| <html><body> |
| <style> |
| |
| body, h1, h2, h3, div, span, p, pre, a { |
| margin: 0; |
| padding: 0; |
| border: 0; |
| font-weight: inherit; |
| font-style: inherit; |
| font-size: 100%; |
| font-family: inherit; |
| vertical-align: baseline; |
| } |
| |
| body { |
| font-size: 13px; |
| padding: 1em; |
| } |
| |
| h1 { |
| font-size: 26px; |
| margin-bottom: 1em; |
| } |
| |
| h2 { |
| font-size: 24px; |
| margin-bottom: 1em; |
| } |
| |
| h3 { |
| font-size: 20px; |
| margin-bottom: 1em; |
| margin-top: 1em; |
| } |
| |
| pre, code { |
| line-height: 1.5; |
| font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace; |
| } |
| |
| pre { |
| margin-top: 0.5em; |
| } |
| |
| h1, h2, h3, p { |
| font-family: Arial, sans serif; |
| } |
| |
| h1, h2, h3 { |
| border-bottom: solid #CCC 1px; |
| } |
| |
| .toc_element { |
| margin-top: 0.5em; |
| } |
| |
| .firstline { |
| margin-left: 2 em; |
| } |
| |
| .method { |
| margin-top: 1em; |
| border: solid 1px #CCC; |
| padding: 1em; |
| background: #EEE; |
| } |
| |
| .details { |
| font-weight: bold; |
| font-size: 14px; |
| } |
| |
| </style> |
| |
| <h1><a href="cloudfunctions_v1.html">Cloud Functions API</a> . <a href="cloudfunctions_v1.projects.html">projects</a> . <a href="cloudfunctions_v1.projects.locations.html">locations</a> . <a href="cloudfunctions_v1.projects.locations.functions.html">functions</a></h1> |
| <h2>Instance Methods</h2> |
| <p class="toc_element"> |
| <code><a href="#call">call(name, body=None, x__xgafv=None)</a></code></p> |
| <p class="firstline">Synchronously invokes a deployed Cloud Function. To be used for testing</p> |
| <p class="toc_element"> |
| <code><a href="#create">create(location, body=None, x__xgafv=None)</a></code></p> |
| <p class="firstline">Creates a new function. If a function with the given name already exists in</p> |
| <p class="toc_element"> |
| <code><a href="#delete">delete(name, x__xgafv=None)</a></code></p> |
| <p class="firstline">Deletes a function with the given name from the specified project. If the</p> |
| <p class="toc_element"> |
| <code><a href="#generateDownloadUrl">generateDownloadUrl(name, body=None, x__xgafv=None)</a></code></p> |
| <p class="firstline">Returns a signed URL for downloading deployed function source code.</p> |
| <p class="toc_element"> |
| <code><a href="#generateUploadUrl">generateUploadUrl(parent, body=None, x__xgafv=None)</a></code></p> |
| <p class="firstline">Returns a signed URL for uploading a function source code.</p> |
| <p class="toc_element"> |
| <code><a href="#get">get(name, x__xgafv=None)</a></code></p> |
| <p class="firstline">Returns a function with the given name from the requested project.</p> |
| <p class="toc_element"> |
| <code><a href="#getIamPolicy">getIamPolicy(resource, options_requestedPolicyVersion=None, x__xgafv=None)</a></code></p> |
| <p class="firstline">Gets the IAM access control policy for a function.</p> |
| <p class="toc_element"> |
| <code><a href="#list">list(parent, pageSize=None, pageToken=None, x__xgafv=None)</a></code></p> |
| <p class="firstline">Returns a list of functions that belong to the requested project.</p> |
| <p class="toc_element"> |
| <code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p> |
| <p class="firstline">Retrieves the next page of results.</p> |
| <p class="toc_element"> |
| <code><a href="#patch">patch(name, body=None, updateMask=None, x__xgafv=None)</a></code></p> |
| <p class="firstline">Updates existing function.</p> |
| <p class="toc_element"> |
| <code><a href="#setIamPolicy">setIamPolicy(resource, body=None, x__xgafv=None)</a></code></p> |
| <p class="firstline">Sets the IAM access control policy on the specified function.</p> |
| <p class="toc_element"> |
| <code><a href="#testIamPermissions">testIamPermissions(resource, body=None, x__xgafv=None)</a></code></p> |
| <p class="firstline">Tests the specified permissions against the IAM access control policy</p> |
| <h3>Method Details</h3> |
| <div class="method"> |
| <code class="details" id="call">call(name, body=None, x__xgafv=None)</code> |
| <pre>Synchronously invokes a deployed Cloud Function. To be used for testing |
| purposes as very limited traffic is allowed. For more information on |
| the actual limits, refer to |
| [Rate Limits](https://cloud.google.com/functions/quotas#rate_limits). |
| |
| Args: |
| name: string, Required. The name of the function to be called. (required) |
| body: object, The request body. |
| The object takes the form of: |
| |
| { # Request for the `CallFunction` method. |
| "data": "A String", # Required. Input to be passed to the function. |
| } |
| |
| x__xgafv: string, V1 error format. |
| Allowed values |
| 1 - v1 error format |
| 2 - v2 error format |
| |
| Returns: |
| An object of the form: |
| |
| { # Response of `CallFunction` method. |
| "executionId": "A String", # Execution id of function invocation. |
| "error": "A String", # Either system or user-function generated error. Set if execution |
| # was not successful. |
| "result": "A String", # Result populated for successful execution of synchronous function. Will |
| # not be populated if function does not return a result through context. |
| }</pre> |
| </div> |
| |
| <div class="method"> |
| <code class="details" id="create">create(location, body=None, x__xgafv=None)</code> |
| <pre>Creates a new function. If a function with the given name already exists in |
| the specified project, the long running operation will return |
| `ALREADY_EXISTS` error. |
| |
| Args: |
| location: string, Required. The project and location in which the function should be created, specified |
| in the format `projects/*/locations/*` (required) |
| body: object, The request body. |
| The object takes the form of: |
| |
| { # Describes a Cloud Function that contains user computation executed in |
| # response to an event. It encapsulate function and triggers configurations. |
| "updateTime": "A String", # Output only. The last update timestamp of a Cloud Function. |
| "runtime": "A String", # The runtime in which to run the function. Required when deploying a new |
| # function, optional when updating an existing function. For a complete |
| # list of possible choices, see the |
| # [`gcloud` command |
| # reference](/sdk/gcloud/reference/functions/deploy#--runtime). |
| "buildId": "A String", # Output only. The Cloud Build ID of the latest successful deployment of the |
| # function. |
| "serviceAccountEmail": "A String", # The email of the function's service account. If empty, defaults to |
| # `{project_id}@appspot.gserviceaccount.com`. |
| "name": "A String", # A user-defined name of the function. Function names must be unique |
| # globally and match pattern `projects/*/locations/*/functions/*` |
| "eventTrigger": { # Describes EventTrigger, used to request events be sent from another # A source that fires events in response to a condition in another service. |
| # service. |
| "service": "A String", # The hostname of the service that should be observed. |
| # |
| # If no string is provided, the default service implementing the API will |
| # be used. For example, `storage.googleapis.com` is the default for all |
| # event types in the `google.storage` namespace. |
| "eventType": "A String", # Required. The type of event to observe. For example: |
| # `providers/cloud.storage/eventTypes/object.change` and |
| # `providers/cloud.pubsub/eventTypes/topic.publish`. |
| # |
| # Event types match pattern `providers/*/eventTypes/*.*`. |
| # The pattern contains: |
| # |
| # 1. namespace: For example, `cloud.storage` and |
| # `google.firebase.analytics`. |
| # 2. resource type: The type of resource on which event occurs. For |
| # example, the Google Cloud Storage API includes the type `object`. |
| # 3. action: The action that generates the event. For example, action for |
| # a Google Cloud Storage Object is 'change'. |
| # These parts are lower case. |
| "resource": "A String", # Required. The resource(s) from which to observe events, for example, |
| # `projects/_/buckets/myBucket`. |
| # |
| # Not all syntactically correct values are accepted by all services. For |
| # example: |
| # |
| # 1. The authorization model must support it. Google Cloud Functions |
| # only allows EventTriggers to be deployed that observe resources in the |
| # same project as the `CloudFunction`. |
| # 2. The resource type must match the pattern expected for an |
| # `event_type`. For example, an `EventTrigger` that has an |
| # `event_type` of "google.pubsub.topic.publish" should have a resource |
| # that matches Google Cloud Pub/Sub topics. |
| # |
| # Additionally, some services may support short names when creating an |
| # `EventTrigger`. These will always be returned in the normalized "long" |
| # format. |
| # |
| # See each *service's* documentation for supported formats. |
| "failurePolicy": { # Describes the policy in case of function's execution failure. # Specifies policy for failed executions. |
| # If empty, then defaults to ignoring failures (i.e. not retrying them). |
| "retry": { # Describes the retry policy in case of function's execution failure. # If specified, then the function will be retried in case of a failure. |
| # A function execution will be retried on any failure. |
| # A failed execution will be retried up to 7 days with an exponential backoff |
| # (capped at 10 seconds). |
| # Retried execution is charged as any other execution. |
| }, |
| }, |
| }, |
| "entryPoint": "A String", # The name of the function (as defined in source code) that will be |
| # executed. Defaults to the resource name suffix, if not specified. For |
| # backward compatibility, if function with given name is not found, then the |
| # system will try to use function named "function". |
| # For Node.js this is name of a function exported by the module specified |
| # in `source_location`. |
| "vpcConnector": "A String", # The VPC Network Connector that this cloud function can connect to. It can |
| # be either the fully-qualified URI, or the short name of the network |
| # connector resource. The format of this field is |
| # `projects/*/locations/*/connectors/*` |
| # |
| # This field is mutually exclusive with `network` field and will eventually |
| # replace it. |
| # |
| # See [the VPC documentation](https://cloud.google.com/compute/docs/vpc) for |
| # more information on connecting Cloud projects. |
| "network": "A String", # The VPC Network that this cloud function can connect to. It can be |
| # either the fully-qualified URI, or the short name of the network resource. |
| # If the short network name is used, the network must belong to the same |
| # project. Otherwise, it must belong to a project within the same |
| # organization. The format of this field is either |
| # `projects/{project}/global/networks/{network}` or `{network}`, where |
| # {project} is a project id where the network is defined, and {network} is |
| # the short name of the network. |
| # |
| # This field is mutually exclusive with `vpc_connector` and will be replaced |
| # by it. |
| # |
| # See [the VPC documentation](https://cloud.google.com/compute/docs/vpc) for |
| # more information on connecting Cloud projects. |
| "sourceArchiveUrl": "A String", # The Google Cloud Storage URL, starting with gs://, pointing to the zip |
| # archive which contains the function. |
| "httpsTrigger": { # Describes HttpsTrigger, could be used to connect web hooks to function. # An HTTPS endpoint type of source that can be triggered via URL. |
| "url": "A String", # Output only. The deployed url for the function. |
| }, |
| "vpcConnectorEgressSettings": "A String", # The egress settings for the connector, controlling what traffic is diverted |
| # through it. |
| "status": "A String", # Output only. Status of the function deployment. |
| "description": "A String", # User-provided description of a function. |
| "timeout": "A String", # The function execution timeout. Execution is considered failed and |
| # can be terminated if the function is not completed at the end of the |
| # timeout period. Defaults to 60 seconds. |
| "labels": { # Labels associated with this Cloud Function. |
| "a_key": "A String", |
| }, |
| "versionId": "A String", # Output only. The version identifier of the Cloud Function. Each deployment attempt |
| # results in a new version of a function being created. |
| "sourceRepository": { # Describes SourceRepository, used to represent parameters related to # **Beta Feature** |
| # |
| # The source repository where a function is hosted. |
| # source repository where a function is hosted. |
| "url": "A String", # The URL pointing to the hosted repository where the function is defined. |
| # There are supported Cloud Source Repository URLs in the following |
| # formats: |
| # |
| # To refer to a specific commit: |
| # `https://source.developers.google.com/projects/*/repos/*/revisions/*/paths/*` |
| # To refer to a moveable alias (branch): |
| # `https://source.developers.google.com/projects/*/repos/*/moveable-aliases/*/paths/*` |
| # In particular, to refer to HEAD use `master` moveable alias. |
| # To refer to a specific fixed alias (tag): |
| # `https://source.developers.google.com/projects/*/repos/*/fixed-aliases/*/paths/*` |
| # |
| # You may omit `paths/*` if you want to use the main directory. |
| "deployedUrl": "A String", # Output only. The URL pointing to the hosted repository where the function |
| # were defined at the time of deployment. It always points to a specific |
| # commit in the format described above. |
| }, |
| "sourceUploadUrl": "A String", # The Google Cloud Storage signed URL used for source uploading, generated |
| # by google.cloud.functions.v1.GenerateUploadUrl |
| "availableMemoryMb": 42, # The amount of memory in MB available for a function. |
| # Defaults to 256MB. |
| "environmentVariables": { # Environment variables that shall be available during function execution. |
| "a_key": "A String", |
| }, |
| "maxInstances": 42, # The limit on the maximum number of function instances that may coexist at a |
| # given time. |
| "ingressSettings": "A String", # The ingress settings for the function, controlling what traffic can reach |
| # it. |
| } |
| |
| x__xgafv: string, V1 error format. |
| Allowed values |
| 1 - v1 error format |
| 2 - v2 error format |
| |
| Returns: |
| An object of the form: |
| |
| { # This resource represents a long-running operation that is the result of a |
| # network API call. |
| "done": True or False, # If the value is `false`, it means the operation is still in progress. |
| # If `true`, the operation is completed, and either `error` or `response` is |
| # available. |
| "error": { # The `Status` type defines a logical error model that is suitable for # The error result of the operation in case of failure or cancellation. |
| # different programming environments, including REST APIs and RPC APIs. It is |
| # used by [gRPC](https://github.com/grpc). Each `Status` message contains |
| # three pieces of data: error code, error message, and error details. |
| # |
| # You can find out more about this error model and how to work with it in the |
| # [API Design Guide](https://cloud.google.com/apis/design/errors). |
| "message": "A String", # A developer-facing error message, which should be in English. Any |
| # user-facing error message should be localized and sent in the |
| # google.rpc.Status.details field, or localized by the client. |
| "code": 42, # The status code, which should be an enum value of google.rpc.Code. |
| "details": [ # A list of messages that carry the error details. There is a common set of |
| # message types for APIs to use. |
| { |
| "a_key": "", # Properties of the object. Contains field @type with type URL. |
| }, |
| ], |
| }, |
| "response": { # The normal response of the operation in case of success. If the original |
| # method returns no data on success, such as `Delete`, the response is |
| # `google.protobuf.Empty`. If the original method is standard |
| # `Get`/`Create`/`Update`, the response should be the resource. For other |
| # methods, the response should have the type `XxxResponse`, where `Xxx` |
| # is the original method name. For example, if the original method name |
| # is `TakeSnapshot()`, the inferred response type is |
| # `TakeSnapshotResponse`. |
| "a_key": "", # Properties of the object. Contains field @type with type URL. |
| }, |
| "name": "A String", # The server-assigned name, which is only unique within the same service that |
| # originally returns it. If you use the default HTTP mapping, the |
| # `name` should be a resource name ending with `operations/{unique_id}`. |
| "metadata": { # Service-specific metadata associated with the operation. It typically |
| # contains progress information and common metadata such as create time. |
| # Some services might not provide such metadata. Any method that returns a |
| # long-running operation should document the metadata type, if any. |
| "a_key": "", # Properties of the object. Contains field @type with type URL. |
| }, |
| }</pre> |
| </div> |
| |
| <div class="method"> |
| <code class="details" id="delete">delete(name, x__xgafv=None)</code> |
| <pre>Deletes a function with the given name from the specified project. If the |
| given function is used by some trigger, the trigger will be updated to |
| remove this function. |
| |
| Args: |
| name: string, Required. The name of the function which should be deleted. (required) |
| x__xgafv: string, V1 error format. |
| Allowed values |
| 1 - v1 error format |
| 2 - v2 error format |
| |
| Returns: |
| An object of the form: |
| |
| { # This resource represents a long-running operation that is the result of a |
| # network API call. |
| "done": True or False, # If the value is `false`, it means the operation is still in progress. |
| # If `true`, the operation is completed, and either `error` or `response` is |
| # available. |
| "error": { # The `Status` type defines a logical error model that is suitable for # The error result of the operation in case of failure or cancellation. |
| # different programming environments, including REST APIs and RPC APIs. It is |
| # used by [gRPC](https://github.com/grpc). Each `Status` message contains |
| # three pieces of data: error code, error message, and error details. |
| # |
| # You can find out more about this error model and how to work with it in the |
| # [API Design Guide](https://cloud.google.com/apis/design/errors). |
| "message": "A String", # A developer-facing error message, which should be in English. Any |
| # user-facing error message should be localized and sent in the |
| # google.rpc.Status.details field, or localized by the client. |
| "code": 42, # The status code, which should be an enum value of google.rpc.Code. |
| "details": [ # A list of messages that carry the error details. There is a common set of |
| # message types for APIs to use. |
| { |
| "a_key": "", # Properties of the object. Contains field @type with type URL. |
| }, |
| ], |
| }, |
| "response": { # The normal response of the operation in case of success. If the original |
| # method returns no data on success, such as `Delete`, the response is |
| # `google.protobuf.Empty`. If the original method is standard |
| # `Get`/`Create`/`Update`, the response should be the resource. For other |
| # methods, the response should have the type `XxxResponse`, where `Xxx` |
| # is the original method name. For example, if the original method name |
| # is `TakeSnapshot()`, the inferred response type is |
| # `TakeSnapshotResponse`. |
| "a_key": "", # Properties of the object. Contains field @type with type URL. |
| }, |
| "name": "A String", # The server-assigned name, which is only unique within the same service that |
| # originally returns it. If you use the default HTTP mapping, the |
| # `name` should be a resource name ending with `operations/{unique_id}`. |
| "metadata": { # Service-specific metadata associated with the operation. It typically |
| # contains progress information and common metadata such as create time. |
| # Some services might not provide such metadata. Any method that returns a |
| # long-running operation should document the metadata type, if any. |
| "a_key": "", # Properties of the object. Contains field @type with type URL. |
| }, |
| }</pre> |
| </div> |
| |
| <div class="method"> |
| <code class="details" id="generateDownloadUrl">generateDownloadUrl(name, body=None, x__xgafv=None)</code> |
| <pre>Returns a signed URL for downloading deployed function source code. |
| The URL is only valid for a limited period and should be used within |
| minutes after generation. |
| For more information about the signed URL usage see: |
| https://cloud.google.com/storage/docs/access-control/signed-urls |
| |
| Args: |
| name: string, The name of function for which source code Google Cloud Storage signed |
| URL should be generated. (required) |
| body: object, The request body. |
| The object takes the form of: |
| |
| { # Request of `GenerateDownloadUrl` method. |
| "versionId": "A String", # The optional version of function. If not set, default, current version |
| # is used. |
| } |
| |
| x__xgafv: string, V1 error format. |
| Allowed values |
| 1 - v1 error format |
| 2 - v2 error format |
| |
| Returns: |
| An object of the form: |
| |
| { # Response of `GenerateDownloadUrl` method. |
| "downloadUrl": "A String", # The generated Google Cloud Storage signed URL that should be used for |
| # function source code download. |
| }</pre> |
| </div> |
| |
| <div class="method"> |
| <code class="details" id="generateUploadUrl">generateUploadUrl(parent, body=None, x__xgafv=None)</code> |
| <pre>Returns a signed URL for uploading a function source code. |
| For more information about the signed URL usage see: |
| https://cloud.google.com/storage/docs/access-control/signed-urls. |
| Once the function source code upload is complete, the used signed |
| URL should be provided in CreateFunction or UpdateFunction request |
| as a reference to the function source code. |
| |
| When uploading source code to the generated signed URL, please follow |
| these restrictions: |
| |
| * Source file type should be a zip file. |
| * Source file size should not exceed 100MB limit. |
| * No credentials should be attached - the signed URLs provide access to the |
| target bucket using internal service identity; if credentials were |
| attached, the identity from the credentials would be used, but that |
| identity does not have permissions to upload files to the URL. |
| |
| When making a HTTP PUT request, these two headers need to be specified: |
| |
| * `content-type: application/zip` |
| * `x-goog-content-length-range: 0,104857600` |
| |
| And this header SHOULD NOT be specified: |
| |
| * `Authorization: Bearer YOUR_TOKEN` |
| |
| Args: |
| parent: string, The project and location in which the Google Cloud Storage signed URL |
| should be generated, specified in the format `projects/*/locations/*`. (required) |
| body: object, The request body. |
| The object takes the form of: |
| |
| { # Request of `GenerateSourceUploadUrl` method. |
| } |
| |
| x__xgafv: string, V1 error format. |
| Allowed values |
| 1 - v1 error format |
| 2 - v2 error format |
| |
| Returns: |
| An object of the form: |
| |
| { # Response of `GenerateSourceUploadUrl` method. |
| "uploadUrl": "A String", # The generated Google Cloud Storage signed URL that should be used for a |
| # function source code upload. The uploaded file should be a zip archive |
| # which contains a function. |
| }</pre> |
| </div> |
| |
| <div class="method"> |
| <code class="details" id="get">get(name, x__xgafv=None)</code> |
| <pre>Returns a function with the given name from the requested project. |
| |
| Args: |
| name: string, Required. The name of the function which details should be obtained. (required) |
| x__xgafv: string, V1 error format. |
| Allowed values |
| 1 - v1 error format |
| 2 - v2 error format |
| |
| Returns: |
| An object of the form: |
| |
| { # Describes a Cloud Function that contains user computation executed in |
| # response to an event. It encapsulate function and triggers configurations. |
| "updateTime": "A String", # Output only. The last update timestamp of a Cloud Function. |
| "runtime": "A String", # The runtime in which to run the function. Required when deploying a new |
| # function, optional when updating an existing function. For a complete |
| # list of possible choices, see the |
| # [`gcloud` command |
| # reference](/sdk/gcloud/reference/functions/deploy#--runtime). |
| "buildId": "A String", # Output only. The Cloud Build ID of the latest successful deployment of the |
| # function. |
| "serviceAccountEmail": "A String", # The email of the function's service account. If empty, defaults to |
| # `{project_id}@appspot.gserviceaccount.com`. |
| "name": "A String", # A user-defined name of the function. Function names must be unique |
| # globally and match pattern `projects/*/locations/*/functions/*` |
| "eventTrigger": { # Describes EventTrigger, used to request events be sent from another # A source that fires events in response to a condition in another service. |
| # service. |
| "service": "A String", # The hostname of the service that should be observed. |
| # |
| # If no string is provided, the default service implementing the API will |
| # be used. For example, `storage.googleapis.com` is the default for all |
| # event types in the `google.storage` namespace. |
| "eventType": "A String", # Required. The type of event to observe. For example: |
| # `providers/cloud.storage/eventTypes/object.change` and |
| # `providers/cloud.pubsub/eventTypes/topic.publish`. |
| # |
| # Event types match pattern `providers/*/eventTypes/*.*`. |
| # The pattern contains: |
| # |
| # 1. namespace: For example, `cloud.storage` and |
| # `google.firebase.analytics`. |
| # 2. resource type: The type of resource on which event occurs. For |
| # example, the Google Cloud Storage API includes the type `object`. |
| # 3. action: The action that generates the event. For example, action for |
| # a Google Cloud Storage Object is 'change'. |
| # These parts are lower case. |
| "resource": "A String", # Required. The resource(s) from which to observe events, for example, |
| # `projects/_/buckets/myBucket`. |
| # |
| # Not all syntactically correct values are accepted by all services. For |
| # example: |
| # |
| # 1. The authorization model must support it. Google Cloud Functions |
| # only allows EventTriggers to be deployed that observe resources in the |
| # same project as the `CloudFunction`. |
| # 2. The resource type must match the pattern expected for an |
| # `event_type`. For example, an `EventTrigger` that has an |
| # `event_type` of "google.pubsub.topic.publish" should have a resource |
| # that matches Google Cloud Pub/Sub topics. |
| # |
| # Additionally, some services may support short names when creating an |
| # `EventTrigger`. These will always be returned in the normalized "long" |
| # format. |
| # |
| # See each *service's* documentation for supported formats. |
| "failurePolicy": { # Describes the policy in case of function's execution failure. # Specifies policy for failed executions. |
| # If empty, then defaults to ignoring failures (i.e. not retrying them). |
| "retry": { # Describes the retry policy in case of function's execution failure. # If specified, then the function will be retried in case of a failure. |
| # A function execution will be retried on any failure. |
| # A failed execution will be retried up to 7 days with an exponential backoff |
| # (capped at 10 seconds). |
| # Retried execution is charged as any other execution. |
| }, |
| }, |
| }, |
| "entryPoint": "A String", # The name of the function (as defined in source code) that will be |
| # executed. Defaults to the resource name suffix, if not specified. For |
| # backward compatibility, if function with given name is not found, then the |
| # system will try to use function named "function". |
| # For Node.js this is name of a function exported by the module specified |
| # in `source_location`. |
| "vpcConnector": "A String", # The VPC Network Connector that this cloud function can connect to. It can |
| # be either the fully-qualified URI, or the short name of the network |
| # connector resource. The format of this field is |
| # `projects/*/locations/*/connectors/*` |
| # |
| # This field is mutually exclusive with `network` field and will eventually |
| # replace it. |
| # |
| # See [the VPC documentation](https://cloud.google.com/compute/docs/vpc) for |
| # more information on connecting Cloud projects. |
| "network": "A String", # The VPC Network that this cloud function can connect to. It can be |
| # either the fully-qualified URI, or the short name of the network resource. |
| # If the short network name is used, the network must belong to the same |
| # project. Otherwise, it must belong to a project within the same |
| # organization. The format of this field is either |
| # `projects/{project}/global/networks/{network}` or `{network}`, where |
| # {project} is a project id where the network is defined, and {network} is |
| # the short name of the network. |
| # |
| # This field is mutually exclusive with `vpc_connector` and will be replaced |
| # by it. |
| # |
| # See [the VPC documentation](https://cloud.google.com/compute/docs/vpc) for |
| # more information on connecting Cloud projects. |
| "sourceArchiveUrl": "A String", # The Google Cloud Storage URL, starting with gs://, pointing to the zip |
| # archive which contains the function. |
| "httpsTrigger": { # Describes HttpsTrigger, could be used to connect web hooks to function. # An HTTPS endpoint type of source that can be triggered via URL. |
| "url": "A String", # Output only. The deployed url for the function. |
| }, |
| "vpcConnectorEgressSettings": "A String", # The egress settings for the connector, controlling what traffic is diverted |
| # through it. |
| "status": "A String", # Output only. Status of the function deployment. |
| "description": "A String", # User-provided description of a function. |
| "timeout": "A String", # The function execution timeout. Execution is considered failed and |
| # can be terminated if the function is not completed at the end of the |
| # timeout period. Defaults to 60 seconds. |
| "labels": { # Labels associated with this Cloud Function. |
| "a_key": "A String", |
| }, |
| "versionId": "A String", # Output only. The version identifier of the Cloud Function. Each deployment attempt |
| # results in a new version of a function being created. |
| "sourceRepository": { # Describes SourceRepository, used to represent parameters related to # **Beta Feature** |
| # |
| # The source repository where a function is hosted. |
| # source repository where a function is hosted. |
| "url": "A String", # The URL pointing to the hosted repository where the function is defined. |
| # There are supported Cloud Source Repository URLs in the following |
| # formats: |
| # |
| # To refer to a specific commit: |
| # `https://source.developers.google.com/projects/*/repos/*/revisions/*/paths/*` |
| # To refer to a moveable alias (branch): |
| # `https://source.developers.google.com/projects/*/repos/*/moveable-aliases/*/paths/*` |
| # In particular, to refer to HEAD use `master` moveable alias. |
| # To refer to a specific fixed alias (tag): |
| # `https://source.developers.google.com/projects/*/repos/*/fixed-aliases/*/paths/*` |
| # |
| # You may omit `paths/*` if you want to use the main directory. |
| "deployedUrl": "A String", # Output only. The URL pointing to the hosted repository where the function |
| # were defined at the time of deployment. It always points to a specific |
| # commit in the format described above. |
| }, |
| "sourceUploadUrl": "A String", # The Google Cloud Storage signed URL used for source uploading, generated |
| # by google.cloud.functions.v1.GenerateUploadUrl |
| "availableMemoryMb": 42, # The amount of memory in MB available for a function. |
| # Defaults to 256MB. |
| "environmentVariables": { # Environment variables that shall be available during function execution. |
| "a_key": "A String", |
| }, |
| "maxInstances": 42, # The limit on the maximum number of function instances that may coexist at a |
| # given time. |
| "ingressSettings": "A String", # The ingress settings for the function, controlling what traffic can reach |
| # it. |
| }</pre> |
| </div> |
| |
| <div class="method"> |
| <code class="details" id="getIamPolicy">getIamPolicy(resource, options_requestedPolicyVersion=None, x__xgafv=None)</code> |
| <pre>Gets the IAM access control policy for a function. |
| Returns an empty policy if the function exists and does not have a policy |
| set. |
| |
| Args: |
| resource: string, REQUIRED: The resource for which the policy is being requested. |
| See the operation documentation for the appropriate value for this field. (required) |
| options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. |
| |
| Valid values are 0, 1, and 3. Requests specifying an invalid value will be |
| rejected. |
| |
| Requests for policies with any conditional bindings must specify version 3. |
| Policies without any conditional bindings may specify any valid value or |
| leave the field unset. |
| |
| To learn which resources support conditions in their IAM policies, see the |
| [IAM |
| documentation](https://cloud.google.com/iam/help/conditions/resource-policies). |
| x__xgafv: string, V1 error format. |
| Allowed values |
| 1 - v1 error format |
| 2 - v2 error format |
| |
| Returns: |
| An object of the form: |
| |
| { # An Identity and Access Management (IAM) policy, which specifies access |
| # controls for Google Cloud resources. |
| # |
| # |
| # A `Policy` is a collection of `bindings`. A `binding` binds one or more |
| # `members` to a single `role`. Members can be user accounts, service accounts, |
| # Google groups, and domains (such as G Suite). A `role` is a named list of |
| # permissions; each `role` can be an IAM predefined role or a user-created |
| # custom role. |
| # |
| # For some types of Google Cloud resources, a `binding` can also specify a |
| # `condition`, which is a logical expression that allows access to a resource |
| # only if the expression evaluates to `true`. A condition can add constraints |
| # based on attributes of the request, the resource, or both. To learn which |
| # resources support conditions in their IAM policies, see the |
| # [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). |
| # |
| # **JSON example:** |
| # |
| # { |
| # "bindings": [ |
| # { |
| # "role": "roles/resourcemanager.organizationAdmin", |
| # "members": [ |
| # "user:mike@example.com", |
| # "group:admins@example.com", |
| # "domain:google.com", |
| # "serviceAccount:my-project-id@appspot.gserviceaccount.com" |
| # ] |
| # }, |
| # { |
| # "role": "roles/resourcemanager.organizationViewer", |
| # "members": [ |
| # "user:eve@example.com" |
| # ], |
| # "condition": { |
| # "title": "expirable access", |
| # "description": "Does not grant access after Sep 2020", |
| # "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", |
| # } |
| # } |
| # ], |
| # "etag": "BwWWja0YfJA=", |
| # "version": 3 |
| # } |
| # |
| # **YAML example:** |
| # |
| # bindings: |
| # - members: |
| # - user:mike@example.com |
| # - group:admins@example.com |
| # - domain:google.com |
| # - serviceAccount:my-project-id@appspot.gserviceaccount.com |
| # role: roles/resourcemanager.organizationAdmin |
| # - members: |
| # - user:eve@example.com |
| # role: roles/resourcemanager.organizationViewer |
| # condition: |
| # title: expirable access |
| # description: Does not grant access after Sep 2020 |
| # expression: request.time < timestamp('2020-10-01T00:00:00.000Z') |
| # - etag: BwWWja0YfJA= |
| # - version: 3 |
| # |
| # For a description of IAM and its features, see the |
| # [IAM documentation](https://cloud.google.com/iam/docs/). |
| "auditConfigs": [ # Specifies cloud audit logging configuration for this policy. |
| { # Specifies the audit configuration for a service. |
| # The configuration determines which permission types are logged, and what |
| # identities, if any, are exempted from logging. |
| # An AuditConfig must have one or more AuditLogConfigs. |
| # |
| # If there are AuditConfigs for both `allServices` and a specific service, |
| # the union of the two AuditConfigs is used for that service: the log_types |
| # specified in each AuditConfig are enabled, and the exempted_members in each |
| # AuditLogConfig are exempted. |
| # |
| # Example Policy with multiple AuditConfigs: |
| # |
| # { |
| # "audit_configs": [ |
| # { |
| # "service": "allServices", |
| # "audit_log_configs": [ |
| # { |
| # "log_type": "DATA_READ", |
| # "exempted_members": [ |
| # "user:jose@example.com" |
| # ] |
| # }, |
| # { |
| # "log_type": "DATA_WRITE" |
| # }, |
| # { |
| # "log_type": "ADMIN_READ" |
| # } |
| # ] |
| # }, |
| # { |
| # "service": "sampleservice.googleapis.com", |
| # "audit_log_configs": [ |
| # { |
| # "log_type": "DATA_READ" |
| # }, |
| # { |
| # "log_type": "DATA_WRITE", |
| # "exempted_members": [ |
| # "user:aliya@example.com" |
| # ] |
| # } |
| # ] |
| # } |
| # ] |
| # } |
| # |
| # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ |
| # logging. It also exempts jose@example.com from DATA_READ logging, and |
| # aliya@example.com from DATA_WRITE logging. |
| "service": "A String", # Specifies a service that will be enabled for audit logging. |
| # For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. |
| # `allServices` is a special value that covers all services. |
| "auditLogConfigs": [ # The configuration for logging of each type of permission. |
| { # Provides the configuration for logging a type of permissions. |
| # Example: |
| # |
| # { |
| # "audit_log_configs": [ |
| # { |
| # "log_type": "DATA_READ", |
| # "exempted_members": [ |
| # "user:jose@example.com" |
| # ] |
| # }, |
| # { |
| # "log_type": "DATA_WRITE" |
| # } |
| # ] |
| # } |
| # |
| # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting |
| # jose@example.com from DATA_READ logging. |
| "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of |
| # permission. |
| # Follows the same format of Binding.members. |
| "A String", |
| ], |
| "logType": "A String", # The log type that this config enables. |
| }, |
| ], |
| }, |
| ], |
| "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help |
| # prevent simultaneous updates of a policy from overwriting each other. |
| # It is strongly suggested that systems make use of the `etag` in the |
| # read-modify-write cycle to perform policy updates in order to avoid race |
| # conditions: An `etag` is returned in the response to `getIamPolicy`, and |
| # systems are expected to put that etag in the request to `setIamPolicy` to |
| # ensure that their change will be applied to the same version of the policy. |
| # |
| # **Important:** If you use IAM Conditions, you must include the `etag` field |
| # whenever you call `setIamPolicy`. If you omit this field, then IAM allows |
| # you to overwrite a version `3` policy with a version `1` policy, and all of |
| # the conditions in the version `3` policy are lost. |
| "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a |
| # `condition` that determines how and when the `bindings` are applied. Each |
| # of the `bindings` must contain at least one member. |
| { # Associates `members` with a `role`. |
| "condition": { # Represents a textual expression in the Common Expression Language (CEL) # The condition that is associated with this binding. |
| # |
| # If the condition evaluates to `true`, then this binding applies to the |
| # current request. |
| # |
| # If the condition evaluates to `false`, then this binding does not apply to |
| # the current request. However, a different role binding might grant the same |
| # role to one or more of the members in this binding. |
| # |
| # To learn which resources support conditions in their IAM policies, see the |
| # [IAM |
| # documentation](https://cloud.google.com/iam/help/conditions/resource-policies). |
| # syntax. CEL is a C-like expression language. The syntax and semantics of CEL |
| # are documented at https://github.com/google/cel-spec. |
| # |
| # Example (Comparison): |
| # |
| # title: "Summary size limit" |
| # description: "Determines if a summary is less than 100 chars" |
| # expression: "document.summary.size() < 100" |
| # |
| # Example (Equality): |
| # |
| # title: "Requestor is owner" |
| # description: "Determines if requestor is the document owner" |
| # expression: "document.owner == request.auth.claims.email" |
| # |
| # Example (Logic): |
| # |
| # title: "Public documents" |
| # description: "Determine whether the document should be publicly visible" |
| # expression: "document.type != 'private' && document.type != 'internal'" |
| # |
| # Example (Data Manipulation): |
| # |
| # title: "Notification string" |
| # description: "Create a notification string with a timestamp." |
| # expression: "'New message received at ' + string(document.create_time)" |
| # |
| # The exact variables and functions that may be referenced within an expression |
| # are determined by the service that evaluates it. See the service |
| # documentation for additional information. |
| "description": "A String", # Optional. Description of the expression. This is a longer text which |
| # describes the expression, e.g. when hovered over it in a UI. |
| "location": "A String", # Optional. String indicating the location of the expression for error |
| # reporting, e.g. a file name and a position in the file. |
| "title": "A String", # Optional. Title for the expression, i.e. a short string describing |
| # its purpose. This can be used e.g. in UIs which allow to enter the |
| # expression. |
| "expression": "A String", # Textual representation of an expression in Common Expression Language |
| # syntax. |
| }, |
| "role": "A String", # Role that is assigned to `members`. |
| # For example, `roles/viewer`, `roles/editor`, or `roles/owner`. |
| "members": [ # Specifies the identities requesting access for a Cloud Platform resource. |
| # `members` can have the following values: |
| # |
| # * `allUsers`: A special identifier that represents anyone who is |
| # on the internet; with or without a Google account. |
| # |
| # * `allAuthenticatedUsers`: A special identifier that represents anyone |
| # who is authenticated with a Google account or a service account. |
| # |
| # * `user:{emailid}`: An email address that represents a specific Google |
| # account. For example, `alice@example.com` . |
| # |
| # |
| # * `serviceAccount:{emailid}`: An email address that represents a service |
| # account. For example, `my-other-app@appspot.gserviceaccount.com`. |
| # |
| # * `group:{emailid}`: An email address that represents a Google group. |
| # For example, `admins@example.com`. |
| # |
| # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique |
| # identifier) representing a user that has been recently deleted. For |
| # example, `alice@example.com?uid=123456789012345678901`. If the user is |
| # recovered, this value reverts to `user:{emailid}` and the recovered user |
| # retains the role in the binding. |
| # |
| # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus |
| # unique identifier) representing a service account that has been recently |
| # deleted. For example, |
| # `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. |
| # If the service account is undeleted, this value reverts to |
| # `serviceAccount:{emailid}` and the undeleted service account retains the |
| # role in the binding. |
| # |
| # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique |
| # identifier) representing a Google group that has been recently |
| # deleted. For example, `admins@example.com?uid=123456789012345678901`. If |
| # the group is recovered, this value reverts to `group:{emailid}` and the |
| # recovered group retains the role in the binding. |
| # |
| # |
| # * `domain:{domain}`: The G Suite domain (primary) that represents all the |
| # users of that domain. For example, `google.com` or `example.com`. |
| # |
| "A String", |
| ], |
| }, |
| ], |
| "version": 42, # Specifies the format of the policy. |
| # |
| # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value |
| # are rejected. |
| # |
| # Any operation that affects conditional role bindings must specify version |
| # `3`. This requirement applies to the following operations: |
| # |
| # * Getting a policy that includes a conditional role binding |
| # * Adding a conditional role binding to a policy |
| # * Changing a conditional role binding in a policy |
| # * Removing any role binding, with or without a condition, from a policy |
| # that includes conditions |
| # |
| # **Important:** If you use IAM Conditions, you must include the `etag` field |
| # whenever you call `setIamPolicy`. If you omit this field, then IAM allows |
| # you to overwrite a version `3` policy with a version `1` policy, and all of |
| # the conditions in the version `3` policy are lost. |
| # |
| # If a policy does not include any conditions, operations on that policy may |
| # specify any valid version or leave the field unset. |
| # |
| # To learn which resources support conditions in their IAM policies, see the |
| # [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). |
| }</pre> |
| </div> |
| |
| <div class="method"> |
| <code class="details" id="list">list(parent, pageSize=None, pageToken=None, x__xgafv=None)</code> |
| <pre>Returns a list of functions that belong to the requested project. |
| |
| Args: |
| parent: string, The project and location from which the function should be listed, |
| specified in the format `projects/*/locations/*` |
| If you want to list functions in all locations, use "-" in place of a |
| location. When listing functions in all locations, if one or more |
| location(s) are unreachable, the response will contain functions from all |
| reachable locations along with the names of any unreachable locations. (required) |
| pageSize: integer, Maximum number of functions to return per call. |
| pageToken: string, The value returned by the last |
| `ListFunctionsResponse`; indicates that |
| this is a continuation of a prior `ListFunctions` call, and that the |
| system should return the next page of data. |
| x__xgafv: string, V1 error format. |
| Allowed values |
| 1 - v1 error format |
| 2 - v2 error format |
| |
| Returns: |
| An object of the form: |
| |
| { # Response for the `ListFunctions` method. |
| "functions": [ # The functions that match the request. |
| { # Describes a Cloud Function that contains user computation executed in |
| # response to an event. It encapsulate function and triggers configurations. |
| "updateTime": "A String", # Output only. The last update timestamp of a Cloud Function. |
| "runtime": "A String", # The runtime in which to run the function. Required when deploying a new |
| # function, optional when updating an existing function. For a complete |
| # list of possible choices, see the |
| # [`gcloud` command |
| # reference](/sdk/gcloud/reference/functions/deploy#--runtime). |
| "buildId": "A String", # Output only. The Cloud Build ID of the latest successful deployment of the |
| # function. |
| "serviceAccountEmail": "A String", # The email of the function's service account. If empty, defaults to |
| # `{project_id}@appspot.gserviceaccount.com`. |
| "name": "A String", # A user-defined name of the function. Function names must be unique |
| # globally and match pattern `projects/*/locations/*/functions/*` |
| "eventTrigger": { # Describes EventTrigger, used to request events be sent from another # A source that fires events in response to a condition in another service. |
| # service. |
| "service": "A String", # The hostname of the service that should be observed. |
| # |
| # If no string is provided, the default service implementing the API will |
| # be used. For example, `storage.googleapis.com` is the default for all |
| # event types in the `google.storage` namespace. |
| "eventType": "A String", # Required. The type of event to observe. For example: |
| # `providers/cloud.storage/eventTypes/object.change` and |
| # `providers/cloud.pubsub/eventTypes/topic.publish`. |
| # |
| # Event types match pattern `providers/*/eventTypes/*.*`. |
| # The pattern contains: |
| # |
| # 1. namespace: For example, `cloud.storage` and |
| # `google.firebase.analytics`. |
| # 2. resource type: The type of resource on which event occurs. For |
| # example, the Google Cloud Storage API includes the type `object`. |
| # 3. action: The action that generates the event. For example, action for |
| # a Google Cloud Storage Object is 'change'. |
| # These parts are lower case. |
| "resource": "A String", # Required. The resource(s) from which to observe events, for example, |
| # `projects/_/buckets/myBucket`. |
| # |
| # Not all syntactically correct values are accepted by all services. For |
| # example: |
| # |
| # 1. The authorization model must support it. Google Cloud Functions |
| # only allows EventTriggers to be deployed that observe resources in the |
| # same project as the `CloudFunction`. |
| # 2. The resource type must match the pattern expected for an |
| # `event_type`. For example, an `EventTrigger` that has an |
| # `event_type` of "google.pubsub.topic.publish" should have a resource |
| # that matches Google Cloud Pub/Sub topics. |
| # |
| # Additionally, some services may support short names when creating an |
| # `EventTrigger`. These will always be returned in the normalized "long" |
| # format. |
| # |
| # See each *service's* documentation for supported formats. |
| "failurePolicy": { # Describes the policy in case of function's execution failure. # Specifies policy for failed executions. |
| # If empty, then defaults to ignoring failures (i.e. not retrying them). |
| "retry": { # Describes the retry policy in case of function's execution failure. # If specified, then the function will be retried in case of a failure. |
| # A function execution will be retried on any failure. |
| # A failed execution will be retried up to 7 days with an exponential backoff |
| # (capped at 10 seconds). |
| # Retried execution is charged as any other execution. |
| }, |
| }, |
| }, |
| "entryPoint": "A String", # The name of the function (as defined in source code) that will be |
| # executed. Defaults to the resource name suffix, if not specified. For |
| # backward compatibility, if function with given name is not found, then the |
| # system will try to use function named "function". |
| # For Node.js this is name of a function exported by the module specified |
| # in `source_location`. |
| "vpcConnector": "A String", # The VPC Network Connector that this cloud function can connect to. It can |
| # be either the fully-qualified URI, or the short name of the network |
| # connector resource. The format of this field is |
| # `projects/*/locations/*/connectors/*` |
| # |
| # This field is mutually exclusive with `network` field and will eventually |
| # replace it. |
| # |
| # See [the VPC documentation](https://cloud.google.com/compute/docs/vpc) for |
| # more information on connecting Cloud projects. |
| "network": "A String", # The VPC Network that this cloud function can connect to. It can be |
| # either the fully-qualified URI, or the short name of the network resource. |
| # If the short network name is used, the network must belong to the same |
| # project. Otherwise, it must belong to a project within the same |
| # organization. The format of this field is either |
| # `projects/{project}/global/networks/{network}` or `{network}`, where |
| # {project} is a project id where the network is defined, and {network} is |
| # the short name of the network. |
| # |
| # This field is mutually exclusive with `vpc_connector` and will be replaced |
| # by it. |
| # |
| # See [the VPC documentation](https://cloud.google.com/compute/docs/vpc) for |
| # more information on connecting Cloud projects. |
| "sourceArchiveUrl": "A String", # The Google Cloud Storage URL, starting with gs://, pointing to the zip |
| # archive which contains the function. |
| "httpsTrigger": { # Describes HttpsTrigger, could be used to connect web hooks to function. # An HTTPS endpoint type of source that can be triggered via URL. |
| "url": "A String", # Output only. The deployed url for the function. |
| }, |
| "vpcConnectorEgressSettings": "A String", # The egress settings for the connector, controlling what traffic is diverted |
| # through it. |
| "status": "A String", # Output only. Status of the function deployment. |
| "description": "A String", # User-provided description of a function. |
| "timeout": "A String", # The function execution timeout. Execution is considered failed and |
| # can be terminated if the function is not completed at the end of the |
| # timeout period. Defaults to 60 seconds. |
| "labels": { # Labels associated with this Cloud Function. |
| "a_key": "A String", |
| }, |
| "versionId": "A String", # Output only. The version identifier of the Cloud Function. Each deployment attempt |
| # results in a new version of a function being created. |
| "sourceRepository": { # Describes SourceRepository, used to represent parameters related to # **Beta Feature** |
| # |
| # The source repository where a function is hosted. |
| # source repository where a function is hosted. |
| "url": "A String", # The URL pointing to the hosted repository where the function is defined. |
| # There are supported Cloud Source Repository URLs in the following |
| # formats: |
| # |
| # To refer to a specific commit: |
| # `https://source.developers.google.com/projects/*/repos/*/revisions/*/paths/*` |
| # To refer to a moveable alias (branch): |
| # `https://source.developers.google.com/projects/*/repos/*/moveable-aliases/*/paths/*` |
| # In particular, to refer to HEAD use `master` moveable alias. |
| # To refer to a specific fixed alias (tag): |
| # `https://source.developers.google.com/projects/*/repos/*/fixed-aliases/*/paths/*` |
| # |
| # You may omit `paths/*` if you want to use the main directory. |
| "deployedUrl": "A String", # Output only. The URL pointing to the hosted repository where the function |
| # were defined at the time of deployment. It always points to a specific |
| # commit in the format described above. |
| }, |
| "sourceUploadUrl": "A String", # The Google Cloud Storage signed URL used for source uploading, generated |
| # by google.cloud.functions.v1.GenerateUploadUrl |
| "availableMemoryMb": 42, # The amount of memory in MB available for a function. |
| # Defaults to 256MB. |
| "environmentVariables": { # Environment variables that shall be available during function execution. |
| "a_key": "A String", |
| }, |
| "maxInstances": 42, # The limit on the maximum number of function instances that may coexist at a |
| # given time. |
| "ingressSettings": "A String", # The ingress settings for the function, controlling what traffic can reach |
| # it. |
| }, |
| ], |
| "nextPageToken": "A String", # If not empty, indicates that there may be more functions that match |
| # the request; this value should be passed in a new |
| # google.cloud.functions.v1.ListFunctionsRequest |
| # to get more functions. |
| "unreachable": [ # Locations that could not be reached. The response does not include any |
| # functions from these locations. |
| "A String", |
| ], |
| }</pre> |
| </div> |
| |
| <div class="method"> |
| <code class="details" id="list_next">list_next(previous_request, previous_response)</code> |
| <pre>Retrieves the next page of results. |
| |
| Args: |
| previous_request: The request for the previous page. (required) |
| previous_response: The response from the request for the previous page. (required) |
| |
| Returns: |
| A request object that you can call 'execute()' on to request the next |
| page. Returns None if there are no more items in the collection. |
| </pre> |
| </div> |
| |
| <div class="method"> |
| <code class="details" id="patch">patch(name, body=None, updateMask=None, x__xgafv=None)</code> |
| <pre>Updates existing function. |
| |
| Args: |
| name: string, A user-defined name of the function. Function names must be unique |
| globally and match pattern `projects/*/locations/*/functions/*` (required) |
| body: object, The request body. |
| The object takes the form of: |
| |
| { # Describes a Cloud Function that contains user computation executed in |
| # response to an event. It encapsulate function and triggers configurations. |
| "updateTime": "A String", # Output only. The last update timestamp of a Cloud Function. |
| "runtime": "A String", # The runtime in which to run the function. Required when deploying a new |
| # function, optional when updating an existing function. For a complete |
| # list of possible choices, see the |
| # [`gcloud` command |
| # reference](/sdk/gcloud/reference/functions/deploy#--runtime). |
| "buildId": "A String", # Output only. The Cloud Build ID of the latest successful deployment of the |
| # function. |
| "serviceAccountEmail": "A String", # The email of the function's service account. If empty, defaults to |
| # `{project_id}@appspot.gserviceaccount.com`. |
| "name": "A String", # A user-defined name of the function. Function names must be unique |
| # globally and match pattern `projects/*/locations/*/functions/*` |
| "eventTrigger": { # Describes EventTrigger, used to request events be sent from another # A source that fires events in response to a condition in another service. |
| # service. |
| "service": "A String", # The hostname of the service that should be observed. |
| # |
| # If no string is provided, the default service implementing the API will |
| # be used. For example, `storage.googleapis.com` is the default for all |
| # event types in the `google.storage` namespace. |
| "eventType": "A String", # Required. The type of event to observe. For example: |
| # `providers/cloud.storage/eventTypes/object.change` and |
| # `providers/cloud.pubsub/eventTypes/topic.publish`. |
| # |
| # Event types match pattern `providers/*/eventTypes/*.*`. |
| # The pattern contains: |
| # |
| # 1. namespace: For example, `cloud.storage` and |
| # `google.firebase.analytics`. |
| # 2. resource type: The type of resource on which event occurs. For |
| # example, the Google Cloud Storage API includes the type `object`. |
| # 3. action: The action that generates the event. For example, action for |
| # a Google Cloud Storage Object is 'change'. |
| # These parts are lower case. |
| "resource": "A String", # Required. The resource(s) from which to observe events, for example, |
| # `projects/_/buckets/myBucket`. |
| # |
| # Not all syntactically correct values are accepted by all services. For |
| # example: |
| # |
| # 1. The authorization model must support it. Google Cloud Functions |
| # only allows EventTriggers to be deployed that observe resources in the |
| # same project as the `CloudFunction`. |
| # 2. The resource type must match the pattern expected for an |
| # `event_type`. For example, an `EventTrigger` that has an |
| # `event_type` of "google.pubsub.topic.publish" should have a resource |
| # that matches Google Cloud Pub/Sub topics. |
| # |
| # Additionally, some services may support short names when creating an |
| # `EventTrigger`. These will always be returned in the normalized "long" |
| # format. |
| # |
| # See each *service's* documentation for supported formats. |
| "failurePolicy": { # Describes the policy in case of function's execution failure. # Specifies policy for failed executions. |
| # If empty, then defaults to ignoring failures (i.e. not retrying them). |
| "retry": { # Describes the retry policy in case of function's execution failure. # If specified, then the function will be retried in case of a failure. |
| # A function execution will be retried on any failure. |
| # A failed execution will be retried up to 7 days with an exponential backoff |
| # (capped at 10 seconds). |
| # Retried execution is charged as any other execution. |
| }, |
| }, |
| }, |
| "entryPoint": "A String", # The name of the function (as defined in source code) that will be |
| # executed. Defaults to the resource name suffix, if not specified. For |
| # backward compatibility, if function with given name is not found, then the |
| # system will try to use function named "function". |
| # For Node.js this is name of a function exported by the module specified |
| # in `source_location`. |
| "vpcConnector": "A String", # The VPC Network Connector that this cloud function can connect to. It can |
| # be either the fully-qualified URI, or the short name of the network |
| # connector resource. The format of this field is |
| # `projects/*/locations/*/connectors/*` |
| # |
| # This field is mutually exclusive with `network` field and will eventually |
| # replace it. |
| # |
| # See [the VPC documentation](https://cloud.google.com/compute/docs/vpc) for |
| # more information on connecting Cloud projects. |
| "network": "A String", # The VPC Network that this cloud function can connect to. It can be |
| # either the fully-qualified URI, or the short name of the network resource. |
| # If the short network name is used, the network must belong to the same |
| # project. Otherwise, it must belong to a project within the same |
| # organization. The format of this field is either |
| # `projects/{project}/global/networks/{network}` or `{network}`, where |
| # {project} is a project id where the network is defined, and {network} is |
| # the short name of the network. |
| # |
| # This field is mutually exclusive with `vpc_connector` and will be replaced |
| # by it. |
| # |
| # See [the VPC documentation](https://cloud.google.com/compute/docs/vpc) for |
| # more information on connecting Cloud projects. |
| "sourceArchiveUrl": "A String", # The Google Cloud Storage URL, starting with gs://, pointing to the zip |
| # archive which contains the function. |
| "httpsTrigger": { # Describes HttpsTrigger, could be used to connect web hooks to function. # An HTTPS endpoint type of source that can be triggered via URL. |
| "url": "A String", # Output only. The deployed url for the function. |
| }, |
| "vpcConnectorEgressSettings": "A String", # The egress settings for the connector, controlling what traffic is diverted |
| # through it. |
| "status": "A String", # Output only. Status of the function deployment. |
| "description": "A String", # User-provided description of a function. |
| "timeout": "A String", # The function execution timeout. Execution is considered failed and |
| # can be terminated if the function is not completed at the end of the |
| # timeout period. Defaults to 60 seconds. |
| "labels": { # Labels associated with this Cloud Function. |
| "a_key": "A String", |
| }, |
| "versionId": "A String", # Output only. The version identifier of the Cloud Function. Each deployment attempt |
| # results in a new version of a function being created. |
| "sourceRepository": { # Describes SourceRepository, used to represent parameters related to # **Beta Feature** |
| # |
| # The source repository where a function is hosted. |
| # source repository where a function is hosted. |
| "url": "A String", # The URL pointing to the hosted repository where the function is defined. |
| # There are supported Cloud Source Repository URLs in the following |
| # formats: |
| # |
| # To refer to a specific commit: |
| # `https://source.developers.google.com/projects/*/repos/*/revisions/*/paths/*` |
| # To refer to a moveable alias (branch): |
| # `https://source.developers.google.com/projects/*/repos/*/moveable-aliases/*/paths/*` |
| # In particular, to refer to HEAD use `master` moveable alias. |
| # To refer to a specific fixed alias (tag): |
| # `https://source.developers.google.com/projects/*/repos/*/fixed-aliases/*/paths/*` |
| # |
| # You may omit `paths/*` if you want to use the main directory. |
| "deployedUrl": "A String", # Output only. The URL pointing to the hosted repository where the function |
| # were defined at the time of deployment. It always points to a specific |
| # commit in the format described above. |
| }, |
| "sourceUploadUrl": "A String", # The Google Cloud Storage signed URL used for source uploading, generated |
| # by google.cloud.functions.v1.GenerateUploadUrl |
| "availableMemoryMb": 42, # The amount of memory in MB available for a function. |
| # Defaults to 256MB. |
| "environmentVariables": { # Environment variables that shall be available during function execution. |
| "a_key": "A String", |
| }, |
| "maxInstances": 42, # The limit on the maximum number of function instances that may coexist at a |
| # given time. |
| "ingressSettings": "A String", # The ingress settings for the function, controlling what traffic can reach |
| # it. |
| } |
| |
| updateMask: string, Required list of fields to be updated in this request. |
| x__xgafv: string, V1 error format. |
| Allowed values |
| 1 - v1 error format |
| 2 - v2 error format |
| |
| Returns: |
| An object of the form: |
| |
| { # This resource represents a long-running operation that is the result of a |
| # network API call. |
| "done": True or False, # If the value is `false`, it means the operation is still in progress. |
| # If `true`, the operation is completed, and either `error` or `response` is |
| # available. |
| "error": { # The `Status` type defines a logical error model that is suitable for # The error result of the operation in case of failure or cancellation. |
| # different programming environments, including REST APIs and RPC APIs. It is |
| # used by [gRPC](https://github.com/grpc). Each `Status` message contains |
| # three pieces of data: error code, error message, and error details. |
| # |
| # You can find out more about this error model and how to work with it in the |
| # [API Design Guide](https://cloud.google.com/apis/design/errors). |
| "message": "A String", # A developer-facing error message, which should be in English. Any |
| # user-facing error message should be localized and sent in the |
| # google.rpc.Status.details field, or localized by the client. |
| "code": 42, # The status code, which should be an enum value of google.rpc.Code. |
| "details": [ # A list of messages that carry the error details. There is a common set of |
| # message types for APIs to use. |
| { |
| "a_key": "", # Properties of the object. Contains field @type with type URL. |
| }, |
| ], |
| }, |
| "response": { # The normal response of the operation in case of success. If the original |
| # method returns no data on success, such as `Delete`, the response is |
| # `google.protobuf.Empty`. If the original method is standard |
| # `Get`/`Create`/`Update`, the response should be the resource. For other |
| # methods, the response should have the type `XxxResponse`, where `Xxx` |
| # is the original method name. For example, if the original method name |
| # is `TakeSnapshot()`, the inferred response type is |
| # `TakeSnapshotResponse`. |
| "a_key": "", # Properties of the object. Contains field @type with type URL. |
| }, |
| "name": "A String", # The server-assigned name, which is only unique within the same service that |
| # originally returns it. If you use the default HTTP mapping, the |
| # `name` should be a resource name ending with `operations/{unique_id}`. |
| "metadata": { # Service-specific metadata associated with the operation. It typically |
| # contains progress information and common metadata such as create time. |
| # Some services might not provide such metadata. Any method that returns a |
| # long-running operation should document the metadata type, if any. |
| "a_key": "", # Properties of the object. Contains field @type with type URL. |
| }, |
| }</pre> |
| </div> |
| |
| <div class="method"> |
| <code class="details" id="setIamPolicy">setIamPolicy(resource, body=None, x__xgafv=None)</code> |
| <pre>Sets the IAM access control policy on the specified function. |
| Replaces any existing policy. |
| |
| Args: |
| resource: string, REQUIRED: The resource for which the policy is being specified. |
| See the operation documentation for the appropriate value for this field. (required) |
| body: object, The request body. |
| The object takes the form of: |
| |
| { # Request message for `SetIamPolicy` method. |
| "updateMask": "A String", # OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only |
| # the fields in the mask will be modified. If no mask is provided, the |
| # following default mask is used: |
| # |
| # `paths: "bindings, etag"` |
| "policy": { # An Identity and Access Management (IAM) policy, which specifies access # REQUIRED: The complete policy to be applied to the `resource`. The size of |
| # the policy is limited to a few 10s of KB. An empty policy is a |
| # valid policy but certain Cloud Platform services (such as Projects) |
| # might reject them. |
| # controls for Google Cloud resources. |
| # |
| # |
| # A `Policy` is a collection of `bindings`. A `binding` binds one or more |
| # `members` to a single `role`. Members can be user accounts, service accounts, |
| # Google groups, and domains (such as G Suite). A `role` is a named list of |
| # permissions; each `role` can be an IAM predefined role or a user-created |
| # custom role. |
| # |
| # For some types of Google Cloud resources, a `binding` can also specify a |
| # `condition`, which is a logical expression that allows access to a resource |
| # only if the expression evaluates to `true`. A condition can add constraints |
| # based on attributes of the request, the resource, or both. To learn which |
| # resources support conditions in their IAM policies, see the |
| # [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). |
| # |
| # **JSON example:** |
| # |
| # { |
| # "bindings": [ |
| # { |
| # "role": "roles/resourcemanager.organizationAdmin", |
| # "members": [ |
| # "user:mike@example.com", |
| # "group:admins@example.com", |
| # "domain:google.com", |
| # "serviceAccount:my-project-id@appspot.gserviceaccount.com" |
| # ] |
| # }, |
| # { |
| # "role": "roles/resourcemanager.organizationViewer", |
| # "members": [ |
| # "user:eve@example.com" |
| # ], |
| # "condition": { |
| # "title": "expirable access", |
| # "description": "Does not grant access after Sep 2020", |
| # "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", |
| # } |
| # } |
| # ], |
| # "etag": "BwWWja0YfJA=", |
| # "version": 3 |
| # } |
| # |
| # **YAML example:** |
| # |
| # bindings: |
| # - members: |
| # - user:mike@example.com |
| # - group:admins@example.com |
| # - domain:google.com |
| # - serviceAccount:my-project-id@appspot.gserviceaccount.com |
| # role: roles/resourcemanager.organizationAdmin |
| # - members: |
| # - user:eve@example.com |
| # role: roles/resourcemanager.organizationViewer |
| # condition: |
| # title: expirable access |
| # description: Does not grant access after Sep 2020 |
| # expression: request.time < timestamp('2020-10-01T00:00:00.000Z') |
| # - etag: BwWWja0YfJA= |
| # - version: 3 |
| # |
| # For a description of IAM and its features, see the |
| # [IAM documentation](https://cloud.google.com/iam/docs/). |
| "auditConfigs": [ # Specifies cloud audit logging configuration for this policy. |
| { # Specifies the audit configuration for a service. |
| # The configuration determines which permission types are logged, and what |
| # identities, if any, are exempted from logging. |
| # An AuditConfig must have one or more AuditLogConfigs. |
| # |
| # If there are AuditConfigs for both `allServices` and a specific service, |
| # the union of the two AuditConfigs is used for that service: the log_types |
| # specified in each AuditConfig are enabled, and the exempted_members in each |
| # AuditLogConfig are exempted. |
| # |
| # Example Policy with multiple AuditConfigs: |
| # |
| # { |
| # "audit_configs": [ |
| # { |
| # "service": "allServices", |
| # "audit_log_configs": [ |
| # { |
| # "log_type": "DATA_READ", |
| # "exempted_members": [ |
| # "user:jose@example.com" |
| # ] |
| # }, |
| # { |
| # "log_type": "DATA_WRITE" |
| # }, |
| # { |
| # "log_type": "ADMIN_READ" |
| # } |
| # ] |
| # }, |
| # { |
| # "service": "sampleservice.googleapis.com", |
| # "audit_log_configs": [ |
| # { |
| # "log_type": "DATA_READ" |
| # }, |
| # { |
| # "log_type": "DATA_WRITE", |
| # "exempted_members": [ |
| # "user:aliya@example.com" |
| # ] |
| # } |
| # ] |
| # } |
| # ] |
| # } |
| # |
| # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ |
| # logging. It also exempts jose@example.com from DATA_READ logging, and |
| # aliya@example.com from DATA_WRITE logging. |
| "service": "A String", # Specifies a service that will be enabled for audit logging. |
| # For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. |
| # `allServices` is a special value that covers all services. |
| "auditLogConfigs": [ # The configuration for logging of each type of permission. |
| { # Provides the configuration for logging a type of permissions. |
| # Example: |
| # |
| # { |
| # "audit_log_configs": [ |
| # { |
| # "log_type": "DATA_READ", |
| # "exempted_members": [ |
| # "user:jose@example.com" |
| # ] |
| # }, |
| # { |
| # "log_type": "DATA_WRITE" |
| # } |
| # ] |
| # } |
| # |
| # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting |
| # jose@example.com from DATA_READ logging. |
| "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of |
| # permission. |
| # Follows the same format of Binding.members. |
| "A String", |
| ], |
| "logType": "A String", # The log type that this config enables. |
| }, |
| ], |
| }, |
| ], |
| "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help |
| # prevent simultaneous updates of a policy from overwriting each other. |
| # It is strongly suggested that systems make use of the `etag` in the |
| # read-modify-write cycle to perform policy updates in order to avoid race |
| # conditions: An `etag` is returned in the response to `getIamPolicy`, and |
| # systems are expected to put that etag in the request to `setIamPolicy` to |
| # ensure that their change will be applied to the same version of the policy. |
| # |
| # **Important:** If you use IAM Conditions, you must include the `etag` field |
| # whenever you call `setIamPolicy`. If you omit this field, then IAM allows |
| # you to overwrite a version `3` policy with a version `1` policy, and all of |
| # the conditions in the version `3` policy are lost. |
| "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a |
| # `condition` that determines how and when the `bindings` are applied. Each |
| # of the `bindings` must contain at least one member. |
| { # Associates `members` with a `role`. |
| "condition": { # Represents a textual expression in the Common Expression Language (CEL) # The condition that is associated with this binding. |
| # |
| # If the condition evaluates to `true`, then this binding applies to the |
| # current request. |
| # |
| # If the condition evaluates to `false`, then this binding does not apply to |
| # the current request. However, a different role binding might grant the same |
| # role to one or more of the members in this binding. |
| # |
| # To learn which resources support conditions in their IAM policies, see the |
| # [IAM |
| # documentation](https://cloud.google.com/iam/help/conditions/resource-policies). |
| # syntax. CEL is a C-like expression language. The syntax and semantics of CEL |
| # are documented at https://github.com/google/cel-spec. |
| # |
| # Example (Comparison): |
| # |
| # title: "Summary size limit" |
| # description: "Determines if a summary is less than 100 chars" |
| # expression: "document.summary.size() < 100" |
| # |
| # Example (Equality): |
| # |
| # title: "Requestor is owner" |
| # description: "Determines if requestor is the document owner" |
| # expression: "document.owner == request.auth.claims.email" |
| # |
| # Example (Logic): |
| # |
| # title: "Public documents" |
| # description: "Determine whether the document should be publicly visible" |
| # expression: "document.type != 'private' && document.type != 'internal'" |
| # |
| # Example (Data Manipulation): |
| # |
| # title: "Notification string" |
| # description: "Create a notification string with a timestamp." |
| # expression: "'New message received at ' + string(document.create_time)" |
| # |
| # The exact variables and functions that may be referenced within an expression |
| # are determined by the service that evaluates it. See the service |
| # documentation for additional information. |
| "description": "A String", # Optional. Description of the expression. This is a longer text which |
| # describes the expression, e.g. when hovered over it in a UI. |
| "location": "A String", # Optional. String indicating the location of the expression for error |
| # reporting, e.g. a file name and a position in the file. |
| "title": "A String", # Optional. Title for the expression, i.e. a short string describing |
| # its purpose. This can be used e.g. in UIs which allow to enter the |
| # expression. |
| "expression": "A String", # Textual representation of an expression in Common Expression Language |
| # syntax. |
| }, |
| "role": "A String", # Role that is assigned to `members`. |
| # For example, `roles/viewer`, `roles/editor`, or `roles/owner`. |
| "members": [ # Specifies the identities requesting access for a Cloud Platform resource. |
| # `members` can have the following values: |
| # |
| # * `allUsers`: A special identifier that represents anyone who is |
| # on the internet; with or without a Google account. |
| # |
| # * `allAuthenticatedUsers`: A special identifier that represents anyone |
| # who is authenticated with a Google account or a service account. |
| # |
| # * `user:{emailid}`: An email address that represents a specific Google |
| # account. For example, `alice@example.com` . |
| # |
| # |
| # * `serviceAccount:{emailid}`: An email address that represents a service |
| # account. For example, `my-other-app@appspot.gserviceaccount.com`. |
| # |
| # * `group:{emailid}`: An email address that represents a Google group. |
| # For example, `admins@example.com`. |
| # |
| # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique |
| # identifier) representing a user that has been recently deleted. For |
| # example, `alice@example.com?uid=123456789012345678901`. If the user is |
| # recovered, this value reverts to `user:{emailid}` and the recovered user |
| # retains the role in the binding. |
| # |
| # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus |
| # unique identifier) representing a service account that has been recently |
| # deleted. For example, |
| # `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. |
| # If the service account is undeleted, this value reverts to |
| # `serviceAccount:{emailid}` and the undeleted service account retains the |
| # role in the binding. |
| # |
| # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique |
| # identifier) representing a Google group that has been recently |
| # deleted. For example, `admins@example.com?uid=123456789012345678901`. If |
| # the group is recovered, this value reverts to `group:{emailid}` and the |
| # recovered group retains the role in the binding. |
| # |
| # |
| # * `domain:{domain}`: The G Suite domain (primary) that represents all the |
| # users of that domain. For example, `google.com` or `example.com`. |
| # |
| "A String", |
| ], |
| }, |
| ], |
| "version": 42, # Specifies the format of the policy. |
| # |
| # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value |
| # are rejected. |
| # |
| # Any operation that affects conditional role bindings must specify version |
| # `3`. This requirement applies to the following operations: |
| # |
| # * Getting a policy that includes a conditional role binding |
| # * Adding a conditional role binding to a policy |
| # * Changing a conditional role binding in a policy |
| # * Removing any role binding, with or without a condition, from a policy |
| # that includes conditions |
| # |
| # **Important:** If you use IAM Conditions, you must include the `etag` field |
| # whenever you call `setIamPolicy`. If you omit this field, then IAM allows |
| # you to overwrite a version `3` policy with a version `1` policy, and all of |
| # the conditions in the version `3` policy are lost. |
| # |
| # If a policy does not include any conditions, operations on that policy may |
| # specify any valid version or leave the field unset. |
| # |
| # To learn which resources support conditions in their IAM policies, see the |
| # [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). |
| }, |
| } |
| |
| x__xgafv: string, V1 error format. |
| Allowed values |
| 1 - v1 error format |
| 2 - v2 error format |
| |
| Returns: |
| An object of the form: |
| |
| { # An Identity and Access Management (IAM) policy, which specifies access |
| # controls for Google Cloud resources. |
| # |
| # |
| # A `Policy` is a collection of `bindings`. A `binding` binds one or more |
| # `members` to a single `role`. Members can be user accounts, service accounts, |
| # Google groups, and domains (such as G Suite). A `role` is a named list of |
| # permissions; each `role` can be an IAM predefined role or a user-created |
| # custom role. |
| # |
| # For some types of Google Cloud resources, a `binding` can also specify a |
| # `condition`, which is a logical expression that allows access to a resource |
| # only if the expression evaluates to `true`. A condition can add constraints |
| # based on attributes of the request, the resource, or both. To learn which |
| # resources support conditions in their IAM policies, see the |
| # [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). |
| # |
| # **JSON example:** |
| # |
| # { |
| # "bindings": [ |
| # { |
| # "role": "roles/resourcemanager.organizationAdmin", |
| # "members": [ |
| # "user:mike@example.com", |
| # "group:admins@example.com", |
| # "domain:google.com", |
| # "serviceAccount:my-project-id@appspot.gserviceaccount.com" |
| # ] |
| # }, |
| # { |
| # "role": "roles/resourcemanager.organizationViewer", |
| # "members": [ |
| # "user:eve@example.com" |
| # ], |
| # "condition": { |
| # "title": "expirable access", |
| # "description": "Does not grant access after Sep 2020", |
| # "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", |
| # } |
| # } |
| # ], |
| # "etag": "BwWWja0YfJA=", |
| # "version": 3 |
| # } |
| # |
| # **YAML example:** |
| # |
| # bindings: |
| # - members: |
| # - user:mike@example.com |
| # - group:admins@example.com |
| # - domain:google.com |
| # - serviceAccount:my-project-id@appspot.gserviceaccount.com |
| # role: roles/resourcemanager.organizationAdmin |
| # - members: |
| # - user:eve@example.com |
| # role: roles/resourcemanager.organizationViewer |
| # condition: |
| # title: expirable access |
| # description: Does not grant access after Sep 2020 |
| # expression: request.time < timestamp('2020-10-01T00:00:00.000Z') |
| # - etag: BwWWja0YfJA= |
| # - version: 3 |
| # |
| # For a description of IAM and its features, see the |
| # [IAM documentation](https://cloud.google.com/iam/docs/). |
| "auditConfigs": [ # Specifies cloud audit logging configuration for this policy. |
| { # Specifies the audit configuration for a service. |
| # The configuration determines which permission types are logged, and what |
| # identities, if any, are exempted from logging. |
| # An AuditConfig must have one or more AuditLogConfigs. |
| # |
| # If there are AuditConfigs for both `allServices` and a specific service, |
| # the union of the two AuditConfigs is used for that service: the log_types |
| # specified in each AuditConfig are enabled, and the exempted_members in each |
| # AuditLogConfig are exempted. |
| # |
| # Example Policy with multiple AuditConfigs: |
| # |
| # { |
| # "audit_configs": [ |
| # { |
| # "service": "allServices", |
| # "audit_log_configs": [ |
| # { |
| # "log_type": "DATA_READ", |
| # "exempted_members": [ |
| # "user:jose@example.com" |
| # ] |
| # }, |
| # { |
| # "log_type": "DATA_WRITE" |
| # }, |
| # { |
| # "log_type": "ADMIN_READ" |
| # } |
| # ] |
| # }, |
| # { |
| # "service": "sampleservice.googleapis.com", |
| # "audit_log_configs": [ |
| # { |
| # "log_type": "DATA_READ" |
| # }, |
| # { |
| # "log_type": "DATA_WRITE", |
| # "exempted_members": [ |
| # "user:aliya@example.com" |
| # ] |
| # } |
| # ] |
| # } |
| # ] |
| # } |
| # |
| # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ |
| # logging. It also exempts jose@example.com from DATA_READ logging, and |
| # aliya@example.com from DATA_WRITE logging. |
| "service": "A String", # Specifies a service that will be enabled for audit logging. |
| # For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. |
| # `allServices` is a special value that covers all services. |
| "auditLogConfigs": [ # The configuration for logging of each type of permission. |
| { # Provides the configuration for logging a type of permissions. |
| # Example: |
| # |
| # { |
| # "audit_log_configs": [ |
| # { |
| # "log_type": "DATA_READ", |
| # "exempted_members": [ |
| # "user:jose@example.com" |
| # ] |
| # }, |
| # { |
| # "log_type": "DATA_WRITE" |
| # } |
| # ] |
| # } |
| # |
| # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting |
| # jose@example.com from DATA_READ logging. |
| "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of |
| # permission. |
| # Follows the same format of Binding.members. |
| "A String", |
| ], |
| "logType": "A String", # The log type that this config enables. |
| }, |
| ], |
| }, |
| ], |
| "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help |
| # prevent simultaneous updates of a policy from overwriting each other. |
| # It is strongly suggested that systems make use of the `etag` in the |
| # read-modify-write cycle to perform policy updates in order to avoid race |
| # conditions: An `etag` is returned in the response to `getIamPolicy`, and |
| # systems are expected to put that etag in the request to `setIamPolicy` to |
| # ensure that their change will be applied to the same version of the policy. |
| # |
| # **Important:** If you use IAM Conditions, you must include the `etag` field |
| # whenever you call `setIamPolicy`. If you omit this field, then IAM allows |
| # you to overwrite a version `3` policy with a version `1` policy, and all of |
| # the conditions in the version `3` policy are lost. |
| "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a |
| # `condition` that determines how and when the `bindings` are applied. Each |
| # of the `bindings` must contain at least one member. |
| { # Associates `members` with a `role`. |
| "condition": { # Represents a textual expression in the Common Expression Language (CEL) # The condition that is associated with this binding. |
| # |
| # If the condition evaluates to `true`, then this binding applies to the |
| # current request. |
| # |
| # If the condition evaluates to `false`, then this binding does not apply to |
| # the current request. However, a different role binding might grant the same |
| # role to one or more of the members in this binding. |
| # |
| # To learn which resources support conditions in their IAM policies, see the |
| # [IAM |
| # documentation](https://cloud.google.com/iam/help/conditions/resource-policies). |
| # syntax. CEL is a C-like expression language. The syntax and semantics of CEL |
| # are documented at https://github.com/google/cel-spec. |
| # |
| # Example (Comparison): |
| # |
| # title: "Summary size limit" |
| # description: "Determines if a summary is less than 100 chars" |
| # expression: "document.summary.size() < 100" |
| # |
| # Example (Equality): |
| # |
| # title: "Requestor is owner" |
| # description: "Determines if requestor is the document owner" |
| # expression: "document.owner == request.auth.claims.email" |
| # |
| # Example (Logic): |
| # |
| # title: "Public documents" |
| # description: "Determine whether the document should be publicly visible" |
| # expression: "document.type != 'private' && document.type != 'internal'" |
| # |
| # Example (Data Manipulation): |
| # |
| # title: "Notification string" |
| # description: "Create a notification string with a timestamp." |
| # expression: "'New message received at ' + string(document.create_time)" |
| # |
| # The exact variables and functions that may be referenced within an expression |
| # are determined by the service that evaluates it. See the service |
| # documentation for additional information. |
| "description": "A String", # Optional. Description of the expression. This is a longer text which |
| # describes the expression, e.g. when hovered over it in a UI. |
| "location": "A String", # Optional. String indicating the location of the expression for error |
| # reporting, e.g. a file name and a position in the file. |
| "title": "A String", # Optional. Title for the expression, i.e. a short string describing |
| # its purpose. This can be used e.g. in UIs which allow to enter the |
| # expression. |
| "expression": "A String", # Textual representation of an expression in Common Expression Language |
| # syntax. |
| }, |
| "role": "A String", # Role that is assigned to `members`. |
| # For example, `roles/viewer`, `roles/editor`, or `roles/owner`. |
| "members": [ # Specifies the identities requesting access for a Cloud Platform resource. |
| # `members` can have the following values: |
| # |
| # * `allUsers`: A special identifier that represents anyone who is |
| # on the internet; with or without a Google account. |
| # |
| # * `allAuthenticatedUsers`: A special identifier that represents anyone |
| # who is authenticated with a Google account or a service account. |
| # |
| # * `user:{emailid}`: An email address that represents a specific Google |
| # account. For example, `alice@example.com` . |
| # |
| # |
| # * `serviceAccount:{emailid}`: An email address that represents a service |
| # account. For example, `my-other-app@appspot.gserviceaccount.com`. |
| # |
| # * `group:{emailid}`: An email address that represents a Google group. |
| # For example, `admins@example.com`. |
| # |
| # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique |
| # identifier) representing a user that has been recently deleted. For |
| # example, `alice@example.com?uid=123456789012345678901`. If the user is |
| # recovered, this value reverts to `user:{emailid}` and the recovered user |
| # retains the role in the binding. |
| # |
| # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus |
| # unique identifier) representing a service account that has been recently |
| # deleted. For example, |
| # `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. |
| # If the service account is undeleted, this value reverts to |
| # `serviceAccount:{emailid}` and the undeleted service account retains the |
| # role in the binding. |
| # |
| # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique |
| # identifier) representing a Google group that has been recently |
| # deleted. For example, `admins@example.com?uid=123456789012345678901`. If |
| # the group is recovered, this value reverts to `group:{emailid}` and the |
| # recovered group retains the role in the binding. |
| # |
| # |
| # * `domain:{domain}`: The G Suite domain (primary) that represents all the |
| # users of that domain. For example, `google.com` or `example.com`. |
| # |
| "A String", |
| ], |
| }, |
| ], |
| "version": 42, # Specifies the format of the policy. |
| # |
| # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value |
| # are rejected. |
| # |
| # Any operation that affects conditional role bindings must specify version |
| # `3`. This requirement applies to the following operations: |
| # |
| # * Getting a policy that includes a conditional role binding |
| # * Adding a conditional role binding to a policy |
| # * Changing a conditional role binding in a policy |
| # * Removing any role binding, with or without a condition, from a policy |
| # that includes conditions |
| # |
| # **Important:** If you use IAM Conditions, you must include the `etag` field |
| # whenever you call `setIamPolicy`. If you omit this field, then IAM allows |
| # you to overwrite a version `3` policy with a version `1` policy, and all of |
| # the conditions in the version `3` policy are lost. |
| # |
| # If a policy does not include any conditions, operations on that policy may |
| # specify any valid version or leave the field unset. |
| # |
| # To learn which resources support conditions in their IAM policies, see the |
| # [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). |
| }</pre> |
| </div> |
| |
| <div class="method"> |
| <code class="details" id="testIamPermissions">testIamPermissions(resource, body=None, x__xgafv=None)</code> |
| <pre>Tests the specified permissions against the IAM access control policy |
| for a function. |
| If the function does not exist, this will return an empty set of |
| permissions, not a NOT_FOUND error. |
| |
| Args: |
| resource: string, REQUIRED: The resource for which the policy detail is being requested. |
| See the operation documentation for the appropriate value for this field. (required) |
| body: object, The request body. |
| The object takes the form of: |
| |
| { # Request message for `TestIamPermissions` method. |
| "permissions": [ # The set of permissions to check for the `resource`. Permissions with |
| # wildcards (such as '*' or 'storage.*') are not allowed. For more |
| # information see |
| # [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions). |
| "A String", |
| ], |
| } |
| |
| x__xgafv: string, V1 error format. |
| Allowed values |
| 1 - v1 error format |
| 2 - v2 error format |
| |
| Returns: |
| An object of the form: |
| |
| { # Response message for `TestIamPermissions` method. |
| "permissions": [ # A subset of `TestPermissionsRequest.permissions` that the caller is |
| # allowed. |
| "A String", |
| ], |
| }</pre> |
| </div> |
| |
| </body></html> |