --git a/cloudfunctions/v2beta/cloudfunctions-gen.go b/cloudfunctions/v2beta/cloudfunctions-gen.go index b4dada26aef..350a7215c12 100644 --- a/cloudfunctions/v2beta/cloudfunctions-gen.go +++ b/cloudfunctions/v2beta/cloudfunctions-gen.go @@ -907,6 +907,7 @@ type GoogleCloudFunctionsV2betaOperationMetadata struct { // "SETUP_FUNCTION_UPGRADE_CONFIG" - SetupFunctionUpgradeConfig // "ABORT_FUNCTION_UPGRADE" - AbortFunctionUpgrade // "COMMIT_FUNCTION_UPGRADE" - CommitFunctionUpgrade + // "DETACH_FUNCTION" - DetachFunction OperationType string `json:"operationType,omitempty"` // RequestResource: The original request that started the operation. RequestResource googleapi.RawMessage `json:"requestResource,omitempty"` diff --git a/cloudidentity/v1beta1/cloudidentity-api.json b/cloudidentity/v1beta1/cloudidentity-api.json index 7b2fa6a4578..35693155335 100644 --- a/cloudidentity/v1beta1/cloudidentity-api.json +++ b/cloudidentity/v1beta1/cloudidentity-api.json @@ -23,12 +23,6 @@ "https://www.googleapis.com/auth/cloud-identity.inboundsso.readonly": { "description": "See all of the Inbound SSO profiles and their assignments to any Org Units or Google Groups in your Cloud Identity Organization." }, - "https://www.googleapis.com/auth/cloud-identity.orgunits": { - "description": "List, Move orgmembers of an OrgUnit in your Cloud Identity Organization." - }, - "https://www.googleapis.com/auth/cloud-identity.orgunits.readonly": { - "description": "List org members of an OrgUnit in your Cloud Identity Organization." - }, "https://www.googleapis.com/auth/cloud-identity.policies": { "description": "See and edit policies in your Cloud Identity Organization." }, @@ -2021,11 +2015,7 @@ "path": "v1beta1/{+parent}/memberships", "response": { "$ref": "ListOrgMembershipsResponse" - }, - "scopes": [ - "https://www.googleapis.com/auth/cloud-identity.orgunits", - "https://www.googleapis.com/auth/cloud-identity.orgunits.readonly" - ] + } }, "move": { "description": "Move an OrgMembership to a new OrgUnit. NOTE: This is an atomic copy-and-delete. The resource will have a new copy under the destination OrgUnit and be deleted from the source OrgUnit. The resource can only be searched under the destination OrgUnit afterwards.", @@ -2050,10 +2040,7 @@ }, "response": { "$ref": "Operation" - }, - "scopes": [ - "https://www.googleapis.com/auth/cloud-identity.orgunits" - ] + } } } } @@ -2123,7 +2110,7 @@ } } }, - "revision": "20241208", + "revision": "20241210", "rootUrl": "https://cloudidentity.googleapis.com/", "schemas": { "AddIdpCredentialOperationMetadata": { diff --git a/cloudidentity/v1beta1/cloudidentity-gen.go b/cloudidentity/v1beta1/cloudidentity-gen.go index c21712e22a8..99ce148811a 100644 --- a/cloudidentity/v1beta1/cloudidentity-gen.go +++ b/cloudidentity/v1beta1/cloudidentity-gen.go @@ -126,12 +126,6 @@ const ( // or Google Groups in your Cloud Identity Organization. CloudIdentityInboundssoReadonlyScope = "https://www.googleapis.com/auth/cloud-identity.inboundsso.readonly" - // List, Move orgmembers of an OrgUnit in your Cloud Identity Organization. - CloudIdentityOrgunitsScope = "https://www.googleapis.com/auth/cloud-identity.orgunits" - - // List org members of an OrgUnit in your Cloud Identity Organization. - CloudIdentityOrgunitsReadonlyScope = "https://www.googleapis.com/auth/cloud-identity.orgunits.readonly" - // See and edit policies in your Cloud Identity Organization. CloudIdentityPoliciesScope = "https://www.googleapis.com/auth/cloud-identity.policies" @@ -153,8 +147,6 @@ func NewService(ctx context.Context, opts ...option.ClientOption) (*Service, err "https://www.googleapis.com/auth/cloud-identity.groups.readonly", "https://www.googleapis.com/auth/cloud-identity.inboundsso", "https://www.googleapis.com/auth/cloud-identity.inboundsso.readonly", - "https://www.googleapis.com/auth/cloud-identity.orgunits", - "https://www.googleapis.com/auth/cloud-identity.orgunits.readonly", "https://www.googleapis.com/auth/cloud-identity.policies", "https://www.googleapis.com/auth/cloud-identity.policies.readonly", "https://www.googleapis.com/auth/cloud-platform", diff --git a/datastore/v1/datastore-api.json b/datastore/v1/datastore-api.json index 1312e1fb4fa..20145568c23 100644 --- a/datastore/v1/datastore-api.json +++ b/datastore/v1/datastore-api.json @@ -530,7 +530,7 @@ "operations": { "methods": { "cancel": { - "description": "Starts asynchronous cancellation on a long-running operation. The server makes a best effort to cancel the operation, but success is not guaranteed. If the server doesn't support this method, it returns `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation or other methods to check whether the cancellation succeeded or whether the operation completed despite cancellation. On successful cancellation, the operation is not deleted; instead, it becomes an operation with an Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`.", + "description": "Starts asynchronous cancellation on a long-running operation. The server makes a best effort to cancel the operation, but success is not guaranteed. If the server doesn't support this method, it returns `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation or other methods to check whether the cancellation succeeded or whether the operation completed despite cancellation. On successful cancellation, the operation is not deleted; instead, it becomes an operation with an Operation.error value with a google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`.", "flatPath": "v1/projects/{projectsId}/operations/{operationsId}:cancel", "httpMethod": "POST", "id": "datastore.projects.operations.cancel", @@ -654,7 +654,7 @@ } } }, - "revision": "20241018", + "revision": "20241204", "rootUrl": "https://datastore.googleapis.com/", "schemas": { "Aggregation": { diff --git a/datastore/v1/datastore-gen.go b/datastore/v1/datastore-gen.go index 4481d56be60..0f3a7c2a457 100644 --- a/datastore/v1/datastore-gen.go +++ b/datastore/v1/datastore-gen.go @@ -4595,7 +4595,7 @@ type ProjectsOperationsCancelCall struct { // other methods to check whether the cancellation succeeded or whether the // operation completed despite cancellation. On successful cancellation, the // operation is not deleted; instead, it becomes an operation with an -// Operation.error value with a google.rpc.Status.code of 1, corresponding to +// Operation.error value with a google.rpc.Status.code of `1`, corresponding to // `Code.CANCELLED`. // // - name: The name of the operation resource to be cancelled. diff --git a/firestore/v1/firestore-api.json b/firestore/v1/firestore-api.json index a5dd57bc853..3f4697385e6 100644 --- a/firestore/v1/firestore-api.json +++ b/firestore/v1/firestore-api.json @@ -1421,7 +1421,7 @@ "operations": { "methods": { "cancel": { - "description": "Starts asynchronous cancellation on a long-running operation. The server makes a best effort to cancel the operation, but success is not guaranteed. If the server doesn't support this method, it returns `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation or other methods to check whether the cancellation succeeded or whether the operation completed despite cancellation. On successful cancellation, the operation is not deleted; instead, it becomes an operation with an Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`.", + "description": "Starts asynchronous cancellation on a long-running operation. The server makes a best effort to cancel the operation, but success is not guaranteed. If the server doesn't support this method, it returns `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation or other methods to check whether the cancellation succeeded or whether the operation completed despite cancellation. On successful cancellation, the operation is not deleted; instead, it becomes an operation with an Operation.error value with a google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`.", "flatPath": "v1/projects/{projectsId}/databases/{databasesId}/operations/{operationsId}:cancel", "httpMethod": "POST", "id": "firestore.projects.databases.operations.cancel", @@ -1711,7 +1711,7 @@ } } }, - "revision": "20241018", + "revision": "20241204", "rootUrl": "https://firestore.googleapis.com/", "schemas": { "Aggregation": { diff --git a/firestore/v1/firestore-gen.go b/firestore/v1/firestore-gen.go index dab4cec9991..6ef0fda13d4 100644 --- a/firestore/v1/firestore-gen.go +++ b/firestore/v1/firestore-gen.go @@ -8801,7 +8801,7 @@ type ProjectsDatabasesOperationsCancelCall struct { // other methods to check whether the cancellation succeeded or whether the // operation completed despite cancellation. On successful cancellation, the // operation is not deleted; instead, it becomes an operation with an -// Operation.error value with a google.rpc.Status.code of 1, corresponding to +// Operation.error value with a google.rpc.Status.code of `1`, corresponding to // `Code.CANCELLED`. // // - name: The name of the operation resource to be cancelled. diff --git a/go.work.sum b/go.work.sum index 67264de29b2..43ffe5381d4 100644 --- a/go.work.sum +++ b/go.work.sum @@ -704,6 +704,7 @@ go.opentelemetry.io/otel/trace v1.22.0/go.mod h1:RbbHXVqKES9QhzZq/fE5UnOSILqRt40 go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI= golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg= +golang.org/x/crypto v0.30.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= golang.org/x/mod v0.13.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= diff --git a/healthcare/v1/healthcare-api.json b/healthcare/v1/healthcare-api.json index 32a8ec0f5ca..ccf9a3c6992 100644 --- a/healthcare/v1/healthcare-api.json +++ b/healthcare/v1/healthcare-api.json @@ -2942,6 +2942,64 @@ }, "fhirStores": { "methods": { + "applyAdminConsents": { + "description": "Applies the admin Consent resources for the FHIR store and reindexes the underlying resources in the FHIR store according to the aggregate consents. This method also updates the `consent_config.enforced_admin_consents` field of the FhirStore unless `validate_only=true` in ApplyAdminConsentsRequest. Any admin Consent resource change after this operation execution (including deletion) requires you to call ApplyAdminConsents again for the change to take effect. This method returns an Operation that can be used to track the progress of the resources that were reindexed, by calling GetOperation. Upon completion, the ApplyAdminConsentsResponse additionally contains the number of resources that were reindexed. If at least one Consent resource contains an error or fails be be enforced for any reason, the method returns an error instead of an Operation. No resources will be reindexed and the `consent_config.enforced_admin_consents` field will be unchanged. To enforce a consent check for data access, `consent_config.access_enforced` must be set to true for the FhirStore.", + "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}:applyAdminConsents", + "httpMethod": "POST", + "id": "healthcare.projects.locations.datasets.fhirStores.applyAdminConsents", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. The name of the FHIR store to enforce, in the format `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/fhirStores/{fhir_store_id}`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/datasets/[^/]+/fhirStores/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v1/{+name}:applyAdminConsents", + "request": { + "$ref": "ApplyAdminConsentsRequest" + }, + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-healthcare", + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "applyConsents": { + "description": "Apply the Consent resources for the FHIR store and reindex the underlying resources in the FHIR store according to the aggregate consent. The aggregate consent of the patient in scope in this request replaces any previous call of this method. Any Consent resource change after this operation execution (including deletion) requires you to call ApplyConsents again to have effect. This method returns an Operation that can be used to track the progress of the consent resources that were processed by calling GetOperation. Upon completion, the ApplyConsentsResponse additionally contains the number of resources that was reindexed. Errors are logged to Cloud Logging (see [Viewing error logs in Cloud Logging](https://cloud.google.com/healthcare/docs/how-tos/logging)). To enforce consent check for data access, `consent_config.access_enforced` must be set to true for the FhirStore.", + "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}:applyConsents", + "httpMethod": "POST", + "id": "healthcare.projects.locations.datasets.fhirStores.applyConsents", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. The name of the FHIR store to enforce, in the format `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/fhirStores/{fhir_store_id}`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/datasets/[^/]+/fhirStores/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v1/{+name}:applyConsents", + "request": { + "$ref": "ApplyConsentsRequest" + }, + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-healthcare", + "https://www.googleapis.com/auth/cloud-platform" + ] + }, "create": { "description": "Creates a new FHIR store within the parent dataset.", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores", @@ -3031,6 +3089,37 @@ "https://www.googleapis.com/auth/cloud-platform" ] }, + "explainDataAccess": { + "description": "Explains all the permitted/denied actor, purpose and environment for a given resource.", + "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}:explainDataAccess", + "httpMethod": "GET", + "id": "healthcare.projects.locations.datasets.fhirStores.explainDataAccess", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. The name of the FHIR store to enforce, in the format `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/fhirStores/{fhir_store_id}`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/datasets/[^/]+/fhirStores/[^/]+$", + "required": true, + "type": "string" + }, + "resourceId": { + "description": "Required. The ID (`{resourceType}/{id}`) of the resource to explain data access on.", + "location": "query", + "type": "string" + } + }, + "path": "v1/{+name}:explainDataAccess", + "response": { + "$ref": "ExplainDataAccessResponse" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-healthcare", + "https://www.googleapis.com/auth/cloud-platform" + ] + }, "export": { "description": "Export resources from the FHIR store to the specified destination. This method returns an Operation that can be used to track the status of the export by calling GetOperation. Immediate fatal errors appear in the error field, errors are also logged to Cloud Logging (see [Viewing error logs in Cloud Logging](https://cloud.google.com/healthcare/docs/how-tos/logging)). Otherwise, when the operation finishes, a detailed response of type ExportResourcesResponse is returned in the response field. The metadata field type for this operation is OperationMetadata.", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}:export", @@ -3451,6 +3540,69 @@ "https://www.googleapis.com/auth/cloud-platform" ] }, + "Consent-enforcement-status": { + "description": "Returns the consent enforcement status of a single consent resource. On success, the response body contains a JSON-encoded representation of a `Parameters` (http://hl7.org/fhir/parameters.html) FHIR resource, containing the current enforcement status. Does not support DSTU2.", + "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/fhir/Consent/{ConsentId}/$consent-enforcement-status", + "httpMethod": "GET", + "id": "healthcare.projects.locations.datasets.fhirStores.fhir.Consent-enforcement-status", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. The name of the consent resource to find enforcement status, in the format `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/fhirStores/{fhir_store_id}/fhir/Consent/{consent_id}`", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/datasets/[^/]+/fhirStores/[^/]+/fhir/Consent/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v1/{+name}/$consent-enforcement-status", + "response": { + "$ref": "HttpBody" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-healthcare", + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "Patient-consent-enforcement-status": { + "description": "Returns the consent enforcement status of all consent resources for a patient. On success, the response body contains a JSON-encoded representation of a bundle of `Parameters` (http://hl7.org/fhir/parameters.html) FHIR resources, containing the current enforcement status for each consent resource of the patient. Does not support DSTU2.", + "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/fhir/Patient/{PatientId}/$consent-enforcement-status", + "httpMethod": "GET", + "id": "healthcare.projects.locations.datasets.fhirStores.fhir.Patient-consent-enforcement-status", + "parameterOrder": [ + "name" + ], + "parameters": { + "_count": { + "description": "Optional. The maximum number of results on a page. If not specified, 100 is used. May not be larger than 1000.", + "format": "int32", + "location": "query", + "type": "integer" + }, + "_page_token": { + "description": "Optional. Used to retrieve the first, previous, next, or last page of consent enforcement statuses when using pagination. Value should be set to the value of `_page_token` set in next or previous page links' URLs. Next and previous page are returned in the response bundle's links field, where `link.relation` is \"previous\" or \"next\". Omit `_page_token` if no previous request has been made.", + "location": "query", + "type": "string" + }, + "name": { + "description": "Required. The name of the patient to find enforcement statuses, in the format `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/fhirStores/{fhir_store_id}/fhir/Patient/{patient_id}`", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/datasets/[^/]+/fhirStores/[^/]+/fhir/Patient/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v1/{+name}/$consent-enforcement-status", + "response": { + "$ref": "HttpBody" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-healthcare", + "https://www.googleapis.com/auth/cloud-platform" + ] + }, "Patient-everything": { "description": "Retrieves a Patient resource and resources related to that patient. Implements the FHIR extended operation Patient-everything ([DSTU2](http://hl7.org/implement/standards/fhir/DSTU2/patient-operations.html#everything), [STU3](http://hl7.org/implement/standards/fhir/STU3/patient-operations.html#everything), [R4](http://hl7.org/implement/standards/fhir/R4/patient-operations.html#everything)). On success, the response body contains a JSON-encoded representation of a `Bundle` resource of type `searchset`, containing the results of the operation. Errors generated by the FHIR store contain a JSON-encoded `OperationOutcome` resource describing the reason for the error. If the request cannot be mapped to a valid API method on a FHIR store, a generic GCP error might be returned instead. The resources in scope for the response are: * The patient resource itself. * All the resources directly referenced by the patient resource. * Resources directly referencing the patient resource that meet the inclusion criteria. The inclusion criteria are based on the membership rules in the patient compartment definition ([DSTU2](http://hl7.org/fhir/DSTU2/compartment-patient.html), [STU3](http://www.hl7.org/fhir/stu3/compartmentdefinition-patient.html), [R4](http://hl7.org/fhir/R4/compartmentdefinition-patient.html)), which details the eligible resource types and referencing search parameters. For samples that show how to call `Patient-everything`, see [Getting all patient compartment resources](https://cloud.google.com/healthcare/docs/how-tos/fhir-resources#getting_all_patient_compartment_resources).", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/fhir/Patient/{PatientId}/$everything", @@ -4783,9 +4935,32 @@ } } }, - "revision": "20241115", + "revision": "20241205", "rootUrl": "https://healthcare.googleapis.com/", "schemas": { + "AccessDeterminationLogConfig": { + "description": "Configures consent audit log config for FHIR create, read, update, and delete (CRUD) operations. Cloud audit log for healthcare API must be [enabled](https://cloud.google.com/logging/docs/audit/configure-data-access#config-console-enable). The consent-related logs are included as part of `protoPayload.metadata`.", + "id": "AccessDeterminationLogConfig", + "properties": { + "logLevel": { + "description": "Optional. Controls the amount of detail to include as part of the audit logs.", + "enum": [ + "LOG_LEVEL_UNSPECIFIED", + "DISABLED", + "MINIMUM", + "VERBOSE" + ], + "enumDescriptions": [ + "No log level specified. This value is unused.", + "No additional consent-related logging is added to audit logs.", + "The following information is included: * One of the following [`consentMode`](https://cloud.google.com/healthcare-api/docs/fhir-consent#audit_logs) fields: (`off`|`emptyScope`|`enforced`|`btg`|`bypass`). * The accessor's request headers * The `log_level` of the AccessDeterminationLogConfig * The final consent evaluation (`PERMIT`, `DENY`, or `NO_CONSENT`) * A human-readable summary of the evaluation", + "Includes `MINIMUM` and, for each resource owner, returns: * The resource owner's name * Most specific part of the `X-Consent-Scope` resulting in consensual determination * Timestamp of the applied enforcement leading to the decision * Enforcement version at the time the applicable consents were applied * The Consent resource name * The timestamp of the Consent resource used for enforcement * Policy type (`PATIENT` or `ADMIN`) Note that this mode adds some overhead to CRUD operations." + ], + "type": "string" + } + }, + "type": "object" + }, "ActivateConsentRequest": { "description": "Activates the latest revision of the specified Consent by committing a new revision with `state` updated to `ACTIVE`. If the latest revision of the given Consent is in the `ACTIVE` state, no new revision is committed. A FAILED_PRECONDITION error occurs if the latest revision of the given consent is in the `REJECTED` or `REVOKED` state.", "id": "ActivateConsentRequest", @@ -4807,6 +4982,20 @@ }, "type": "object" }, + "AdminConsents": { + "description": "List of admin Consent resources to be applied.", + "id": "AdminConsents", + "properties": { + "names": { + "description": "Optional. The versioned names of the admin Consent resource(s), in the format `projects/{project_id}/locations/{location}/datasets/{dataset_id}/fhirStores/{fhir_store_id}/fhir/Consent/{resource_id}/_history/{version_id}`. For FHIR stores with `disable_resource_versioning=true`, the format is `projects/{project_id}/locations/{location}/datasets/{dataset_id}/fhirStores/{fhir_store_id}/fhir/Consent/{resource_id}`.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, "AnalyzeEntitiesRequest": { "description": "The request to analyze healthcare entities in a document.", "id": "AnalyzeEntitiesRequest", @@ -4879,6 +5068,108 @@ }, "type": "object" }, + "ApplyAdminConsentsErrorDetail": { + "description": "Contains the error details of the unsupported admin Consent resources for when the ApplyAdminConsents method fails to apply one or more Consent resources.", + "id": "ApplyAdminConsentsErrorDetail", + "properties": { + "consentErrors": { + "description": "The list of Consent resources that are unsupported or cannot be applied and the error associated with each of them.", + "items": { + "$ref": "ConsentErrors" + }, + "type": "array" + }, + "existingOperationId": { + "description": "The currently in progress non-validate-only ApplyAdminConsents operation ID if exist.", + "format": "uint64", + "type": "string" + } + }, + "type": "object" + }, + "ApplyAdminConsentsRequest": { + "description": "Request to apply the admin Consent resources for the specified FHIR store.", + "id": "ApplyAdminConsentsRequest", + "properties": { + "newConsentsList": { + "$ref": "AdminConsents", + "description": "A new list of admin Consent resources to be applied. Any existing enforced Consents, which are specified in `consent_config.enforced_admin_consents` of the FhirStore, that are not part of this list will be disabled. An empty list is equivalent to clearing or disabling all Consents enforced on the FHIR store. When a FHIR store has `disable_resource_versioning=true` and this list contains a Consent resource that exists in `consent_config.enforced_admin_consents`, the method enforces any updates to the existing resource since the last enforcement. If the existing resource hasn't been updated since the last enforcement, the resource is unaffected. After the method finishes, the resulting consent enforcement model is determined by the contents of the Consent resource(s) when the method was called: * When `disable_resource_versioning=true`, the result is identical to the current resource(s) in the FHIR store. * When `disable_resource_versioning=false`, the result is based on the historical version(s) of the Consent resource(s) at the point in time when the method was called. At most 200 Consents can be specified." + }, + "validateOnly": { + "description": "Optional. If true, the method only validates Consent resources to make sure they are supported. Otherwise, the method applies the aggregate consent information to update the enforcement model and reindex the FHIR resources. If all Consent resources can be applied successfully, the ApplyAdminConsentsResponse is returned containing the following fields: * `consent_apply_success` to indicate the number of Consent resources applied. * `affected_resources` to indicate the number of resources that might have had their consent access changed. If, however, one or more Consent resources are unsupported or cannot be applied, the method fails and ApplyAdminConsentsErrorDetail is is returned with details about the unsupported Consent resources.", + "type": "boolean" + } + }, + "type": "object" + }, + "ApplyAdminConsentsResponse": { + "description": "Response when all admin Consent resources in scope were processed and all affected resources were reindexed successfully. This structure will be included in the response when the operation finishes successfully.", + "id": "ApplyAdminConsentsResponse", + "properties": { + "affectedResources": { + "description": "The number of resources (including the Consent resources) that may have consent access change.", + "format": "int64", + "type": "string" + }, + "consentApplySuccess": { + "description": "If `validate_only=false` in ApplyAdminConsentsRequest, this counter contains the number of Consent resources that were successfully applied. Otherwise, it is the number of Consent resources that are supported.", + "format": "int64", + "type": "string" + }, + "failedResources": { + "description": "The number of resources (including the Consent resources) that ApplyAdminConsents failed to re-index.", + "format": "int64", + "type": "string" + } + }, + "type": "object" + }, + "ApplyConsentsRequest": { + "description": "Request to apply the Consent resources for the specified FHIR store.", + "id": "ApplyConsentsRequest", + "properties": { + "patientScope": { + "$ref": "PatientScope", + "description": "Optional. Scope down to a list of patients." + }, + "timeRange": { + "$ref": "TimeRange", + "description": "Optional. Scope down to patients whose most recent consent changes are in the time range. Can only be used with a versioning store (i.e. when disable_resource_versioning is set to false)." + }, + "validateOnly": { + "description": "Optional. If true, the method only validates Consent resources to make sure they are supported. When the operation completes, ApplyConsentsResponse is returned where `consent_apply_success` and `consent_apply_failure` indicate supported and unsupported (or invalid) Consent resources, respectively. Otherwise, the method propagates the aggregate consensual information to the patient's resources. Upon success, `affected_resources` in the ApplyConsentsResponse indicates the number of resources that may have consensual access changed.", + "type": "boolean" + } + }, + "type": "object" + }, + "ApplyConsentsResponse": { + "description": "Response when all Consent resources in scope were processed and all affected resources were reindexed successfully. This structure is included in the response when the operation finishes successfully.", + "id": "ApplyConsentsResponse", + "properties": { + "affectedResources": { + "description": "The number of resources (including the Consent resources) that may have consensual access change.", + "format": "int64", + "type": "string" + }, + "consentApplyFailure": { + "description": "If `validate_only = false` in ApplyConsentsRequest, this counter is the number of Consent resources that were failed to apply. Otherwise, it is the number of Consent resources that are not supported or invalid.", + "format": "int64", + "type": "string" + }, + "consentApplySuccess": { + "description": "If `validate_only = false` in ApplyConsentsRequest, this counter is the number of Consent resources that were successfully applied. Otherwise, it is the number of Consent resources that are supported.", + "format": "int64", + "type": "string" + }, + "failedResources": { + "description": "The number of resources (including the Consent resources) that ApplyConsents failed to re-index.", + "format": "int64", + "type": "string" + } + }, + "type": "object" + }, "ArchiveUserDataMappingRequest": { "description": "Archives the specified User data mapping.", "id": "ArchiveUserDataMappingRequest", @@ -5231,6 +5522,25 @@ }, "type": "object" }, + "ConsentAccessorScope": { + "description": "The accessor scope that describes who can access, for what purpose, in which environment.", + "id": "ConsentAccessorScope", + "properties": { + "actor": { + "description": "An individual, group, or access role that identifies the accessor or a characteristic of the accessor. This can be a resource ID (such as `{resourceType}/{id}`) or an external URI. This value must be present.", + "type": "string" + }, + "environment": { + "description": "An abstract identifier that describes the environment or conditions under which the accessor is acting. Can be \"*\" if it applies to all environments.", + "type": "string" + }, + "purpose": { + "description": "The intent of data use. Can be \"*\" if it applies to all purposes.", + "type": "string" + } + }, + "type": "object" + }, "ConsentArtifact": { "description": "Documentation of a user's consent.", "id": "ConsentArtifact", @@ -5276,6 +5586,60 @@ }, "type": "object" }, + "ConsentConfig": { + "description": "Configures whether to enforce consent for the FHIR store and which consent enforcement version is being used.", + "id": "ConsentConfig", + "properties": { + "accessDeterminationLogConfig": { + "$ref": "AccessDeterminationLogConfig", + "description": "Optional. Specifies how the server logs the consent-aware requests. If not specified, the `AccessDeterminationLogConfig.LogLevel.MINIMUM` option is used." + }, + "accessEnforced": { + "description": "Optional. The default value is false. If set to true, when accessing FHIR resources, the consent headers will be verified against consents given by patients. See the ConsentEnforcementVersion for the supported consent headers.", + "type": "boolean" + }, + "consentHeaderHandling": { + "$ref": "ConsentHeaderHandling", + "description": "Optional. Different options to configure the behaviour of the server when handling the `X-Consent-Scope` header." + }, + "enforcedAdminConsents": { + "description": "Output only. The versioned names of the enforced admin Consent resource(s), in the format `projects/{project_id}/locations/{location}/datasets/{dataset_id}/fhirStores/{fhir_store_id}/fhir/Consent/{resource_id}/_history/{version_id}`. For FHIR stores with `disable_resource_versioning=true`, the format is `projects/{project_id}/locations/{location}/datasets/{dataset_id}/fhirStores/{fhir_store_id}/fhir/Consent/{resource_id}`. This field can only be updated using ApplyAdminConsents.", + "items": { + "type": "string" + }, + "readOnly": true, + "type": "array" + }, + "version": { + "description": "Required. Specifies which consent enforcement version is being used for this FHIR store. This field can only be set once by either CreateFhirStore or UpdateFhirStore. After that, you must call ApplyConsents to change the version.", + "enum": [ + "CONSENT_ENFORCEMENT_VERSION_UNSPECIFIED", + "V1" + ], + "enumDescriptions": [ + "Users must specify an enforcement version or an error is returned.", + "Enforcement version 1. See the [FHIR Consent resources in the Cloud Healthcare API](https://cloud.google.com/healthcare-api/docs/fhir-consent) guide for more details." + ], + "type": "string" + } + }, + "type": "object" + }, + "ConsentErrors": { + "description": "The Consent resource name and error.", + "id": "ConsentErrors", + "properties": { + "error": { + "$ref": "Status", + "description": "The error code and message." + }, + "name": { + "description": "The versioned name of the admin Consent resource, in the format `projects/{project_id}/locations/{location}/datasets/{dataset_id}/fhirStores/{fhir_store_id}/fhir/Consent/{resource_id}/_history/{version_id}`. For FHIR stores with `disable_resource_versioning=true`, the format is `projects/{project_id}/locations/{location}/datasets/{dataset_id}/fhirStores/{fhir_store_id}/fhir/Consent/{resource_id}`.", + "type": "string" + } + }, + "type": "object" + }, "ConsentEvaluation": { "description": "The detailed evaluation of a particular Consent.", "id": "ConsentEvaluation", @@ -5301,6 +5665,27 @@ }, "type": "object" }, + "ConsentHeaderHandling": { + "description": "How the server handles the consent header.", + "id": "ConsentHeaderHandling", + "properties": { + "profile": { + "description": "Optional. Specifies the default server behavior when the header is empty. If not specified, the `ScopeProfile.PERMIT_EMPTY_SCOPE` option is used.", + "enum": [ + "SCOPE_PROFILE_UNSPECIFIED", + "PERMIT_EMPTY_SCOPE", + "REQUIRED_ON_READ" + ], + "enumDescriptions": [ + "If not specified, the default value `PERMIT_EMPTY_SCOPE` is used.", + "When no consent scopes are provided (for example, if there's an empty or missing header), then consent check is disabled, similar to when `access_enforced` is `false`. You can use audit logs to differentiate these two cases by looking at the value of `protopayload.metadata.consentMode`. If consents scopes are present, they must be valid and within the allowed limits, otherwise the request will be rejected with a `4xx` code.", + "The consent header must be non-empty when performing read and search operations, otherwise the request is rejected with a `4xx` code. Additionally, invalid consent scopes or scopes exceeding the allowed limits are rejected." + ], + "type": "string" + } + }, + "type": "object" + }, "ConsentList": { "description": "List of resource names of Consent resources.", "id": "ConsentList", @@ -5805,6 +6190,128 @@ }, "type": "object" }, + "ExplainDataAccessConsentInfo": { + "description": "The enforcing consent's metadata.", + "id": "ExplainDataAccessConsentInfo", + "properties": { + "cascadeOrigins": { + "description": "The compartment base resources that matched a cascading policy. Each resource has the following format: `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/fhirStores/{fhir_store_id}/fhir/{resource_type}/{resource_id}`", + "items": { + "type": "string" + }, + "type": "array" + }, + "consentResource": { + "description": "The resource name of this consent resource, in the format: `projects/{project_id}/locations/{location}/datasets/{dataset_id}/fhirStores/{fhir_store_id}/fhir/Consent/{resource_id}`.", + "type": "string" + }, + "enforcementTime": { + "description": "Last enforcement timestamp of this consent resource.", + "format": "google-datetime", + "type": "string" + }, + "matchingAccessorScopes": { + "description": "A list of all the matching accessor scopes of this consent policy that enforced ExplainDataAccessConsentScope.accessor_scope.", + "items": { + "$ref": "ConsentAccessorScope" + }, + "type": "array" + }, + "patientConsentOwner": { + "description": "The patient owning the consent (only applicable for patient consents), in the format: `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/fhirStores/{fhir_store_id}/fhir/Patient/{patient_id}`", + "type": "string" + }, + "type": { + "description": "The policy type of consent resource (e.g. PATIENT, ADMIN).", + "enum": [ + "CONSENT_POLICY_TYPE_UNSPECIFIED", + "CONSENT_POLICY_TYPE_PATIENT", + "CONSENT_POLICY_TYPE_ADMIN" + ], + "enumDescriptions": [ + "Unspecified policy type.", + "Consent represent a patient consent.", + "Consent represent an admin consent." + ], + "type": "string" + }, + "variants": { + "description": "The consent's variant combinations. A single consent may have multiple variants.", + "items": { + "enum": [ + "CONSENT_VARIANT_UNSPECIFIED", + "CONSENT_VARIANT_STANDARD", + "CONSENT_VARIANT_CASCADE" + ], + "enumDescriptions": [ + "Consent variant unspecified.", + "Consent is a standard patient or admin consent.", + "Consent is a cascading consent." + ], + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "ExplainDataAccessConsentScope": { + "description": "A single consent scope that provides info on who has access to the requested resource scope for a particular purpose and environment, enforced by which consent.", + "id": "ExplainDataAccessConsentScope", + "properties": { + "accessorScope": { + "$ref": "ConsentAccessorScope", + "description": "The accessor scope that describes who can access, for what purpose, and in which environment." + }, + "decision": { + "description": "Whether the current consent scope is permitted or denied access on the requested resource.", + "enum": [ + "CONSENT_DECISION_TYPE_UNSPECIFIED", + "CONSENT_DECISION_TYPE_PERMIT", + "CONSENT_DECISION_TYPE_DENY" + ], + "enumDescriptions": [ + "Unspecified consent decision type.", + "Consent permitted access.", + "Consent denied access." + ], + "type": "string" + }, + "enforcingConsents": { + "description": "Metadata of the consent resources that enforce the consent scope's access.", + "items": { + "$ref": "ExplainDataAccessConsentInfo" + }, + "type": "array" + }, + "exceptions": { + "description": "Other consent scopes that created exceptions within this scope.", + "items": { + "$ref": "ExplainDataAccessConsentScope" + }, + "type": "array" + } + }, + "type": "object" + }, + "ExplainDataAccessResponse": { + "description": "List of consent scopes that are applicable to the explained access on a given resource.", + "id": "ExplainDataAccessResponse", + "properties": { + "consentScopes": { + "description": "List of applicable consent scopes. Sorted in order of actor such that scopes belonging to the same actor will be adjacent to each other in the list.", + "items": { + "$ref": "ExplainDataAccessConsentScope" + }, + "type": "array" + }, + "warning": { + "description": "Warnings associated with this response. It inform user with exceeded scope limit errors.", + "type": "string" + } + }, + "type": "object" + }, "ExportDicomDataRequest": { "description": "Exports data from the specified DICOM store. If a given resource, such as a DICOM object with the same SOPInstance UID, already exists in the output, it is overwritten with the version in the source dataset. Exported DICOM data persists when the DICOM store from which it was exported is deleted.", "id": "ExportDicomDataRequest", @@ -5995,6 +6502,10 @@ ], "type": "string" }, + "consentConfig": { + "$ref": "ConsentConfig", + "description": "Optional. Specifies whether this store has consent enforcement. Not available for DSTU2 FHIR version due to absence of Consent resources." + }, "defaultSearchHandlingStrict": { "description": "Optional. If true, overrides the default search behavior for this FHIR store to `handling=strict` which returns an error for unrecognized search parameters. If false, uses the FHIR specification default `handling=lenient` which ignores unrecognized search parameters. The handling can always be changed from the default on an individual API call by setting the HTTP header `Prefer: handling=strict` or `Prefer: handling=lenient`. Defaults to false.", "type": "boolean" @@ -7223,6 +7734,20 @@ }, "type": "object" }, + "PatientScope": { + "description": "Apply consents given by a list of patients.", + "id": "PatientScope", + "properties": { + "patientIds": { + "description": "Optional. The list of patient IDs whose Consent resources will be enforced. At most 10,000 patients can be specified. An empty list is equivalent to all patients (meaning the entire FHIR store).", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, "Policy": { "description": "An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** ``` { \"bindings\": [ { \"role\": \"roles/resourcemanager.organizationAdmin\", \"members\": [ \"user:mike@example.com\", \"group:admins@example.com\", \"domain:google.com\", \"serviceAccount:my-project-id@appspot.gserviceaccount.com\" ] }, { \"role\": \"roles/resourcemanager.organizationViewer\", \"members\": [ \"user:eve@example.com\" ], \"condition\": { \"title\": \"expirable access\", \"description\": \"Does not grant access after Sep 2020\", \"expression\": \"request.time \u003c timestamp('2020-10-01T00:00:00.000Z')\", } } ], \"etag\": \"BwWWja0YfJA=\", \"version\": 3 } ``` **YAML example:** ``` bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time \u003c timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).", "id": "Policy", @@ -8059,6 +8584,21 @@ }, "type": "object" }, + "TimeRange": { + "description": "Apply consents given by patients whose most recent consent changes are in the time range. Note that after identifying these patients, the server applies all Consent resources given by those patients, not just the Consent resources within the timestamp in the range.", + "id": "TimeRange", + "properties": { + "end": { + "description": "Optional. The latest consent change time, in format YYYY-MM-DDThh:mm:ss.sss+zz:zz If not specified, the system uses the time when ApplyConsents was called.", + "type": "string" + }, + "start": { + "description": "Optional. The earliest consent change time, in format YYYY-MM-DDThh:mm:ss.sss+zz:zz If not specified, the system uses the FHIR store creation time.", + "type": "string" + } + }, + "type": "object" + }, "Type": { "description": "A type definition for some HL7v2 type (incl. Segments and Datatypes).", "id": "Type", diff --git a/healthcare/v1/healthcare-gen.go b/healthcare/v1/healthcare-gen.go index 135ff23d799..b472d17e064 100644 --- a/healthcare/v1/healthcare-gen.go +++ b/healthcare/v1/healthcare-gen.go @@ -460,6 +460,50 @@ type ProjectsLocationsServicesNlpService struct { s *Service } +// AccessDeterminationLogConfig: Configures consent audit log config for FHIR +// create, read, update, and delete (CRUD) operations. Cloud audit log for +// healthcare API must be enabled +// (https://cloud.google.com/logging/docs/audit/configure-data-access#config-console-enable). +// The consent-related logs are included as part of `protoPayload.metadata`. +type AccessDeterminationLogConfig struct { + // LogLevel: Optional. Controls the amount of detail to include as part of the + // audit logs. + // + // Possible values: + // "LOG_LEVEL_UNSPECIFIED" - No log level specified. This value is unused. + // "DISABLED" - No additional consent-related logging is added to audit logs. + // "MINIMUM" - The following information is included: * One of the following + // [`consentMode`](https://cloud.google.com/healthcare-api/docs/fhir-consent#aud + // it_logs) fields: (`off`|`emptyScope`|`enforced`|`btg`|`bypass`). * The + // accessor's request headers * The `log_level` of the + // AccessDeterminationLogConfig * The final consent evaluation (`PERMIT`, + // `DENY`, or `NO_CONSENT`) * A human-readable summary of the evaluation + // "VERBOSE" - Includes `MINIMUM` and, for each resource owner, returns: * + // The resource owner's name * Most specific part of the `X-Consent-Scope` + // resulting in consensual determination * Timestamp of the applied enforcement + // leading to the decision * Enforcement version at the time the applicable + // consents were applied * The Consent resource name * The timestamp of the + // Consent resource used for enforcement * Policy type (`PATIENT` or `ADMIN`) + // Note that this mode adds some overhead to CRUD operations. + LogLevel string `json:"logLevel,omitempty"` + // ForceSendFields is a list of field names (e.g. "LogLevel") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "LogLevel") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s AccessDeterminationLogConfig) MarshalJSON() ([]byte, error) { + type NoMethod AccessDeterminationLogConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + // ActivateConsentRequest: Activates the latest revision of the specified // Consent by committing a new revision with `state` updated to `ACTIVE`. If // the latest revision of the given Consent is in the `ACTIVE` state, no new @@ -494,6 +538,34 @@ func (s ActivateConsentRequest) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) } +// AdminConsents: List of admin Consent resources to be applied. +type AdminConsents struct { + // Names: Optional. The versioned names of the admin Consent resource(s), in + // the format + // `projects/{project_id}/locations/{location}/datasets/{dataset_id}/fhirStores/ + // {fhir_store_id}/fhir/Consent/{resource_id}/_history/{version_id}`. For FHIR + // stores with `disable_resource_versioning=true`, the format is + // `projects/{project_id}/locations/{location}/datasets/{dataset_id}/fhirStores/ + // {fhir_store_id}/fhir/Consent/{resource_id}`. + Names []string `json:"names,omitempty"` + // ForceSendFields is a list of field names (e.g. "Names") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Names") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s AdminConsents) MarshalJSON() ([]byte, error) { + type NoMethod AdminConsents + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + // AnalyzeEntitiesRequest: The request to analyze healthcare entities in a // document. type AnalyzeEntitiesRequest struct { @@ -571,6 +643,193 @@ func (s AnalyzeEntitiesResponse) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) } +// ApplyAdminConsentsErrorDetail: Contains the error details of the unsupported +// admin Consent resources for when the ApplyAdminConsents method fails to +// apply one or more Consent resources. +type ApplyAdminConsentsErrorDetail struct { + // ConsentErrors: The list of Consent resources that are unsupported or cannot + // be applied and the error associated with each of them. + ConsentErrors []*ConsentErrors `json:"consentErrors,omitempty"` + // ExistingOperationId: The currently in progress non-validate-only + // ApplyAdminConsents operation ID if exist. + ExistingOperationId uint64 `json:"existingOperationId,omitempty,string"` + // ForceSendFields is a list of field names (e.g. "ConsentErrors") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "ConsentErrors") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ApplyAdminConsentsErrorDetail) MarshalJSON() ([]byte, error) { + type NoMethod ApplyAdminConsentsErrorDetail + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ApplyAdminConsentsRequest: Request to apply the admin Consent resources for +// the specified FHIR store. +type ApplyAdminConsentsRequest struct { + // NewConsentsList: A new list of admin Consent resources to be applied. Any + // existing enforced Consents, which are specified in + // `consent_config.enforced_admin_consents` of the FhirStore, that are not part + // of this list will be disabled. An empty list is equivalent to clearing or + // disabling all Consents enforced on the FHIR store. When a FHIR store has + // `disable_resource_versioning=true` and this list contains a Consent resource + // that exists in `consent_config.enforced_admin_consents`, the method enforces + // any updates to the existing resource since the last enforcement. If the + // existing resource hasn't been updated since the last enforcement, the + // resource is unaffected. After the method finishes, the resulting consent + // enforcement model is determined by the contents of the Consent resource(s) + // when the method was called: * When `disable_resource_versioning=true`, the + // result is identical to the current resource(s) in the FHIR store. * When + // `disable_resource_versioning=false`, the result is based on the historical + // version(s) of the Consent resource(s) at the point in time when the method + // was called. At most 200 Consents can be specified. + NewConsentsList *AdminConsents `json:"newConsentsList,omitempty"` + // ValidateOnly: Optional. If true, the method only validates Consent resources + // to make sure they are supported. Otherwise, the method applies the aggregate + // consent information to update the enforcement model and reindex the FHIR + // resources. If all Consent resources can be applied successfully, the + // ApplyAdminConsentsResponse is returned containing the following fields: * + // `consent_apply_success` to indicate the number of Consent resources applied. + // * `affected_resources` to indicate the number of resources that might have + // had their consent access changed. If, however, one or more Consent resources + // are unsupported or cannot be applied, the method fails and + // ApplyAdminConsentsErrorDetail is is returned with details about the + // unsupported Consent resources. + ValidateOnly bool `json:"validateOnly,omitempty"` + // ForceSendFields is a list of field names (e.g. "NewConsentsList") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "NewConsentsList") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ApplyAdminConsentsRequest) MarshalJSON() ([]byte, error) { + type NoMethod ApplyAdminConsentsRequest + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ApplyAdminConsentsResponse: Response when all admin Consent resources in +// scope were processed and all affected resources were reindexed successfully. +// This structure will be included in the response when the operation finishes +// successfully. +type ApplyAdminConsentsResponse struct { + // AffectedResources: The number of resources (including the Consent resources) + // that may have consent access change. + AffectedResources int64 `json:"affectedResources,omitempty,string"` + // ConsentApplySuccess: If `validate_only=false` in ApplyAdminConsentsRequest, + // this counter contains the number of Consent resources that were successfully + // applied. Otherwise, it is the number of Consent resources that are + // supported. + ConsentApplySuccess int64 `json:"consentApplySuccess,omitempty,string"` + // FailedResources: The number of resources (including the Consent resources) + // that ApplyAdminConsents failed to re-index. + FailedResources int64 `json:"failedResources,omitempty,string"` + // ForceSendFields is a list of field names (e.g. "AffectedResources") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "AffectedResources") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ApplyAdminConsentsResponse) MarshalJSON() ([]byte, error) { + type NoMethod ApplyAdminConsentsResponse + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ApplyConsentsRequest: Request to apply the Consent resources for the +// specified FHIR store. +type ApplyConsentsRequest struct { + // PatientScope: Optional. Scope down to a list of patients. + PatientScope *PatientScope `json:"patientScope,omitempty"` + // TimeRange: Optional. Scope down to patients whose most recent consent + // changes are in the time range. Can only be used with a versioning store + // (i.e. when disable_resource_versioning is set to false). + TimeRange *TimeRange `json:"timeRange,omitempty"` + // ValidateOnly: Optional. If true, the method only validates Consent resources + // to make sure they are supported. When the operation completes, + // ApplyConsentsResponse is returned where `consent_apply_success` and + // `consent_apply_failure` indicate supported and unsupported (or invalid) + // Consent resources, respectively. Otherwise, the method propagates the + // aggregate consensual information to the patient's resources. Upon success, + // `affected_resources` in the ApplyConsentsResponse indicates the number of + // resources that may have consensual access changed. + ValidateOnly bool `json:"validateOnly,omitempty"` + // ForceSendFields is a list of field names (e.g. "PatientScope") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "PatientScope") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ApplyConsentsRequest) MarshalJSON() ([]byte, error) { + type NoMethod ApplyConsentsRequest + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ApplyConsentsResponse: Response when all Consent resources in scope were +// processed and all affected resources were reindexed successfully. This +// structure is included in the response when the operation finishes +// successfully. +type ApplyConsentsResponse struct { + // AffectedResources: The number of resources (including the Consent resources) + // that may have consensual access change. + AffectedResources int64 `json:"affectedResources,omitempty,string"` + // ConsentApplyFailure: If `validate_only = false` in ApplyConsentsRequest, + // this counter is the number of Consent resources that were failed to apply. + // Otherwise, it is the number of Consent resources that are not supported or + // invalid. + ConsentApplyFailure int64 `json:"consentApplyFailure,omitempty,string"` + // ConsentApplySuccess: If `validate_only = false` in ApplyConsentsRequest, + // this counter is the number of Consent resources that were successfully + // applied. Otherwise, it is the number of Consent resources that are + // supported. + ConsentApplySuccess int64 `json:"consentApplySuccess,omitempty,string"` + // FailedResources: The number of resources (including the Consent resources) + // that ApplyConsents failed to re-index. + FailedResources int64 `json:"failedResources,omitempty,string"` + // ForceSendFields is a list of field names (e.g. "AffectedResources") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "AffectedResources") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ApplyConsentsResponse) MarshalJSON() ([]byte, error) { + type NoMethod ApplyConsentsResponse + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + // ArchiveUserDataMappingRequest: Archives the specified User data mapping. type ArchiveUserDataMappingRequest struct { } @@ -1098,6 +1357,37 @@ func (s Consent) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) } +// ConsentAccessorScope: The accessor scope that describes who can access, for +// what purpose, in which environment. +type ConsentAccessorScope struct { + // Actor: An individual, group, or access role that identifies the accessor or + // a characteristic of the accessor. This can be a resource ID (such as + // `{resourceType}/{id}`) or an external URI. This value must be present. + Actor string `json:"actor,omitempty"` + // Environment: An abstract identifier that describes the environment or + // conditions under which the accessor is acting. Can be "*" if it applies to + // all environments. + Environment string `json:"environment,omitempty"` + // Purpose: The intent of data use. Can be "*" if it applies to all purposes. + Purpose string `json:"purpose,omitempty"` + // ForceSendFields is a list of field names (e.g. "Actor") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Actor") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConsentAccessorScope) MarshalJSON() ([]byte, error) { + type NoMethod ConsentAccessorScope + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + // ConsentArtifact: Documentation of a user's consent. type ConsentArtifact struct { // ConsentContentScreenshots: Optional. Screenshots, PDFs, or other binary @@ -1143,6 +1433,89 @@ func (s ConsentArtifact) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) } +// ConsentConfig: Configures whether to enforce consent for the FHIR store and +// which consent enforcement version is being used. +type ConsentConfig struct { + // AccessDeterminationLogConfig: Optional. Specifies how the server logs the + // consent-aware requests. If not specified, the + // `AccessDeterminationLogConfig.LogLevel.MINIMUM` option is used. + AccessDeterminationLogConfig *AccessDeterminationLogConfig `json:"accessDeterminationLogConfig,omitempty"` + // AccessEnforced: Optional. The default value is false. If set to true, when + // accessing FHIR resources, the consent headers will be verified against + // consents given by patients. See the ConsentEnforcementVersion for the + // supported consent headers. + AccessEnforced bool `json:"accessEnforced,omitempty"` + // ConsentHeaderHandling: Optional. Different options to configure the + // behaviour of the server when handling the `X-Consent-Scope` header. + ConsentHeaderHandling *ConsentHeaderHandling `json:"consentHeaderHandling,omitempty"` + // EnforcedAdminConsents: Output only. The versioned names of the enforced + // admin Consent resource(s), in the format + // `projects/{project_id}/locations/{location}/datasets/{dataset_id}/fhirStores/ + // {fhir_store_id}/fhir/Consent/{resource_id}/_history/{version_id}`. For FHIR + // stores with `disable_resource_versioning=true`, the format is + // `projects/{project_id}/locations/{location}/datasets/{dataset_id}/fhirStores/ + // {fhir_store_id}/fhir/Consent/{resource_id}`. This field can only be updated + // using ApplyAdminConsents. + EnforcedAdminConsents []string `json:"enforcedAdminConsents,omitempty"` + // Version: Required. Specifies which consent enforcement version is being used + // for this FHIR store. This field can only be set once by either + // CreateFhirStore or UpdateFhirStore. After that, you must call ApplyConsents + // to change the version. + // + // Possible values: + // "CONSENT_ENFORCEMENT_VERSION_UNSPECIFIED" - Users must specify an + // enforcement version or an error is returned. + // "V1" - Enforcement version 1. See the [FHIR Consent resources in the Cloud + // Healthcare API](https://cloud.google.com/healthcare-api/docs/fhir-consent) + // guide for more details. + Version string `json:"version,omitempty"` + // ForceSendFields is a list of field names (e.g. + // "AccessDeterminationLogConfig") to unconditionally include in API requests. + // By default, fields with empty or default values are omitted from API + // requests. See https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields + // for more details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "AccessDeterminationLogConfig") to + // include in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConsentConfig) MarshalJSON() ([]byte, error) { + type NoMethod ConsentConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConsentErrors: The Consent resource name and error. +type ConsentErrors struct { + // Error: The error code and message. + Error *Status `json:"error,omitempty"` + // Name: The versioned name of the admin Consent resource, in the format + // `projects/{project_id}/locations/{location}/datasets/{dataset_id}/fhirStores/ + // {fhir_store_id}/fhir/Consent/{resource_id}/_history/{version_id}`. For FHIR + // stores with `disable_resource_versioning=true`, the format is + // `projects/{project_id}/locations/{location}/datasets/{dataset_id}/fhirStores/ + // {fhir_store_id}/fhir/Consent/{resource_id}`. + Name string `json:"name,omitempty"` + // ForceSendFields is a list of field names (e.g. "Error") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Error") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConsentErrors) MarshalJSON() ([]byte, error) { + type NoMethod ConsentErrors + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + // ConsentEvaluation: The detailed evaluation of a particular Consent. type ConsentEvaluation struct { // EvaluationResult: The evaluation result. @@ -1181,6 +1554,45 @@ func (s ConsentEvaluation) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) } +// ConsentHeaderHandling: How the server handles the consent header. +type ConsentHeaderHandling struct { + // Profile: Optional. Specifies the default server behavior when the header is + // empty. If not specified, the `ScopeProfile.PERMIT_EMPTY_SCOPE` option is + // used. + // + // Possible values: + // "SCOPE_PROFILE_UNSPECIFIED" - If not specified, the default value + // `PERMIT_EMPTY_SCOPE` is used. + // "PERMIT_EMPTY_SCOPE" - When no consent scopes are provided (for example, + // if there's an empty or missing header), then consent check is disabled, + // similar to when `access_enforced` is `false`. You can use audit logs to + // differentiate these two cases by looking at the value of + // `protopayload.metadata.consentMode`. If consents scopes are present, they + // must be valid and within the allowed limits, otherwise the request will be + // rejected with a `4xx` code. + // "REQUIRED_ON_READ" - The consent header must be non-empty when performing + // read and search operations, otherwise the request is rejected with a `4xx` + // code. Additionally, invalid consent scopes or scopes exceeding the allowed + // limits are rejected. + Profile string `json:"profile,omitempty"` + // ForceSendFields is a list of field names (e.g. "Profile") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Profile") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConsentHeaderHandling) MarshalJSON() ([]byte, error) { + type NoMethod ConsentHeaderHandling + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + // ConsentList: List of resource names of Consent resources. type ConsentList struct { // Consents: The resource names of the Consents to evaluate against, of the @@ -2001,6 +2413,130 @@ func (s EvaluateUserConsentsResponse) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) } +// ExplainDataAccessConsentInfo: The enforcing consent's metadata. +type ExplainDataAccessConsentInfo struct { + // CascadeOrigins: The compartment base resources that matched a cascading + // policy. Each resource has the following format: + // `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/fhirStor + // es/{fhir_store_id}/fhir/{resource_type}/{resource_id}` + CascadeOrigins []string `json:"cascadeOrigins,omitempty"` + // ConsentResource: The resource name of this consent resource, in the format: + // `projects/{project_id}/locations/{location}/datasets/{dataset_id}/fhirStores/ + // {fhir_store_id}/fhir/Consent/{resource_id}`. + ConsentResource string `json:"consentResource,omitempty"` + // EnforcementTime: Last enforcement timestamp of this consent resource. + EnforcementTime string `json:"enforcementTime,omitempty"` + // MatchingAccessorScopes: A list of all the matching accessor scopes of this + // consent policy that enforced ExplainDataAccessConsentScope.accessor_scope. + MatchingAccessorScopes []*ConsentAccessorScope `json:"matchingAccessorScopes,omitempty"` + // PatientConsentOwner: The patient owning the consent (only applicable for + // patient consents), in the format: + // `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/fhirStor + // es/{fhir_store_id}/fhir/Patient/{patient_id}` + PatientConsentOwner string `json:"patientConsentOwner,omitempty"` + // Type: The policy type of consent resource (e.g. PATIENT, ADMIN). + // + // Possible values: + // "CONSENT_POLICY_TYPE_UNSPECIFIED" - Unspecified policy type. + // "CONSENT_POLICY_TYPE_PATIENT" - Consent represent a patient consent. + // "CONSENT_POLICY_TYPE_ADMIN" - Consent represent an admin consent. + Type string `json:"type,omitempty"` + // Variants: The consent's variant combinations. A single consent may have + // multiple variants. + // + // Possible values: + // "CONSENT_VARIANT_UNSPECIFIED" - Consent variant unspecified. + // "CONSENT_VARIANT_STANDARD" - Consent is a standard patient or admin + // consent. + // "CONSENT_VARIANT_CASCADE" - Consent is a cascading consent. + Variants []string `json:"variants,omitempty"` + // ForceSendFields is a list of field names (e.g. "CascadeOrigins") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "CascadeOrigins") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ExplainDataAccessConsentInfo) MarshalJSON() ([]byte, error) { + type NoMethod ExplainDataAccessConsentInfo + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ExplainDataAccessConsentScope: A single consent scope that provides info on +// who has access to the requested resource scope for a particular purpose and +// environment, enforced by which consent. +type ExplainDataAccessConsentScope struct { + // AccessorScope: The accessor scope that describes who can access, for what + // purpose, and in which environment. + AccessorScope *ConsentAccessorScope `json:"accessorScope,omitempty"` + // Decision: Whether the current consent scope is permitted or denied access on + // the requested resource. + // + // Possible values: + // "CONSENT_DECISION_TYPE_UNSPECIFIED" - Unspecified consent decision type. + // "CONSENT_DECISION_TYPE_PERMIT" - Consent permitted access. + // "CONSENT_DECISION_TYPE_DENY" - Consent denied access. + Decision string `json:"decision,omitempty"` + // EnforcingConsents: Metadata of the consent resources that enforce the + // consent scope's access. + EnforcingConsents []*ExplainDataAccessConsentInfo `json:"enforcingConsents,omitempty"` + // Exceptions: Other consent scopes that created exceptions within this scope. + Exceptions []*ExplainDataAccessConsentScope `json:"exceptions,omitempty"` + // ForceSendFields is a list of field names (e.g. "AccessorScope") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "AccessorScope") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ExplainDataAccessConsentScope) MarshalJSON() ([]byte, error) { + type NoMethod ExplainDataAccessConsentScope + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ExplainDataAccessResponse: List of consent scopes that are applicable to the +// explained access on a given resource. +type ExplainDataAccessResponse struct { + // ConsentScopes: List of applicable consent scopes. Sorted in order of actor + // such that scopes belonging to the same actor will be adjacent to each other + // in the list. + ConsentScopes []*ExplainDataAccessConsentScope `json:"consentScopes,omitempty"` + // Warning: Warnings associated with this response. It inform user with + // exceeded scope limit errors. + Warning string `json:"warning,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the server. + googleapi.ServerResponse `json:"-"` + // ForceSendFields is a list of field names (e.g. "ConsentScopes") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "ConsentScopes") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ExplainDataAccessResponse) MarshalJSON() ([]byte, error) { + type NoMethod ExplainDataAccessResponse + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + // ExportDicomDataRequest: Exports data from the specified DICOM store. If a // given resource, such as a DICOM object with the same SOPInstance UID, // already exists in the output, it is overwritten with the version in the @@ -2377,6 +2913,10 @@ type FhirStore struct { // "DISABLED" - References in complex data types are ignored. // "ENABLED" - References in complex data types are parsed. ComplexDataTypeReferenceParsing string `json:"complexDataTypeReferenceParsing,omitempty"` + // ConsentConfig: Optional. Specifies whether this store has consent + // enforcement. Not available for DSTU2 FHIR version due to absence of Consent + // resources. + ConsentConfig *ConsentConfig `json:"consentConfig,omitempty"` // DefaultSearchHandlingStrict: Optional. If true, overrides the default search // behavior for this FHIR store to `handling=strict` which returns an error for // unrecognized search parameters. If false, uses the FHIR specification @@ -4362,6 +4902,30 @@ func (s PatientId) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) } +// PatientScope: Apply consents given by a list of patients. +type PatientScope struct { + // PatientIds: Optional. The list of patient IDs whose Consent resources will + // be enforced. At most 10,000 patients can be specified. An empty list is + // equivalent to all patients (meaning the entire FHIR store). + PatientIds []string `json:"patientIds,omitempty"` + // ForceSendFields is a list of field names (e.g. "PatientIds") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "PatientIds") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s PatientScope) MarshalJSON() ([]byte, error) { + type NoMethod PatientScope + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + // Policy: An Identity and Access Management (IAM) policy, which specifies // access controls for Google Cloud resources. A `Policy` is a collection of // `bindings`. A `binding` binds one or more `members`, or principals, to a @@ -5641,6 +6205,37 @@ func (s TimePartitioning) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) } +// TimeRange: Apply consents given by patients whose most recent consent +// changes are in the time range. Note that after identifying these patients, +// the server applies all Consent resources given by those patients, not just +// the Consent resources within the timestamp in the range. +type TimeRange struct { + // End: Optional. The latest consent change time, in format + // YYYY-MM-DDThh:mm:ss.sss+zz:zz If not specified, the system uses the time + // when ApplyConsents was called. + End string `json:"end,omitempty"` + // Start: Optional. The earliest consent change time, in format + // YYYY-MM-DDThh:mm:ss.sss+zz:zz If not specified, the system uses the FHIR + // store creation time. + Start string `json:"start,omitempty"` + // ForceSendFields is a list of field names (e.g. "End") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "End") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s TimeRange) MarshalJSON() ([]byte, error) { + type NoMethod TimeRange + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + // Type: A type definition for some HL7v2 type (incl. Segments and Datatypes). type Type struct { // Fields: The (sub) fields this type has (if not primitive). @@ -15477,12 +16072,245 @@ func (c *ProjectsLocationsDatasetsDicomStoresStudiesSeriesInstancesFramesRetriev return c.doRequest("") } -type ProjectsLocationsDatasetsFhirStoresCreateCall struct { - s *Service - parent string - fhirstore *FhirStore - urlParams_ gensupport.URLParams - ctx_ context.Context +type ProjectsLocationsDatasetsFhirStoresApplyAdminConsentsCall struct { + s *Service + name string + applyadminconsentsrequest *ApplyAdminConsentsRequest + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// ApplyAdminConsents: Applies the admin Consent resources for the FHIR store +// and reindexes the underlying resources in the FHIR store according to the +// aggregate consents. This method also updates the +// `consent_config.enforced_admin_consents` field of the FhirStore unless +// `validate_only=true` in ApplyAdminConsentsRequest. Any admin Consent +// resource change after this operation execution (including deletion) requires +// you to call ApplyAdminConsents again for the change to take effect. This +// method returns an Operation that can be used to track the progress of the +// resources that were reindexed, by calling GetOperation. Upon completion, the +// ApplyAdminConsentsResponse additionally contains the number of resources +// that were reindexed. If at least one Consent resource contains an error or +// fails be be enforced for any reason, the method returns an error instead of +// an Operation. No resources will be reindexed and the +// `consent_config.enforced_admin_consents` field will be unchanged. To enforce +// a consent check for data access, `consent_config.access_enforced` must be +// set to true for the FhirStore. +// +// - name: The name of the FHIR store to enforce, in the format +// `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/fhirSt +// ores/{fhir_store_id}`. +func (r *ProjectsLocationsDatasetsFhirStoresService) ApplyAdminConsents(name string, applyadminconsentsrequest *ApplyAdminConsentsRequest) *ProjectsLocationsDatasetsFhirStoresApplyAdminConsentsCall { + c := &ProjectsLocationsDatasetsFhirStoresApplyAdminConsentsCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + c.applyadminconsentsrequest = applyadminconsentsrequest + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more +// details. +func (c *ProjectsLocationsDatasetsFhirStoresApplyAdminConsentsCall) Fields(s ...googleapi.Field) *ProjectsLocationsDatasetsFhirStoresApplyAdminConsentsCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. +func (c *ProjectsLocationsDatasetsFhirStoresApplyAdminConsentsCall) Context(ctx context.Context) *ProjectsLocationsDatasetsFhirStoresApplyAdminConsentsCall { + c.ctx_ = ctx + return c +} + +// Header returns a http.Header that can be modified by the caller to add +// headers to the request. +func (c *ProjectsLocationsDatasetsFhirStoresApplyAdminConsentsCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsLocationsDatasetsFhirStoresApplyAdminConsentsCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.applyadminconsentsrequest) + if err != nil { + return nil, err + } + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:applyAdminConsents") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.name, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "healthcare.projects.locations.datasets.fhirStores.applyAdminConsents" call. +// Any non-2xx status code is an error. Response headers are in either +// *Operation.ServerResponse.Header or (if a response was returned at all) in +// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check +// whether the returned error was because http.StatusNotModified was returned. +func (c *ProjectsLocationsDatasetsFhirStoresApplyAdminConsentsCall) Do(opts ...googleapi.CallOption) (*Operation, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Operation{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil +} + +type ProjectsLocationsDatasetsFhirStoresApplyConsentsCall struct { + s *Service + name string + applyconsentsrequest *ApplyConsentsRequest + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// ApplyConsents: Apply the Consent resources for the FHIR store and reindex +// the underlying resources in the FHIR store according to the aggregate +// consent. The aggregate consent of the patient in scope in this request +// replaces any previous call of this method. Any Consent resource change after +// this operation execution (including deletion) requires you to call +// ApplyConsents again to have effect. This method returns an Operation that +// can be used to track the progress of the consent resources that were +// processed by calling GetOperation. Upon completion, the +// ApplyConsentsResponse additionally contains the number of resources that was +// reindexed. Errors are logged to Cloud Logging (see Viewing error logs in +// Cloud Logging (https://cloud.google.com/healthcare/docs/how-tos/logging)). +// To enforce consent check for data access, `consent_config.access_enforced` +// must be set to true for the FhirStore. +// +// - name: The name of the FHIR store to enforce, in the format +// `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/fhirSt +// ores/{fhir_store_id}`. +func (r *ProjectsLocationsDatasetsFhirStoresService) ApplyConsents(name string, applyconsentsrequest *ApplyConsentsRequest) *ProjectsLocationsDatasetsFhirStoresApplyConsentsCall { + c := &ProjectsLocationsDatasetsFhirStoresApplyConsentsCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + c.applyconsentsrequest = applyconsentsrequest + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more +// details. +func (c *ProjectsLocationsDatasetsFhirStoresApplyConsentsCall) Fields(s ...googleapi.Field) *ProjectsLocationsDatasetsFhirStoresApplyConsentsCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. +func (c *ProjectsLocationsDatasetsFhirStoresApplyConsentsCall) Context(ctx context.Context) *ProjectsLocationsDatasetsFhirStoresApplyConsentsCall { + c.ctx_ = ctx + return c +} + +// Header returns a http.Header that can be modified by the caller to add +// headers to the request. +func (c *ProjectsLocationsDatasetsFhirStoresApplyConsentsCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsLocationsDatasetsFhirStoresApplyConsentsCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.applyconsentsrequest) + if err != nil { + return nil, err + } + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:applyConsents") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.name, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "healthcare.projects.locations.datasets.fhirStores.applyConsents" call. +// Any non-2xx status code is an error. Response headers are in either +// *Operation.ServerResponse.Header or (if a response was returned at all) in +// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check +// whether the returned error was because http.StatusNotModified was returned. +func (c *ProjectsLocationsDatasetsFhirStoresApplyConsentsCall) Do(opts ...googleapi.CallOption) (*Operation, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Operation{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil +} + +type ProjectsLocationsDatasetsFhirStoresCreateCall struct { + s *Service + parent string + fhirstore *FhirStore + urlParams_ gensupport.URLParams + ctx_ context.Context header_ http.Header } @@ -15790,6 +16618,124 @@ func (c *ProjectsLocationsDatasetsFhirStoresDeleteCall) Do(opts ...googleapi.Cal return ret, nil } +type ProjectsLocationsDatasetsFhirStoresExplainDataAccessCall struct { + s *Service + name string + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// ExplainDataAccess: Explains all the permitted/denied actor, purpose and +// environment for a given resource. +// +// - name: The name of the FHIR store to enforce, in the format +// `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/fhirSt +// ores/{fhir_store_id}`. +func (r *ProjectsLocationsDatasetsFhirStoresService) ExplainDataAccess(name string) *ProjectsLocationsDatasetsFhirStoresExplainDataAccessCall { + c := &ProjectsLocationsDatasetsFhirStoresExplainDataAccessCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + return c +} + +// ResourceId sets the optional parameter "resourceId": Required. The ID +// (`{resourceType}/{id}`) of the resource to explain data access on. +func (c *ProjectsLocationsDatasetsFhirStoresExplainDataAccessCall) ResourceId(resourceId string) *ProjectsLocationsDatasetsFhirStoresExplainDataAccessCall { + c.urlParams_.Set("resourceId", resourceId) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more +// details. +func (c *ProjectsLocationsDatasetsFhirStoresExplainDataAccessCall) Fields(s ...googleapi.Field) *ProjectsLocationsDatasetsFhirStoresExplainDataAccessCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets an optional parameter which makes the operation fail if the +// object's ETag matches the given value. This is useful for getting updates +// only after the object has changed since the last request. +func (c *ProjectsLocationsDatasetsFhirStoresExplainDataAccessCall) IfNoneMatch(entityTag string) *ProjectsLocationsDatasetsFhirStoresExplainDataAccessCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. +func (c *ProjectsLocationsDatasetsFhirStoresExplainDataAccessCall) Context(ctx context.Context) *ProjectsLocationsDatasetsFhirStoresExplainDataAccessCall { + c.ctx_ = ctx + return c +} + +// Header returns a http.Header that can be modified by the caller to add +// headers to the request. +func (c *ProjectsLocationsDatasetsFhirStoresExplainDataAccessCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsLocationsDatasetsFhirStoresExplainDataAccessCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:explainDataAccess") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.name, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "healthcare.projects.locations.datasets.fhirStores.explainDataAccess" call. +// Any non-2xx status code is an error. Response headers are in either +// *ExplainDataAccessResponse.ServerResponse.Header or (if a response was +// returned at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was because +// http.StatusNotModified was returned. +func (c *ProjectsLocationsDatasetsFhirStoresExplainDataAccessCall) Do(opts ...googleapi.CallOption) (*ExplainDataAccessResponse, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &ExplainDataAccessResponse{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil +} + type ProjectsLocationsDatasetsFhirStoresExportCall struct { s *Service name string @@ -17370,6 +18316,189 @@ func (c *ProjectsLocationsDatasetsFhirStoresFhirBinaryVreadCall) Do(opts ...goog return c.doRequest("") } +type ProjectsLocationsDatasetsFhirStoresFhirConsentEnforcementStatusCall struct { + s *Service + name string + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// ConsentEnforcementStatus: Returns the consent enforcement status of a single +// consent resource. On success, the response body contains a JSON-encoded +// representation of a `Parameters` (http://hl7.org/fhir/parameters.html) FHIR +// resource, containing the current enforcement status. Does not support DSTU2. +// +// - name: The name of the consent resource to find enforcement status, in the +// format +// `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/fhirSt +// ores/{fhir_store_id}/fhir/Consent/{consent_id}`. +func (r *ProjectsLocationsDatasetsFhirStoresFhirService) ConsentEnforcementStatus(name string) *ProjectsLocationsDatasetsFhirStoresFhirConsentEnforcementStatusCall { + c := &ProjectsLocationsDatasetsFhirStoresFhirConsentEnforcementStatusCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more +// details. +func (c *ProjectsLocationsDatasetsFhirStoresFhirConsentEnforcementStatusCall) Fields(s ...googleapi.Field) *ProjectsLocationsDatasetsFhirStoresFhirConsentEnforcementStatusCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets an optional parameter which makes the operation fail if the +// object's ETag matches the given value. This is useful for getting updates +// only after the object has changed since the last request. +func (c *ProjectsLocationsDatasetsFhirStoresFhirConsentEnforcementStatusCall) IfNoneMatch(entityTag string) *ProjectsLocationsDatasetsFhirStoresFhirConsentEnforcementStatusCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. +func (c *ProjectsLocationsDatasetsFhirStoresFhirConsentEnforcementStatusCall) Context(ctx context.Context) *ProjectsLocationsDatasetsFhirStoresFhirConsentEnforcementStatusCall { + c.ctx_ = ctx + return c +} + +// Header returns a http.Header that can be modified by the caller to add +// headers to the request. +func (c *ProjectsLocationsDatasetsFhirStoresFhirConsentEnforcementStatusCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsLocationsDatasetsFhirStoresFhirConsentEnforcementStatusCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}/$consent-enforcement-status") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.name, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "healthcare.projects.locations.datasets.fhirStores.fhir.Consent-enforcement-status" call. +func (c *ProjectsLocationsDatasetsFhirStoresFhirConsentEnforcementStatusCall) Do(opts ...googleapi.CallOption) (*http.Response, error) { + gensupport.SetOptions(c.urlParams_, opts...) + return c.doRequest("") +} + +type ProjectsLocationsDatasetsFhirStoresFhirPatientConsentEnforcementStatusCall struct { + s *Service + name string + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// PatientConsentEnforcementStatus: Returns the consent enforcement status of +// all consent resources for a patient. On success, the response body contains +// a JSON-encoded representation of a bundle of `Parameters` +// (http://hl7.org/fhir/parameters.html) FHIR resources, containing the current +// enforcement status for each consent resource of the patient. Does not +// support DSTU2. +// +// - name: The name of the patient to find enforcement statuses, in the format +// `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/fhirSt +// ores/{fhir_store_id}/fhir/Patient/{patient_id}`. +func (r *ProjectsLocationsDatasetsFhirStoresFhirService) PatientConsentEnforcementStatus(name string) *ProjectsLocationsDatasetsFhirStoresFhirPatientConsentEnforcementStatusCall { + c := &ProjectsLocationsDatasetsFhirStoresFhirPatientConsentEnforcementStatusCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + return c +} + +// Count sets the optional parameter "_count": The maximum number of results on +// a page. If not specified, 100 is used. May not be larger than 1000. +func (c *ProjectsLocationsDatasetsFhirStoresFhirPatientConsentEnforcementStatusCall) Count(Count int64) *ProjectsLocationsDatasetsFhirStoresFhirPatientConsentEnforcementStatusCall { + c.urlParams_.Set("_count", fmt.Sprint(Count)) + return c +} + +// PageToken sets the optional parameter "_page_token": Used to retrieve the +// first, previous, next, or last page of consent enforcement statuses when +// using pagination. Value should be set to the value of `_page_token` set in +// next or previous page links' URLs. Next and previous page are returned in +// the response bundle's links field, where `link.relation` is "previous" or +// "next". Omit `_page_token` if no previous request has been made. +func (c *ProjectsLocationsDatasetsFhirStoresFhirPatientConsentEnforcementStatusCall) PageToken(PageToken string) *ProjectsLocationsDatasetsFhirStoresFhirPatientConsentEnforcementStatusCall { + c.urlParams_.Set("_page_token", PageToken) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more +// details. +func (c *ProjectsLocationsDatasetsFhirStoresFhirPatientConsentEnforcementStatusCall) Fields(s ...googleapi.Field) *ProjectsLocationsDatasetsFhirStoresFhirPatientConsentEnforcementStatusCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets an optional parameter which makes the operation fail if the +// object's ETag matches the given value. This is useful for getting updates +// only after the object has changed since the last request. +func (c *ProjectsLocationsDatasetsFhirStoresFhirPatientConsentEnforcementStatusCall) IfNoneMatch(entityTag string) *ProjectsLocationsDatasetsFhirStoresFhirPatientConsentEnforcementStatusCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. +func (c *ProjectsLocationsDatasetsFhirStoresFhirPatientConsentEnforcementStatusCall) Context(ctx context.Context) *ProjectsLocationsDatasetsFhirStoresFhirPatientConsentEnforcementStatusCall { + c.ctx_ = ctx + return c +} + +// Header returns a http.Header that can be modified by the caller to add +// headers to the request. +func (c *ProjectsLocationsDatasetsFhirStoresFhirPatientConsentEnforcementStatusCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsLocationsDatasetsFhirStoresFhirPatientConsentEnforcementStatusCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}/$consent-enforcement-status") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.name, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "healthcare.projects.locations.datasets.fhirStores.fhir.Patient-consent-enforcement-status" call. +func (c *ProjectsLocationsDatasetsFhirStoresFhirPatientConsentEnforcementStatusCall) Do(opts ...googleapi.CallOption) (*http.Response, error) { + gensupport.SetOptions(c.urlParams_, opts...) + return c.doRequest("") +} + type ProjectsLocationsDatasetsFhirStoresFhirPatientEverythingCall struct { s *Service name string diff --git a/healthcare/v1beta1/healthcare-api.json b/healthcare/v1beta1/healthcare-api.json index 5d1c4964286..52812ea4df9 100644 --- a/healthcare/v1beta1/healthcare-api.json +++ b/healthcare/v1beta1/healthcare-api.json @@ -5858,7 +5858,7 @@ } } }, - "revision": "20241115", + "revision": "20241205", "rootUrl": "https://healthcare.googleapis.com/", "schemas": { "AccessDeterminationLogConfig": { @@ -8383,6 +8383,10 @@ "description": "The configuration for exporting to BigQuery.", "id": "GoogleCloudHealthcareV1beta1FhirBigQueryDestination", "properties": { + "changeDataCaptureConfig": { + "$ref": "GoogleCloudHealthcareV1beta1FhirChangeDataCaptureConfig", + "description": "Optional. Setting this field will enable BigQuery's Change Data Capture (CDC) on the destination tables. Use this field if you: - Want to only keep the latest version of each resource. Updates and deletes to an existing resource will overwrite the corresponding row. - Have a store with enabled history modifications and want to keep the entire history of resource versions but want the history to be mutable. Updates and deletes to a specific resource version will overwrite the corresponding row. See https://cloud.google.com/bigquery/docs/change-data-capture for details." + }, "datasetUri": { "description": "BigQuery URI to an existing dataset, up to 2000 characters long, in the format `bq://projectId.bqDatasetId`.", "type": "string" @@ -8414,6 +8418,27 @@ }, "type": "object" }, + "GoogleCloudHealthcareV1beta1FhirChangeDataCaptureConfig": { + "description": "BigQuery Change Data Capture configuration.", + "id": "GoogleCloudHealthcareV1beta1FhirChangeDataCaptureConfig", + "properties": { + "historyMode": { + "description": "Optional. Configures how historical versions of FHIR resources will be reflected in the destination table through updates and deletes. Defaults to `HistoryMode.KEEP_LATEST_VERSION` if unspecified.", + "enum": [ + "HISTORY_MODE_UNSPECIFIED", + "KEEP_LATEST_VERSION", + "KEEP_ALL_VERSIONS" + ], + "enumDescriptions": [ + "Default behavior is the same as KEEP_LATEST_VERSION.", + "The table will have a unique entry for each resource ID. Updates and deletes will overwrite the row matching the resource ID if it exists in the table.", + "Historical versions of resources will be maintained. However, history mutation is allowed. Updates will overwrite the row matching the resource ID and version if it exists in the table. This option is only supported for stores with history enabled." + ], + "type": "string" + } + }, + "type": "object" + }, "GoogleCloudHealthcareV1beta1FhirExportResourcesResponse": { "description": "Response when all resources export successfully. This structure is included in the response to describe the detailed outcome after the operation finishes successfully.", "id": "GoogleCloudHealthcareV1beta1FhirExportResourcesResponse", diff --git a/healthcare/v1beta1/healthcare-gen.go b/healthcare/v1beta1/healthcare-gen.go index ef8812e0b4e..3e88f4ccdc5 100644 --- a/healthcare/v1beta1/healthcare-gen.go +++ b/healthcare/v1beta1/healthcare-gen.go @@ -4439,6 +4439,15 @@ func (s GoogleCloudHealthcareV1beta1DicomStreamConfig) MarshalJSON() ([]byte, er // GoogleCloudHealthcareV1beta1FhirBigQueryDestination: The configuration for // exporting to BigQuery. type GoogleCloudHealthcareV1beta1FhirBigQueryDestination struct { + // ChangeDataCaptureConfig: Optional. Setting this field will enable BigQuery's + // Change Data Capture (CDC) on the destination tables. Use this field if you: + // - Want to only keep the latest version of each resource. Updates and deletes + // to an existing resource will overwrite the corresponding row. - Have a store + // with enabled history modifications and want to keep the entire history of + // resource versions but want the history to be mutable. Updates and deletes to + // a specific resource version will overwrite the corresponding row. See + // https://cloud.google.com/bigquery/docs/change-data-capture for details. + ChangeDataCaptureConfig *GoogleCloudHealthcareV1beta1FhirChangeDataCaptureConfig `json:"changeDataCaptureConfig,omitempty"` // DatasetUri: BigQuery URI to an existing dataset, up to 2000 characters long, // in the format `bq://projectId.bqDatasetId`. DatasetUri string `json:"datasetUri,omitempty"` @@ -4461,15 +4470,15 @@ type GoogleCloudHealthcareV1beta1FhirBigQueryDestination struct { // before writing the FHIR resources. // "WRITE_APPEND" - Append data to the destination tables. WriteDisposition string `json:"writeDisposition,omitempty"` - // ForceSendFields is a list of field names (e.g. "DatasetUri") to + // ForceSendFields is a list of field names (e.g. "ChangeDataCaptureConfig") to // unconditionally include in API requests. By default, fields with empty or // default values are omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more // details. ForceSendFields []string `json:"-"` - // NullFields is a list of field names (e.g. "DatasetUri") to include in API - // requests with the JSON null value. By default, fields with empty values are - // omitted from API requests. See + // NullFields is a list of field names (e.g. "ChangeDataCaptureConfig") to + // include in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. NullFields []string `json:"-"` } @@ -4479,6 +4488,42 @@ func (s GoogleCloudHealthcareV1beta1FhirBigQueryDestination) MarshalJSON() ([]by return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) } +// GoogleCloudHealthcareV1beta1FhirChangeDataCaptureConfig: BigQuery Change +// Data Capture configuration. +type GoogleCloudHealthcareV1beta1FhirChangeDataCaptureConfig struct { + // HistoryMode: Optional. Configures how historical versions of FHIR resources + // will be reflected in the destination table through updates and deletes. + // Defaults to `HistoryMode.KEEP_LATEST_VERSION` if unspecified. + // + // Possible values: + // "HISTORY_MODE_UNSPECIFIED" - Default behavior is the same as + // KEEP_LATEST_VERSION. + // "KEEP_LATEST_VERSION" - The table will have a unique entry for each + // resource ID. Updates and deletes will overwrite the row matching the + // resource ID if it exists in the table. + // "KEEP_ALL_VERSIONS" - Historical versions of resources will be maintained. + // However, history mutation is allowed. Updates will overwrite the row + // matching the resource ID and version if it exists in the table. This option + // is only supported for stores with history enabled. + HistoryMode string `json:"historyMode,omitempty"` + // ForceSendFields is a list of field names (e.g. "HistoryMode") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "HistoryMode") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s GoogleCloudHealthcareV1beta1FhirChangeDataCaptureConfig) MarshalJSON() ([]byte, error) { + type NoMethod GoogleCloudHealthcareV1beta1FhirChangeDataCaptureConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + // GoogleCloudHealthcareV1beta1FhirExportResourcesResponse: Response when all // resources export successfully. This structure is included in the response to // describe the detailed outcome after the operation finishes successfully. diff --git a/merchantapi/products_v1beta/merchantapi-api.json b/merchantapi/products_v1beta/merchantapi-api.json index df21a80773d..89bba4e883e 100644 --- a/merchantapi/products_v1beta/merchantapi-api.json +++ b/merchantapi/products_v1beta/merchantapi-api.json @@ -242,7 +242,7 @@ } } }, - "revision": "20241119", + "revision": "20241211", "rootUrl": "https://merchantapi.googleapis.com/", "schemas": { "Attributes": { @@ -652,7 +652,7 @@ "description": "Number of periods (months or years) and amount of payment per period for an item with an associated subscription contract." }, "taxCategory": { - "description": "The tax category of the product, used to configure detailed tax nexus in account-level tax settings.", + "description": "The tax category of the product.", "type": "string" }, "taxes": { diff --git a/merchantapi/products_v1beta/merchantapi-gen.go b/merchantapi/products_v1beta/merchantapi-gen.go index a002eb34b72..7807f0fb601 100644 --- a/merchantapi/products_v1beta/merchantapi-gen.go +++ b/merchantapi/products_v1beta/merchantapi-gen.go @@ -434,8 +434,7 @@ type Attributes struct { // SubscriptionCost: Number of periods (months or years) and amount of payment // per period for an item with an associated subscription contract. SubscriptionCost *SubscriptionCost `json:"subscriptionCost,omitempty"` - // TaxCategory: The tax category of the product, used to configure detailed tax - // nexus in account-level tax settings. + // TaxCategory: The tax category of the product. TaxCategory string `json:"taxCategory,omitempty"` // Taxes: Tax information. Taxes []*Tax `json:"taxes,omitempty"` diff --git a/oslogin/v1alpha/oslogin-api.json b/oslogin/v1alpha/oslogin-api.json index 8b530003c7a..6795614f6ca 100644 --- a/oslogin/v1alpha/oslogin-api.json +++ b/oslogin/v1alpha/oslogin-api.json @@ -206,7 +206,7 @@ "type": "string" }, "regions": { - "description": "Optional. The regions to which to assert that the key was written. If unspecified, defaults to all regions. Regions are listed at https://cloud.google.com/about/locations#region.", + "description": "Optional. The regions to wait for a POSIX account to be written to before returning a response. If unspecified, defaults to all regions. Regions are listed at https://cloud.google.com/about/locations#region.", "location": "query", "repeated": true, "type": "string" @@ -477,7 +477,7 @@ } } }, - "revision": "20240609", + "revision": "20241208", "rootUrl": "https://oslogin.googleapis.com/", "schemas": { "Empty": { diff --git a/oslogin/v1alpha/oslogin-gen.go b/oslogin/v1alpha/oslogin-gen.go index aff6e2a2d23..36ce8fcdb98 100644 --- a/oslogin/v1alpha/oslogin-gen.go +++ b/oslogin/v1alpha/oslogin-gen.go @@ -687,9 +687,10 @@ func (c *UsersImportSshPublicKeyCall) ProjectId(projectId string) *UsersImportSs return c } -// Regions sets the optional parameter "regions": The regions to which to -// assert that the key was written. If unspecified, defaults to all regions. -// Regions are listed at https://cloud.google.com/about/locations#region. +// Regions sets the optional parameter "regions": The regions to wait for a +// POSIX account to be written to before returning a response. If unspecified, +// defaults to all regions. Regions are listed at +// https://cloud.google.com/about/locations#region. func (c *UsersImportSshPublicKeyCall) Regions(regions ...string) *UsersImportSshPublicKeyCall { c.urlParams_.SetMulti("regions", append([]string{}, regions...)) return c diff --git a/parallelstore/v1/parallelstore-api.json b/parallelstore/v1/parallelstore-api.json index ce850623821..f0e40059bbb 100644 --- a/parallelstore/v1/parallelstore-api.json +++ b/parallelstore/v1/parallelstore-api.json @@ -14,7 +14,7 @@ "canonicalName": "Parallelstore", "description": "", "discoveryVersion": "v1", - "documentationLink": "https://cloud.google.com/", + "documentationLink": "https://cloud.google.com/parallelstore", "fullyEncodeReservedExpansion": true, "icons": { "x16": "http://www.google.com/images/icons/product/search-16.gif", @@ -543,7 +543,7 @@ } } }, - "revision": "20241115", + "revision": "20241204", "rootUrl": "https://parallelstore.googleapis.com/", "schemas": { "CancelOperationRequest": { diff --git a/parallelstore/v1/parallelstore-gen.go b/parallelstore/v1/parallelstore-gen.go index 5a8dd04ed54..e465f797211 100644 --- a/parallelstore/v1/parallelstore-gen.go +++ b/parallelstore/v1/parallelstore-gen.go @@ -6,7 +6,7 @@ // Package parallelstore provides access to the Parallelstore API. // -// For product documentation, see: https://cloud.google.com/ +// For product documentation, see: https://cloud.google.com/parallelstore // // # Library status // diff --git a/parallelstore/v1beta/parallelstore-api.json b/parallelstore/v1beta/parallelstore-api.json index 6c0f2cca041..2472fcdcdab 100644 --- a/parallelstore/v1beta/parallelstore-api.json +++ b/parallelstore/v1beta/parallelstore-api.json @@ -14,7 +14,7 @@ "canonicalName": "Parallelstore", "description": "", "discoveryVersion": "v1", - "documentationLink": "https://cloud.google.com/", + "documentationLink": "https://cloud.google.com/parallelstore", "fullyEncodeReservedExpansion": true, "icons": { "x16": "http://www.google.com/images/icons/product/search-16.gif", @@ -540,7 +540,7 @@ } } }, - "revision": "20241115", + "revision": "20241204", "rootUrl": "https://parallelstore.googleapis.com/", "schemas": { "DestinationGcsBucket": { diff --git a/parallelstore/v1beta/parallelstore-gen.go b/parallelstore/v1beta/parallelstore-gen.go index 9af8fca1a27..b0c4dd8f6a0 100644 --- a/parallelstore/v1beta/parallelstore-gen.go +++ b/parallelstore/v1beta/parallelstore-gen.go @@ -6,7 +6,7 @@ // Package parallelstore provides access to the Parallelstore API. // -// For product documentation, see: https://cloud.google.com/ +// For product documentation, see: https://cloud.google.com/parallelstore // // # Library status // diff --git a/recaptchaenterprise/v1/recaptchaenterprise-api.json b/recaptchaenterprise/v1/recaptchaenterprise-api.json index 4e2f5db32e5..86ff171d3f9 100644 --- a/recaptchaenterprise/v1/recaptchaenterprise-api.json +++ b/recaptchaenterprise/v1/recaptchaenterprise-api.json @@ -786,7 +786,7 @@ } } }, - "revision": "20241027", + "revision": "20241208", "rootUrl": "https://recaptchaenterprise.googleapis.com/", "schemas": { "GoogleCloudRecaptchaenterpriseV1AccountDefenderAssessment": { @@ -1175,9 +1175,9 @@ "DISABLED" ], "enumDescriptions": [ - "Default, unspecified setting. If opted in for automatic detection, `fraud_prevention_assessment` is returned based on the request. Otherwise, `fraud_prevention_assessment` is returned if `transaction_data` is present in the `Event` and Fraud Prevention is enabled in the Google Cloud console.", + "Default, unspecified setting. `fraud_prevention_assessment` is returned if `transaction_data` is present in `Event` and Fraud Prevention is enabled in the Google Cloud console.", "Enable Fraud Prevention for this assessment, if Fraud Prevention is enabled in the Google Cloud console.", - "Disable Fraud Prevention for this assessment, regardless of opt-in status or Google Cloud console settings." + "Disable Fraud Prevention for this assessment, regardless of Google Cloud console settings." ], "type": "string" }, diff --git a/recaptchaenterprise/v1/recaptchaenterprise-gen.go b/recaptchaenterprise/v1/recaptchaenterprise-gen.go index 0c9b80e81ca..cefc0ea14df 100644 --- a/recaptchaenterprise/v1/recaptchaenterprise-gen.go +++ b/recaptchaenterprise/v1/recaptchaenterprise-gen.go @@ -692,15 +692,13 @@ type GoogleCloudRecaptchaenterpriseV1Event struct { // FraudPrevention: Optional. The Fraud Prevention setting for this assessment. // // Possible values: - // "FRAUD_PREVENTION_UNSPECIFIED" - Default, unspecified setting. If opted in - // for automatic detection, `fraud_prevention_assessment` is returned based on - // the request. Otherwise, `fraud_prevention_assessment` is returned if - // `transaction_data` is present in the `Event` and Fraud Prevention is enabled - // in the Google Cloud console. + // "FRAUD_PREVENTION_UNSPECIFIED" - Default, unspecified setting. + // `fraud_prevention_assessment` is returned if `transaction_data` is present + // in `Event` and Fraud Prevention is enabled in the Google Cloud console. // "ENABLED" - Enable Fraud Prevention for this assessment, if Fraud // Prevention is enabled in the Google Cloud console. // "DISABLED" - Disable Fraud Prevention for this assessment, regardless of - // opt-in status or Google Cloud console settings. + // Google Cloud console settings. FraudPrevention string `json:"fraudPrevention,omitempty"` // HashedAccountId: Optional. Deprecated: use `user_info.account_id` instead. // Unique stable hashed user identifier for the request. The identifier must be diff --git a/secretmanager/v1beta1/secretmanager-api.json b/secretmanager/v1beta1/secretmanager-api.json index 2179374cb6a..3028bf715b2 100644 --- a/secretmanager/v1beta1/secretmanager-api.json +++ b/secretmanager/v1beta1/secretmanager-api.json @@ -710,7 +710,7 @@ } } }, - "revision": "20240726", + "revision": "20241209", "rootUrl": "https://secretmanager.googleapis.com/", "schemas": { "AccessSecretVersionResponse": { @@ -1144,7 +1144,7 @@ "type": "object" }, "UserManaged": { - "description": "A replication policy that replicates the Secret payload into the locations specified in Secret.replication.user_managed.replicas", + "description": "A replication policy that replicates the Secret payload into the locations specified in Replication.UserManaged.replicas", "id": "UserManaged", "properties": { "replicas": { diff --git a/secretmanager/v1beta1/secretmanager-gen.go b/secretmanager/v1beta1/secretmanager-gen.go index 765784f44ce..db561f3ba98 100644 --- a/secretmanager/v1beta1/secretmanager-gen.go +++ b/secretmanager/v1beta1/secretmanager-gen.go @@ -962,7 +962,7 @@ func (s TestIamPermissionsResponse) MarshalJSON() ([]byte, error) { } // UserManaged: A replication policy that replicates the Secret payload into -// the locations specified in Secret.replication.user_managed.replicas +// the locations specified in Replication.UserManaged.replicas type UserManaged struct { // Replicas: Required. The list of Replicas for this Secret. Cannot be empty. Replicas []*Replica `json:"replicas,omitempty"` diff --git a/sqladmin/v1/sqladmin-api.json b/sqladmin/v1/sqladmin-api.json index f4ca98ac472..ec6c5a8c032 100644 --- a/sqladmin/v1/sqladmin-api.json +++ b/sqladmin/v1/sqladmin-api.json @@ -1193,7 +1193,7 @@ ], "parameters": { "failover": { - "description": "Set to true to invoke a replica failover to the designated DR replica. As part of replica failover, the promote operation attempts to add the original primary instance as a replica of the promoted DR replica when the original primary instance comes back online. If set to false or not specified, then the original primary instance becomes an independent Cloud SQL primary instance. Only applicable to MySQL.", + "description": "Set to true to invoke a replica failover to the DR replica. As part of replica failover, the promote operation attempts to add the original primary instance as a replica of the promoted DR replica when the original primary instance comes back online. If set to false or not specified, then the original primary instance becomes an independent Cloud SQL primary instance.", "location": "query", "type": "boolean" }, @@ -1485,7 +1485,7 @@ ] }, "switchover": { - "description": "Switches over from the primary instance to the designated DR replica instance.", + "description": "Switches over from the primary instance to the DR replica instance.", "flatPath": "v1/projects/{project}/instances/{instance}/switchover", "httpMethod": "POST", "id": "sql.instances.switchover", @@ -1495,7 +1495,7 @@ ], "parameters": { "dbTimeout": { - "description": "Optional. (MySQL only) Cloud SQL instance operations timeout, which is a sum of all database operations. Default value is 10 minutes and can be modified to a maximum value of 24 hours.", + "description": "Optional. (MySQL and PostgreSQL only) Cloud SQL instance operations timeout, which is a sum of all database operations. Default value is 10 minutes and can be modified to a maximum value of 24 hours.", "format": "google-duration", "location": "query", "type": "string" @@ -2366,7 +2366,7 @@ } } }, - "revision": "20241108", + "revision": "20241204", "rootUrl": "https://sqladmin.googleapis.com/", "schemas": { "AclEntry": { @@ -2856,6 +2856,13 @@ ], "type": "string" }, + "customSubjectAlternativeNames": { + "description": "Custom subject alternative names for the server certificate.", + "items": { + "type": "string" + }, + "type": "array" + }, "databaseVersion": { "description": "The database engine type and version. The `databaseVersion` field cannot be changed after instance creation. MySQL instances: `MYSQL_8_0`, `MYSQL_5_7` (default), or `MYSQL_5_6`. PostgreSQL instances: `POSTGRES_9_6`, `POSTGRES_10`, `POSTGRES_11`, `POSTGRES_12` (default), `POSTGRES_13`, or `POSTGRES_14`. SQL Server instances: `SQLSERVER_2017_STANDARD` (default), `SQLSERVER_2017_ENTERPRISE`, `SQLSERVER_2017_EXPRESS`, `SQLSERVER_2017_WEB`, `SQLSERVER_2019_STANDARD`, `SQLSERVER_2019_ENTERPRISE`, `SQLSERVER_2019_EXPRESS`, or `SQLSERVER_2019_WEB`.", "enum": [ @@ -3448,7 +3455,7 @@ }, "replicationCluster": { "$ref": "ReplicationCluster", - "description": "Optional. A primary instance and disaster recovery (DR) replica pair. A DR replica is a cross-region replica that you designate for failover in the event that the primary instance experiences regional failure. Only applicable to MySQL." + "description": "Optional. A primary instance and disaster recovery (DR) replica pair. A DR replica is a cross-region replica that you designate for failover in the event that the primary instance experiences regional failure. Applicable to MySQL and PostgreSQL." }, "rootPassword": { "description": "Initial root password. Use only on creation. You must set root passwords before you can connect to PostgreSQL instances.", @@ -3559,6 +3566,13 @@ "description": "Input only. Whether Cloud SQL is enabled to switch storing point-in-time recovery log files from a data disk to Cloud Storage.", "type": "boolean" }, + "tags": { + "additionalProperties": { + "type": "string" + }, + "description": "Optional. Input only. Immutable. Tag keys and tag values that are bound to this instance. You must represent each item in the map as: `\"\" : \"\"`. For example, a single resource can have the following tags: ``` \"123/environment\": \"production\", \"123/costCenter\": \"marketing\", ``` For more information on tag creation and management, see https://cloud.google.com/resource-manager/docs/tags/tags-overview.", + "type": "object" + }, "upgradableDatabaseVersions": { "description": "Output only. All database versions that are available for upgrade.", "items": { @@ -4681,6 +4695,13 @@ }, "type": "array" }, + "customSubjectAlternativeNames": { + "description": "Optional. Custom Subject Alternative Name(SAN)s for a Cloud SQL instance.", + "items": { + "type": "string" + }, + "type": "array" + }, "enablePrivatePathForGoogleCloudServices": { "description": "Controls connectivity to private IP instances from Google services, such as BigQuery.", "type": "boolean" @@ -4706,15 +4727,21 @@ "enum": [ "CA_MODE_UNSPECIFIED", "GOOGLE_MANAGED_INTERNAL_CA", - "GOOGLE_MANAGED_CAS_CA" + "GOOGLE_MANAGED_CAS_CA", + "CUSTOMER_MANAGED_CAS_CA" ], "enumDescriptions": [ "CA mode is unspecified. It is effectively the same as `GOOGLE_MANAGED_INTERNAL_CA`.", "Google-managed self-signed internal CA.", - "Google-managed regional CA part of root CA hierarchy hosted on Google Cloud's Certificate Authority Service (CAS)." + "Google-managed regional CA part of root CA hierarchy hosted on Google Cloud's Certificate Authority Service (CAS).", + "Customer-managed CA hosted on Google Cloud's Certificate Authority Service (CAS)." ], "type": "string" }, + "serverCaPool": { + "description": "Optional. The resource name of the server CA pool for an instance with `CUSTOMER_MANAGED_CAS_CA` as the `server_ca_mode`. Format: projects//locations//caPools/", + "type": "string" + }, "sslMode": { "description": "Specify how SSL/TLS is enforced in database connections. If you must use the `require_ssl` flag for backward compatibility, then only the following value pairs are valid: For PostgreSQL and MySQL: * `ssl_mode=ALLOW_UNENCRYPTED_AND_ENCRYPTED` and `require_ssl=false` * `ssl_mode=ENCRYPTED_ONLY` and `require_ssl=false` * `ssl_mode=TRUSTED_CLIENT_CERTIFICATE_REQUIRED` and `require_ssl=true` For SQL Server: * `ssl_mode=ALLOW_UNENCRYPTED_AND_ENCRYPTED` and `require_ssl=false` * `ssl_mode=ENCRYPTED_ONLY` and `require_ssl=true` The value of `ssl_mode` has priority over the value of `require_ssl`. For example, for the pair `ssl_mode=ENCRYPTED_ONLY` and `require_ssl=false`, `ssl_mode=ENCRYPTED_ONLY` means accept only SSL connections, while `require_ssl=false` means accept both non-SSL and SSL connections. In this case, MySQL and PostgreSQL databases respect `ssl_mode` and accepts only SSL connections.", "enum": [ @@ -5184,6 +5211,10 @@ ], "type": "string" }, + "subOperationType": { + "$ref": "SqlSubOperationType", + "description": "Optional. The sub operation based on the operation type." + }, "targetId": { "description": "Name of the database instance related to this operation.", "type": "string" @@ -5249,7 +5280,7 @@ "type": "string" }, "cancelRequested": { - "description": "Output only. Identifies whether the user has requested cancellation of the operation. Operations that have been cancelled successfully have Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`.", + "description": "Output only. Identifies whether the user has requested cancellation of the operation. Operations that have been cancelled successfully have google.longrunning.Operation.error value with a google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`.", "readOnly": true, "type": "boolean" }, @@ -5456,7 +5487,7 @@ "type": "object" }, "ReplicationCluster": { - "description": "A primary instance and disaster recovery (DR) replica pair. A DR replica is a cross-region replica that you designate for failover in the event that the primary instance experiences regional failure. Only applicable to MySQL.", + "description": "A primary instance and disaster recovery (DR) replica pair. A DR replica is a cross-region replica that you designate for failover in the event that the primary instance experiences regional failure. Applicable to MySQL and PostgreSQL.", "id": "ReplicationCluster", "properties": { "drReplica": { @@ -5469,7 +5500,7 @@ "type": "string" }, "psaWriteEndpoint": { - "description": "Output only. If set, it indicates this instance has a private service access (PSA) dns endpoint that is pointing to the primary instance of the cluster. If this instance is the primary, the dns should be pointing to this instance. After Switchover or Replica failover, this DNS endpoint points to the promoted instance. This is a read-only field, returned to the user as information. This field can exist even if a standalone instance does not yet have a replica, or had a DR replica that was deleted.", + "description": "Output only. If set, this field indicates this instance has a private service access (PSA) DNS endpoint that is pointing to the primary instance of the cluster. If this instance is the primary, then the DNS endpoint points to this instance. After a switchover or replica failover operation, this DNS endpoint points to the promoted instance. This is a read-only field, returned to the user as information. This field can exist even if a standalone instance doesn't have a DR replica yet or the DR replica is deleted.", "readOnly": true, "type": "string" } @@ -6300,6 +6331,31 @@ }, "type": "object" }, + "SqlSubOperationType": { + "description": "The sub operation type based on the operation type.", + "id": "SqlSubOperationType", + "properties": { + "maintenanceType": { + "description": "The type of maintenance to be performed on the instance.", + "enum": [ + "SQL_MAINTENANCE_TYPE_UNSPECIFIED", + "INSTANCE_MAINTENANCE", + "REPLICA_INCLUDED_MAINTENANCE", + "INSTANCE_SELF_SERVICE_MAINTENANCE", + "REPLICA_INCLUDED_SELF_SERVICE_MAINTENANCE" + ], + "enumDescriptions": [ + "Maintenance type is unspecified.", + "Indicates that a standalone instance is undergoing maintenance. The instance can be either a primary instance or a replica.", + "Indicates that the primary instance and all of its replicas, including cascading replicas, are undergoing maintenance. Maintenance is performed on groups of replicas first, followed by the primary instance.", + "Indicates that the standalone instance is undergoing maintenance, initiated by self-service. The instance can be either a primary instance or a replica.", + "Indicates that the primary instance and all of its replicas are undergoing maintenance, initiated by self-service. Maintenance is performed on groups of replicas first, followed by the primary instance." + ], + "type": "string" + } + }, + "type": "object" + }, "SslCert": { "description": "SslCerts Resource", "id": "SslCert", diff --git a/sqladmin/v1/sqladmin-gen.go b/sqladmin/v1/sqladmin-gen.go index 0a853e49367..ca778b173ef 100644 --- a/sqladmin/v1/sqladmin-gen.go +++ b/sqladmin/v1/sqladmin-gen.go @@ -811,6 +811,9 @@ type ConnectSettings struct { // "SECOND_GEN" - V2 speckle instance. // "EXTERNAL" - On premises instance. BackendType string `json:"backendType,omitempty"` + // CustomSubjectAlternativeNames: Custom subject alternative names for the + // server certificate. + CustomSubjectAlternativeNames []string `json:"customSubjectAlternativeNames,omitempty"` // DatabaseVersion: The database engine type and version. The `databaseVersion` // field cannot be changed after instance creation. MySQL instances: // `MYSQL_8_0`, `MYSQL_5_7` (default), or `MYSQL_5_6`. PostgreSQL instances: @@ -1220,7 +1223,7 @@ type DatabaseInstance struct { // ReplicationCluster: Optional. A primary instance and disaster recovery (DR) // replica pair. A DR replica is a cross-region replica that you designate for // failover in the event that the primary instance experiences regional - // failure. Only applicable to MySQL. + // failure. Applicable to MySQL and PostgreSQL. ReplicationCluster *ReplicationCluster `json:"replicationCluster,omitempty"` // RootPassword: Initial root password. Use only on creation. You must set root // passwords before you can connect to PostgreSQL instances. @@ -1288,6 +1291,13 @@ type DatabaseInstance struct { // enabled to switch storing point-in-time recovery log files from a data disk // to Cloud Storage. SwitchTransactionLogsToCloudStorageEnabled bool `json:"switchTransactionLogsToCloudStorageEnabled,omitempty"` + // Tags: Optional. Input only. Immutable. Tag keys and tag values that are + // bound to this instance. You must represent each item in the map as: "" : + // "". For example, a single resource can have the following tags: ``` + // "123/environment": "production", "123/costCenter": "marketing", ``` For more + // information on tag creation and management, see + // https://cloud.google.com/resource-manager/docs/tags/tags-overview. + Tags map[string]string `json:"tags,omitempty"` // UpgradableDatabaseVersions: Output only. All database versions that are // available for upgrade. UpgradableDatabaseVersions []*AvailableDatabaseVersion `json:"upgradableDatabaseVersions,omitempty"` @@ -2793,6 +2803,9 @@ type IpConfiguration struct { // connect to the instance using the IP. In 'CIDR' notation, also known as // 'slash' notation (for example: `157.197.200.0/24`). AuthorizedNetworks []*AclEntry `json:"authorizedNetworks,omitempty"` + // CustomSubjectAlternativeNames: Optional. Custom Subject Alternative + // Name(SAN)s for a Cloud SQL instance. + CustomSubjectAlternativeNames []string `json:"customSubjectAlternativeNames,omitempty"` // EnablePrivatePathForGoogleCloudServices: Controls connectivity to private IP // instances from Google services, such as BigQuery. EnablePrivatePathForGoogleCloudServices bool `json:"enablePrivatePathForGoogleCloudServices,omitempty"` @@ -2821,7 +2834,13 @@ type IpConfiguration struct { // "GOOGLE_MANAGED_INTERNAL_CA" - Google-managed self-signed internal CA. // "GOOGLE_MANAGED_CAS_CA" - Google-managed regional CA part of root CA // hierarchy hosted on Google Cloud's Certificate Authority Service (CAS). + // "CUSTOMER_MANAGED_CAS_CA" - Customer-managed CA hosted on Google Cloud's + // Certificate Authority Service (CAS). ServerCaMode string `json:"serverCaMode,omitempty"` + // ServerCaPool: Optional. The resource name of the server CA pool for an + // instance with `CUSTOMER_MANAGED_CAS_CA` as the `server_ca_mode`. Format: + // projects//locations//caPools/ + ServerCaPool string `json:"serverCaPool,omitempty"` // SslMode: Specify how SSL/TLS is enforced in database connections. If you // must use the `require_ssl` flag for backward compatibility, then only the // following value pairs are valid: For PostgreSQL and MySQL: * @@ -3260,6 +3279,8 @@ type Operation struct { // "RUNNING" - The operation is running. // "DONE" - The operation completed. Status string `json:"status,omitempty"` + // SubOperationType: Optional. The sub operation based on the operation type. + SubOperationType *SqlSubOperationType `json:"subOperationType,omitempty"` // TargetId: Name of the database instance related to this operation. TargetId string `json:"targetId,omitempty"` TargetLink string `json:"targetLink,omitempty"` @@ -3345,8 +3366,8 @@ type OperationMetadata struct { ApiVersion string `json:"apiVersion,omitempty"` // CancelRequested: Output only. Identifies whether the user has requested // cancellation of the operation. Operations that have been cancelled - // successfully have Operation.error value with a google.rpc.Status.code of 1, - // corresponding to `Code.CANCELLED`. + // successfully have google.longrunning.Operation.error value with a + // google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`. CancelRequested bool `json:"cancelRequested,omitempty"` // CreateTime: Output only. The time the operation was created. CreateTime string `json:"createTime,omitempty"` @@ -3608,8 +3629,8 @@ func (s ReplicaConfiguration) MarshalJSON() ([]byte, error) { // ReplicationCluster: A primary instance and disaster recovery (DR) replica // pair. A DR replica is a cross-region replica that you designate for failover -// in the event that the primary instance experiences regional failure. Only -// applicable to MySQL. +// in the event that the primary instance experiences regional failure. +// Applicable to MySQL and PostgreSQL. type ReplicationCluster struct { // DrReplica: Output only. Read-only field that indicates whether the replica // is a DR replica. This field is not set if the instance is a primary @@ -3622,14 +3643,14 @@ type ReplicationCluster struct { // replica name to designate a DR replica for a primary instance. Remove the // replica name to remove the DR replica designation. FailoverDrReplicaName string `json:"failoverDrReplicaName,omitempty"` - // PsaWriteEndpoint: Output only. If set, it indicates this instance has a - // private service access (PSA) dns endpoint that is pointing to the primary - // instance of the cluster. If this instance is the primary, the dns should be - // pointing to this instance. After Switchover or Replica failover, this DNS - // endpoint points to the promoted instance. This is a read-only field, - // returned to the user as information. This field can exist even if a - // standalone instance does not yet have a replica, or had a DR replica that - // was deleted. + // PsaWriteEndpoint: Output only. If set, this field indicates this instance + // has a private service access (PSA) DNS endpoint that is pointing to the + // primary instance of the cluster. If this instance is the primary, then the + // DNS endpoint points to this instance. After a switchover or replica failover + // operation, this DNS endpoint points to the promoted instance. This is a + // read-only field, returned to the user as information. This field can exist + // even if a standalone instance doesn't have a DR replica yet or the DR + // replica is deleted. PsaWriteEndpoint string `json:"psaWriteEndpoint,omitempty"` // ForceSendFields is a list of field names (e.g. "DrReplica") to // unconditionally include in API requests. By default, fields with empty or @@ -4571,6 +4592,45 @@ func (s SqlServerUserDetails) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) } +// SqlSubOperationType: The sub operation type based on the operation type. +type SqlSubOperationType struct { + // MaintenanceType: The type of maintenance to be performed on the instance. + // + // Possible values: + // "SQL_MAINTENANCE_TYPE_UNSPECIFIED" - Maintenance type is unspecified. + // "INSTANCE_MAINTENANCE" - Indicates that a standalone instance is + // undergoing maintenance. The instance can be either a primary instance or a + // replica. + // "REPLICA_INCLUDED_MAINTENANCE" - Indicates that the primary instance and + // all of its replicas, including cascading replicas, are undergoing + // maintenance. Maintenance is performed on groups of replicas first, followed + // by the primary instance. + // "INSTANCE_SELF_SERVICE_MAINTENANCE" - Indicates that the standalone + // instance is undergoing maintenance, initiated by self-service. The instance + // can be either a primary instance or a replica. + // "REPLICA_INCLUDED_SELF_SERVICE_MAINTENANCE" - Indicates that the primary + // instance and all of its replicas are undergoing maintenance, initiated by + // self-service. Maintenance is performed on groups of replicas first, followed + // by the primary instance. + MaintenanceType string `json:"maintenanceType,omitempty"` + // ForceSendFields is a list of field names (e.g. "MaintenanceType") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "MaintenanceType") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s SqlSubOperationType) MarshalJSON() ([]byte, error) { + type NoMethod SqlSubOperationType + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + // SslCert: SslCerts Resource type SslCert struct { // Cert: PEM representation. @@ -8371,12 +8431,11 @@ func (r *InstancesService) PromoteReplica(project string, instance string) *Inst } // Failover sets the optional parameter "failover": Set to true to invoke a -// replica failover to the designated DR replica. As part of replica failover, -// the promote operation attempts to add the original primary instance as a -// replica of the promoted DR replica when the original primary instance comes -// back online. If set to false or not specified, then the original primary -// instance becomes an independent Cloud SQL primary instance. Only applicable -// to MySQL. +// replica failover to the DR replica. As part of replica failover, the promote +// operation attempts to add the original primary instance as a replica of the +// promoted DR replica when the original primary instance comes back online. If +// set to false or not specified, then the original primary instance becomes an +// independent Cloud SQL primary instance. func (c *InstancesPromoteReplicaCall) Failover(failover bool) *InstancesPromoteReplicaCall { c.urlParams_.Set("failover", fmt.Sprint(failover)) return c @@ -9292,8 +9351,8 @@ type InstancesSwitchoverCall struct { header_ http.Header } -// Switchover: Switches over from the primary instance to the designated DR -// replica instance. +// Switchover: Switches over from the primary instance to the DR replica +// instance. // // - instance: Cloud SQL read replica instance name. // - project: ID of the project that contains the replica. @@ -9304,10 +9363,10 @@ func (r *InstancesService) Switchover(project string, instance string) *Instance return c } -// DbTimeout sets the optional parameter "dbTimeout": (MySQL only) Cloud SQL -// instance operations timeout, which is a sum of all database operations. -// Default value is 10 minutes and can be modified to a maximum value of 24 -// hours. +// DbTimeout sets the optional parameter "dbTimeout": (MySQL and PostgreSQL +// only) Cloud SQL instance operations timeout, which is a sum of all database +// operations. Default value is 10 minutes and can be modified to a maximum +// value of 24 hours. func (c *InstancesSwitchoverCall) DbTimeout(dbTimeout string) *InstancesSwitchoverCall { c.urlParams_.Set("dbTimeout", dbTimeout) return c diff --git a/sqladmin/v1beta4/sqladmin-api.json b/sqladmin/v1beta4/sqladmin-api.json index 544a458874c..e3bad66ab34 100644 --- a/sqladmin/v1beta4/sqladmin-api.json +++ b/sqladmin/v1beta4/sqladmin-api.json @@ -1193,7 +1193,7 @@ ], "parameters": { "failover": { - "description": "Set to true to invoke a replica failover to the designated DR replica. As part of replica failover, the promote operation attempts to add the original primary instance as a replica of the promoted DR replica when the original primary instance comes back online. If set to false or not specified, then the original primary instance becomes an independent Cloud SQL primary instance. Only applicable to MySQL.", + "description": "Set to true to invoke a replica failover to the DR replica. As part of replica failover, the promote operation attempts to add the original primary instance as a replica of the promoted DR replica when the original primary instance comes back online. If set to false or not specified, then the original primary instance becomes an independent Cloud SQL primary instance.", "location": "query", "type": "boolean" }, @@ -1485,7 +1485,7 @@ ] }, "switchover": { - "description": "Switches over from the primary instance to the designated DR replica instance.", + "description": "Switches over from the primary instance to the DR replica instance.", "flatPath": "sql/v1beta4/projects/{project}/instances/{instance}/switchover", "httpMethod": "POST", "id": "sql.instances.switchover", @@ -1495,7 +1495,7 @@ ], "parameters": { "dbTimeout": { - "description": "Optional. (MySQL only) Cloud SQL instance operations timeout, which is a sum of all database operations. Default value is 10 minutes and can be modified to a maximum value of 24 hours.", + "description": "Optional. (MySQL and PostgreSQL only) Cloud SQL instance operations timeout, which is a sum of all database operations. Default value is 10 minutes and can be modified to a maximum value of 24 hours.", "format": "google-duration", "location": "query", "type": "string" @@ -2366,7 +2366,7 @@ } } }, - "revision": "20241108", + "revision": "20241204", "rootUrl": "https://sqladmin.googleapis.com/", "schemas": { "AclEntry": { @@ -2856,6 +2856,13 @@ ], "type": "string" }, + "customSubjectAlternativeNames": { + "description": "Custom subject alternative names for the server certificate.", + "items": { + "type": "string" + }, + "type": "array" + }, "databaseVersion": { "description": "The database engine type and version. The `databaseVersion` field cannot be changed after instance creation. MySQL instances: `MYSQL_8_0`, `MYSQL_5_7` (default), or `MYSQL_5_6`. PostgreSQL instances: `POSTGRES_9_6`, `POSTGRES_10`, `POSTGRES_11` or `POSTGRES_12` (default), `POSTGRES_13`, or `POSTGRES_14`. SQL Server instances: `SQLSERVER_2017_STANDARD` (default), `SQLSERVER_2017_ENTERPRISE`, `SQLSERVER_2017_EXPRESS`, `SQLSERVER_2017_WEB`, `SQLSERVER_2019_STANDARD`, `SQLSERVER_2019_ENTERPRISE`, `SQLSERVER_2019_EXPRESS`, or `SQLSERVER_2019_WEB`.", "enum": [ @@ -3448,7 +3455,7 @@ }, "replicationCluster": { "$ref": "ReplicationCluster", - "description": "A primary instance and disaster recovery (DR) replica pair. A DR replica is a cross-region replica that you designate for failover in the event that the primary instance experiences regional failure. Only applicable to MySQL." + "description": "A primary instance and disaster recovery (DR) replica pair. A DR replica is a cross-region replica that you designate for failover in the event that the primary instance experiences regional failure. Applicable to MySQL and PostgreSQL." }, "rootPassword": { "description": "Initial root password. Use only on creation. You must set root passwords before you can connect to PostgreSQL instances.", @@ -3560,6 +3567,13 @@ "description": "Input only. Whether Cloud SQL is enabled to switch storing point-in-time recovery log files from a data disk to Cloud Storage.", "type": "boolean" }, + "tags": { + "additionalProperties": { + "type": "string" + }, + "description": "Optional. Input only. Immutable. Tag keys and tag values that are bound to this instance. You must represent each item in the map as: `\"\" : \"\"`. For example, a single resource can have the following tags: ``` \"123/environment\": \"production\", \"123/costCenter\": \"marketing\", ``` For more information on tag creation and management, see https://cloud.google.com/resource-manager/docs/tags/tags-overview.", + "type": "object" + }, "upgradableDatabaseVersions": { "description": "Output only. All database versions that are available for upgrade.", "items": { @@ -4682,6 +4696,13 @@ }, "type": "array" }, + "customSubjectAlternativeNames": { + "description": "Optional. Custom Subject Alternative Name(SAN)s for a Cloud SQL instance.", + "items": { + "type": "string" + }, + "type": "array" + }, "enablePrivatePathForGoogleCloudServices": { "description": "Controls connectivity to private IP instances from Google services, such as BigQuery.", "type": "boolean" @@ -4707,15 +4728,21 @@ "enum": [ "CA_MODE_UNSPECIFIED", "GOOGLE_MANAGED_INTERNAL_CA", - "GOOGLE_MANAGED_CAS_CA" + "GOOGLE_MANAGED_CAS_CA", + "CUSTOMER_MANAGED_CAS_CA" ], "enumDescriptions": [ "CA mode is unspecified. It is effectively the same as `GOOGLE_MANAGED_INTERNAL_CA`.", "Google-managed self-signed internal CA.", - "Google-managed regional CA part of root CA hierarchy hosted on Google Cloud's Certificate Authority Service (CAS)." + "Google-managed regional CA part of root CA hierarchy hosted on Google Cloud's Certificate Authority Service (CAS).", + "Customer-managed CA hosted on Google Cloud's Certificate Authority Service (CAS)." ], "type": "string" }, + "serverCaPool": { + "description": "Optional. The resource name of the server CA pool for an instance with `CUSTOMER_MANAGED_CAS_CA` as the `server_ca_mode`. Format: projects//locations//caPools/", + "type": "string" + }, "sslMode": { "description": "Specify how SSL/TLS is enforced in database connections. If you must use the `require_ssl` flag for backward compatibility, then only the following value pairs are valid: For PostgreSQL and MySQL: * `ssl_mode=ALLOW_UNENCRYPTED_AND_ENCRYPTED` and `require_ssl=false` * `ssl_mode=ENCRYPTED_ONLY` and `require_ssl=false` * `ssl_mode=TRUSTED_CLIENT_CERTIFICATE_REQUIRED` and `require_ssl=true` For SQL Server: * `ssl_mode=ALLOW_UNENCRYPTED_AND_ENCRYPTED` and `require_ssl=false` * `ssl_mode=ENCRYPTED_ONLY` and `require_ssl=true` The value of `ssl_mode` has priority over the value of `require_ssl`. For example, for the pair `ssl_mode=ENCRYPTED_ONLY` and `require_ssl=false`, `ssl_mode=ENCRYPTED_ONLY` means accept only SSL connections, while `require_ssl=false` means accept both non-SSL and SSL connections. In this case, MySQL and PostgreSQL databases respect `ssl_mode` and accepts only SSL connections.", "enum": [ @@ -5185,6 +5212,10 @@ ], "type": "string" }, + "subOperationType": { + "$ref": "SqlSubOperationType", + "description": "Optional. The sub operation based on the operation type." + }, "targetId": { "description": "Name of the database instance related to this operation.", "type": "string" @@ -5250,7 +5281,7 @@ "type": "string" }, "cancelRequested": { - "description": "Output only. Identifies whether the user has requested cancellation of the operation. Operations that have been cancelled successfully have Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`.", + "description": "Output only. Identifies whether the user has requested cancellation of the operation. Operations that have been cancelled successfully have google.longrunning.Operation.error value with a google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`.", "readOnly": true, "type": "boolean" }, @@ -5457,7 +5488,7 @@ "type": "object" }, "ReplicationCluster": { - "description": "A primary instance and disaster recovery (DR) replica pair. A DR replica is a cross-region replica that you designate for failover in the event that the primary instance has regional failure. Only applicable to MySQL.", + "description": "A primary instance and disaster recovery (DR) replica pair. A DR replica is a cross-region replica that you designate for failover in the event that the primary instance has regional failure. Applicable to MySQL and PostgreSQL.", "id": "ReplicationCluster", "properties": { "drReplica": { @@ -5470,7 +5501,7 @@ "type": "string" }, "psaWriteEndpoint": { - "description": "Output only. If set, it indicates this instance has a private service access (PSA) dns endpoint that is pointing to the primary instance of the cluster. If this instance is the primary, the dns should be pointing to this instance. After Switchover or Replica failover, this DNS endpoint points to the promoted instance. This is a read-only field, returned to the user as information. This field can exist even if a standalone instance does not yet have a replica, or had a DR replica that was deleted.", + "description": "Output only. If set, this field indicates this instance has a private service access (PSA) DNS endpoint that is pointing to the primary instance of the cluster. If this instance is the primary, then the DNS endpoint points to this instance. After a switchover or replica failover operation, this DNS endpoint points to the promoted instance. This is a read-only field, returned to the user as information. This field can exist even if a standalone instance doesn't have a DR replica yet or the DR replica is deleted.", "readOnly": true, "type": "string" } @@ -6299,6 +6330,31 @@ }, "type": "object" }, + "SqlSubOperationType": { + "description": "The sub operation type based on the operation type.", + "id": "SqlSubOperationType", + "properties": { + "maintenanceType": { + "description": "The type of maintenance to be performed on the instance.", + "enum": [ + "SQL_MAINTENANCE_TYPE_UNSPECIFIED", + "INSTANCE_MAINTENANCE", + "REPLICA_INCLUDED_MAINTENANCE", + "INSTANCE_SELF_SERVICE_MAINTENANCE", + "REPLICA_INCLUDED_SELF_SERVICE_MAINTENANCE" + ], + "enumDescriptions": [ + "Maintenance type is unspecified.", + "Indicates that a standalone instance is undergoing maintenance. The instance can be either a primary instance or a replica.", + "Indicates that the primary instance and all of its replicas, including cascading replicas, are undergoing maintenance. Maintenance is performed on groups of replicas first, followed by the primary instance.", + "Indicates that the standalone instance is undergoing maintenance, initiated by self-service. The instance can be either a primary instance or a replica.", + "Indicates that the primary instance and all of its replicas are undergoing maintenance, initiated by self-service. Maintenance is performed on groups of replicas first, followed by the primary instance." + ], + "type": "string" + } + }, + "type": "object" + }, "SslCert": { "description": "SslCerts Resource", "id": "SslCert", diff --git a/sqladmin/v1beta4/sqladmin-gen.go b/sqladmin/v1beta4/sqladmin-gen.go index 1d5181be293..f290e30e905 100644 --- a/sqladmin/v1beta4/sqladmin-gen.go +++ b/sqladmin/v1beta4/sqladmin-gen.go @@ -810,6 +810,9 @@ type ConnectSettings struct { // "SECOND_GEN" - V2 speckle instance. // "EXTERNAL" - On premises instance. BackendType string `json:"backendType,omitempty"` + // CustomSubjectAlternativeNames: Custom subject alternative names for the + // server certificate. + CustomSubjectAlternativeNames []string `json:"customSubjectAlternativeNames,omitempty"` // DatabaseVersion: The database engine type and version. The `databaseVersion` // field cannot be changed after instance creation. MySQL instances: // `MYSQL_8_0`, `MYSQL_5_7` (default), or `MYSQL_5_6`. PostgreSQL instances: @@ -1219,8 +1222,8 @@ type DatabaseInstance struct { ReplicaNames []string `json:"replicaNames,omitempty"` // ReplicationCluster: A primary instance and disaster recovery (DR) replica // pair. A DR replica is a cross-region replica that you designate for failover - // in the event that the primary instance experiences regional failure. Only - // applicable to MySQL. + // in the event that the primary instance experiences regional failure. + // Applicable to MySQL and PostgreSQL. ReplicationCluster *ReplicationCluster `json:"replicationCluster,omitempty"` // RootPassword: Initial root password. Use only on creation. You must set root // passwords before you can connect to PostgreSQL instances. @@ -1290,6 +1293,13 @@ type DatabaseInstance struct { // enabled to switch storing point-in-time recovery log files from a data disk // to Cloud Storage. SwitchTransactionLogsToCloudStorageEnabled bool `json:"switchTransactionLogsToCloudStorageEnabled,omitempty"` + // Tags: Optional. Input only. Immutable. Tag keys and tag values that are + // bound to this instance. You must represent each item in the map as: "" : + // "". For example, a single resource can have the following tags: ``` + // "123/environment": "production", "123/costCenter": "marketing", ``` For more + // information on tag creation and management, see + // https://cloud.google.com/resource-manager/docs/tags/tags-overview. + Tags map[string]string `json:"tags,omitempty"` // UpgradableDatabaseVersions: Output only. All database versions that are // available for upgrade. UpgradableDatabaseVersions []*AvailableDatabaseVersion `json:"upgradableDatabaseVersions,omitempty"` @@ -2799,6 +2809,9 @@ type IpConfiguration struct { // connect to the instance using the IP. In 'CIDR' notation, also known as // 'slash' notation (for example: `157.197.200.0/24`). AuthorizedNetworks []*AclEntry `json:"authorizedNetworks,omitempty"` + // CustomSubjectAlternativeNames: Optional. Custom Subject Alternative + // Name(SAN)s for a Cloud SQL instance. + CustomSubjectAlternativeNames []string `json:"customSubjectAlternativeNames,omitempty"` // EnablePrivatePathForGoogleCloudServices: Controls connectivity to private IP // instances from Google services, such as BigQuery. EnablePrivatePathForGoogleCloudServices bool `json:"enablePrivatePathForGoogleCloudServices,omitempty"` @@ -2827,7 +2840,13 @@ type IpConfiguration struct { // "GOOGLE_MANAGED_INTERNAL_CA" - Google-managed self-signed internal CA. // "GOOGLE_MANAGED_CAS_CA" - Google-managed regional CA part of root CA // hierarchy hosted on Google Cloud's Certificate Authority Service (CAS). + // "CUSTOMER_MANAGED_CAS_CA" - Customer-managed CA hosted on Google Cloud's + // Certificate Authority Service (CAS). ServerCaMode string `json:"serverCaMode,omitempty"` + // ServerCaPool: Optional. The resource name of the server CA pool for an + // instance with `CUSTOMER_MANAGED_CAS_CA` as the `server_ca_mode`. Format: + // projects//locations//caPools/ + ServerCaPool string `json:"serverCaPool,omitempty"` // SslMode: Specify how SSL/TLS is enforced in database connections. If you // must use the `require_ssl` flag for backward compatibility, then only the // following value pairs are valid: For PostgreSQL and MySQL: * @@ -3266,6 +3285,8 @@ type Operation struct { // "RUNNING" - The operation is running. // "DONE" - The operation completed. Status string `json:"status,omitempty"` + // SubOperationType: Optional. The sub operation based on the operation type. + SubOperationType *SqlSubOperationType `json:"subOperationType,omitempty"` // TargetId: Name of the database instance related to this operation. TargetId string `json:"targetId,omitempty"` TargetLink string `json:"targetLink,omitempty"` @@ -3351,8 +3372,8 @@ type OperationMetadata struct { ApiVersion string `json:"apiVersion,omitempty"` // CancelRequested: Output only. Identifies whether the user has requested // cancellation of the operation. Operations that have been cancelled - // successfully have Operation.error value with a google.rpc.Status.code of 1, - // corresponding to `Code.CANCELLED`. + // successfully have google.longrunning.Operation.error value with a + // google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`. CancelRequested bool `json:"cancelRequested,omitempty"` // CreateTime: Output only. The time the operation was created. CreateTime string `json:"createTime,omitempty"` @@ -3614,8 +3635,8 @@ func (s ReplicaConfiguration) MarshalJSON() ([]byte, error) { // ReplicationCluster: A primary instance and disaster recovery (DR) replica // pair. A DR replica is a cross-region replica that you designate for failover -// in the event that the primary instance has regional failure. Only applicable -// to MySQL. +// in the event that the primary instance has regional failure. Applicable to +// MySQL and PostgreSQL. type ReplicationCluster struct { // DrReplica: Output only. Read-only field that indicates whether the replica // is a DR replica. This field is not set if the instance is a primary @@ -3628,14 +3649,14 @@ type ReplicationCluster struct { // replica name to designate a DR replica for a primary instance. Remove the // replica name to remove the DR replica designation. FailoverDrReplicaName string `json:"failoverDrReplicaName,omitempty"` - // PsaWriteEndpoint: Output only. If set, it indicates this instance has a - // private service access (PSA) dns endpoint that is pointing to the primary - // instance of the cluster. If this instance is the primary, the dns should be - // pointing to this instance. After Switchover or Replica failover, this DNS - // endpoint points to the promoted instance. This is a read-only field, - // returned to the user as information. This field can exist even if a - // standalone instance does not yet have a replica, or had a DR replica that - // was deleted. + // PsaWriteEndpoint: Output only. If set, this field indicates this instance + // has a private service access (PSA) DNS endpoint that is pointing to the + // primary instance of the cluster. If this instance is the primary, then the + // DNS endpoint points to this instance. After a switchover or replica failover + // operation, this DNS endpoint points to the promoted instance. This is a + // read-only field, returned to the user as information. This field can exist + // even if a standalone instance doesn't have a DR replica yet or the DR + // replica is deleted. PsaWriteEndpoint string `json:"psaWriteEndpoint,omitempty"` // ForceSendFields is a list of field names (e.g. "DrReplica") to // unconditionally include in API requests. By default, fields with empty or @@ -4573,6 +4594,45 @@ func (s SqlServerUserDetails) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) } +// SqlSubOperationType: The sub operation type based on the operation type. +type SqlSubOperationType struct { + // MaintenanceType: The type of maintenance to be performed on the instance. + // + // Possible values: + // "SQL_MAINTENANCE_TYPE_UNSPECIFIED" - Maintenance type is unspecified. + // "INSTANCE_MAINTENANCE" - Indicates that a standalone instance is + // undergoing maintenance. The instance can be either a primary instance or a + // replica. + // "REPLICA_INCLUDED_MAINTENANCE" - Indicates that the primary instance and + // all of its replicas, including cascading replicas, are undergoing + // maintenance. Maintenance is performed on groups of replicas first, followed + // by the primary instance. + // "INSTANCE_SELF_SERVICE_MAINTENANCE" - Indicates that the standalone + // instance is undergoing maintenance, initiated by self-service. The instance + // can be either a primary instance or a replica. + // "REPLICA_INCLUDED_SELF_SERVICE_MAINTENANCE" - Indicates that the primary + // instance and all of its replicas are undergoing maintenance, initiated by + // self-service. Maintenance is performed on groups of replicas first, followed + // by the primary instance. + MaintenanceType string `json:"maintenanceType,omitempty"` + // ForceSendFields is a list of field names (e.g. "MaintenanceType") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "MaintenanceType") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s SqlSubOperationType) MarshalJSON() ([]byte, error) { + type NoMethod SqlSubOperationType + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + // SslCert: SslCerts Resource type SslCert struct { // Cert: PEM representation. @@ -8373,12 +8433,11 @@ func (r *InstancesService) PromoteReplica(project string, instance string) *Inst } // Failover sets the optional parameter "failover": Set to true to invoke a -// replica failover to the designated DR replica. As part of replica failover, -// the promote operation attempts to add the original primary instance as a -// replica of the promoted DR replica when the original primary instance comes -// back online. If set to false or not specified, then the original primary -// instance becomes an independent Cloud SQL primary instance. Only applicable -// to MySQL. +// replica failover to the DR replica. As part of replica failover, the promote +// operation attempts to add the original primary instance as a replica of the +// promoted DR replica when the original primary instance comes back online. If +// set to false or not specified, then the original primary instance becomes an +// independent Cloud SQL primary instance. func (c *InstancesPromoteReplicaCall) Failover(failover bool) *InstancesPromoteReplicaCall { c.urlParams_.Set("failover", fmt.Sprint(failover)) return c @@ -9295,8 +9354,8 @@ type InstancesSwitchoverCall struct { header_ http.Header } -// Switchover: Switches over from the primary instance to the designated DR -// replica instance. +// Switchover: Switches over from the primary instance to the DR replica +// instance. // // - instance: Cloud SQL read replica instance name. // - project: ID of the project that contains the replica. @@ -9307,10 +9366,10 @@ func (r *InstancesService) Switchover(project string, instance string) *Instance return c } -// DbTimeout sets the optional parameter "dbTimeout": (MySQL only) Cloud SQL -// instance operations timeout, which is a sum of all database operations. -// Default value is 10 minutes and can be modified to a maximum value of 24 -// hours. +// DbTimeout sets the optional parameter "dbTimeout": (MySQL and PostgreSQL +// only) Cloud SQL instance operations timeout, which is a sum of all database +// operations. Default value is 10 minutes and can be modified to a maximum +// value of 24 hours. func (c *InstancesSwitchoverCall) DbTimeout(dbTimeout string) *InstancesSwitchoverCall { c.urlParams_.Set("dbTimeout", dbTimeout) return c