From 4c34eb6aaedb973ad01e677f30ccf688ba2d132f Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Wed, 17 Aug 2022 16:53:57 +0200 Subject: [PATCH 1/3] chore(deps): update dependency google-api-python-client to v2.57.0 (#1875) --- samples/compute/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/samples/compute/requirements.txt b/samples/compute/requirements.txt index 773c3e1e6c8..e018afc8b86 100644 --- a/samples/compute/requirements.txt +++ b/samples/compute/requirements.txt @@ -1,3 +1,3 @@ -google-api-python-client==2.56.0 +google-api-python-client==2.57.0 google-auth==2.10.0 google-auth-httplib2==0.1.0 From 5471a4104c1642e6167180d0fbe0425cf93406b7 Mon Sep 17 00:00:00 2001 From: yoshi-code-bot <70984784+yoshi-code-bot@users.noreply.github.com> Date: Tue, 23 Aug 2022 00:22:16 -0700 Subject: [PATCH 2/3] chore: Update discovery artifacts (#1879) ## Deleted keys were detected in the following stable discovery artifacts: chromepolicy v1 https://github.com/googleapis/google-api-python-client/commit/dbd092e7fa9a3189b125a32c71d27e499ec005f8 cloudsearch v1 https://github.com/googleapis/google-api-python-client/commit/90f98d13d11db9a6e690df9c0310eb5094479e41 documentai v1 https://github.com/googleapis/google-api-python-client/commit/072238b5d7586871069b7cf99f552a238e92d014 tagmanager v2 https://github.com/googleapis/google-api-python-client/commit/27df08b5315c7cc38877aa898cb5fd3bd468fff1 ## Deleted keys were detected in the following pre-stable discovery artifacts: documentai v1beta2 https://github.com/googleapis/google-api-python-client/commit/072238b5d7586871069b7cf99f552a238e92d014 documentai v1beta3 https://github.com/googleapis/google-api-python-client/commit/072238b5d7586871069b7cf99f552a238e92d014 firebase v1beta1 https://github.com/googleapis/google-api-python-client/commit/ca27b614293c77f6901578ccc4cf8646b4d514c4 gkehub v1alpha https://github.com/googleapis/google-api-python-client/commit/82e05896571a953faf24453b236ee6b49455bd43 networkmanagement v1beta1 https://github.com/googleapis/google-api-python-client/commit/425521b94a49febd11ba9375c538f14c62537faa ## Discovery Artifact Change Summary: feat(adsense): update the api https://github.com/googleapis/google-api-python-client/commit/c4fe80ae2f6433bffee06c09f233ca46d54ae986 feat(apigee): update the api https://github.com/googleapis/google-api-python-client/commit/783a01cb3ee2785ffb6b3e598b1bddb21706c894 feat(chromepolicy): update the api https://github.com/googleapis/google-api-python-client/commit/dbd092e7fa9a3189b125a32c71d27e499ec005f8 feat(cloudsearch): update the api https://github.com/googleapis/google-api-python-client/commit/90f98d13d11db9a6e690df9c0310eb5094479e41 feat(compute): update the api https://github.com/googleapis/google-api-python-client/commit/187e71fdfe58d3b2833fc34a82b7eff2f4e4d467 feat(dataflow): update the api https://github.com/googleapis/google-api-python-client/commit/67081e018d953f95e81456ca5ab5dca4e3bdc42c feat(dataproc): update the api https://github.com/googleapis/google-api-python-client/commit/f9b16e5ac6b1de335f5408c74c97901c2b40e889 fix(dfareporting): update the api https://github.com/googleapis/google-api-python-client/commit/802b87692eb73c5df5df39b91c6b50d8ef94b7d5 feat(dlp): update the api https://github.com/googleapis/google-api-python-client/commit/d41a45060ba0f8e24ab25513c3ffcd84061013b6 feat(documentai): update the api https://github.com/googleapis/google-api-python-client/commit/072238b5d7586871069b7cf99f552a238e92d014 feat(drive): update the api https://github.com/googleapis/google-api-python-client/commit/380907f0e9d2c11eae684876fff6336eb0755c8d feat(firebase): update the api https://github.com/googleapis/google-api-python-client/commit/ca27b614293c77f6901578ccc4cf8646b4d514c4 feat(gkehub): update the api https://github.com/googleapis/google-api-python-client/commit/82e05896571a953faf24453b236ee6b49455bd43 feat(managedidentities): update the api https://github.com/googleapis/google-api-python-client/commit/3e8252b8ad09c893153e7b91d0f5564597fbfd90 feat(networkmanagement): update the api https://github.com/googleapis/google-api-python-client/commit/425521b94a49febd11ba9375c538f14c62537faa feat(orgpolicy): update the api https://github.com/googleapis/google-api-python-client/commit/c318440453b64108aca52b296b42c1dda04475e1 feat(playintegrity): update the api https://github.com/googleapis/google-api-python-client/commit/28a7dc83daaa8ce99bbf1d622c898826ee744a04 feat(retail): update the api https://github.com/googleapis/google-api-python-client/commit/e326c357d61376c64aee08d0630ed9b9f5bb61a1 feat(secretmanager): update the api https://github.com/googleapis/google-api-python-client/commit/956320a450d5b112b3c275fa8886f80f1e509631 feat(serviceconsumermanagement): update the api https://github.com/googleapis/google-api-python-client/commit/de8b5b13744fcf98c647fb5664a4e88fffca07f6 feat(servicemanagement): update the api https://github.com/googleapis/google-api-python-client/commit/dc2597a7d89b3f744b5c1b4476ffeafe960951bf feat(servicenetworking): update the api https://github.com/googleapis/google-api-python-client/commit/104f2af0cc2d36d43da57c7545f3fcc8c7f1cb3d feat(serviceusage): update the api https://github.com/googleapis/google-api-python-client/commit/903bea9ded70c8977785086cced79faf438c275c feat(tagmanager): update the api https://github.com/googleapis/google-api-python-client/commit/27df08b5315c7cc38877aa898cb5fd3bd468fff1 feat(transcoder): update the api https://github.com/googleapis/google-api-python-client/commit/7bd32cedfbe5fd31360cfd4363e54d278946eacb --- .../admin_directory_v1.chromeosdevices.html | 4 +- ...v1.customer.devices.chromeos.commands.html | 6 +- ...irectory_v1.customer.devices.chromeos.html | 4 +- docs/dyn/admin_directory_v1.members.html | 4 +- docs/dyn/adsense_v2.accounts.html | 23 + ...icsadmin_v1alpha.properties.audiences.html | 8 +- ...ay_v1.projects.locations.apis.configs.html | 6 +- ...apigateway_v1.projects.locations.apis.html | 6 +- ...ateway_v1.projects.locations.gateways.html | 6 +- ...1beta.projects.locations.apis.configs.html | 6 +- ...ateway_v1beta.projects.locations.apis.html | 6 +- ...ay_v1beta.projects.locations.gateways.html | 6 +- .../apigee_v1.organizations.apiproducts.html | 7 + ..._v1.organizations.endpointAttachments.html | 3 + .../appengine_v1.apps.services.versions.html | 8 +- ...ryauthorization_v1.projects.attestors.html | 6 +- ...inaryauthorization_v1.projects.policy.html | 6 +- ...horization_v1beta1.projects.attestors.html | 6 +- ...authorization_v1beta1.projects.policy.html | 6 +- ...romepolicy_v1.customers.policySchemas.html | 26 +- docs/dyn/cloudbilling_v1.billingAccounts.html | 6 +- ....projects.locations.deliveryPipelines.html | 6 +- ...s.deliveryPipelines.releases.rollouts.html | 12 +- ...ddeploy_v1.projects.locations.targets.html | 6 +- docs/dyn/compute_beta.backendBuckets.html | 8 +- docs/dyn/compute_beta.backendServices.html | 8 +- docs/dyn/compute_beta.disks.html | 8 +- docs/dyn/compute_beta.firewallPolicies.html | 8 +- ...pute_beta.globalNetworkEndpointGroups.html | 15 + docs/dyn/compute_beta.images.html | 8 +- docs/dyn/compute_beta.instanceTemplates.html | 8 +- docs/dyn/compute_beta.instances.html | 42 +- docs/dyn/compute_beta.licenses.html | 8 +- docs/dyn/compute_beta.machineImages.html | 8 +- .../compute_beta.networkEndpointGroups.html | 20 + .../compute_beta.networkFirewallPolicies.html | 8 +- docs/dyn/compute_beta.networks.html | 34 + docs/dyn/compute_beta.nodeGroups.html | 8 +- docs/dyn/compute_beta.nodeTemplates.html | 8 +- ...ute_beta.organizationSecurityPolicies.html | 238 ++ .../compute_beta.regionBackendServices.html | 8 +- docs/dyn/compute_beta.regionCommitments.html | 18 + docs/dyn/compute_beta.regionDisks.html | 8 +- ...pute_beta.regionNetworkEndpointGroups.html | 15 + ...te_beta.regionNetworkFirewallPolicies.html | 8 +- .../compute_beta.regionSecurityPolicies.html | 136 + docs/dyn/compute_beta.reservations.html | 23 +- docs/dyn/compute_beta.resourcePolicies.html | 8 +- docs/dyn/compute_beta.securityPolicies.html | 272 ++ docs/dyn/compute_beta.serviceAttachments.html | 8 +- docs/dyn/compute_beta.snapshots.html | 8 +- docs/dyn/compute_beta.subnetworks.html | 8 +- docs/dyn/content_v2_1.accounts.html | 16 +- ...v1b3.projects.locations.flexTemplates.html | 2 + ...x_v1.projects.locations.lakes.content.html | 6 +- ...projects.locations.lakes.contentitems.html | 6 +- ...projects.locations.lakes.environments.html | 6 +- .../dataplex_v1.projects.locations.lakes.html | 6 +- ...lex_v1.projects.locations.lakes.tasks.html | 6 +- ...projects.locations.lakes.zones.assets.html | 6 +- ...lex_v1.projects.locations.lakes.zones.html | 6 +- ...ataproc_v1.projects.locations.batches.html | 3 + docs/dyn/datastore_v1beta3.projects.html | 286 +- ...yvideo_v1.advertisers.insertionOrders.html | 2 +- ...displayvideo_v1.advertisers.lineItems.html | 2 +- ...rgetingTypes.assignedTargetingOptions.html | 4 +- ..._v2.organizations.deidentifyTemplates.html | 138 + ...zations.locations.deidentifyTemplates.html | 138 + ...lp_v2.organizations.locations.dlpJobs.html | 12 +- ...2.organizations.locations.jobTriggers.html | 36 +- ...ganizations.locations.storedInfoTypes.html | 2 +- .../dlp_v2.organizations.storedInfoTypes.html | 2 +- docs/dyn/dlp_v2.projects.content.html | 46 + .../dlp_v2.projects.deidentifyTemplates.html | 138 + docs/dyn/dlp_v2.projects.dlpJobs.html | 48 +- docs/dyn/dlp_v2.projects.jobTriggers.html | 48 +- .../dlp_v2.projects.locations.content.html | 46 + ...rojects.locations.deidentifyTemplates.html | 138 + .../dlp_v2.projects.locations.dlpJobs.html | 48 +- ...dlp_v2.projects.locations.jobTriggers.html | 48 +- ...v2.projects.locations.storedInfoTypes.html | 2 +- docs/dyn/dlp_v2.projects.storedInfoTypes.html | 2 +- ...ntai_v1.projects.locations.processors.html | 2 - ...ocations.processors.humanReviewConfig.html | 3 +- ...ocations.processors.processorVersions.html | 2 - ...documentai_v1beta2.projects.documents.html | 1 - ..._v1beta2.projects.locations.documents.html | 1 - ...v1beta3.projects.locations.processors.html | 3 - ...ocations.processors.humanReviewConfig.html | 4 +- ...ocations.processors.processorVersions.html | 3 - docs/dyn/drive_v2.changes.html | 4 + docs/dyn/drive_v2.files.html | 26 + docs/dyn/drive_v3.changes.html | 2 + docs/dyn/drive_v3.files.html | 16 + ...projects.locations.channelConnections.html | 6 +- ...entarc_v1.projects.locations.channels.html | 6 +- ...entarc_v1.projects.locations.triggers.html | 6 +- ...c_v1beta1.projects.locations.triggers.html | 6 +- ...firebase_v1beta1.projects.androidApps.html | 76 +- docs/dyn/firebase_v1beta1.projects.html | 5 +- .../firebase_v1beta1.projects.iosApps.html | 46 + .../firebase_v1beta1.projects.webApps.html | 46 + ...rojects.locations.backupPlans.backups.html | 6 +- ...ons.backupPlans.backups.volumeBackups.html | 6 +- ...kup_v1.projects.locations.backupPlans.html | 6 +- ...up_v1.projects.locations.restorePlans.html | 6 +- ...jects.locations.restorePlans.restores.html | 6 +- ....restorePlans.restores.volumeRestores.html | 6 +- ...b_v1alpha.projects.locations.features.html | 80 - ...ects.locations.datasets.consentStores.html | 6 +- ...ojects.locations.datasets.dicomStores.html | 6 +- ...ts.locations.datasets.fhirStores.fhir.html | 4 +- ...rojects.locations.datasets.fhirStores.html | 6 +- ...ojects.locations.datasets.hl7V2Stores.html | 6 +- ...thcare_v1.projects.locations.datasets.html | 6 +- ...s.locations.datasets.annotationStores.html | 6 +- ...ects.locations.datasets.consentStores.html | 6 +- ...ojects.locations.datasets.dicomStores.html | 6 +- ...ts.locations.datasets.fhirStores.fhir.html | 4 +- ...rojects.locations.datasets.fhirStores.html | 6 +- ...ojects.locations.datasets.hl7V2Stores.html | 6 +- ...e_v1beta1.projects.locations.datasets.html | 6 +- docs/dyn/identitytoolkit_v1.accounts.html | 931 +++++ docs/dyn/identitytoolkit_v1.html | 121 + .../identitytoolkit_v1.projects.accounts.html | 701 ++++ docs/dyn/identitytoolkit_v1.projects.html | 218 + ...ytoolkit_v1.projects.tenants.accounts.html | 708 ++++ .../identitytoolkit_v1.projects.tenants.html | 123 + docs/dyn/identitytoolkit_v1.v1.html | 269 ++ docs/dyn/identitytoolkit_v2.accounts.html | 96 + ...titytoolkit_v2.accounts.mfaEnrollment.html | 200 + ...identitytoolkit_v2.accounts.mfaSignIn.html | 169 + ...entitytoolkit_v2.defaultSupportedIdps.html | 132 + docs/dyn/identitytoolkit_v2.html | 121 + ...2.projects.defaultSupportedIdpConfigs.html | 313 ++ docs/dyn/identitytoolkit_v2.projects.html | 590 +++ ...oolkit_v2.projects.inboundSamlConfigs.html | 367 ++ ...tytoolkit_v2.projects.oauthIdpConfigs.html | 295 ++ ...ts.tenants.defaultSupportedIdpConfigs.html | 313 ++ .../identitytoolkit_v2.projects.tenants.html | 615 +++ ...2.projects.tenants.inboundSamlConfigs.html | 367 ++ ...t_v2.projects.tenants.oauthIdpConfigs.html | 295 ++ .../ids_v1.projects.locations.endpoints.html | 6 +- docs/dyn/index.md | 6 +- ...cts.locations.global_.domains.backups.html | 6 +- ...v1.projects.locations.global_.domains.html | 53 +- ...1.projects.locations.global_.peerings.html | 6 +- ...cts.locations.global_.domains.backups.html | 6 +- ...a1.projects.locations.global_.domains.html | 6 +- ...1.projects.locations.global_.peerings.html | 6 +- ...cts.locations.global_.domains.backups.html | 6 +- ...a1.projects.locations.global_.domains.html | 6 +- ...1.projects.locations.global_.peerings.html | 6 +- docs/dyn/ml_v1.projects.jobs.html | 6 +- docs/dyn/ml_v1.projects.models.html | 6 +- ...ssverifications_v1.verificationTokens.html | 2 +- ...s.locations.global_.connectivityTests.html | 86 +- ...s.locations.global_.connectivityTests.html | 42 +- ...1.projects.locations.edgeCacheKeysets.html | 6 +- ...1.projects.locations.edgeCacheOrigins.html | 6 +- ....projects.locations.edgeCacheServices.html | 6 +- ...1.projects.locations.endpointPolicies.html | 6 +- ...rvices_v1.projects.locations.gateways.html | 6 +- ...services_v1.projects.locations.meshes.html | 6 +- ...v1.projects.locations.serviceBindings.html | 6 +- ...1.projects.locations.endpointPolicies.html | 6 +- ...s_v1beta1.projects.locations.gateways.html | 6 +- ...ces_v1beta1.projects.locations.meshes.html | 6 +- ...a1.projects.locations.serviceBindings.html | 6 +- ...cy_v2.organizations.customConstraints.html | 158 + docs/dyn/orgpolicy_v2.organizations.html | 5 + docs/dyn/playintegrity_v1.v1.html | 3 + ...s.locations.catalogs.attributesConfig.html | 48 + ....locations.catalogs.branches.products.html | 382 +- ...cts.locations.catalogs.completionData.html | 6 +- ....projects.locations.catalogs.controls.html | 686 ++++ ...retail_v2.projects.locations.catalogs.html | 11 +- ...rojects.locations.catalogs.placements.html | 98 +- ...cts.locations.catalogs.servingConfigs.html | 641 ++- ...rojects.locations.catalogs.userEvents.html | 154 +- ....projects.locations.catalogs.branches.html | 5 + ...ts.locations.catalogs.branches.places.html | 91 + ...s.catalogs.branches.places.operations.html | 124 + ....locations.catalogs.branches.products.html | 384 +- ...cts.locations.catalogs.completionData.html | 6 +- ....projects.locations.catalogs.controls.html | 100 +- ...l_v2alpha.projects.locations.catalogs.html | 6 +- ...ha.projects.locations.catalogs.models.html | 190 +- ...rojects.locations.catalogs.placements.html | 98 +- ...cts.locations.catalogs.servingConfigs.html | 220 +- ...rojects.locations.catalogs.userEvents.html | 154 +- ....locations.catalogs.branches.products.html | 382 +- ...cts.locations.catalogs.completionData.html | 6 +- ....projects.locations.catalogs.controls.html | 100 +- ...il_v2beta.projects.locations.catalogs.html | 11 +- ...ta.projects.locations.catalogs.models.html | 443 ++ ...rojects.locations.catalogs.placements.html | 98 +- ...cts.locations.catalogs.servingConfigs.html | 220 +- ...rojects.locations.catalogs.userEvents.html | 154 +- .../dyn/run_v1.namespaces.configurations.html | 666 +-- .../dyn/run_v1.namespaces.domainmappings.html | 268 +- docs/dyn/run_v1.namespaces.executions.html | 952 ++--- docs/dyn/run_v1.namespaces.jobs.html | 2322 +++++------ docs/dyn/run_v1.namespaces.revisions.html | 596 +-- docs/dyn/run_v1.namespaces.routes.html | 128 +- docs/dyn/run_v1.namespaces.services.html | 2184 +++++----- docs/dyn/run_v1.namespaces.tasks.html | 588 +-- ..._v1.projects.locations.configurations.html | 666 +-- ..._v1.projects.locations.domainmappings.html | 268 +- .../run_v1.projects.locations.revisions.html | 596 +-- .../dyn/run_v1.projects.locations.routes.html | 128 +- .../run_v1.projects.locations.services.html | 2188 +++++----- .../secretmanager_v1.projects.secrets.html | 24 +- ...ecretmanager_v1beta1.projects.secrets.html | 6 +- ...servicemanagement_v1.services.configs.html | 4 + docs/dyn/servicemanagement_v1.services.html | 1 + docs/dyn/serviceusage_v1.services.html | 3 + docs/dyn/serviceusage_v1beta1.services.html | 2 + docs/dyn/slides_v1.presentations.html | 1093 +---- docs/dyn/slides_v1.presentations.pages.html | 7 +- ...projects.instances.databases.sessions.html | 71 +- ...nager_v2.accounts.containers.versions.html | 91 - ...ger_v2.accounts.containers.workspaces.html | 26 - ....accounts.containers.workspaces.zones.html | 91 - ...er_v1.projects.locations.jobTemplates.html | 52 + ...transcoder_v1.projects.locations.jobs.html | 52 + .../acceleratedmobilepageurl.v1.json | 2 +- .../documents/accessapproval.v1.json | 2 +- .../documents/accesscontextmanager.v1.json | 2 +- .../accesscontextmanager.v1beta.json | 2 +- .../documents/adexchangebuyer2.v2beta1.json | 2 +- .../documents/admin.datatransfer_v1.json | 2 +- .../documents/admin.directory_v1.json | 17 +- .../documents/admin.reports_v1.json | 2 +- .../discovery_cache/documents/admob.v1.json | 2 +- .../documents/admob.v1beta.json | 2 +- .../discovery_cache/documents/adsense.v2.json | 42 +- .../documents/analyticsadmin.v1alpha.json | 20 +- .../documents/analyticsdata.v1beta.json | 2 +- .../documents/analyticsreporting.v4.json | 2 +- .../documents/androidenterprise.v1.json | 2 +- .../documents/androidmanagement.v1.json | 2 +- .../documents/androidpublisher.v3.json | 2 +- .../documents/apigateway.v1.json | 4 +- .../documents/apigateway.v1beta.json | 4 +- .../discovery_cache/documents/apigee.v1.json | 41 +- .../discovery_cache/documents/apikeys.v2.json | 2 +- .../documents/appengine.v1.json | 6 +- .../documents/appengine.v1alpha.json | 2 +- .../documents/appengine.v1beta.json | 2 +- .../documents/area120tables.v1alpha1.json | 2 +- .../documents/artifactregistry.v1.json | 2 +- .../documents/artifactregistry.v1beta1.json | 2 +- .../documents/artifactregistry.v1beta2.json | 2 +- .../authorizedbuyersmarketplace.v1.json | 2 +- .../documents/beyondcorp.v1.json | 2 +- .../documents/beyondcorp.v1alpha.json | 2 +- .../documents/bigquery.v2.json | 2 +- .../documents/bigqueryconnection.v1beta1.json | 2 +- .../documents/bigquerydatatransfer.v1.json | 2 +- .../documents/billingbudgets.v1.json | 2 +- .../documents/billingbudgets.v1beta1.json | 2 +- .../documents/binaryauthorization.v1.json | 4 +- .../binaryauthorization.v1beta1.json | 4 +- .../discovery_cache/documents/blogger.v2.json | 2 +- .../discovery_cache/documents/blogger.v3.json | 2 +- .../discovery_cache/documents/books.v1.json | 2 +- .../businessprofileperformance.v1.json | 2 +- .../documents/calendar.v3.json | 2 +- .../discovery_cache/documents/chat.v1.json | 2 +- .../documents/chromemanagement.v1.json | 2 +- .../documents/chromepolicy.v1.json | 12 +- .../documents/chromeuxreport.v1.json | 2 +- .../documents/classroom.v1.json | 2 +- .../documents/cloudasset.v1.json | 2 +- .../documents/cloudasset.v1beta1.json | 2 +- .../documents/cloudasset.v1p1beta1.json | 2 +- .../documents/cloudasset.v1p5beta1.json | 2 +- .../documents/cloudasset.v1p7beta1.json | 2 +- .../documents/cloudbilling.v1.json | 4 +- .../documents/cloudbuild.v1.json | 2 +- .../documents/cloudbuild.v1alpha1.json | 2 +- .../documents/cloudbuild.v1alpha2.json | 2 +- .../documents/cloudbuild.v1beta1.json | 2 +- .../documents/cloudchannel.v1.json | 2 +- .../documents/clouddebugger.v2.json | 2 +- .../documents/clouddeploy.v1.json | 8 +- .../clouderrorreporting.v1beta1.json | 2 +- .../documents/cloudfunctions.v1.json | 2 +- .../documents/cloudfunctions.v2.json | 2 +- .../documents/cloudfunctions.v2alpha.json | 2 +- .../documents/cloudfunctions.v2beta.json | 2 +- .../documents/cloudidentity.v1.json | 2 +- .../documents/cloudidentity.v1beta1.json | 2 +- .../documents/cloudprofiler.v2.json | 2 +- .../documents/cloudresourcemanager.v1.json | 2 +- .../cloudresourcemanager.v1beta1.json | 2 +- .../documents/cloudresourcemanager.v2.json | 2 +- .../cloudresourcemanager.v2beta1.json | 2 +- .../documents/cloudresourcemanager.v3.json | 2 +- .../documents/cloudsearch.v1.json | 13 +- .../documents/cloudtasks.v2.json | 2 +- .../documents/cloudtasks.v2beta2.json | 2 +- .../documents/cloudtasks.v2beta3.json | 2 +- .../documents/cloudtrace.v1.json | 2 +- .../documents/cloudtrace.v2.json | 2 +- .../documents/cloudtrace.v2beta1.json | 2 +- .../documents/composer.v1.json | 2 +- .../documents/composer.v1beta1.json | 2 +- .../documents/compute.beta.json | 140 +- .../documents/contactcenterinsights.v1.json | 2 +- .../documents/containeranalysis.v1.json | 2 +- .../documents/containeranalysis.v1alpha1.json | 2 +- .../documents/containeranalysis.v1beta1.json | 2 +- .../documents/content.v2.1.json | 4 +- .../documents/customsearch.v1.json | 2 +- .../documents/dataflow.v1b3.json | 6 +- .../documents/datapipelines.v1.json | 2 +- .../documents/dataplex.v1.json | 4 +- .../documents/dataproc.v1.json | 7 +- .../documents/datastream.v1.json | 2 +- .../documents/datastream.v1alpha1.json | 2 +- .../documents/dfareporting.v3.5.json | 824 ++-- .../documents/dfareporting.v4.json | 852 ++-- .../documents/dialogflow.v2.json | 2 +- .../documents/dialogflow.v2beta1.json | 2 +- .../documents/dialogflow.v3.json | 2 +- .../documents/dialogflow.v3beta1.json | 2 +- .../documents/digitalassetlinks.v1.json | 2 +- .../documents/displayvideo.v1.json | 108 +- .../discovery_cache/documents/dlp.v2.json | 254 +- .../discovery_cache/documents/dns.v1.json | 2 +- .../documents/dns.v1beta2.json | 2 +- .../discovery_cache/documents/docs.v1.json | 2 +- .../documents/documentai.v1.json | 113 +- .../documents/documentai.v1beta2.json | 107 +- .../documents/documentai.v1beta3.json | 113 +- .../documents/domainsrdap.v1.json | 2 +- .../documents/doubleclickbidmanager.v1.1.json | 2 +- .../documents/doubleclickbidmanager.v2.json | 2 +- .../documents/doubleclicksearch.v2.json | 2 +- .../discovery_cache/documents/drive.v2.json | 12 +- .../discovery_cache/documents/drive.v3.json | 12 +- .../documents/driveactivity.v2.json | 2 +- .../documents/drivelabels.v2.json | 2 +- .../documents/drivelabels.v2beta.json | 2 +- .../documents/essentialcontacts.v1.json | 2 +- .../documents/eventarc.v1.json | 4 +- .../documents/eventarc.v1beta1.json | 4 +- .../documents/factchecktools.v1alpha1.json | 2 +- .../discovery_cache/documents/fcm.v1.json | 2 +- .../documents/fcmdata.v1beta1.json | 2 +- .../documents/firebase.v1beta1.json | 147 +- .../documents/firebaseappcheck.v1.json | 2 +- .../documents/firebaseappcheck.v1beta.json | 2 +- .../documents/firebasedatabase.v1beta.json | 2 +- .../documents/firebasedynamiclinks.v1.json | 2 +- .../documents/firebasehosting.v1.json | 2 +- .../documents/firebasehosting.v1beta1.json | 2 +- .../documents/firebaseml.v1.json | 2 +- .../documents/firebaseml.v1beta2.json | 2 +- .../documents/firebaserules.v1.json | 2 +- .../documents/firebasestorage.v1beta.json | 2 +- .../discovery_cache/documents/fitness.v1.json | 2 +- .../discovery_cache/documents/forms.v1.json | 2 +- .../documents/gameservices.v1.json | 2 +- .../documents/gameservices.v1beta.json | 2 +- .../documents/genomics.v2alpha1.json | 2 +- .../documents/gkebackup.v1.json | 4 +- .../discovery_cache/documents/gkehub.v1.json | 2 +- .../documents/gkehub.v1alpha.json | 50 +- .../documents/gkehub.v1alpha2.json | 2 +- .../documents/gkehub.v1beta.json | 2 +- .../documents/gkehub.v1beta1.json | 2 +- .../documents/gkehub.v2alpha.json | 2 +- .../discovery_cache/documents/gmail.v1.json | 2 +- .../documents/gmailpostmastertools.v1.json | 2 +- .../gmailpostmastertools.v1beta1.json | 2 +- .../documents/groupsmigration.v1.json | 2 +- .../documents/healthcare.v1.json | 6 +- .../documents/healthcare.v1beta1.json | 6 +- .../documents/homegraph.v1.json | 2 +- .../documents/iamcredentials.v1.json | 2 +- .../documents/ideahub.v1alpha.json | 2 +- .../documents/ideahub.v1beta.json | 2 +- .../documents/identitytoolkit.v1.json | 3631 +++++++++++++++++ .../documents/identitytoolkit.v2.json | 3070 ++++++++++++++ .../discovery_cache/documents/ids.v1.json | 4 +- .../documents/indexing.v3.json | 2 +- .../discovery_cache/documents/jobs.v3.json | 2 +- .../documents/jobs.v3p1beta1.json | 2 +- .../discovery_cache/documents/jobs.v4.json | 2 +- .../documents/language.v1.json | 2 +- .../documents/language.v1beta1.json | 2 +- .../documents/language.v1beta2.json | 2 +- .../documents/libraryagent.v1.json | 2 +- .../documents/licensing.v1.json | 2 +- .../documents/lifesciences.v2beta.json | 2 +- .../documents/managedidentities.v1.json | 66 +- .../documents/managedidentities.v1alpha1.json | 18 +- .../documents/managedidentities.v1beta1.json | 18 +- .../documents/manufacturers.v1.json | 2 +- .../documents/metastore.v1alpha.json | 2 +- .../documents/metastore.v1beta.json | 2 +- .../discovery_cache/documents/ml.v1.json | 4 +- .../documents/monitoring.v1.json | 2 +- .../documents/monitoring.v3.json | 2 +- .../mybusinessaccountmanagement.v1.json | 2 +- .../documents/mybusinessbusinesscalls.v1.json | 2 +- .../mybusinessbusinessinformation.v1.json | 2 +- .../documents/mybusinesslodging.v1.json | 2 +- .../documents/mybusinessnotifications.v1.json | 2 +- .../documents/mybusinessplaceactions.v1.json | 2 +- .../documents/mybusinessqanda.v1.json | 2 +- .../documents/mybusinessverifications.v1.json | 4 +- .../documents/networkconnectivity.v1.json | 2 +- .../networkconnectivity.v1alpha1.json | 2 +- .../documents/networkmanagement.v1.json | 97 +- .../documents/networkmanagement.v1beta1.json | 62 +- .../documents/networkservices.v1.json | 4 +- .../documents/networkservices.v1beta1.json | 4 +- .../documents/ondemandscanning.v1.json | 2 +- .../documents/ondemandscanning.v1beta1.json | 2 +- .../documents/orgpolicy.v2.json | 229 +- .../documents/osconfig.v1.json | 2 +- .../documents/osconfig.v1alpha.json | 2 +- .../documents/osconfig.v1beta.json | 2 +- .../discovery_cache/documents/oslogin.v1.json | 2 +- .../documents/oslogin.v1alpha.json | 2 +- .../documents/oslogin.v1beta.json | 2 +- .../documents/pagespeedonline.v5.json | 2 +- .../paymentsresellersubscription.v1.json | 2 +- .../discovery_cache/documents/people.v1.json | 2 +- .../documents/playcustomapp.v1.json | 2 +- .../playdeveloperreporting.v1alpha1.json | 2 +- .../playdeveloperreporting.v1beta1.json | 2 +- .../documents/playintegrity.v1.json | 33 +- .../documents/policyanalyzer.v1.json | 2 +- .../documents/policyanalyzer.v1beta1.json | 2 +- .../documents/policysimulator.v1.json | 2 +- .../documents/policysimulator.v1beta1.json | 2 +- .../documents/policytroubleshooter.v1.json | 2 +- .../policytroubleshooter.v1beta.json | 2 +- .../documents/privateca.v1.json | 2 +- .../documents/privateca.v1beta1.json | 2 +- .../documents/prod_tt_sasportal.v1alpha1.json | 2 +- .../documents/pubsublite.v1.json | 2 +- .../documents/realtimebidding.v1.json | 2 +- .../documents/realtimebidding.v1alpha.json | 2 +- .../documents/recaptchaenterprise.v1.json | 16 +- .../recommendationengine.v1beta1.json | 2 +- .../documents/recommender.v1.json | 2 +- .../documents/recommender.v1beta1.json | 2 +- .../documents/resourcesettings.v1.json | 2 +- .../discovery_cache/documents/retail.v2.json | 1061 ++++- .../documents/retail.v2alpha.json | 270 +- .../documents/retail.v2beta.json | 611 ++- .../discovery_cache/documents/run.v1.json | 523 +-- .../discovery_cache/documents/run.v2.json | 2 +- .../documents/safebrowsing.v4.json | 2 +- .../documents/sasportal.v1alpha1.json | 2 +- .../discovery_cache/documents/script.v1.json | 2 +- .../documents/searchconsole.v1.json | 12 +- .../documents/secretmanager.v1.json | 11 +- .../documents/secretmanager.v1beta1.json | 4 +- .../serviceconsumermanagement.v1.json | 6 +- .../serviceconsumermanagement.v1beta1.json | 6 +- .../documents/servicecontrol.v1.json | 2 +- .../documents/servicecontrol.v2.json | 2 +- .../documents/servicedirectory.v1.json | 2 +- .../documents/servicedirectory.v1beta1.json | 2 +- .../documents/servicemanagement.v1.json | 6 +- .../documents/servicenetworking.v1.json | 6 +- .../documents/servicenetworking.v1beta.json | 6 +- .../documents/serviceusage.v1.json | 6 +- .../documents/serviceusage.v1beta1.json | 6 +- .../discovery_cache/documents/sheets.v4.json | 2 +- .../discovery_cache/documents/slides.v1.json | 2 +- .../documents/smartdevicemanagement.v1.json | 2 +- .../documents/sourcerepo.v1.json | 2 +- .../discovery_cache/documents/speech.v1.json | 2 +- .../documents/speech.v1p1beta1.json | 2 +- .../discovery_cache/documents/storage.v1.json | 4 +- .../documents/streetviewpublish.v1.json | 2 +- .../discovery_cache/documents/sts.v1.json | 2 +- .../discovery_cache/documents/sts.v1beta.json | 2 +- .../documents/tagmanager.v1.json | 2 +- .../documents/tagmanager.v2.json | 9 +- .../discovery_cache/documents/tasks.v1.json | 2 +- .../discovery_cache/documents/testing.v1.json | 2 +- .../documents/texttospeech.v1.json | 2 +- .../documents/texttospeech.v1beta1.json | 2 +- .../documents/toolresults.v1beta3.json | 2 +- .../documents/trafficdirector.v2.json | 2 +- .../documents/transcoder.v1.json | 63 +- .../documents/translate.v3.json | 2 +- .../documents/translate.v3beta1.json | 2 +- .../documents/versionhistory.v1.json | 2 +- .../documents/vmmigration.v1.json | 4 +- .../documents/vmmigration.v1alpha1.json | 4 +- .../documents/websecurityscanner.v1.json | 2 +- .../documents/websecurityscanner.v1alpha.json | 2 +- .../documents/websecurityscanner.v1beta.json | 2 +- .../documents/workflowexecutions.v1.json | 2 +- .../documents/workflowexecutions.v1beta.json | 2 +- .../documents/workflows.v1.json | 2 +- .../documents/workflows.v1beta.json | 2 +- .../discovery_cache/documents/youtube.v3.json | 2 +- .../documents/youtubeAnalytics.v2.json | 2 +- .../documents/youtubereporting.v1.json | 2 +- 510 files changed, 31373 insertions(+), 10058 deletions(-) create mode 100644 docs/dyn/identitytoolkit_v1.accounts.html create mode 100644 docs/dyn/identitytoolkit_v1.html create mode 100644 docs/dyn/identitytoolkit_v1.projects.accounts.html create mode 100644 docs/dyn/identitytoolkit_v1.projects.html create mode 100644 docs/dyn/identitytoolkit_v1.projects.tenants.accounts.html create mode 100644 docs/dyn/identitytoolkit_v1.projects.tenants.html create mode 100644 docs/dyn/identitytoolkit_v1.v1.html create mode 100644 docs/dyn/identitytoolkit_v2.accounts.html create mode 100644 docs/dyn/identitytoolkit_v2.accounts.mfaEnrollment.html create mode 100644 docs/dyn/identitytoolkit_v2.accounts.mfaSignIn.html create mode 100644 docs/dyn/identitytoolkit_v2.defaultSupportedIdps.html create mode 100644 docs/dyn/identitytoolkit_v2.html create mode 100644 docs/dyn/identitytoolkit_v2.projects.defaultSupportedIdpConfigs.html create mode 100644 docs/dyn/identitytoolkit_v2.projects.html create mode 100644 docs/dyn/identitytoolkit_v2.projects.inboundSamlConfigs.html create mode 100644 docs/dyn/identitytoolkit_v2.projects.oauthIdpConfigs.html create mode 100644 docs/dyn/identitytoolkit_v2.projects.tenants.defaultSupportedIdpConfigs.html create mode 100644 docs/dyn/identitytoolkit_v2.projects.tenants.html create mode 100644 docs/dyn/identitytoolkit_v2.projects.tenants.inboundSamlConfigs.html create mode 100644 docs/dyn/identitytoolkit_v2.projects.tenants.oauthIdpConfigs.html create mode 100644 docs/dyn/retail_v2.projects.locations.catalogs.controls.html create mode 100644 docs/dyn/retail_v2alpha.projects.locations.catalogs.branches.places.html create mode 100644 docs/dyn/retail_v2alpha.projects.locations.catalogs.branches.places.operations.html create mode 100644 docs/dyn/retail_v2beta.projects.locations.catalogs.models.html create mode 100644 googleapiclient/discovery_cache/documents/identitytoolkit.v1.json create mode 100644 googleapiclient/discovery_cache/documents/identitytoolkit.v2.json diff --git a/docs/dyn/admin_directory_v1.chromeosdevices.html b/docs/dyn/admin_directory_v1.chromeosdevices.html index 0735f6c2a07..abc02aa0f15 100644 --- a/docs/dyn/admin_directory_v1.chromeosdevices.html +++ b/docs/dyn/admin_directory_v1.chromeosdevices.html @@ -109,7 +109,7 @@

Method Details

body: object, The request body. The object takes the form of: -{ +{ # The data regarding an action to update the status of a Chrome OS device. "action": "A String", # Action to be taken on the Chrome OS device. "deprovisionReason": "A String", # Only used when the action is `deprovision`. With the `deprovision` action, this field is required. *Note*: The deprovision reason is audited because it might have implications on licenses for perpetual subscription customers. } @@ -481,7 +481,7 @@

Method Details

Moves or inserts multiple Chrome OS devices to an organizational unit. You can move up to 50 devices at once.
 
 Args:
-  customerId: string, Immutable ID of the Google Workspace account (required)
+  customerId: string, Immutable. ID of the Google Workspace account (required)
   orgUnitPath: string, Full path of the target organizational unit or its ID (required)
   body: object, The request body.
     The object takes the form of:
diff --git a/docs/dyn/admin_directory_v1.customer.devices.chromeos.commands.html b/docs/dyn/admin_directory_v1.customer.devices.chromeos.commands.html
index 58ea1722997..7b4c5aca589 100644
--- a/docs/dyn/admin_directory_v1.customer.devices.chromeos.commands.html
+++ b/docs/dyn/admin_directory_v1.customer.devices.chromeos.commands.html
@@ -91,9 +91,9 @@ 
Method Details

   
Gets command data a specific command issued to the device.
 
 Args:
-  customerId: string, Immutable. Immutable ID of the Google Workspace account. (required)
-  deviceId: string, Immutable. Immutable ID of Chrome OS Device. (required)
-  commandId: string, Immutable. Immutable ID of Chrome OS Device Command. (required)
+  customerId: string, Immutable. ID of the Google Workspace account. (required)
+  deviceId: string, Immutable. ID of Chrome OS Device. (required)
+  commandId: string, Immutable. ID of Chrome OS Device Command. (required)
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
diff --git a/docs/dyn/admin_directory_v1.customer.devices.chromeos.html b/docs/dyn/admin_directory_v1.customer.devices.chromeos.html
index 16f39ea647f..13fd3091c55 100644
--- a/docs/dyn/admin_directory_v1.customer.devices.chromeos.html
+++ b/docs/dyn/admin_directory_v1.customer.devices.chromeos.html
@@ -96,8 +96,8 @@ 
Method Details

   
Issues a command for the device to execute.
 
 Args:
-  customerId: string, Immutable. Immutable ID of the Google Workspace account. (required)
-  deviceId: string, Immutable. Immutable ID of Chrome OS Device. (required)
+  customerId: string, Immutable. ID of the Google Workspace account. (required)
+  deviceId: string, Immutable. ID of Chrome OS Device. (required)
   body: object, The request body.
     The object takes the form of:
 
diff --git a/docs/dyn/admin_directory_v1.members.html b/docs/dyn/admin_directory_v1.members.html
index 80985ed5b47..5709383c62e 100644
--- a/docs/dyn/admin_directory_v1.members.html
+++ b/docs/dyn/admin_directory_v1.members.html
@@ -85,7 +85,7 @@ 
Instance Methods

 
Retrieves a group member's properties.

 

   hasMember(groupKey, memberKey, x__xgafv=None)

-
Checks whether the given user is a member of the group. Membership can be direct or nested.

+
Checks whether the given user is a member of the group. Membership can be direct or nested, but if nested, the `memberKey` and `groupKey` must be entities in the same domain or an `Invalid input` error is returned. To check for nested memberships that include entities outside of the group's domain, use the [`checkTransitiveMembership()`](https://cloud.google.com/identity/docs/reference/rest/v1/groups.memberships/checkTransitiveMembership) method in the Cloud Identity Groups API.

 

   insert(groupKey, body=None, x__xgafv=None)

 
Adds a user to the specified group.

@@ -150,7 +150,7 @@ 
Method Details

 
 

     hasMember(groupKey, memberKey, x__xgafv=None)
-  
Checks whether the given user is a member of the group. Membership can be direct or nested.
+  
Checks whether the given user is a member of the group. Membership can be direct or nested, but if nested, the `memberKey` and `groupKey` must be entities in the same domain or an `Invalid input` error is returned. To check for nested memberships that include entities outside of the group's domain, use the [`checkTransitiveMembership()`](https://cloud.google.com/identity/docs/reference/rest/v1/groups.memberships/checkTransitiveMembership) method in the Cloud Identity Groups API.
 
 Args:
   groupKey: string, Identifies the group in the API request. The value can be the group's email address, group alias, or the unique group ID. (required)
diff --git a/docs/dyn/adsense_v2.accounts.html b/docs/dyn/adsense_v2.accounts.html
index 6d39c15585f..258e589003a 100644
--- a/docs/dyn/adsense_v2.accounts.html
+++ b/docs/dyn/adsense_v2.accounts.html
@@ -105,6 +105,9 @@ 
Instance Methods

 

   get(name, x__xgafv=None)

 
Gets information about the selected AdSense account.

+

+  getAdBlockingRecoveryTag(name, x__xgafv=None)

+
Gets the ad blocking recovery tag of an account.

 

   list(pageSize=None, pageToken=None, x__xgafv=None)

 
Lists all accounts available to this user.

@@ -153,6 +156,26 @@ 
Method Details

 }

 

 
+

+    getAdBlockingRecoveryTag(name, x__xgafv=None)
+  
Gets the ad blocking recovery tag of an account.
+
+Args:
+  name: string, Required. The name of the account to get the tag for. Format: accounts/{account} (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Representation of an ad blocking recovery tag. See https://support.google.com/adsense/answer/11575177.
+  "errorProtectionCode": "A String", # Error protection code that can be used in conjunction with the tag. It'll display a message to users if an [ad blocking extension blocks their access to your site](https://support.google.com/adsense/answer/11575480).
+  "tag": "A String", # The ad blocking recovery tag. Note that the message generated by the tag can be blocked by an ad blocking extension. If this is not your desired outcome, then you'll need to use it in conjunction with the error protection code.
+}

+

+
 

     list(pageSize=None, pageToken=None, x__xgafv=None)
   
Lists all accounts available to this user.
diff --git a/docs/dyn/analyticsadmin_v1alpha.properties.audiences.html b/docs/dyn/analyticsadmin_v1alpha.properties.audiences.html
index e1910947ebe..4d7d036e414 100644
--- a/docs/dyn/analyticsadmin_v1alpha.properties.audiences.html
+++ b/docs/dyn/analyticsadmin_v1alpha.properties.audiences.html
@@ -85,10 +85,10 @@ 
Instance Methods

 
Creates an Audience.

 

   get(name, x__xgafv=None)

-
Lookup for a single Audience. Audiences created before 2020 may not be supported.

+
Lookup for a single Audience. Audiences created before 2020 may not be supported. Default audiences will not show filter definitions.

 

   list(parent, pageSize=None, pageToken=None, x__xgafv=None)

-
Lists Audiences on a property. Audiences created before 2020 may not be supported.

+
Lists Audiences on a property. Audiences created before 2020 may not be supported. Default audiences will not show filter definitions.

 

   list_next()

 
Retrieves the next page of results.

@@ -409,7 +409,7 @@ 
Method Details

 
 

     get(name, x__xgafv=None)
-  
Lookup for a single Audience. Audiences created before 2020 may not be supported.
+  
Lookup for a single Audience. Audiences created before 2020 may not be supported. Default audiences will not show filter definitions.
 
 Args:
   name: string, Required. The name of the Audience to get. Example format: properties/1234/audiences/5678 (required)
@@ -556,7 +556,7 @@ 
Method Details

 
 

     list(parent, pageSize=None, pageToken=None, x__xgafv=None)
-  
Lists Audiences on a property. Audiences created before 2020 may not be supported.
+  
Lists Audiences on a property. Audiences created before 2020 may not be supported. Default audiences will not show filter definitions.
 
 Args:
   parent: string, Required. Example format: properties/1234 (required)
diff --git a/docs/dyn/apigateway_v1.projects.locations.apis.configs.html b/docs/dyn/apigateway_v1.projects.locations.apis.configs.html
index b0d448e16f1..1fa6237c084 100644
--- a/docs/dyn/apigateway_v1.projects.locations.apis.configs.html
+++ b/docs/dyn/apigateway_v1.projects.locations.apis.configs.html
@@ -323,7 +323,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -528,7 +528,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -570,7 +570,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/apigateway_v1.projects.locations.apis.html b/docs/dyn/apigateway_v1.projects.locations.apis.html
index f6962ea0e0e..4028be2057f 100644
--- a/docs/dyn/apigateway_v1.projects.locations.apis.html
+++ b/docs/dyn/apigateway_v1.projects.locations.apis.html
@@ -265,7 +265,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -412,7 +412,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -454,7 +454,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/apigateway_v1.projects.locations.gateways.html b/docs/dyn/apigateway_v1.projects.locations.gateways.html
index dd519cedc15..09d0b1a4ff9 100644
--- a/docs/dyn/apigateway_v1.projects.locations.gateways.html
+++ b/docs/dyn/apigateway_v1.projects.locations.gateways.html
@@ -262,7 +262,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -411,7 +411,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -453,7 +453,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/apigateway_v1beta.projects.locations.apis.configs.html b/docs/dyn/apigateway_v1beta.projects.locations.apis.configs.html
index 0c31f1c568a..9219a089e2f 100644
--- a/docs/dyn/apigateway_v1beta.projects.locations.apis.configs.html
+++ b/docs/dyn/apigateway_v1beta.projects.locations.apis.configs.html
@@ -333,7 +333,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -548,7 +548,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -590,7 +590,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/apigateway_v1beta.projects.locations.apis.html b/docs/dyn/apigateway_v1beta.projects.locations.apis.html
index 29d1f2f9bf6..60141b54f25 100644
--- a/docs/dyn/apigateway_v1beta.projects.locations.apis.html
+++ b/docs/dyn/apigateway_v1beta.projects.locations.apis.html
@@ -265,7 +265,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -412,7 +412,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -454,7 +454,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/apigateway_v1beta.projects.locations.gateways.html b/docs/dyn/apigateway_v1beta.projects.locations.gateways.html
index 2f0f2f1626f..206cdb49ee9 100644
--- a/docs/dyn/apigateway_v1beta.projects.locations.gateways.html
+++ b/docs/dyn/apigateway_v1beta.projects.locations.gateways.html
@@ -262,7 +262,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -411,7 +411,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -453,7 +453,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/apigee_v1.organizations.apiproducts.html b/docs/dyn/apigee_v1.organizations.apiproducts.html
index a441d1abde1..7896076af4a 100644
--- a/docs/dyn/apigee_v1.organizations.apiproducts.html
+++ b/docs/dyn/apigee_v1.organizations.apiproducts.html
@@ -194,6 +194,7 @@ 
Method Details

     "A String",
   ],
   "quota": "A String", # Number of request messages permitted per app by this API product for the specified `quotaInterval` and `quotaTimeUnit`. For example, a `quota` of 50, for a `quotaInterval` of 12 and a `quotaTimeUnit` of hours means 50 requests are allowed every 12 hours.
+  "quotaCounterScope": "A String", # Scope of the quota decides how the quota counter gets applied and evaluate for quota violation. If the Scope is set as PROXY, then all the operations defined for the APIproduct that are associated with the same proxy will share the same quota counter set at the APIproduct level, making it a global counter at a proxy level. If the Scope is set as OPERATION, then each operations get the counter set at the API product dedicated, making it a local counter. Note that, the QuotaCounterScope applies only when an operation does not have dedicated quota set for itself.
   "quotaInterval": "A String", # Time interval over which the number of request messages is calculated.
   "quotaTimeUnit": "A String", # Time unit defined for the `quotaInterval`. Valid values include `minute`, `hour`, `day`, or `month`.
   "scopes": [ # Comma-separated list of OAuth scopes that are validated at runtime. Apigee validates that the scopes in any access token presented match the scopes defined in the OAuth policy associated with the API product.
@@ -286,6 +287,7 @@ 
Method Details

     "A String",
   ],
   "quota": "A String", # Number of request messages permitted per app by this API product for the specified `quotaInterval` and `quotaTimeUnit`. For example, a `quota` of 50, for a `quotaInterval` of 12 and a `quotaTimeUnit` of hours means 50 requests are allowed every 12 hours.
+  "quotaCounterScope": "A String", # Scope of the quota decides how the quota counter gets applied and evaluate for quota violation. If the Scope is set as PROXY, then all the operations defined for the APIproduct that are associated with the same proxy will share the same quota counter set at the APIproduct level, making it a global counter at a proxy level. If the Scope is set as OPERATION, then each operations get the counter set at the API product dedicated, making it a local counter. Note that, the QuotaCounterScope applies only when an operation does not have dedicated quota set for itself.
   "quotaInterval": "A String", # Time interval over which the number of request messages is calculated.
   "quotaTimeUnit": "A String", # Time unit defined for the `quotaInterval`. Valid values include `minute`, `hour`, `day`, or `month`.
   "scopes": [ # Comma-separated list of OAuth scopes that are validated at runtime. Apigee validates that the scopes in any access token presented match the scopes defined in the OAuth policy associated with the API product.
@@ -385,6 +387,7 @@ 
Method Details

     "A String",
   ],
   "quota": "A String", # Number of request messages permitted per app by this API product for the specified `quotaInterval` and `quotaTimeUnit`. For example, a `quota` of 50, for a `quotaInterval` of 12 and a `quotaTimeUnit` of hours means 50 requests are allowed every 12 hours.
+  "quotaCounterScope": "A String", # Scope of the quota decides how the quota counter gets applied and evaluate for quota violation. If the Scope is set as PROXY, then all the operations defined for the APIproduct that are associated with the same proxy will share the same quota counter set at the APIproduct level, making it a global counter at a proxy level. If the Scope is set as OPERATION, then each operations get the counter set at the API product dedicated, making it a local counter. Note that, the QuotaCounterScope applies only when an operation does not have dedicated quota set for itself.
   "quotaInterval": "A String", # Time interval over which the number of request messages is calculated.
   "quotaTimeUnit": "A String", # Time unit defined for the `quotaInterval`. Valid values include `minute`, `hour`, `day`, or `month`.
   "scopes": [ # Comma-separated list of OAuth scopes that are validated at runtime. Apigee validates that the scopes in any access token presented match the scopes defined in the OAuth policy associated with the API product.
@@ -484,6 +487,7 @@ 
Method Details

     "A String",
   ],
   "quota": "A String", # Number of request messages permitted per app by this API product for the specified `quotaInterval` and `quotaTimeUnit`. For example, a `quota` of 50, for a `quotaInterval` of 12 and a `quotaTimeUnit` of hours means 50 requests are allowed every 12 hours.
+  "quotaCounterScope": "A String", # Scope of the quota decides how the quota counter gets applied and evaluate for quota violation. If the Scope is set as PROXY, then all the operations defined for the APIproduct that are associated with the same proxy will share the same quota counter set at the APIproduct level, making it a global counter at a proxy level. If the Scope is set as OPERATION, then each operations get the counter set at the API product dedicated, making it a local counter. Note that, the QuotaCounterScope applies only when an operation does not have dedicated quota set for itself.
   "quotaInterval": "A String", # Time interval over which the number of request messages is calculated.
   "quotaTimeUnit": "A String", # Time unit defined for the `quotaInterval`. Valid values include `minute`, `hour`, `day`, or `month`.
   "scopes": [ # Comma-separated list of OAuth scopes that are validated at runtime. Apigee validates that the scopes in any access token presented match the scopes defined in the OAuth policy associated with the API product.
@@ -590,6 +594,7 @@ 
Method Details

         "A String",
       ],
       "quota": "A String", # Number of request messages permitted per app by this API product for the specified `quotaInterval` and `quotaTimeUnit`. For example, a `quota` of 50, for a `quotaInterval` of 12 and a `quotaTimeUnit` of hours means 50 requests are allowed every 12 hours.
+      "quotaCounterScope": "A String", # Scope of the quota decides how the quota counter gets applied and evaluate for quota violation. If the Scope is set as PROXY, then all the operations defined for the APIproduct that are associated with the same proxy will share the same quota counter set at the APIproduct level, making it a global counter at a proxy level. If the Scope is set as OPERATION, then each operations get the counter set at the API product dedicated, making it a local counter. Note that, the QuotaCounterScope applies only when an operation does not have dedicated quota set for itself.
       "quotaInterval": "A String", # Time interval over which the number of request messages is calculated.
       "quotaTimeUnit": "A String", # Time unit defined for the `quotaInterval`. Valid values include `minute`, `hour`, `day`, or `month`.
       "scopes": [ # Comma-separated list of OAuth scopes that are validated at runtime. Apigee validates that the scopes in any access token presented match the scopes defined in the OAuth policy associated with the API product.
@@ -686,6 +691,7 @@ 
Method Details

     "A String",
   ],
   "quota": "A String", # Number of request messages permitted per app by this API product for the specified `quotaInterval` and `quotaTimeUnit`. For example, a `quota` of 50, for a `quotaInterval` of 12 and a `quotaTimeUnit` of hours means 50 requests are allowed every 12 hours.
+  "quotaCounterScope": "A String", # Scope of the quota decides how the quota counter gets applied and evaluate for quota violation. If the Scope is set as PROXY, then all the operations defined for the APIproduct that are associated with the same proxy will share the same quota counter set at the APIproduct level, making it a global counter at a proxy level. If the Scope is set as OPERATION, then each operations get the counter set at the API product dedicated, making it a local counter. Note that, the QuotaCounterScope applies only when an operation does not have dedicated quota set for itself.
   "quotaInterval": "A String", # Time interval over which the number of request messages is calculated.
   "quotaTimeUnit": "A String", # Time unit defined for the `quotaInterval`. Valid values include `minute`, `hour`, `day`, or `month`.
   "scopes": [ # Comma-separated list of OAuth scopes that are validated at runtime. Apigee validates that the scopes in any access token presented match the scopes defined in the OAuth policy associated with the API product.
@@ -778,6 +784,7 @@ 
Method Details

     "A String",
   ],
   "quota": "A String", # Number of request messages permitted per app by this API product for the specified `quotaInterval` and `quotaTimeUnit`. For example, a `quota` of 50, for a `quotaInterval` of 12 and a `quotaTimeUnit` of hours means 50 requests are allowed every 12 hours.
+  "quotaCounterScope": "A String", # Scope of the quota decides how the quota counter gets applied and evaluate for quota violation. If the Scope is set as PROXY, then all the operations defined for the APIproduct that are associated with the same proxy will share the same quota counter set at the APIproduct level, making it a global counter at a proxy level. If the Scope is set as OPERATION, then each operations get the counter set at the API product dedicated, making it a local counter. Note that, the QuotaCounterScope applies only when an operation does not have dedicated quota set for itself.
   "quotaInterval": "A String", # Time interval over which the number of request messages is calculated.
   "quotaTimeUnit": "A String", # Time unit defined for the `quotaInterval`. Valid values include `minute`, `hour`, `day`, or `month`.
   "scopes": [ # Comma-separated list of OAuth scopes that are validated at runtime. Apigee validates that the scopes in any access token presented match the scopes defined in the OAuth policy associated with the API product.
diff --git a/docs/dyn/apigee_v1.organizations.endpointAttachments.html b/docs/dyn/apigee_v1.organizations.endpointAttachments.html
index bfdd5658aae..88b95eb89ab 100644
--- a/docs/dyn/apigee_v1.organizations.endpointAttachments.html
+++ b/docs/dyn/apigee_v1.organizations.endpointAttachments.html
@@ -108,6 +108,7 @@ 
Method Details

     The object takes the form of:
 
 { # Apigee endpoint attachment. For more information, see [Southbound networking patterns] (https://cloud.google.com/apigee/docs/api-platform/architecture/southbound-networking-patterns-endpoints).
+  "connectionState": "A String", # Output only. State of the endpoint attachment connection to the service attachment.
   "host": "A String", # Output only. Host that can be used in either the HTTP target endpoint directly or as the host in target server.
   "location": "A String", # Required. Location of the endpoint attachment.
   "name": "A String", # Name of the endpoint attachment. Use the following structure in your request: `organizations/{org}/endpointAttachments/{endpoint_attachment}`
@@ -195,6 +196,7 @@ 
Method Details

   An object of the form:
 
     { # Apigee endpoint attachment. For more information, see [Southbound networking patterns] (https://cloud.google.com/apigee/docs/api-platform/architecture/southbound-networking-patterns-endpoints).
+  "connectionState": "A String", # Output only. State of the endpoint attachment connection to the service attachment.
   "host": "A String", # Output only. Host that can be used in either the HTTP target endpoint directly or as the host in target server.
   "location": "A String", # Required. Location of the endpoint attachment.
   "name": "A String", # Name of the endpoint attachment. Use the following structure in your request: `organizations/{org}/endpointAttachments/{endpoint_attachment}`
@@ -222,6 +224,7 @@ 
Method Details

     { # Response for ListEndpointAttachments method.
   "endpointAttachments": [ # Endpoint attachments in the specified organization.
     { # Apigee endpoint attachment. For more information, see [Southbound networking patterns] (https://cloud.google.com/apigee/docs/api-platform/architecture/southbound-networking-patterns-endpoints).
+      "connectionState": "A String", # Output only. State of the endpoint attachment connection to the service attachment.
       "host": "A String", # Output only. Host that can be used in either the HTTP target endpoint directly or as the host in target server.
       "location": "A String", # Required. Location of the endpoint attachment.
       "name": "A String", # Name of the endpoint attachment. Use the following structure in your request: `organizations/{org}/endpointAttachments/{endpoint_attachment}`
diff --git a/docs/dyn/appengine_v1.apps.services.versions.html b/docs/dyn/appengine_v1.apps.services.versions.html
index f44487f9008..d80d3a90eca 100644
--- a/docs/dyn/appengine_v1.apps.services.versions.html
+++ b/docs/dyn/appengine_v1.apps.services.versions.html
@@ -117,7 +117,7 @@ 
Method Details

     The object takes the form of:
 
 { # A Version resource is a specific set of source code and configuration files that are deployed into a service.
-  "apiConfig": { # Google Cloud Endpoints (https://cloud.google.com/appengine/docs/python/endpoints/) configuration for API handlers. # Serving configuration for Google Cloud Endpoints (https://cloud.google.com/appengine/docs/python/endpoints/).Only returned in GET requests if view=FULL is set.
+  "apiConfig": { # Cloud Endpoints (https://cloud.google.com/endpoints/) configuration for API handlers. # Serving configuration for Cloud Endpoints (https://cloud.google.com/endpoints/).Only returned in GET requests if view=FULL is set.
     "authFailAction": "A String", # Action to take when users access resources that require authentication. Defaults to redirect.
     "login": "A String", # Level of login required to access this resource. Defaults to optional.
     "script": "A String", # Path to the script from the application root directory.
@@ -412,7 +412,7 @@ 
Method Details

   An object of the form:
 
     { # A Version resource is a specific set of source code and configuration files that are deployed into a service.
-  "apiConfig": { # Google Cloud Endpoints (https://cloud.google.com/appengine/docs/python/endpoints/) configuration for API handlers. # Serving configuration for Google Cloud Endpoints (https://cloud.google.com/appengine/docs/python/endpoints/).Only returned in GET requests if view=FULL is set.
+  "apiConfig": { # Cloud Endpoints (https://cloud.google.com/endpoints/) configuration for API handlers. # Serving configuration for Cloud Endpoints (https://cloud.google.com/endpoints/).Only returned in GET requests if view=FULL is set.
     "authFailAction": "A String", # Action to take when users access resources that require authentication. Defaults to redirect.
     "login": "A String", # Level of login required to access this resource. Defaults to optional.
     "script": "A String", # Path to the script from the application root directory.
@@ -646,7 +646,7 @@ 
Method Details

   "nextPageToken": "A String", # Continuation token for fetching the next page of results.
   "versions": [ # The versions belonging to the requested service.
     { # A Version resource is a specific set of source code and configuration files that are deployed into a service.
-      "apiConfig": { # Google Cloud Endpoints (https://cloud.google.com/appengine/docs/python/endpoints/) configuration for API handlers. # Serving configuration for Google Cloud Endpoints (https://cloud.google.com/appengine/docs/python/endpoints/).Only returned in GET requests if view=FULL is set.
+      "apiConfig": { # Cloud Endpoints (https://cloud.google.com/endpoints/) configuration for API handlers. # Serving configuration for Cloud Endpoints (https://cloud.google.com/endpoints/).Only returned in GET requests if view=FULL is set.
         "authFailAction": "A String", # Action to take when users access resources that require authentication. Defaults to redirect.
         "login": "A String", # Level of login required to access this resource. Defaults to optional.
         "script": "A String", # Path to the script from the application root directory.
@@ -883,7 +883,7 @@ 
Method Details

     The object takes the form of:
 
 { # A Version resource is a specific set of source code and configuration files that are deployed into a service.
-  "apiConfig": { # Google Cloud Endpoints (https://cloud.google.com/appengine/docs/python/endpoints/) configuration for API handlers. # Serving configuration for Google Cloud Endpoints (https://cloud.google.com/appengine/docs/python/endpoints/).Only returned in GET requests if view=FULL is set.
+  "apiConfig": { # Cloud Endpoints (https://cloud.google.com/endpoints/) configuration for API handlers. # Serving configuration for Cloud Endpoints (https://cloud.google.com/endpoints/).Only returned in GET requests if view=FULL is set.
     "authFailAction": "A String", # Action to take when users access resources that require authentication. Defaults to redirect.
     "login": "A String", # Level of login required to access this resource. Defaults to optional.
     "script": "A String", # Path to the script from the application root directory.
diff --git a/docs/dyn/binaryauthorization_v1.projects.attestors.html b/docs/dyn/binaryauthorization_v1.projects.attestors.html
index 4ed91a21430..b4195129d93 100644
--- a/docs/dyn/binaryauthorization_v1.projects.attestors.html
+++ b/docs/dyn/binaryauthorization_v1.projects.attestors.html
@@ -255,7 +255,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -343,7 +343,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -371,7 +371,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/binaryauthorization_v1.projects.policy.html b/docs/dyn/binaryauthorization_v1.projects.policy.html
index bed8c95f1c7..64ffd342bda 100644
--- a/docs/dyn/binaryauthorization_v1.projects.policy.html
+++ b/docs/dyn/binaryauthorization_v1.projects.policy.html
@@ -116,7 +116,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -146,7 +146,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -174,7 +174,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/binaryauthorization_v1beta1.projects.attestors.html b/docs/dyn/binaryauthorization_v1beta1.projects.attestors.html
index cc93e4e201a..32521c88e00 100644
--- a/docs/dyn/binaryauthorization_v1beta1.projects.attestors.html
+++ b/docs/dyn/binaryauthorization_v1beta1.projects.attestors.html
@@ -255,7 +255,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -343,7 +343,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -371,7 +371,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/binaryauthorization_v1beta1.projects.policy.html b/docs/dyn/binaryauthorization_v1beta1.projects.policy.html
index 7dabc57c9d6..0020111fcab 100644
--- a/docs/dyn/binaryauthorization_v1beta1.projects.policy.html
+++ b/docs/dyn/binaryauthorization_v1beta1.projects.policy.html
@@ -116,7 +116,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -146,7 +146,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -174,7 +174,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/chromepolicy_v1.customers.policySchemas.html b/docs/dyn/chromepolicy_v1.customers.policySchemas.html
index 16e7553b33a..1de727e30ea 100644
--- a/docs/dyn/chromepolicy_v1.customers.policySchemas.html
+++ b/docs/dyn/chromepolicy_v1.customers.policySchemas.html
@@ -106,7 +106,7 @@ 
Method Details

 Returns:
   An object of the form:
 
-    { # Resource representing a policy schema. Next ID: 12
+    { # Resource representing a policy schema. Next ID: 13
   "accessRestrictions": [ # Output only. Specific access restrictions related to this policy.
     "A String",
   ],
@@ -210,7 +210,16 @@ 
Method Details

       "noticeValue": "A String", # Output only. The value of the field that has a notice. When setting the field to this value, the user may be required to acknowledge the notice message in order for the value to be set.
     },
   ],
-  "policyApiLifeycle": { # Output only. Current life cycle information.
+  "policyApiLifecycle": { # Output only. Current lifecycle information.
+    "description": "A String", # Description about current life cycle.
+    "endSupport": { # Represents a whole or partial calendar date, such as a birthday. The time of day and time zone are either specified elsewhere or are insignificant. The date is relative to the Gregorian Calendar. This can represent one of the following: * A full date, with non-zero year, month, and day values. * A month and day, with a zero year (for example, an anniversary). * A year on its own, with a zero month and a zero day. * A year and month, with a zero day (for example, a credit card expiration date). Related types: * google.type.TimeOfDay * google.type.DateTime * google.protobuf.Timestamp # End supporting date for current policy.
+      "day": 42, # Day of a month. Must be from 1 to 31 and valid for the year and month, or 0 to specify a year by itself or a year and month where the day isn't significant.
+      "month": 42, # Month of a year. Must be from 1 to 12, or 0 to specify a year without a month and day.
+      "year": 42, # Year of the date. Must be from 1 to 9999, or 0 to specify a date without a year.
+    },
+    "policyApiLifecycleStage": "A String", # Indicate current life cycle stage of the policy API.
+  },
+  "policyApiLifeycle": { # Deprecated field because of typo.
     "description": "A String", # Description about current life cycle.
     "endSupport": { # Represents a whole or partial calendar date, such as a birthday. The time of day and time zone are either specified elsewhere or are insignificant. The date is relative to the Gregorian Calendar. This can represent one of the following: * A full date, with non-zero year, month, and day values. * A month and day, with a zero year (for example, an anniversary). * A year on its own, with a zero month and a zero day. * A year and month, with a zero day (for example, a credit card expiration date). Related types: * google.type.TimeOfDay * google.type.DateTime * google.protobuf.Timestamp # End supporting date for current policy.
       "day": 42, # Day of a month. Must be from 1 to 31 and valid for the year and month, or 0 to specify a year by itself or a year and month where the day isn't significant.
@@ -248,7 +257,7 @@ 
Method Details

     { # Response message for listing policy schemas that match a filter.
   "nextPageToken": "A String", # The page token used to get the next page of policy schemas.
   "policySchemas": [ # The list of policy schemas that match the query.
-    { # Resource representing a policy schema. Next ID: 12
+    { # Resource representing a policy schema. Next ID: 13
       "accessRestrictions": [ # Output only. Specific access restrictions related to this policy.
         "A String",
       ],
@@ -352,7 +361,16 @@ 
Method Details

           "noticeValue": "A String", # Output only. The value of the field that has a notice. When setting the field to this value, the user may be required to acknowledge the notice message in order for the value to be set.
         },
       ],
-      "policyApiLifeycle": { # Output only. Current life cycle information.
+      "policyApiLifecycle": { # Output only. Current lifecycle information.
+        "description": "A String", # Description about current life cycle.
+        "endSupport": { # Represents a whole or partial calendar date, such as a birthday. The time of day and time zone are either specified elsewhere or are insignificant. The date is relative to the Gregorian Calendar. This can represent one of the following: * A full date, with non-zero year, month, and day values. * A month and day, with a zero year (for example, an anniversary). * A year on its own, with a zero month and a zero day. * A year and month, with a zero day (for example, a credit card expiration date). Related types: * google.type.TimeOfDay * google.type.DateTime * google.protobuf.Timestamp # End supporting date for current policy.
+          "day": 42, # Day of a month. Must be from 1 to 31 and valid for the year and month, or 0 to specify a year by itself or a year and month where the day isn't significant.
+          "month": 42, # Month of a year. Must be from 1 to 12, or 0 to specify a year without a month and day.
+          "year": 42, # Year of the date. Must be from 1 to 9999, or 0 to specify a date without a year.
+        },
+        "policyApiLifecycleStage": "A String", # Indicate current life cycle stage of the policy API.
+      },
+      "policyApiLifeycle": { # Deprecated field because of typo.
         "description": "A String", # Description about current life cycle.
         "endSupport": { # Represents a whole or partial calendar date, such as a birthday. The time of day and time zone are either specified elsewhere or are insignificant. The date is relative to the Gregorian Calendar. This can represent one of the following: * A full date, with non-zero year, month, and day values. * A month and day, with a zero year (for example, an anniversary). * A year on its own, with a zero month and a zero day. * A year and month, with a zero day (for example, a credit card expiration date). Related types: * google.type.TimeOfDay * google.type.DateTime * google.protobuf.Timestamp # End supporting date for current policy.
           "day": 42, # Day of a month. Must be from 1 to 31 and valid for the year and month, or 0 to specify a year by itself or a year and month where the day isn't significant.
diff --git a/docs/dyn/cloudbilling_v1.billingAccounts.html b/docs/dyn/cloudbilling_v1.billingAccounts.html
index df412e65ca9..1586c0b1527 100644
--- a/docs/dyn/cloudbilling_v1.billingAccounts.html
+++ b/docs/dyn/cloudbilling_v1.billingAccounts.html
@@ -202,7 +202,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -321,7 +321,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -363,7 +363,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/clouddeploy_v1.projects.locations.deliveryPipelines.html b/docs/dyn/clouddeploy_v1.projects.locations.deliveryPipelines.html
index 4fe19db10b6..e1deb450e00 100644
--- a/docs/dyn/clouddeploy_v1.projects.locations.deliveryPipelines.html
+++ b/docs/dyn/clouddeploy_v1.projects.locations.deliveryPipelines.html
@@ -326,7 +326,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -530,7 +530,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -572,7 +572,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/clouddeploy_v1.projects.locations.deliveryPipelines.releases.rollouts.html b/docs/dyn/clouddeploy_v1.projects.locations.deliveryPipelines.releases.rollouts.html
index a746b06f177..a8c06e52e2d 100644
--- a/docs/dyn/clouddeploy_v1.projects.locations.deliveryPipelines.releases.rollouts.html
+++ b/docs/dyn/clouddeploy_v1.projects.locations.deliveryPipelines.releases.rollouts.html
@@ -140,13 +140,13 @@ 
Method Details

   "approveTime": "A String", # Output only. Time at which the `Rollout` was approved.
   "createTime": "A String", # Output only. Time at which the `Rollout` was created.
   "deployEndTime": "A String", # Output only. Time at which the `Rollout` finished deploying.
-  "deployFailureCause": "A String", # Output only. The reason this deploy failed. This will always be unspecified while the deploy in progress.
+  "deployFailureCause": "A String", # Output only. The reason this rollout failed. This will always be unspecified while the rollout is in progress.
   "deployStartTime": "A String", # Output only. Time at which the `Rollout` started deploying.
   "deployingBuild": "A String", # Output only. The resource name of the Cloud Build `Build` object that is used to deploy the Rollout. Format is `projects/{project}/locations/{location}/builds/{build}`.
   "description": "A String", # Description of the `Rollout` for user purposes. Max length is 255 characters.
   "enqueueTime": "A String", # Output only. Time at which the `Rollout` was enqueued.
   "etag": "A String", # This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
-  "failureReason": "A String", # Output only. Reason the build failed. Empty if the build succeeded.
+  "failureReason": "A String", # Output only. Additional information about the rollout failure, if available.
   "labels": { # Labels are attributes that can be set and used by both the user and by Google Cloud Deploy. Labels must meet the following constraints: * Keys and values can contain only lowercase letters, numeric characters, underscores, and dashes. * All characters must use UTF-8 encoding, and international characters are allowed. * Keys must start with a lowercase letter or international character. * Each resource is limited to a maximum of 64 labels. Both keys and values are additionally constrained to be <= 128 bytes.
     "a_key": "A String",
   },
@@ -210,13 +210,13 @@ 
Method Details

   "approveTime": "A String", # Output only. Time at which the `Rollout` was approved.
   "createTime": "A String", # Output only. Time at which the `Rollout` was created.
   "deployEndTime": "A String", # Output only. Time at which the `Rollout` finished deploying.
-  "deployFailureCause": "A String", # Output only. The reason this deploy failed. This will always be unspecified while the deploy in progress.
+  "deployFailureCause": "A String", # Output only. The reason this rollout failed. This will always be unspecified while the rollout is in progress.
   "deployStartTime": "A String", # Output only. Time at which the `Rollout` started deploying.
   "deployingBuild": "A String", # Output only. The resource name of the Cloud Build `Build` object that is used to deploy the Rollout. Format is `projects/{project}/locations/{location}/builds/{build}`.
   "description": "A String", # Description of the `Rollout` for user purposes. Max length is 255 characters.
   "enqueueTime": "A String", # Output only. Time at which the `Rollout` was enqueued.
   "etag": "A String", # This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
-  "failureReason": "A String", # Output only. Reason the build failed. Empty if the build succeeded.
+  "failureReason": "A String", # Output only. Additional information about the rollout failure, if available.
   "labels": { # Labels are attributes that can be set and used by both the user and by Google Cloud Deploy. Labels must meet the following constraints: * Keys and values can contain only lowercase letters, numeric characters, underscores, and dashes. * All characters must use UTF-8 encoding, and international characters are allowed. * Keys must start with a lowercase letter or international character. * Each resource is limited to a maximum of 64 labels. Both keys and values are additionally constrained to be <= 128 bytes.
     "a_key": "A String",
   },
@@ -256,13 +256,13 @@ 
Method Details

       "approveTime": "A String", # Output only. Time at which the `Rollout` was approved.
       "createTime": "A String", # Output only. Time at which the `Rollout` was created.
       "deployEndTime": "A String", # Output only. Time at which the `Rollout` finished deploying.
-      "deployFailureCause": "A String", # Output only. The reason this deploy failed. This will always be unspecified while the deploy in progress.
+      "deployFailureCause": "A String", # Output only. The reason this rollout failed. This will always be unspecified while the rollout is in progress.
       "deployStartTime": "A String", # Output only. Time at which the `Rollout` started deploying.
       "deployingBuild": "A String", # Output only. The resource name of the Cloud Build `Build` object that is used to deploy the Rollout. Format is `projects/{project}/locations/{location}/builds/{build}`.
       "description": "A String", # Description of the `Rollout` for user purposes. Max length is 255 characters.
       "enqueueTime": "A String", # Output only. Time at which the `Rollout` was enqueued.
       "etag": "A String", # This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
-      "failureReason": "A String", # Output only. Reason the build failed. Empty if the build succeeded.
+      "failureReason": "A String", # Output only. Additional information about the rollout failure, if available.
       "labels": { # Labels are attributes that can be set and used by both the user and by Google Cloud Deploy. Labels must meet the following constraints: * Keys and values can contain only lowercase letters, numeric characters, underscores, and dashes. * All characters must use UTF-8 encoding, and international characters are allowed. * Keys must start with a lowercase letter or international character. * Each resource is limited to a maximum of 64 labels. Both keys and values are additionally constrained to be <= 128 bytes.
         "a_key": "A String",
       },
diff --git a/docs/dyn/clouddeploy_v1.projects.locations.targets.html b/docs/dyn/clouddeploy_v1.projects.locations.targets.html
index 8b1766aff46..b35045586e0 100644
--- a/docs/dyn/clouddeploy_v1.projects.locations.targets.html
+++ b/docs/dyn/clouddeploy_v1.projects.locations.targets.html
@@ -330,7 +330,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -544,7 +544,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -586,7 +586,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/compute_beta.backendBuckets.html b/docs/dyn/compute_beta.backendBuckets.html
index 9e7d72040bb..0e68b628352 100644
--- a/docs/dyn/compute_beta.backendBuckets.html
+++ b/docs/dyn/compute_beta.backendBuckets.html
@@ -496,7 +496,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1042,7 +1042,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1076,7 +1076,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1171,7 +1171,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/compute_beta.backendServices.html b/docs/dyn/compute_beta.backendServices.html
index 2bc01243fd8..1b7408e780d 100644
--- a/docs/dyn/compute_beta.backendServices.html
+++ b/docs/dyn/compute_beta.backendServices.html
@@ -945,7 +945,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1902,7 +1902,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1936,7 +1936,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -2031,7 +2031,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/compute_beta.disks.html b/docs/dyn/compute_beta.disks.html
index 6db4d91e6c1..359d76dae86 100644
--- a/docs/dyn/compute_beta.disks.html
+++ b/docs/dyn/compute_beta.disks.html
@@ -766,7 +766,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1354,7 +1354,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1388,7 +1388,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1483,7 +1483,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/compute_beta.firewallPolicies.html b/docs/dyn/compute_beta.firewallPolicies.html
index 8d6b61c1597..b213a857d27 100644
--- a/docs/dyn/compute_beta.firewallPolicies.html
+++ b/docs/dyn/compute_beta.firewallPolicies.html
@@ -731,7 +731,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1826,7 +1826,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1860,7 +1860,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1955,7 +1955,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/compute_beta.globalNetworkEndpointGroups.html b/docs/dyn/compute_beta.globalNetworkEndpointGroups.html
index 0914faff6f7..3481235193e 100644
--- a/docs/dyn/compute_beta.globalNetworkEndpointGroups.html
+++ b/docs/dyn/compute_beta.globalNetworkEndpointGroups.html
@@ -449,6 +449,11 @@ 
Method Details

   "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "network": "A String", # The URL of the network to which all network endpoints in the NEG belong. Uses "default" project network if unspecified.
   "networkEndpointType": "A String", # Type of network endpoints in this network endpoint group. Can be one of GCE_VM_IP, GCE_VM_IP_PORT, NON_GCP_PRIVATE_IP_PORT, INTERNET_FQDN_PORT, INTERNET_IP_PORT, SERVERLESS, PRIVATE_SERVICE_CONNECT.
+  "pscData": { # All data that is specifically relevant to only network endpoint groups of type PRIVATE_SERVICE_CONNECT.
+    "consumerPscAddress": "A String", # [Output Only] Address allocated from given subnetwork for PSC. This IP address acts as a VIP for a PSC NEG, allowing it to act as an endpoint in L7 PSC-XLB.
+    "pscConnectionId": "A String", # [Output Only] The PSC connection id of the PSC Network Endpoint Group Consumer.
+    "pscConnectionStatus": "A String", # [Output Only] The connection status of the PSC Forwarding Rule.
+  },
   "pscTargetService": "A String", # The target service url used to set up private service connection to a Google API or a PSC Producer Service Attachment. An example value is: "asia-northeast3-cloudkms.googleapis.com"
   "region": "A String", # [Output Only] The URL of the region where the network endpoint group is located.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
@@ -505,6 +510,11 @@ 
Method Details

   "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "network": "A String", # The URL of the network to which all network endpoints in the NEG belong. Uses "default" project network if unspecified.
   "networkEndpointType": "A String", # Type of network endpoints in this network endpoint group. Can be one of GCE_VM_IP, GCE_VM_IP_PORT, NON_GCP_PRIVATE_IP_PORT, INTERNET_FQDN_PORT, INTERNET_IP_PORT, SERVERLESS, PRIVATE_SERVICE_CONNECT.
+  "pscData": { # All data that is specifically relevant to only network endpoint groups of type PRIVATE_SERVICE_CONNECT.
+    "consumerPscAddress": "A String", # [Output Only] Address allocated from given subnetwork for PSC. This IP address acts as a VIP for a PSC NEG, allowing it to act as an endpoint in L7 PSC-XLB.
+    "pscConnectionId": "A String", # [Output Only] The PSC connection id of the PSC Network Endpoint Group Consumer.
+    "pscConnectionStatus": "A String", # [Output Only] The connection status of the PSC Forwarding Rule.
+  },
   "pscTargetService": "A String", # The target service url used to set up private service connection to a Google API or a PSC Producer Service Attachment. An example value is: "asia-northeast3-cloudkms.googleapis.com"
   "region": "A String", # [Output Only] The URL of the region where the network endpoint group is located.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
@@ -652,6 +662,11 @@ 
Method Details

       "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "network": "A String", # The URL of the network to which all network endpoints in the NEG belong. Uses "default" project network if unspecified.
       "networkEndpointType": "A String", # Type of network endpoints in this network endpoint group. Can be one of GCE_VM_IP, GCE_VM_IP_PORT, NON_GCP_PRIVATE_IP_PORT, INTERNET_FQDN_PORT, INTERNET_IP_PORT, SERVERLESS, PRIVATE_SERVICE_CONNECT.
+      "pscData": { # All data that is specifically relevant to only network endpoint groups of type PRIVATE_SERVICE_CONNECT.
+        "consumerPscAddress": "A String", # [Output Only] Address allocated from given subnetwork for PSC. This IP address acts as a VIP for a PSC NEG, allowing it to act as an endpoint in L7 PSC-XLB.
+        "pscConnectionId": "A String", # [Output Only] The PSC connection id of the PSC Network Endpoint Group Consumer.
+        "pscConnectionStatus": "A String", # [Output Only] The connection status of the PSC Forwarding Rule.
+      },
       "pscTargetService": "A String", # The target service url used to set up private service connection to a Google API or a PSC Producer Service Attachment. An example value is: "asia-northeast3-cloudkms.googleapis.com"
       "region": "A String", # [Output Only] The URL of the region where the network endpoint group is located.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
diff --git a/docs/dyn/compute_beta.images.html b/docs/dyn/compute_beta.images.html
index b759c2e4c5d..5ad40b5b62e 100644
--- a/docs/dyn/compute_beta.images.html
+++ b/docs/dyn/compute_beta.images.html
@@ -623,7 +623,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1293,7 +1293,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1327,7 +1327,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1422,7 +1422,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/compute_beta.instanceTemplates.html b/docs/dyn/compute_beta.instanceTemplates.html
index 10fa91f7225..2bbe48b35fa 100644
--- a/docs/dyn/compute_beta.instanceTemplates.html
+++ b/docs/dyn/compute_beta.instanceTemplates.html
@@ -522,7 +522,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1282,7 +1282,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1316,7 +1316,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1411,7 +1411,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/compute_beta.instances.html b/docs/dyn/compute_beta.instances.html
index 6f980533b13..b32f4db3bf8 100644
--- a/docs/dyn/compute_beta.instances.html
+++ b/docs/dyn/compute_beta.instances.html
@@ -2101,6 +2101,40 @@ 
Method Details

             },
             "versionedExpr": "A String", # Preconfigured versioned expression. If this field is specified, config must also be specified. Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding src_ip_range field in config.
           },
+          "preconfiguredWafConfig": { # Preconfigured WAF configuration to be applied for the rule. If the rule does not evaluate preconfigured WAF rules, i.e., if evaluatePreconfiguredWaf() is not used, this field will have no effect.
+            "exclusions": [ # A list of exclusions to apply during preconfigured WAF evaluation.
+              {
+                "requestCookiesToExclude": [ # A list of request cookie names whose value will be excluded from inspection during preconfigured WAF evaluation.
+                  {
+                    "op": "A String", # The match operator for the field.
+                    "val": "A String", # The value of the field.
+                  },
+                ],
+                "requestHeadersToExclude": [ # A list of request header names whose value will be excluded from inspection during preconfigured WAF evaluation.
+                  {
+                    "op": "A String", # The match operator for the field.
+                    "val": "A String", # The value of the field.
+                  },
+                ],
+                "requestQueryParamsToExclude": [ # A list of request query parameter names whose value will be excluded from inspection during preconfigured WAF evaluation. Note that the parameter can be in the query string or in the POST body.
+                  {
+                    "op": "A String", # The match operator for the field.
+                    "val": "A String", # The value of the field.
+                  },
+                ],
+                "requestUrisToExclude": [ # A list of request URIs from the request line to be excluded from inspection during preconfigured WAF evaluation. When specifying this field, the query or fragment part should be excluded.
+                  {
+                    "op": "A String", # The match operator for the field.
+                    "val": "A String", # The value of the field.
+                  },
+                ],
+                "targetRuleIds": [ # A list of target rule IDs under the WAF rule set to apply the preconfigured WAF exclusion. If omitted, it refers to all the rule IDs under the WAF rule set.
+                  "A String",
+                ],
+                "targetRuleSet": "A String", # Target WAF rule set to apply the preconfigured WAF exclusion.
+              },
+            ],
+          },
           "preview": True or False, # If set to true, the specified action is not enforced.
           "priority": 42, # An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
           "rateLimitOptions": { # Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions.
@@ -2221,7 +2255,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -3673,7 +3707,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -3707,7 +3741,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -3802,7 +3836,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/compute_beta.licenses.html b/docs/dyn/compute_beta.licenses.html
index fe37b92fcc5..8210dd2f204 100644
--- a/docs/dyn/compute_beta.licenses.html
+++ b/docs/dyn/compute_beta.licenses.html
@@ -268,7 +268,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -519,7 +519,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -553,7 +553,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -648,7 +648,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/compute_beta.machineImages.html b/docs/dyn/compute_beta.machineImages.html
index f01c28791e9..d5eccb4fb41 100644
--- a/docs/dyn/compute_beta.machineImages.html
+++ b/docs/dyn/compute_beta.machineImages.html
@@ -690,7 +690,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1787,7 +1787,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1821,7 +1821,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1916,7 +1916,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/compute_beta.networkEndpointGroups.html b/docs/dyn/compute_beta.networkEndpointGroups.html
index bc9a6e240c4..265c8fde3a3 100644
--- a/docs/dyn/compute_beta.networkEndpointGroups.html
+++ b/docs/dyn/compute_beta.networkEndpointGroups.html
@@ -171,6 +171,11 @@ 
Method Details

           "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
           "network": "A String", # The URL of the network to which all network endpoints in the NEG belong. Uses "default" project network if unspecified.
           "networkEndpointType": "A String", # Type of network endpoints in this network endpoint group. Can be one of GCE_VM_IP, GCE_VM_IP_PORT, NON_GCP_PRIVATE_IP_PORT, INTERNET_FQDN_PORT, INTERNET_IP_PORT, SERVERLESS, PRIVATE_SERVICE_CONNECT.
+          "pscData": { # All data that is specifically relevant to only network endpoint groups of type PRIVATE_SERVICE_CONNECT.
+            "consumerPscAddress": "A String", # [Output Only] Address allocated from given subnetwork for PSC. This IP address acts as a VIP for a PSC NEG, allowing it to act as an endpoint in L7 PSC-XLB.
+            "pscConnectionId": "A String", # [Output Only] The PSC connection id of the PSC Network Endpoint Group Consumer.
+            "pscConnectionStatus": "A String", # [Output Only] The connection status of the PSC Forwarding Rule.
+          },
           "pscTargetService": "A String", # The target service url used to set up private service connection to a Google API or a PSC Producer Service Attachment. An example value is: "asia-northeast3-cloudkms.googleapis.com"
           "region": "A String", # [Output Only] The URL of the region where the network endpoint group is located.
           "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
@@ -578,6 +583,11 @@ 
Method Details

   "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "network": "A String", # The URL of the network to which all network endpoints in the NEG belong. Uses "default" project network if unspecified.
   "networkEndpointType": "A String", # Type of network endpoints in this network endpoint group. Can be one of GCE_VM_IP, GCE_VM_IP_PORT, NON_GCP_PRIVATE_IP_PORT, INTERNET_FQDN_PORT, INTERNET_IP_PORT, SERVERLESS, PRIVATE_SERVICE_CONNECT.
+  "pscData": { # All data that is specifically relevant to only network endpoint groups of type PRIVATE_SERVICE_CONNECT.
+    "consumerPscAddress": "A String", # [Output Only] Address allocated from given subnetwork for PSC. This IP address acts as a VIP for a PSC NEG, allowing it to act as an endpoint in L7 PSC-XLB.
+    "pscConnectionId": "A String", # [Output Only] The PSC connection id of the PSC Network Endpoint Group Consumer.
+    "pscConnectionStatus": "A String", # [Output Only] The connection status of the PSC Forwarding Rule.
+  },
   "pscTargetService": "A String", # The target service url used to set up private service connection to a Google API or a PSC Producer Service Attachment. An example value is: "asia-northeast3-cloudkms.googleapis.com"
   "region": "A String", # [Output Only] The URL of the region where the network endpoint group is located.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
@@ -635,6 +645,11 @@ 
Method Details

   "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "network": "A String", # The URL of the network to which all network endpoints in the NEG belong. Uses "default" project network if unspecified.
   "networkEndpointType": "A String", # Type of network endpoints in this network endpoint group. Can be one of GCE_VM_IP, GCE_VM_IP_PORT, NON_GCP_PRIVATE_IP_PORT, INTERNET_FQDN_PORT, INTERNET_IP_PORT, SERVERLESS, PRIVATE_SERVICE_CONNECT.
+  "pscData": { # All data that is specifically relevant to only network endpoint groups of type PRIVATE_SERVICE_CONNECT.
+    "consumerPscAddress": "A String", # [Output Only] Address allocated from given subnetwork for PSC. This IP address acts as a VIP for a PSC NEG, allowing it to act as an endpoint in L7 PSC-XLB.
+    "pscConnectionId": "A String", # [Output Only] The PSC connection id of the PSC Network Endpoint Group Consumer.
+    "pscConnectionStatus": "A String", # [Output Only] The connection status of the PSC Forwarding Rule.
+  },
   "pscTargetService": "A String", # The target service url used to set up private service connection to a Google API or a PSC Producer Service Attachment. An example value is: "asia-northeast3-cloudkms.googleapis.com"
   "region": "A String", # [Output Only] The URL of the region where the network endpoint group is located.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
@@ -783,6 +798,11 @@ 
Method Details

       "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "network": "A String", # The URL of the network to which all network endpoints in the NEG belong. Uses "default" project network if unspecified.
       "networkEndpointType": "A String", # Type of network endpoints in this network endpoint group. Can be one of GCE_VM_IP, GCE_VM_IP_PORT, NON_GCP_PRIVATE_IP_PORT, INTERNET_FQDN_PORT, INTERNET_IP_PORT, SERVERLESS, PRIVATE_SERVICE_CONNECT.
+      "pscData": { # All data that is specifically relevant to only network endpoint groups of type PRIVATE_SERVICE_CONNECT.
+        "consumerPscAddress": "A String", # [Output Only] Address allocated from given subnetwork for PSC. This IP address acts as a VIP for a PSC NEG, allowing it to act as an endpoint in L7 PSC-XLB.
+        "pscConnectionId": "A String", # [Output Only] The PSC connection id of the PSC Network Endpoint Group Consumer.
+        "pscConnectionStatus": "A String", # [Output Only] The connection status of the PSC Forwarding Rule.
+      },
       "pscTargetService": "A String", # The target service url used to set up private service connection to a Google API or a PSC Producer Service Attachment. An example value is: "asia-northeast3-cloudkms.googleapis.com"
       "region": "A String", # [Output Only] The URL of the region where the network endpoint group is located.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
diff --git a/docs/dyn/compute_beta.networkFirewallPolicies.html b/docs/dyn/compute_beta.networkFirewallPolicies.html
index 9301b7bc06c..f96b6864feb 100644
--- a/docs/dyn/compute_beta.networkFirewallPolicies.html
+++ b/docs/dyn/compute_beta.networkFirewallPolicies.html
@@ -734,7 +734,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1721,7 +1721,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1755,7 +1755,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1850,7 +1850,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/compute_beta.networks.html b/docs/dyn/compute_beta.networks.html
index 0ca654274a4..187ad18ca41 100644
--- a/docs/dyn/compute_beta.networks.html
+++ b/docs/dyn/compute_beta.networks.html
@@ -561,6 +561,40 @@ 
Method Details

             },
             "versionedExpr": "A String", # Preconfigured versioned expression. If this field is specified, config must also be specified. Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding src_ip_range field in config.
           },
+          "preconfiguredWafConfig": { # Preconfigured WAF configuration to be applied for the rule. If the rule does not evaluate preconfigured WAF rules, i.e., if evaluatePreconfiguredWaf() is not used, this field will have no effect.
+            "exclusions": [ # A list of exclusions to apply during preconfigured WAF evaluation.
+              {
+                "requestCookiesToExclude": [ # A list of request cookie names whose value will be excluded from inspection during preconfigured WAF evaluation.
+                  {
+                    "op": "A String", # The match operator for the field.
+                    "val": "A String", # The value of the field.
+                  },
+                ],
+                "requestHeadersToExclude": [ # A list of request header names whose value will be excluded from inspection during preconfigured WAF evaluation.
+                  {
+                    "op": "A String", # The match operator for the field.
+                    "val": "A String", # The value of the field.
+                  },
+                ],
+                "requestQueryParamsToExclude": [ # A list of request query parameter names whose value will be excluded from inspection during preconfigured WAF evaluation. Note that the parameter can be in the query string or in the POST body.
+                  {
+                    "op": "A String", # The match operator for the field.
+                    "val": "A String", # The value of the field.
+                  },
+                ],
+                "requestUrisToExclude": [ # A list of request URIs from the request line to be excluded from inspection during preconfigured WAF evaluation. When specifying this field, the query or fragment part should be excluded.
+                  {
+                    "op": "A String", # The match operator for the field.
+                    "val": "A String", # The value of the field.
+                  },
+                ],
+                "targetRuleIds": [ # A list of target rule IDs under the WAF rule set to apply the preconfigured WAF exclusion. If omitted, it refers to all the rule IDs under the WAF rule set.
+                  "A String",
+                ],
+                "targetRuleSet": "A String", # Target WAF rule set to apply the preconfigured WAF exclusion.
+              },
+            ],
+          },
           "preview": True or False, # If set to true, the specified action is not enforced.
           "priority": 42, # An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
           "rateLimitOptions": { # Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions.
diff --git a/docs/dyn/compute_beta.nodeGroups.html b/docs/dyn/compute_beta.nodeGroups.html
index 4c0c99636fa..f8860aa1fc9 100644
--- a/docs/dyn/compute_beta.nodeGroups.html
+++ b/docs/dyn/compute_beta.nodeGroups.html
@@ -617,7 +617,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1153,7 +1153,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1187,7 +1187,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1282,7 +1282,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/compute_beta.nodeTemplates.html b/docs/dyn/compute_beta.nodeTemplates.html
index b7c5f4e9716..0d50cb79f9d 100644
--- a/docs/dyn/compute_beta.nodeTemplates.html
+++ b/docs/dyn/compute_beta.nodeTemplates.html
@@ -407,7 +407,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -706,7 +706,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -740,7 +740,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -835,7 +835,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/compute_beta.organizationSecurityPolicies.html b/docs/dyn/compute_beta.organizationSecurityPolicies.html
index ca3f8231176..5a335a0f7b7 100644
--- a/docs/dyn/compute_beta.organizationSecurityPolicies.html
+++ b/docs/dyn/compute_beta.organizationSecurityPolicies.html
@@ -270,6 +270,40 @@ 
Method Details

     },
     "versionedExpr": "A String", # Preconfigured versioned expression. If this field is specified, config must also be specified. Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding src_ip_range field in config.
   },
+  "preconfiguredWafConfig": { # Preconfigured WAF configuration to be applied for the rule. If the rule does not evaluate preconfigured WAF rules, i.e., if evaluatePreconfiguredWaf() is not used, this field will have no effect.
+    "exclusions": [ # A list of exclusions to apply during preconfigured WAF evaluation.
+      {
+        "requestCookiesToExclude": [ # A list of request cookie names whose value will be excluded from inspection during preconfigured WAF evaluation.
+          {
+            "op": "A String", # The match operator for the field.
+            "val": "A String", # The value of the field.
+          },
+        ],
+        "requestHeadersToExclude": [ # A list of request header names whose value will be excluded from inspection during preconfigured WAF evaluation.
+          {
+            "op": "A String", # The match operator for the field.
+            "val": "A String", # The value of the field.
+          },
+        ],
+        "requestQueryParamsToExclude": [ # A list of request query parameter names whose value will be excluded from inspection during preconfigured WAF evaluation. Note that the parameter can be in the query string or in the POST body.
+          {
+            "op": "A String", # The match operator for the field.
+            "val": "A String", # The value of the field.
+          },
+        ],
+        "requestUrisToExclude": [ # A list of request URIs from the request line to be excluded from inspection during preconfigured WAF evaluation. When specifying this field, the query or fragment part should be excluded.
+          {
+            "op": "A String", # The match operator for the field.
+            "val": "A String", # The value of the field.
+          },
+        ],
+        "targetRuleIds": [ # A list of target rule IDs under the WAF rule set to apply the preconfigured WAF exclusion. If omitted, it refers to all the rule IDs under the WAF rule set.
+          "A String",
+        ],
+        "targetRuleSet": "A String", # Target WAF rule set to apply the preconfigured WAF exclusion.
+      },
+    ],
+  },
   "preview": True or False, # If set to true, the specified action is not enforced.
   "priority": 42, # An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
   "rateLimitOptions": { # Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions.
@@ -664,6 +698,40 @@ 
Method Details

         },
         "versionedExpr": "A String", # Preconfigured versioned expression. If this field is specified, config must also be specified. Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding src_ip_range field in config.
       },
+      "preconfiguredWafConfig": { # Preconfigured WAF configuration to be applied for the rule. If the rule does not evaluate preconfigured WAF rules, i.e., if evaluatePreconfiguredWaf() is not used, this field will have no effect.
+        "exclusions": [ # A list of exclusions to apply during preconfigured WAF evaluation.
+          {
+            "requestCookiesToExclude": [ # A list of request cookie names whose value will be excluded from inspection during preconfigured WAF evaluation.
+              {
+                "op": "A String", # The match operator for the field.
+                "val": "A String", # The value of the field.
+              },
+            ],
+            "requestHeadersToExclude": [ # A list of request header names whose value will be excluded from inspection during preconfigured WAF evaluation.
+              {
+                "op": "A String", # The match operator for the field.
+                "val": "A String", # The value of the field.
+              },
+            ],
+            "requestQueryParamsToExclude": [ # A list of request query parameter names whose value will be excluded from inspection during preconfigured WAF evaluation. Note that the parameter can be in the query string or in the POST body.
+              {
+                "op": "A String", # The match operator for the field.
+                "val": "A String", # The value of the field.
+              },
+            ],
+            "requestUrisToExclude": [ # A list of request URIs from the request line to be excluded from inspection during preconfigured WAF evaluation. When specifying this field, the query or fragment part should be excluded.
+              {
+                "op": "A String", # The match operator for the field.
+                "val": "A String", # The value of the field.
+              },
+            ],
+            "targetRuleIds": [ # A list of target rule IDs under the WAF rule set to apply the preconfigured WAF exclusion. If omitted, it refers to all the rule IDs under the WAF rule set.
+              "A String",
+            ],
+            "targetRuleSet": "A String", # Target WAF rule set to apply the preconfigured WAF exclusion.
+          },
+        ],
+      },
       "preview": True or False, # If set to true, the specified action is not enforced.
       "priority": 42, # An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
       "rateLimitOptions": { # Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions.
@@ -782,6 +850,40 @@ 
Method Details

     },
     "versionedExpr": "A String", # Preconfigured versioned expression. If this field is specified, config must also be specified. Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding src_ip_range field in config.
   },
+  "preconfiguredWafConfig": { # Preconfigured WAF configuration to be applied for the rule. If the rule does not evaluate preconfigured WAF rules, i.e., if evaluatePreconfiguredWaf() is not used, this field will have no effect.
+    "exclusions": [ # A list of exclusions to apply during preconfigured WAF evaluation.
+      {
+        "requestCookiesToExclude": [ # A list of request cookie names whose value will be excluded from inspection during preconfigured WAF evaluation.
+          {
+            "op": "A String", # The match operator for the field.
+            "val": "A String", # The value of the field.
+          },
+        ],
+        "requestHeadersToExclude": [ # A list of request header names whose value will be excluded from inspection during preconfigured WAF evaluation.
+          {
+            "op": "A String", # The match operator for the field.
+            "val": "A String", # The value of the field.
+          },
+        ],
+        "requestQueryParamsToExclude": [ # A list of request query parameter names whose value will be excluded from inspection during preconfigured WAF evaluation. Note that the parameter can be in the query string or in the POST body.
+          {
+            "op": "A String", # The match operator for the field.
+            "val": "A String", # The value of the field.
+          },
+        ],
+        "requestUrisToExclude": [ # A list of request URIs from the request line to be excluded from inspection during preconfigured WAF evaluation. When specifying this field, the query or fragment part should be excluded.
+          {
+            "op": "A String", # The match operator for the field.
+            "val": "A String", # The value of the field.
+          },
+        ],
+        "targetRuleIds": [ # A list of target rule IDs under the WAF rule set to apply the preconfigured WAF exclusion. If omitted, it refers to all the rule IDs under the WAF rule set.
+          "A String",
+        ],
+        "targetRuleSet": "A String", # Target WAF rule set to apply the preconfigured WAF exclusion.
+      },
+    ],
+  },
   "preview": True or False, # If set to true, the specified action is not enforced.
   "priority": 42, # An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
   "rateLimitOptions": { # Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions.
@@ -916,6 +1018,40 @@ 
Method Details

         },
         "versionedExpr": "A String", # Preconfigured versioned expression. If this field is specified, config must also be specified. Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding src_ip_range field in config.
       },
+      "preconfiguredWafConfig": { # Preconfigured WAF configuration to be applied for the rule. If the rule does not evaluate preconfigured WAF rules, i.e., if evaluatePreconfiguredWaf() is not used, this field will have no effect.
+        "exclusions": [ # A list of exclusions to apply during preconfigured WAF evaluation.
+          {
+            "requestCookiesToExclude": [ # A list of request cookie names whose value will be excluded from inspection during preconfigured WAF evaluation.
+              {
+                "op": "A String", # The match operator for the field.
+                "val": "A String", # The value of the field.
+              },
+            ],
+            "requestHeadersToExclude": [ # A list of request header names whose value will be excluded from inspection during preconfigured WAF evaluation.
+              {
+                "op": "A String", # The match operator for the field.
+                "val": "A String", # The value of the field.
+              },
+            ],
+            "requestQueryParamsToExclude": [ # A list of request query parameter names whose value will be excluded from inspection during preconfigured WAF evaluation. Note that the parameter can be in the query string or in the POST body.
+              {
+                "op": "A String", # The match operator for the field.
+                "val": "A String", # The value of the field.
+              },
+            ],
+            "requestUrisToExclude": [ # A list of request URIs from the request line to be excluded from inspection during preconfigured WAF evaluation. When specifying this field, the query or fragment part should be excluded.
+              {
+                "op": "A String", # The match operator for the field.
+                "val": "A String", # The value of the field.
+              },
+            ],
+            "targetRuleIds": [ # A list of target rule IDs under the WAF rule set to apply the preconfigured WAF exclusion. If omitted, it refers to all the rule IDs under the WAF rule set.
+              "A String",
+            ],
+            "targetRuleSet": "A String", # Target WAF rule set to apply the preconfigured WAF exclusion.
+          },
+        ],
+      },
       "preview": True or False, # If set to true, the specified action is not enforced.
       "priority": 42, # An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
       "rateLimitOptions": { # Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions.
@@ -1148,6 +1284,40 @@ 
Method Details

             },
             "versionedExpr": "A String", # Preconfigured versioned expression. If this field is specified, config must also be specified. Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding src_ip_range field in config.
           },
+          "preconfiguredWafConfig": { # Preconfigured WAF configuration to be applied for the rule. If the rule does not evaluate preconfigured WAF rules, i.e., if evaluatePreconfiguredWaf() is not used, this field will have no effect.
+            "exclusions": [ # A list of exclusions to apply during preconfigured WAF evaluation.
+              {
+                "requestCookiesToExclude": [ # A list of request cookie names whose value will be excluded from inspection during preconfigured WAF evaluation.
+                  {
+                    "op": "A String", # The match operator for the field.
+                    "val": "A String", # The value of the field.
+                  },
+                ],
+                "requestHeadersToExclude": [ # A list of request header names whose value will be excluded from inspection during preconfigured WAF evaluation.
+                  {
+                    "op": "A String", # The match operator for the field.
+                    "val": "A String", # The value of the field.
+                  },
+                ],
+                "requestQueryParamsToExclude": [ # A list of request query parameter names whose value will be excluded from inspection during preconfigured WAF evaluation. Note that the parameter can be in the query string or in the POST body.
+                  {
+                    "op": "A String", # The match operator for the field.
+                    "val": "A String", # The value of the field.
+                  },
+                ],
+                "requestUrisToExclude": [ # A list of request URIs from the request line to be excluded from inspection during preconfigured WAF evaluation. When specifying this field, the query or fragment part should be excluded.
+                  {
+                    "op": "A String", # The match operator for the field.
+                    "val": "A String", # The value of the field.
+                  },
+                ],
+                "targetRuleIds": [ # A list of target rule IDs under the WAF rule set to apply the preconfigured WAF exclusion. If omitted, it refers to all the rule IDs under the WAF rule set.
+                  "A String",
+                ],
+                "targetRuleSet": "A String", # Target WAF rule set to apply the preconfigured WAF exclusion.
+              },
+            ],
+          },
           "preview": True or False, # If set to true, the specified action is not enforced.
           "priority": 42, # An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
           "rateLimitOptions": { # Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions.
@@ -1429,6 +1599,40 @@ 
Method Details

         },
         "versionedExpr": "A String", # Preconfigured versioned expression. If this field is specified, config must also be specified. Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding src_ip_range field in config.
       },
+      "preconfiguredWafConfig": { # Preconfigured WAF configuration to be applied for the rule. If the rule does not evaluate preconfigured WAF rules, i.e., if evaluatePreconfiguredWaf() is not used, this field will have no effect.
+        "exclusions": [ # A list of exclusions to apply during preconfigured WAF evaluation.
+          {
+            "requestCookiesToExclude": [ # A list of request cookie names whose value will be excluded from inspection during preconfigured WAF evaluation.
+              {
+                "op": "A String", # The match operator for the field.
+                "val": "A String", # The value of the field.
+              },
+            ],
+            "requestHeadersToExclude": [ # A list of request header names whose value will be excluded from inspection during preconfigured WAF evaluation.
+              {
+                "op": "A String", # The match operator for the field.
+                "val": "A String", # The value of the field.
+              },
+            ],
+            "requestQueryParamsToExclude": [ # A list of request query parameter names whose value will be excluded from inspection during preconfigured WAF evaluation. Note that the parameter can be in the query string or in the POST body.
+              {
+                "op": "A String", # The match operator for the field.
+                "val": "A String", # The value of the field.
+              },
+            ],
+            "requestUrisToExclude": [ # A list of request URIs from the request line to be excluded from inspection during preconfigured WAF evaluation. When specifying this field, the query or fragment part should be excluded.
+              {
+                "op": "A String", # The match operator for the field.
+                "val": "A String", # The value of the field.
+              },
+            ],
+            "targetRuleIds": [ # A list of target rule IDs under the WAF rule set to apply the preconfigured WAF exclusion. If omitted, it refers to all the rule IDs under the WAF rule set.
+              "A String",
+            ],
+            "targetRuleSet": "A String", # Target WAF rule set to apply the preconfigured WAF exclusion.
+          },
+        ],
+      },
       "preview": True or False, # If set to true, the specified action is not enforced.
       "priority": 42, # An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
       "rateLimitOptions": { # Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions.
@@ -1596,6 +1800,40 @@ 
Method Details

     },
     "versionedExpr": "A String", # Preconfigured versioned expression. If this field is specified, config must also be specified. Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding src_ip_range field in config.
   },
+  "preconfiguredWafConfig": { # Preconfigured WAF configuration to be applied for the rule. If the rule does not evaluate preconfigured WAF rules, i.e., if evaluatePreconfiguredWaf() is not used, this field will have no effect.
+    "exclusions": [ # A list of exclusions to apply during preconfigured WAF evaluation.
+      {
+        "requestCookiesToExclude": [ # A list of request cookie names whose value will be excluded from inspection during preconfigured WAF evaluation.
+          {
+            "op": "A String", # The match operator for the field.
+            "val": "A String", # The value of the field.
+          },
+        ],
+        "requestHeadersToExclude": [ # A list of request header names whose value will be excluded from inspection during preconfigured WAF evaluation.
+          {
+            "op": "A String", # The match operator for the field.
+            "val": "A String", # The value of the field.
+          },
+        ],
+        "requestQueryParamsToExclude": [ # A list of request query parameter names whose value will be excluded from inspection during preconfigured WAF evaluation. Note that the parameter can be in the query string or in the POST body.
+          {
+            "op": "A String", # The match operator for the field.
+            "val": "A String", # The value of the field.
+          },
+        ],
+        "requestUrisToExclude": [ # A list of request URIs from the request line to be excluded from inspection during preconfigured WAF evaluation. When specifying this field, the query or fragment part should be excluded.
+          {
+            "op": "A String", # The match operator for the field.
+            "val": "A String", # The value of the field.
+          },
+        ],
+        "targetRuleIds": [ # A list of target rule IDs under the WAF rule set to apply the preconfigured WAF exclusion. If omitted, it refers to all the rule IDs under the WAF rule set.
+          "A String",
+        ],
+        "targetRuleSet": "A String", # Target WAF rule set to apply the preconfigured WAF exclusion.
+      },
+    ],
+  },
   "preview": True or False, # If set to true, the specified action is not enforced.
   "priority": 42, # An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
   "rateLimitOptions": { # Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions.
diff --git a/docs/dyn/compute_beta.regionBackendServices.html b/docs/dyn/compute_beta.regionBackendServices.html
index c54c0941f64..ea73d1e3fcf 100644
--- a/docs/dyn/compute_beta.regionBackendServices.html
+++ b/docs/dyn/compute_beta.regionBackendServices.html
@@ -495,7 +495,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1363,7 +1363,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1397,7 +1397,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1492,7 +1492,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/compute_beta.regionCommitments.html b/docs/dyn/compute_beta.regionCommitments.html
index d419bc65da3..c261eac062d 100644
--- a/docs/dyn/compute_beta.regionCommitments.html
+++ b/docs/dyn/compute_beta.regionCommitments.html
@@ -154,6 +154,9 @@ 
Method Details

               "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
               "kind": "compute#reservation", # [Output Only] Type of the resource. Always compute#reservations for reservations.
               "name": "A String", # The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+              "resourcePolicies": { # Resource policies to be added to this reservation. The key is defined by user, and the value is resource policy url. This is to define placement policy with reservation.
+                "a_key": "A String",
+              },
               "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
               "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
               "shareSettings": { # The share setting for reservations and sole tenancy node groups. # Share-settings for shared-reservation
@@ -300,6 +303,9 @@ 
Method Details

       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#reservation", # [Output Only] Type of the resource. Always compute#reservations for reservations.
       "name": "A String", # The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+      "resourcePolicies": { # Resource policies to be added to this reservation. The key is defined by user, and the value is resource policy url. This is to define placement policy with reservation.
+        "a_key": "A String",
+      },
       "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
       "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
       "shareSettings": { # The share setting for reservations and sole tenancy node groups. # Share-settings for shared-reservation
@@ -391,6 +397,9 @@ 
Method Details

       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#reservation", # [Output Only] Type of the resource. Always compute#reservations for reservations.
       "name": "A String", # The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+      "resourcePolicies": { # Resource policies to be added to this reservation. The key is defined by user, and the value is resource policy url. This is to define placement policy with reservation.
+        "a_key": "A String",
+      },
       "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
       "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
       "shareSettings": { # The share setting for reservations and sole tenancy node groups. # Share-settings for shared-reservation
@@ -573,6 +582,9 @@ 
Method Details

           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "kind": "compute#reservation", # [Output Only] Type of the resource. Always compute#reservations for reservations.
           "name": "A String", # The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+          "resourcePolicies": { # Resource policies to be added to this reservation. The key is defined by user, and the value is resource policy url. This is to define placement policy with reservation.
+            "a_key": "A String",
+          },
           "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
           "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
           "shareSettings": { # The share setting for reservations and sole tenancy node groups. # Share-settings for shared-reservation
@@ -726,6 +738,9 @@ 
Method Details

       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#reservation", # [Output Only] Type of the resource. Always compute#reservations for reservations.
       "name": "A String", # The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+      "resourcePolicies": { # Resource policies to be added to this reservation. The key is defined by user, and the value is resource policy url. This is to define placement policy with reservation.
+        "a_key": "A String",
+      },
       "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
       "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
       "shareSettings": { # The share setting for reservations and sole tenancy node groups. # Share-settings for shared-reservation
@@ -883,6 +898,9 @@ 
Method Details

       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#reservation", # [Output Only] Type of the resource. Always compute#reservations for reservations.
       "name": "A String", # The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+      "resourcePolicies": { # Resource policies to be added to this reservation. The key is defined by user, and the value is resource policy url. This is to define placement policy with reservation.
+        "a_key": "A String",
+      },
       "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
       "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
       "shareSettings": { # The share setting for reservations and sole tenancy node groups. # Share-settings for shared-reservation
diff --git a/docs/dyn/compute_beta.regionDisks.html b/docs/dyn/compute_beta.regionDisks.html
index a6b878ee43b..0c7557caefb 100644
--- a/docs/dyn/compute_beta.regionDisks.html
+++ b/docs/dyn/compute_beta.regionDisks.html
@@ -602,7 +602,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1190,7 +1190,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1224,7 +1224,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1319,7 +1319,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/compute_beta.regionNetworkEndpointGroups.html b/docs/dyn/compute_beta.regionNetworkEndpointGroups.html
index df8619285ab..ecf75cd2e36 100644
--- a/docs/dyn/compute_beta.regionNetworkEndpointGroups.html
+++ b/docs/dyn/compute_beta.regionNetworkEndpointGroups.html
@@ -233,6 +233,11 @@ 
Method Details

   "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "network": "A String", # The URL of the network to which all network endpoints in the NEG belong. Uses "default" project network if unspecified.
   "networkEndpointType": "A String", # Type of network endpoints in this network endpoint group. Can be one of GCE_VM_IP, GCE_VM_IP_PORT, NON_GCP_PRIVATE_IP_PORT, INTERNET_FQDN_PORT, INTERNET_IP_PORT, SERVERLESS, PRIVATE_SERVICE_CONNECT.
+  "pscData": { # All data that is specifically relevant to only network endpoint groups of type PRIVATE_SERVICE_CONNECT.
+    "consumerPscAddress": "A String", # [Output Only] Address allocated from given subnetwork for PSC. This IP address acts as a VIP for a PSC NEG, allowing it to act as an endpoint in L7 PSC-XLB.
+    "pscConnectionId": "A String", # [Output Only] The PSC connection id of the PSC Network Endpoint Group Consumer.
+    "pscConnectionStatus": "A String", # [Output Only] The connection status of the PSC Forwarding Rule.
+  },
   "pscTargetService": "A String", # The target service url used to set up private service connection to a Google API or a PSC Producer Service Attachment. An example value is: "asia-northeast3-cloudkms.googleapis.com"
   "region": "A String", # [Output Only] The URL of the region where the network endpoint group is located.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
@@ -290,6 +295,11 @@ 
Method Details

   "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "network": "A String", # The URL of the network to which all network endpoints in the NEG belong. Uses "default" project network if unspecified.
   "networkEndpointType": "A String", # Type of network endpoints in this network endpoint group. Can be one of GCE_VM_IP, GCE_VM_IP_PORT, NON_GCP_PRIVATE_IP_PORT, INTERNET_FQDN_PORT, INTERNET_IP_PORT, SERVERLESS, PRIVATE_SERVICE_CONNECT.
+  "pscData": { # All data that is specifically relevant to only network endpoint groups of type PRIVATE_SERVICE_CONNECT.
+    "consumerPscAddress": "A String", # [Output Only] Address allocated from given subnetwork for PSC. This IP address acts as a VIP for a PSC NEG, allowing it to act as an endpoint in L7 PSC-XLB.
+    "pscConnectionId": "A String", # [Output Only] The PSC connection id of the PSC Network Endpoint Group Consumer.
+    "pscConnectionStatus": "A String", # [Output Only] The connection status of the PSC Forwarding Rule.
+  },
   "pscTargetService": "A String", # The target service url used to set up private service connection to a Google API or a PSC Producer Service Attachment. An example value is: "asia-northeast3-cloudkms.googleapis.com"
   "region": "A String", # [Output Only] The URL of the region where the network endpoint group is located.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
@@ -438,6 +448,11 @@ 
Method Details

       "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "network": "A String", # The URL of the network to which all network endpoints in the NEG belong. Uses "default" project network if unspecified.
       "networkEndpointType": "A String", # Type of network endpoints in this network endpoint group. Can be one of GCE_VM_IP, GCE_VM_IP_PORT, NON_GCP_PRIVATE_IP_PORT, INTERNET_FQDN_PORT, INTERNET_IP_PORT, SERVERLESS, PRIVATE_SERVICE_CONNECT.
+      "pscData": { # All data that is specifically relevant to only network endpoint groups of type PRIVATE_SERVICE_CONNECT.
+        "consumerPscAddress": "A String", # [Output Only] Address allocated from given subnetwork for PSC. This IP address acts as a VIP for a PSC NEG, allowing it to act as an endpoint in L7 PSC-XLB.
+        "pscConnectionId": "A String", # [Output Only] The PSC connection id of the PSC Network Endpoint Group Consumer.
+        "pscConnectionStatus": "A String", # [Output Only] The connection status of the PSC Forwarding Rule.
+      },
       "pscTargetService": "A String", # The target service url used to set up private service connection to a Google API or a PSC Producer Service Attachment. An example value is: "asia-northeast3-cloudkms.googleapis.com"
       "region": "A String", # [Output Only] The URL of the region where the network endpoint group is located.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
diff --git a/docs/dyn/compute_beta.regionNetworkFirewallPolicies.html b/docs/dyn/compute_beta.regionNetworkFirewallPolicies.html
index bb80aae39a5..1ff542203ac 100644
--- a/docs/dyn/compute_beta.regionNetworkFirewallPolicies.html
+++ b/docs/dyn/compute_beta.regionNetworkFirewallPolicies.html
@@ -889,7 +889,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1884,7 +1884,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1918,7 +1918,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -2013,7 +2013,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/compute_beta.regionSecurityPolicies.html b/docs/dyn/compute_beta.regionSecurityPolicies.html
index 409198d8002..185f0cc9b72 100644
--- a/docs/dyn/compute_beta.regionSecurityPolicies.html
+++ b/docs/dyn/compute_beta.regionSecurityPolicies.html
@@ -294,6 +294,40 @@ 
Method Details

         },
         "versionedExpr": "A String", # Preconfigured versioned expression. If this field is specified, config must also be specified. Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding src_ip_range field in config.
       },
+      "preconfiguredWafConfig": { # Preconfigured WAF configuration to be applied for the rule. If the rule does not evaluate preconfigured WAF rules, i.e., if evaluatePreconfiguredWaf() is not used, this field will have no effect.
+        "exclusions": [ # A list of exclusions to apply during preconfigured WAF evaluation.
+          {
+            "requestCookiesToExclude": [ # A list of request cookie names whose value will be excluded from inspection during preconfigured WAF evaluation.
+              {
+                "op": "A String", # The match operator for the field.
+                "val": "A String", # The value of the field.
+              },
+            ],
+            "requestHeadersToExclude": [ # A list of request header names whose value will be excluded from inspection during preconfigured WAF evaluation.
+              {
+                "op": "A String", # The match operator for the field.
+                "val": "A String", # The value of the field.
+              },
+            ],
+            "requestQueryParamsToExclude": [ # A list of request query parameter names whose value will be excluded from inspection during preconfigured WAF evaluation. Note that the parameter can be in the query string or in the POST body.
+              {
+                "op": "A String", # The match operator for the field.
+                "val": "A String", # The value of the field.
+              },
+            ],
+            "requestUrisToExclude": [ # A list of request URIs from the request line to be excluded from inspection during preconfigured WAF evaluation. When specifying this field, the query or fragment part should be excluded.
+              {
+                "op": "A String", # The match operator for the field.
+                "val": "A String", # The value of the field.
+              },
+            ],
+            "targetRuleIds": [ # A list of target rule IDs under the WAF rule set to apply the preconfigured WAF exclusion. If omitted, it refers to all the rule IDs under the WAF rule set.
+              "A String",
+            ],
+            "targetRuleSet": "A String", # Target WAF rule set to apply the preconfigured WAF exclusion.
+          },
+        ],
+      },
       "preview": True or False, # If set to true, the specified action is not enforced.
       "priority": 42, # An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
       "rateLimitOptions": { # Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions.
@@ -435,6 +469,40 @@ 
Method Details

         },
         "versionedExpr": "A String", # Preconfigured versioned expression. If this field is specified, config must also be specified. Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding src_ip_range field in config.
       },
+      "preconfiguredWafConfig": { # Preconfigured WAF configuration to be applied for the rule. If the rule does not evaluate preconfigured WAF rules, i.e., if evaluatePreconfiguredWaf() is not used, this field will have no effect.
+        "exclusions": [ # A list of exclusions to apply during preconfigured WAF evaluation.
+          {
+            "requestCookiesToExclude": [ # A list of request cookie names whose value will be excluded from inspection during preconfigured WAF evaluation.
+              {
+                "op": "A String", # The match operator for the field.
+                "val": "A String", # The value of the field.
+              },
+            ],
+            "requestHeadersToExclude": [ # A list of request header names whose value will be excluded from inspection during preconfigured WAF evaluation.
+              {
+                "op": "A String", # The match operator for the field.
+                "val": "A String", # The value of the field.
+              },
+            ],
+            "requestQueryParamsToExclude": [ # A list of request query parameter names whose value will be excluded from inspection during preconfigured WAF evaluation. Note that the parameter can be in the query string or in the POST body.
+              {
+                "op": "A String", # The match operator for the field.
+                "val": "A String", # The value of the field.
+              },
+            ],
+            "requestUrisToExclude": [ # A list of request URIs from the request line to be excluded from inspection during preconfigured WAF evaluation. When specifying this field, the query or fragment part should be excluded.
+              {
+                "op": "A String", # The match operator for the field.
+                "val": "A String", # The value of the field.
+              },
+            ],
+            "targetRuleIds": [ # A list of target rule IDs under the WAF rule set to apply the preconfigured WAF exclusion. If omitted, it refers to all the rule IDs under the WAF rule set.
+              "A String",
+            ],
+            "targetRuleSet": "A String", # Target WAF rule set to apply the preconfigured WAF exclusion.
+          },
+        ],
+      },
       "preview": True or False, # If set to true, the specified action is not enforced.
       "priority": 42, # An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
       "rateLimitOptions": { # Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions.
@@ -668,6 +736,40 @@ 
Method Details

             },
             "versionedExpr": "A String", # Preconfigured versioned expression. If this field is specified, config must also be specified. Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding src_ip_range field in config.
           },
+          "preconfiguredWafConfig": { # Preconfigured WAF configuration to be applied for the rule. If the rule does not evaluate preconfigured WAF rules, i.e., if evaluatePreconfiguredWaf() is not used, this field will have no effect.
+            "exclusions": [ # A list of exclusions to apply during preconfigured WAF evaluation.
+              {
+                "requestCookiesToExclude": [ # A list of request cookie names whose value will be excluded from inspection during preconfigured WAF evaluation.
+                  {
+                    "op": "A String", # The match operator for the field.
+                    "val": "A String", # The value of the field.
+                  },
+                ],
+                "requestHeadersToExclude": [ # A list of request header names whose value will be excluded from inspection during preconfigured WAF evaluation.
+                  {
+                    "op": "A String", # The match operator for the field.
+                    "val": "A String", # The value of the field.
+                  },
+                ],
+                "requestQueryParamsToExclude": [ # A list of request query parameter names whose value will be excluded from inspection during preconfigured WAF evaluation. Note that the parameter can be in the query string or in the POST body.
+                  {
+                    "op": "A String", # The match operator for the field.
+                    "val": "A String", # The value of the field.
+                  },
+                ],
+                "requestUrisToExclude": [ # A list of request URIs from the request line to be excluded from inspection during preconfigured WAF evaluation. When specifying this field, the query or fragment part should be excluded.
+                  {
+                    "op": "A String", # The match operator for the field.
+                    "val": "A String", # The value of the field.
+                  },
+                ],
+                "targetRuleIds": [ # A list of target rule IDs under the WAF rule set to apply the preconfigured WAF exclusion. If omitted, it refers to all the rule IDs under the WAF rule set.
+                  "A String",
+                ],
+                "targetRuleSet": "A String", # Target WAF rule set to apply the preconfigured WAF exclusion.
+              },
+            ],
+          },
           "preview": True or False, # If set to true, the specified action is not enforced.
           "priority": 42, # An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
           "rateLimitOptions": { # Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions.
@@ -838,6 +940,40 @@ 
Method Details

         },
         "versionedExpr": "A String", # Preconfigured versioned expression. If this field is specified, config must also be specified. Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding src_ip_range field in config.
       },
+      "preconfiguredWafConfig": { # Preconfigured WAF configuration to be applied for the rule. If the rule does not evaluate preconfigured WAF rules, i.e., if evaluatePreconfiguredWaf() is not used, this field will have no effect.
+        "exclusions": [ # A list of exclusions to apply during preconfigured WAF evaluation.
+          {
+            "requestCookiesToExclude": [ # A list of request cookie names whose value will be excluded from inspection during preconfigured WAF evaluation.
+              {
+                "op": "A String", # The match operator for the field.
+                "val": "A String", # The value of the field.
+              },
+            ],
+            "requestHeadersToExclude": [ # A list of request header names whose value will be excluded from inspection during preconfigured WAF evaluation.
+              {
+                "op": "A String", # The match operator for the field.
+                "val": "A String", # The value of the field.
+              },
+            ],
+            "requestQueryParamsToExclude": [ # A list of request query parameter names whose value will be excluded from inspection during preconfigured WAF evaluation. Note that the parameter can be in the query string or in the POST body.
+              {
+                "op": "A String", # The match operator for the field.
+                "val": "A String", # The value of the field.
+              },
+            ],
+            "requestUrisToExclude": [ # A list of request URIs from the request line to be excluded from inspection during preconfigured WAF evaluation. When specifying this field, the query or fragment part should be excluded.
+              {
+                "op": "A String", # The match operator for the field.
+                "val": "A String", # The value of the field.
+              },
+            ],
+            "targetRuleIds": [ # A list of target rule IDs under the WAF rule set to apply the preconfigured WAF exclusion. If omitted, it refers to all the rule IDs under the WAF rule set.
+              "A String",
+            ],
+            "targetRuleSet": "A String", # Target WAF rule set to apply the preconfigured WAF exclusion.
+          },
+        ],
+      },
       "preview": True or False, # If set to true, the specified action is not enforced.
       "priority": 42, # An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
       "rateLimitOptions": { # Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions.
diff --git a/docs/dyn/compute_beta.reservations.html b/docs/dyn/compute_beta.reservations.html
index bb9944588c1..a20abeb6f8c 100644
--- a/docs/dyn/compute_beta.reservations.html
+++ b/docs/dyn/compute_beta.reservations.html
@@ -146,6 +146,9 @@ 
Method Details

           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "kind": "compute#reservation", # [Output Only] Type of the resource. Always compute#reservations for reservations.
           "name": "A String", # The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+          "resourcePolicies": { # Resource policies to be added to this reservation. The key is defined by user, and the value is resource policy url. This is to define placement policy with reservation.
+            "a_key": "A String",
+          },
           "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
           "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
           "shareSettings": { # The share setting for reservations and sole tenancy node groups. # Share-settings for shared-reservation
@@ -348,6 +351,9 @@ 
Method Details

   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#reservation", # [Output Only] Type of the resource. Always compute#reservations for reservations.
   "name": "A String", # The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+  "resourcePolicies": { # Resource policies to be added to this reservation. The key is defined by user, and the value is resource policy url. This is to define placement policy with reservation.
+    "a_key": "A String",
+  },
   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
   "shareSettings": { # The share setting for reservations and sole tenancy node groups. # Share-settings for shared-reservation
@@ -435,7 +441,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -512,6 +518,9 @@ 
Method Details

   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#reservation", # [Output Only] Type of the resource. Always compute#reservations for reservations.
   "name": "A String", # The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+  "resourcePolicies": { # Resource policies to be added to this reservation. The key is defined by user, and the value is resource policy url. This is to define placement policy with reservation.
+    "a_key": "A String",
+  },
   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
   "shareSettings": { # The share setting for reservations and sole tenancy node groups. # Share-settings for shared-reservation
@@ -663,6 +672,9 @@ 
Method Details

       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#reservation", # [Output Only] Type of the resource. Always compute#reservations for reservations.
       "name": "A String", # The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+      "resourcePolicies": { # Resource policies to be added to this reservation. The key is defined by user, and the value is resource policy url. This is to define placement policy with reservation.
+        "a_key": "A String",
+      },
       "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
       "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
       "shareSettings": { # The share setting for reservations and sole tenancy node groups. # Share-settings for shared-reservation
@@ -850,7 +862,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -884,7 +896,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -979,7 +991,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1089,6 +1101,9 @@ 
Method Details

   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#reservation", # [Output Only] Type of the resource. Always compute#reservations for reservations.
   "name": "A String", # The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+  "resourcePolicies": { # Resource policies to be added to this reservation. The key is defined by user, and the value is resource policy url. This is to define placement policy with reservation.
+    "a_key": "A String",
+  },
   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
   "shareSettings": { # The share setting for reservations and sole tenancy node groups. # Share-settings for shared-reservation
diff --git a/docs/dyn/compute_beta.resourcePolicies.html b/docs/dyn/compute_beta.resourcePolicies.html
index 779a98ac78c..ad318d08516 100644
--- a/docs/dyn/compute_beta.resourcePolicies.html
+++ b/docs/dyn/compute_beta.resourcePolicies.html
@@ -472,7 +472,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -836,7 +836,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -870,7 +870,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -965,7 +965,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/compute_beta.securityPolicies.html b/docs/dyn/compute_beta.securityPolicies.html
index 2ae85b59b60..d2d5ea40990 100644
--- a/docs/dyn/compute_beta.securityPolicies.html
+++ b/docs/dyn/compute_beta.securityPolicies.html
@@ -172,6 +172,40 @@ 
Method Details

     },
     "versionedExpr": "A String", # Preconfigured versioned expression. If this field is specified, config must also be specified. Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding src_ip_range field in config.
   },
+  "preconfiguredWafConfig": { # Preconfigured WAF configuration to be applied for the rule. If the rule does not evaluate preconfigured WAF rules, i.e., if evaluatePreconfiguredWaf() is not used, this field will have no effect.
+    "exclusions": [ # A list of exclusions to apply during preconfigured WAF evaluation.
+      {
+        "requestCookiesToExclude": [ # A list of request cookie names whose value will be excluded from inspection during preconfigured WAF evaluation.
+          {
+            "op": "A String", # The match operator for the field.
+            "val": "A String", # The value of the field.
+          },
+        ],
+        "requestHeadersToExclude": [ # A list of request header names whose value will be excluded from inspection during preconfigured WAF evaluation.
+          {
+            "op": "A String", # The match operator for the field.
+            "val": "A String", # The value of the field.
+          },
+        ],
+        "requestQueryParamsToExclude": [ # A list of request query parameter names whose value will be excluded from inspection during preconfigured WAF evaluation. Note that the parameter can be in the query string or in the POST body.
+          {
+            "op": "A String", # The match operator for the field.
+            "val": "A String", # The value of the field.
+          },
+        ],
+        "requestUrisToExclude": [ # A list of request URIs from the request line to be excluded from inspection during preconfigured WAF evaluation. When specifying this field, the query or fragment part should be excluded.
+          {
+            "op": "A String", # The match operator for the field.
+            "val": "A String", # The value of the field.
+          },
+        ],
+        "targetRuleIds": [ # A list of target rule IDs under the WAF rule set to apply the preconfigured WAF exclusion. If omitted, it refers to all the rule IDs under the WAF rule set.
+          "A String",
+        ],
+        "targetRuleSet": "A String", # Target WAF rule set to apply the preconfigured WAF exclusion.
+      },
+    ],
+  },
   "preview": True or False, # If set to true, the specified action is not enforced.
   "priority": 42, # An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
   "rateLimitOptions": { # Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions.
@@ -402,6 +436,40 @@ 
Method Details

                 },
                 "versionedExpr": "A String", # Preconfigured versioned expression. If this field is specified, config must also be specified. Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding src_ip_range field in config.
               },
+              "preconfiguredWafConfig": { # Preconfigured WAF configuration to be applied for the rule. If the rule does not evaluate preconfigured WAF rules, i.e., if evaluatePreconfiguredWaf() is not used, this field will have no effect.
+                "exclusions": [ # A list of exclusions to apply during preconfigured WAF evaluation.
+                  {
+                    "requestCookiesToExclude": [ # A list of request cookie names whose value will be excluded from inspection during preconfigured WAF evaluation.
+                      {
+                        "op": "A String", # The match operator for the field.
+                        "val": "A String", # The value of the field.
+                      },
+                    ],
+                    "requestHeadersToExclude": [ # A list of request header names whose value will be excluded from inspection during preconfigured WAF evaluation.
+                      {
+                        "op": "A String", # The match operator for the field.
+                        "val": "A String", # The value of the field.
+                      },
+                    ],
+                    "requestQueryParamsToExclude": [ # A list of request query parameter names whose value will be excluded from inspection during preconfigured WAF evaluation. Note that the parameter can be in the query string or in the POST body.
+                      {
+                        "op": "A String", # The match operator for the field.
+                        "val": "A String", # The value of the field.
+                      },
+                    ],
+                    "requestUrisToExclude": [ # A list of request URIs from the request line to be excluded from inspection during preconfigured WAF evaluation. When specifying this field, the query or fragment part should be excluded.
+                      {
+                        "op": "A String", # The match operator for the field.
+                        "val": "A String", # The value of the field.
+                      },
+                    ],
+                    "targetRuleIds": [ # A list of target rule IDs under the WAF rule set to apply the preconfigured WAF exclusion. If omitted, it refers to all the rule IDs under the WAF rule set.
+                      "A String",
+                    ],
+                    "targetRuleSet": "A String", # Target WAF rule set to apply the preconfigured WAF exclusion.
+                  },
+                ],
+              },
               "preview": True or False, # If set to true, the specified action is not enforced.
               "priority": 42, # An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
               "rateLimitOptions": { # Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions.
@@ -683,6 +751,40 @@ 
Method Details

         },
         "versionedExpr": "A String", # Preconfigured versioned expression. If this field is specified, config must also be specified. Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding src_ip_range field in config.
       },
+      "preconfiguredWafConfig": { # Preconfigured WAF configuration to be applied for the rule. If the rule does not evaluate preconfigured WAF rules, i.e., if evaluatePreconfiguredWaf() is not used, this field will have no effect.
+        "exclusions": [ # A list of exclusions to apply during preconfigured WAF evaluation.
+          {
+            "requestCookiesToExclude": [ # A list of request cookie names whose value will be excluded from inspection during preconfigured WAF evaluation.
+              {
+                "op": "A String", # The match operator for the field.
+                "val": "A String", # The value of the field.
+              },
+            ],
+            "requestHeadersToExclude": [ # A list of request header names whose value will be excluded from inspection during preconfigured WAF evaluation.
+              {
+                "op": "A String", # The match operator for the field.
+                "val": "A String", # The value of the field.
+              },
+            ],
+            "requestQueryParamsToExclude": [ # A list of request query parameter names whose value will be excluded from inspection during preconfigured WAF evaluation. Note that the parameter can be in the query string or in the POST body.
+              {
+                "op": "A String", # The match operator for the field.
+                "val": "A String", # The value of the field.
+              },
+            ],
+            "requestUrisToExclude": [ # A list of request URIs from the request line to be excluded from inspection during preconfigured WAF evaluation. When specifying this field, the query or fragment part should be excluded.
+              {
+                "op": "A String", # The match operator for the field.
+                "val": "A String", # The value of the field.
+              },
+            ],
+            "targetRuleIds": [ # A list of target rule IDs under the WAF rule set to apply the preconfigured WAF exclusion. If omitted, it refers to all the rule IDs under the WAF rule set.
+              "A String",
+            ],
+            "targetRuleSet": "A String", # Target WAF rule set to apply the preconfigured WAF exclusion.
+          },
+        ],
+      },
       "preview": True or False, # If set to true, the specified action is not enforced.
       "priority": 42, # An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
       "rateLimitOptions": { # Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions.
@@ -779,6 +881,40 @@ 
Method Details

     },
     "versionedExpr": "A String", # Preconfigured versioned expression. If this field is specified, config must also be specified. Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding src_ip_range field in config.
   },
+  "preconfiguredWafConfig": { # Preconfigured WAF configuration to be applied for the rule. If the rule does not evaluate preconfigured WAF rules, i.e., if evaluatePreconfiguredWaf() is not used, this field will have no effect.
+    "exclusions": [ # A list of exclusions to apply during preconfigured WAF evaluation.
+      {
+        "requestCookiesToExclude": [ # A list of request cookie names whose value will be excluded from inspection during preconfigured WAF evaluation.
+          {
+            "op": "A String", # The match operator for the field.
+            "val": "A String", # The value of the field.
+          },
+        ],
+        "requestHeadersToExclude": [ # A list of request header names whose value will be excluded from inspection during preconfigured WAF evaluation.
+          {
+            "op": "A String", # The match operator for the field.
+            "val": "A String", # The value of the field.
+          },
+        ],
+        "requestQueryParamsToExclude": [ # A list of request query parameter names whose value will be excluded from inspection during preconfigured WAF evaluation. Note that the parameter can be in the query string or in the POST body.
+          {
+            "op": "A String", # The match operator for the field.
+            "val": "A String", # The value of the field.
+          },
+        ],
+        "requestUrisToExclude": [ # A list of request URIs from the request line to be excluded from inspection during preconfigured WAF evaluation. When specifying this field, the query or fragment part should be excluded.
+          {
+            "op": "A String", # The match operator for the field.
+            "val": "A String", # The value of the field.
+          },
+        ],
+        "targetRuleIds": [ # A list of target rule IDs under the WAF rule set to apply the preconfigured WAF exclusion. If omitted, it refers to all the rule IDs under the WAF rule set.
+          "A String",
+        ],
+        "targetRuleSet": "A String", # Target WAF rule set to apply the preconfigured WAF exclusion.
+      },
+    ],
+  },
   "preview": True or False, # If set to true, the specified action is not enforced.
   "priority": 42, # An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
   "rateLimitOptions": { # Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions.
@@ -914,6 +1050,40 @@ 
Method Details

         },
         "versionedExpr": "A String", # Preconfigured versioned expression. If this field is specified, config must also be specified. Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding src_ip_range field in config.
       },
+      "preconfiguredWafConfig": { # Preconfigured WAF configuration to be applied for the rule. If the rule does not evaluate preconfigured WAF rules, i.e., if evaluatePreconfiguredWaf() is not used, this field will have no effect.
+        "exclusions": [ # A list of exclusions to apply during preconfigured WAF evaluation.
+          {
+            "requestCookiesToExclude": [ # A list of request cookie names whose value will be excluded from inspection during preconfigured WAF evaluation.
+              {
+                "op": "A String", # The match operator for the field.
+                "val": "A String", # The value of the field.
+              },
+            ],
+            "requestHeadersToExclude": [ # A list of request header names whose value will be excluded from inspection during preconfigured WAF evaluation.
+              {
+                "op": "A String", # The match operator for the field.
+                "val": "A String", # The value of the field.
+              },
+            ],
+            "requestQueryParamsToExclude": [ # A list of request query parameter names whose value will be excluded from inspection during preconfigured WAF evaluation. Note that the parameter can be in the query string or in the POST body.
+              {
+                "op": "A String", # The match operator for the field.
+                "val": "A String", # The value of the field.
+              },
+            ],
+            "requestUrisToExclude": [ # A list of request URIs from the request line to be excluded from inspection during preconfigured WAF evaluation. When specifying this field, the query or fragment part should be excluded.
+              {
+                "op": "A String", # The match operator for the field.
+                "val": "A String", # The value of the field.
+              },
+            ],
+            "targetRuleIds": [ # A list of target rule IDs under the WAF rule set to apply the preconfigured WAF exclusion. If omitted, it refers to all the rule IDs under the WAF rule set.
+              "A String",
+            ],
+            "targetRuleSet": "A String", # Target WAF rule set to apply the preconfigured WAF exclusion.
+          },
+        ],
+      },
       "preview": True or False, # If set to true, the specified action is not enforced.
       "priority": 42, # An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
       "rateLimitOptions": { # Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions.
@@ -1146,6 +1316,40 @@ 
Method Details

             },
             "versionedExpr": "A String", # Preconfigured versioned expression. If this field is specified, config must also be specified. Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding src_ip_range field in config.
           },
+          "preconfiguredWafConfig": { # Preconfigured WAF configuration to be applied for the rule. If the rule does not evaluate preconfigured WAF rules, i.e., if evaluatePreconfiguredWaf() is not used, this field will have no effect.
+            "exclusions": [ # A list of exclusions to apply during preconfigured WAF evaluation.
+              {
+                "requestCookiesToExclude": [ # A list of request cookie names whose value will be excluded from inspection during preconfigured WAF evaluation.
+                  {
+                    "op": "A String", # The match operator for the field.
+                    "val": "A String", # The value of the field.
+                  },
+                ],
+                "requestHeadersToExclude": [ # A list of request header names whose value will be excluded from inspection during preconfigured WAF evaluation.
+                  {
+                    "op": "A String", # The match operator for the field.
+                    "val": "A String", # The value of the field.
+                  },
+                ],
+                "requestQueryParamsToExclude": [ # A list of request query parameter names whose value will be excluded from inspection during preconfigured WAF evaluation. Note that the parameter can be in the query string or in the POST body.
+                  {
+                    "op": "A String", # The match operator for the field.
+                    "val": "A String", # The value of the field.
+                  },
+                ],
+                "requestUrisToExclude": [ # A list of request URIs from the request line to be excluded from inspection during preconfigured WAF evaluation. When specifying this field, the query or fragment part should be excluded.
+                  {
+                    "op": "A String", # The match operator for the field.
+                    "val": "A String", # The value of the field.
+                  },
+                ],
+                "targetRuleIds": [ # A list of target rule IDs under the WAF rule set to apply the preconfigured WAF exclusion. If omitted, it refers to all the rule IDs under the WAF rule set.
+                  "A String",
+                ],
+                "targetRuleSet": "A String", # Target WAF rule set to apply the preconfigured WAF exclusion.
+              },
+            ],
+          },
           "preview": True or False, # If set to true, the specified action is not enforced.
           "priority": 42, # An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
           "rateLimitOptions": { # Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions.
@@ -1355,6 +1559,40 @@ 
Method Details

         },
         "versionedExpr": "A String", # Preconfigured versioned expression. If this field is specified, config must also be specified. Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding src_ip_range field in config.
       },
+      "preconfiguredWafConfig": { # Preconfigured WAF configuration to be applied for the rule. If the rule does not evaluate preconfigured WAF rules, i.e., if evaluatePreconfiguredWaf() is not used, this field will have no effect.
+        "exclusions": [ # A list of exclusions to apply during preconfigured WAF evaluation.
+          {
+            "requestCookiesToExclude": [ # A list of request cookie names whose value will be excluded from inspection during preconfigured WAF evaluation.
+              {
+                "op": "A String", # The match operator for the field.
+                "val": "A String", # The value of the field.
+              },
+            ],
+            "requestHeadersToExclude": [ # A list of request header names whose value will be excluded from inspection during preconfigured WAF evaluation.
+              {
+                "op": "A String", # The match operator for the field.
+                "val": "A String", # The value of the field.
+              },
+            ],
+            "requestQueryParamsToExclude": [ # A list of request query parameter names whose value will be excluded from inspection during preconfigured WAF evaluation. Note that the parameter can be in the query string or in the POST body.
+              {
+                "op": "A String", # The match operator for the field.
+                "val": "A String", # The value of the field.
+              },
+            ],
+            "requestUrisToExclude": [ # A list of request URIs from the request line to be excluded from inspection during preconfigured WAF evaluation. When specifying this field, the query or fragment part should be excluded.
+              {
+                "op": "A String", # The match operator for the field.
+                "val": "A String", # The value of the field.
+              },
+            ],
+            "targetRuleIds": [ # A list of target rule IDs under the WAF rule set to apply the preconfigured WAF exclusion. If omitted, it refers to all the rule IDs under the WAF rule set.
+              "A String",
+            ],
+            "targetRuleSet": "A String", # Target WAF rule set to apply the preconfigured WAF exclusion.
+          },
+        ],
+      },
       "preview": True or False, # If set to true, the specified action is not enforced.
       "priority": 42, # An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
       "rateLimitOptions": { # Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions.
@@ -1523,6 +1761,40 @@ 
Method Details

     },
     "versionedExpr": "A String", # Preconfigured versioned expression. If this field is specified, config must also be specified. Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding src_ip_range field in config.
   },
+  "preconfiguredWafConfig": { # Preconfigured WAF configuration to be applied for the rule. If the rule does not evaluate preconfigured WAF rules, i.e., if evaluatePreconfiguredWaf() is not used, this field will have no effect.
+    "exclusions": [ # A list of exclusions to apply during preconfigured WAF evaluation.
+      {
+        "requestCookiesToExclude": [ # A list of request cookie names whose value will be excluded from inspection during preconfigured WAF evaluation.
+          {
+            "op": "A String", # The match operator for the field.
+            "val": "A String", # The value of the field.
+          },
+        ],
+        "requestHeadersToExclude": [ # A list of request header names whose value will be excluded from inspection during preconfigured WAF evaluation.
+          {
+            "op": "A String", # The match operator for the field.
+            "val": "A String", # The value of the field.
+          },
+        ],
+        "requestQueryParamsToExclude": [ # A list of request query parameter names whose value will be excluded from inspection during preconfigured WAF evaluation. Note that the parameter can be in the query string or in the POST body.
+          {
+            "op": "A String", # The match operator for the field.
+            "val": "A String", # The value of the field.
+          },
+        ],
+        "requestUrisToExclude": [ # A list of request URIs from the request line to be excluded from inspection during preconfigured WAF evaluation. When specifying this field, the query or fragment part should be excluded.
+          {
+            "op": "A String", # The match operator for the field.
+            "val": "A String", # The value of the field.
+          },
+        ],
+        "targetRuleIds": [ # A list of target rule IDs under the WAF rule set to apply the preconfigured WAF exclusion. If omitted, it refers to all the rule IDs under the WAF rule set.
+          "A String",
+        ],
+        "targetRuleSet": "A String", # Target WAF rule set to apply the preconfigured WAF exclusion.
+      },
+    ],
+  },
   "preview": True or False, # If set to true, the specified action is not enforced.
   "priority": 42, # An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
   "rateLimitOptions": { # Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions.
diff --git a/docs/dyn/compute_beta.serviceAttachments.html b/docs/dyn/compute_beta.serviceAttachments.html
index d5b54a2e8ec..9e0899c90f0 100644
--- a/docs/dyn/compute_beta.serviceAttachments.html
+++ b/docs/dyn/compute_beta.serviceAttachments.html
@@ -416,7 +416,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -852,7 +852,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -886,7 +886,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -981,7 +981,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/compute_beta.snapshots.html b/docs/dyn/compute_beta.snapshots.html
index 8a7aa54caed..887947f0591 100644
--- a/docs/dyn/compute_beta.snapshots.html
+++ b/docs/dyn/compute_beta.snapshots.html
@@ -311,7 +311,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -643,7 +643,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -677,7 +677,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -772,7 +772,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/compute_beta.subnetworks.html b/docs/dyn/compute_beta.subnetworks.html
index d5d7abf3cca..355c23ad360 100644
--- a/docs/dyn/compute_beta.subnetworks.html
+++ b/docs/dyn/compute_beta.subnetworks.html
@@ -524,7 +524,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1035,7 +1035,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1069,7 +1069,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1164,7 +1164,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/content_v2_1.accounts.html b/docs/dyn/content_v2_1.accounts.html
index f4da1c7ab0d..3ce8900b369 100644
--- a/docs/dyn/content_v2_1.accounts.html
+++ b/docs/dyn/content_v2_1.accounts.html
@@ -257,7 +257,7 @@ 
Method Details

           "gmbEmail": "A String", # The Business Profile email address of a specific account within a Business Profile. A sample account within a Business Profile could be a business account with set of locations, managed under the Business Profile.
           "status": "A String", # Status of the link between this Merchant Center account and the Business Profile. Acceptable values are: - "`active`" - "`pending`"
         },
-        "id": "A String", # Required for update. Merchant Center account ID.
+        "id": "A String", # Required. 64-bit Merchant Center account ID.
         "kind": "A String", # Identifies what kind of resource this is. Value: the fixed string "`content#account`".
         "labelIds": [ # Manually created label IDs that are assigned to the account by CSS.
           "A String",
@@ -373,7 +373,7 @@ 
Method Details

           "gmbEmail": "A String", # The Business Profile email address of a specific account within a Business Profile. A sample account within a Business Profile could be a business account with set of locations, managed under the Business Profile.
           "status": "A String", # Status of the link between this Merchant Center account and the Business Profile. Acceptable values are: - "`active`" - "`pending`"
         },
-        "id": "A String", # Required for update. Merchant Center account ID.
+        "id": "A String", # Required. 64-bit Merchant Center account ID.
         "kind": "A String", # Identifies what kind of resource this is. Value: the fixed string "`content#account`".
         "labelIds": [ # Manually created label IDs that are assigned to the account by CSS.
           "A String",
@@ -509,7 +509,7 @@ 
Method Details

     "gmbEmail": "A String", # The Business Profile email address of a specific account within a Business Profile. A sample account within a Business Profile could be a business account with set of locations, managed under the Business Profile.
     "status": "A String", # Status of the link between this Merchant Center account and the Business Profile. Acceptable values are: - "`active`" - "`pending`"
   },
-  "id": "A String", # Required for update. Merchant Center account ID.
+  "id": "A String", # Required. 64-bit Merchant Center account ID.
   "kind": "A String", # Identifies what kind of resource this is. Value: the fixed string "`content#account`".
   "labelIds": [ # Manually created label IDs that are assigned to the account by CSS.
     "A String",
@@ -603,7 +603,7 @@ 
Method Details

     "gmbEmail": "A String", # The Business Profile email address of a specific account within a Business Profile. A sample account within a Business Profile could be a business account with set of locations, managed under the Business Profile.
     "status": "A String", # Status of the link between this Merchant Center account and the Business Profile. Acceptable values are: - "`active`" - "`pending`"
   },
-  "id": "A String", # Required for update. Merchant Center account ID.
+  "id": "A String", # Required. 64-bit Merchant Center account ID.
   "kind": "A String", # Identifies what kind of resource this is. Value: the fixed string "`content#account`".
   "labelIds": [ # Manually created label IDs that are assigned to the account by CSS.
     "A String",
@@ -695,7 +695,7 @@ 
Method Details

     "gmbEmail": "A String", # The Business Profile email address of a specific account within a Business Profile. A sample account within a Business Profile could be a business account with set of locations, managed under the Business Profile.
     "status": "A String", # Status of the link between this Merchant Center account and the Business Profile. Acceptable values are: - "`active`" - "`pending`"
   },
-  "id": "A String", # Required for update. Merchant Center account ID.
+  "id": "A String", # Required. 64-bit Merchant Center account ID.
   "kind": "A String", # Identifies what kind of resource this is. Value: the fixed string "`content#account`".
   "labelIds": [ # Manually created label IDs that are assigned to the account by CSS.
     "A String",
@@ -845,7 +845,7 @@ 
Method Details

         "gmbEmail": "A String", # The Business Profile email address of a specific account within a Business Profile. A sample account within a Business Profile could be a business account with set of locations, managed under the Business Profile.
         "status": "A String", # Status of the link between this Merchant Center account and the Business Profile. Acceptable values are: - "`active`" - "`pending`"
       },
-      "id": "A String", # Required for update. Merchant Center account ID.
+      "id": "A String", # Required. 64-bit Merchant Center account ID.
       "kind": "A String", # Identifies what kind of resource this is. Value: the fixed string "`content#account`".
       "labelIds": [ # Manually created label IDs that are assigned to the account by CSS.
         "A String",
@@ -1034,7 +1034,7 @@ 
Method Details

     "gmbEmail": "A String", # The Business Profile email address of a specific account within a Business Profile. A sample account within a Business Profile could be a business account with set of locations, managed under the Business Profile.
     "status": "A String", # Status of the link between this Merchant Center account and the Business Profile. Acceptable values are: - "`active`" - "`pending`"
   },
-  "id": "A String", # Required for update. Merchant Center account ID.
+  "id": "A String", # Required. 64-bit Merchant Center account ID.
   "kind": "A String", # Identifies what kind of resource this is. Value: the fixed string "`content#account`".
   "labelIds": [ # Manually created label IDs that are assigned to the account by CSS.
     "A String",
@@ -1126,7 +1126,7 @@ 
Method Details

     "gmbEmail": "A String", # The Business Profile email address of a specific account within a Business Profile. A sample account within a Business Profile could be a business account with set of locations, managed under the Business Profile.
     "status": "A String", # Status of the link between this Merchant Center account and the Business Profile. Acceptable values are: - "`active`" - "`pending`"
   },
-  "id": "A String", # Required for update. Merchant Center account ID.
+  "id": "A String", # Required. 64-bit Merchant Center account ID.
   "kind": "A String", # Identifies what kind of resource this is. Value: the fixed string "`content#account`".
   "labelIds": [ # Manually created label IDs that are assigned to the account by CSS.
     "A String",
diff --git a/docs/dyn/dataflow_v1b3.projects.locations.flexTemplates.html b/docs/dyn/dataflow_v1b3.projects.locations.flexTemplates.html
index a0cce9ddd26..82e43c89063 100644
--- a/docs/dyn/dataflow_v1b3.projects.locations.flexTemplates.html
+++ b/docs/dyn/dataflow_v1b3.projects.locations.flexTemplates.html
@@ -109,6 +109,7 @@ 
Method Details

         "autoscalingAlgorithm": "A String", # The algorithm to use for autoscaling
         "diskSizeGb": 42, # Worker disk size, in gigabytes.
         "dumpHeapOnOom": True or False, # If true, when processing time is spent almost entirely on garbage collection (GC), saves a heap dump before ending the thread or process. If false, ends the thread or process without saving a heap dump. Does not save a heap dump when the Java Virtual Machine (JVM) has an out of memory error during processing. The location of the heap file is either echoed back to the user, or the user is given the opportunity to download the heap file.
+        "enableLauncherVmSerialPortLogging": True or False, # If true serial port logging will be enabled for the launcher VM.
         "enableStreamingEngine": True or False, # Whether to enable Streaming Engine for the job.
         "flexrsGoal": "A String", # Set FlexRS goal for the job. https://cloud.google.com/dataflow/docs/guides/flexrs
         "ipConfiguration": "A String", # Configuration for VM IPs.
@@ -167,6 +168,7 @@ 
Method Details

       "autoscalingAlgorithm": "A String", # The algorithm to use for autoscaling
       "diskSizeGb": 42, # Worker disk size, in gigabytes.
       "dumpHeapOnOom": True or False, # If true, when processing time is spent almost entirely on garbage collection (GC), saves a heap dump before ending the thread or process. If false, ends the thread or process without saving a heap dump. Does not save a heap dump when the Java Virtual Machine (JVM) has an out of memory error during processing. The location of the heap file is either echoed back to the user, or the user is given the opportunity to download the heap file.
+      "enableLauncherVmSerialPortLogging": True or False, # If true serial port logging will be enabled for the launcher VM.
       "enableStreamingEngine": True or False, # Whether to enable Streaming Engine for the job.
       "flexrsGoal": "A String", # Set FlexRS goal for the job. https://cloud.google.com/dataflow/docs/guides/flexrs
       "ipConfiguration": "A String", # Configuration for VM IPs.
diff --git a/docs/dyn/dataplex_v1.projects.locations.lakes.content.html b/docs/dyn/dataplex_v1.projects.locations.lakes.content.html
index 723dea25de2..c79a471c575 100644
--- a/docs/dyn/dataplex_v1.projects.locations.lakes.content.html
+++ b/docs/dyn/dataplex_v1.projects.locations.lakes.content.html
@@ -261,7 +261,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a Google service account. For example, my-other-app@appspot.gserviceaccount.com. serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]: An identifier for a Kubernetes service account (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, my-project.svc.id.goog[my-namespace/my-kubernetes-sa]. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of members, or principals. For example, roles/viewer, roles/editor, or roles/owner.
@@ -418,7 +418,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a Google service account. For example, my-other-app@appspot.gserviceaccount.com. serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]: An identifier for a Kubernetes service account (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, my-project.svc.id.goog[my-namespace/my-kubernetes-sa]. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of members, or principals. For example, roles/viewer, roles/editor, or roles/owner.
@@ -460,7 +460,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a Google service account. For example, my-other-app@appspot.gserviceaccount.com. serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]: An identifier for a Kubernetes service account (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, my-project.svc.id.goog[my-namespace/my-kubernetes-sa]. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of members, or principals. For example, roles/viewer, roles/editor, or roles/owner.
diff --git a/docs/dyn/dataplex_v1.projects.locations.lakes.contentitems.html b/docs/dyn/dataplex_v1.projects.locations.lakes.contentitems.html
index 5be58f47d6b..0d5d74ae207 100644
--- a/docs/dyn/dataplex_v1.projects.locations.lakes.contentitems.html
+++ b/docs/dyn/dataplex_v1.projects.locations.lakes.contentitems.html
@@ -261,7 +261,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a Google service account. For example, my-other-app@appspot.gserviceaccount.com. serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]: An identifier for a Kubernetes service account (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, my-project.svc.id.goog[my-namespace/my-kubernetes-sa]. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of members, or principals. For example, roles/viewer, roles/editor, or roles/owner.
@@ -418,7 +418,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a Google service account. For example, my-other-app@appspot.gserviceaccount.com. serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]: An identifier for a Kubernetes service account (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, my-project.svc.id.goog[my-namespace/my-kubernetes-sa]. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of members, or principals. For example, roles/viewer, roles/editor, or roles/owner.
@@ -460,7 +460,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a Google service account. For example, my-other-app@appspot.gserviceaccount.com. serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]: An identifier for a Kubernetes service account (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, my-project.svc.id.goog[my-namespace/my-kubernetes-sa]. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of members, or principals. For example, roles/viewer, roles/editor, or roles/owner.
diff --git a/docs/dyn/dataplex_v1.projects.locations.lakes.environments.html b/docs/dyn/dataplex_v1.projects.locations.lakes.environments.html
index a0534fc4a7f..16edb61f1b9 100644
--- a/docs/dyn/dataplex_v1.projects.locations.lakes.environments.html
+++ b/docs/dyn/dataplex_v1.projects.locations.lakes.environments.html
@@ -328,7 +328,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a Google service account. For example, my-other-app@appspot.gserviceaccount.com. serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]: An identifier for a Kubernetes service account (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, my-project.svc.id.goog[my-namespace/my-kubernetes-sa]. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of members, or principals. For example, roles/viewer, roles/editor, or roles/owner.
@@ -535,7 +535,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a Google service account. For example, my-other-app@appspot.gserviceaccount.com. serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]: An identifier for a Kubernetes service account (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, my-project.svc.id.goog[my-namespace/my-kubernetes-sa]. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of members, or principals. For example, roles/viewer, roles/editor, or roles/owner.
@@ -577,7 +577,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a Google service account. For example, my-other-app@appspot.gserviceaccount.com. serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]: An identifier for a Kubernetes service account (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, my-project.svc.id.goog[my-namespace/my-kubernetes-sa]. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of members, or principals. For example, roles/viewer, roles/editor, or roles/owner.
diff --git a/docs/dyn/dataplex_v1.projects.locations.lakes.html b/docs/dyn/dataplex_v1.projects.locations.lakes.html
index 6b76aca4db6..f8642f5b1ba 100644
--- a/docs/dyn/dataplex_v1.projects.locations.lakes.html
+++ b/docs/dyn/dataplex_v1.projects.locations.lakes.html
@@ -323,7 +323,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a Google service account. For example, my-other-app@appspot.gserviceaccount.com. serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]: An identifier for a Kubernetes service account (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, my-project.svc.id.goog[my-namespace/my-kubernetes-sa]. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of members, or principals. For example, roles/viewer, roles/editor, or roles/owner.
@@ -503,7 +503,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a Google service account. For example, my-other-app@appspot.gserviceaccount.com. serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]: An identifier for a Kubernetes service account (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, my-project.svc.id.goog[my-namespace/my-kubernetes-sa]. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of members, or principals. For example, roles/viewer, roles/editor, or roles/owner.
@@ -545,7 +545,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a Google service account. For example, my-other-app@appspot.gserviceaccount.com. serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]: An identifier for a Kubernetes service account (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, my-project.svc.id.goog[my-namespace/my-kubernetes-sa]. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of members, or principals. For example, roles/viewer, roles/editor, or roles/owner.
diff --git a/docs/dyn/dataplex_v1.projects.locations.lakes.tasks.html b/docs/dyn/dataplex_v1.projects.locations.lakes.tasks.html
index b084fd7381e..24f56f63c0f 100644
--- a/docs/dyn/dataplex_v1.projects.locations.lakes.tasks.html
+++ b/docs/dyn/dataplex_v1.projects.locations.lakes.tasks.html
@@ -404,7 +404,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a Google service account. For example, my-other-app@appspot.gserviceaccount.com. serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]: An identifier for a Kubernetes service account (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, my-project.svc.id.goog[my-namespace/my-kubernetes-sa]. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of members, or principals. For example, roles/viewer, roles/editor, or roles/owner.
@@ -690,7 +690,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a Google service account. For example, my-other-app@appspot.gserviceaccount.com. serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]: An identifier for a Kubernetes service account (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, my-project.svc.id.goog[my-namespace/my-kubernetes-sa]. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of members, or principals. For example, roles/viewer, roles/editor, or roles/owner.
@@ -732,7 +732,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a Google service account. For example, my-other-app@appspot.gserviceaccount.com. serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]: An identifier for a Kubernetes service account (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, my-project.svc.id.goog[my-namespace/my-kubernetes-sa]. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of members, or principals. For example, roles/viewer, roles/editor, or roles/owner.
diff --git a/docs/dyn/dataplex_v1.projects.locations.lakes.zones.assets.html b/docs/dyn/dataplex_v1.projects.locations.lakes.zones.assets.html
index 4c888152871..438d1c1c34a 100644
--- a/docs/dyn/dataplex_v1.projects.locations.lakes.zones.assets.html
+++ b/docs/dyn/dataplex_v1.projects.locations.lakes.zones.assets.html
@@ -362,7 +362,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a Google service account. For example, my-other-app@appspot.gserviceaccount.com. serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]: An identifier for a Kubernetes service account (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, my-project.svc.id.goog[my-namespace/my-kubernetes-sa]. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of members, or principals. For example, roles/viewer, roles/editor, or roles/owner.
@@ -603,7 +603,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a Google service account. For example, my-other-app@appspot.gserviceaccount.com. serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]: An identifier for a Kubernetes service account (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, my-project.svc.id.goog[my-namespace/my-kubernetes-sa]. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of members, or principals. For example, roles/viewer, roles/editor, or roles/owner.
@@ -645,7 +645,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a Google service account. For example, my-other-app@appspot.gserviceaccount.com. serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]: An identifier for a Kubernetes service account (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, my-project.svc.id.goog[my-namespace/my-kubernetes-sa]. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of members, or principals. For example, roles/viewer, roles/editor, or roles/owner.
diff --git a/docs/dyn/dataplex_v1.projects.locations.lakes.zones.html b/docs/dyn/dataplex_v1.projects.locations.lakes.zones.html
index e433eeda46c..9ff5a464880 100644
--- a/docs/dyn/dataplex_v1.projects.locations.lakes.zones.html
+++ b/docs/dyn/dataplex_v1.projects.locations.lakes.zones.html
@@ -336,7 +336,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a Google service account. For example, my-other-app@appspot.gserviceaccount.com. serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]: An identifier for a Kubernetes service account (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, my-project.svc.id.goog[my-namespace/my-kubernetes-sa]. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of members, or principals. For example, roles/viewer, roles/editor, or roles/owner.
@@ -541,7 +541,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a Google service account. For example, my-other-app@appspot.gserviceaccount.com. serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]: An identifier for a Kubernetes service account (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, my-project.svc.id.goog[my-namespace/my-kubernetes-sa]. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of members, or principals. For example, roles/viewer, roles/editor, or roles/owner.
@@ -583,7 +583,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a Google service account. For example, my-other-app@appspot.gserviceaccount.com. serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]: An identifier for a Kubernetes service account (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, my-project.svc.id.goog[my-namespace/my-kubernetes-sa]. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of members, or principals. For example, roles/viewer, roles/editor, or roles/owner.
diff --git a/docs/dyn/dataproc_v1.projects.locations.batches.html b/docs/dyn/dataproc_v1.projects.locations.batches.html
index 4e607140821..976d4a2b52b 100644
--- a/docs/dyn/dataproc_v1.projects.locations.batches.html
+++ b/docs/dyn/dataproc_v1.projects.locations.batches.html
@@ -112,6 +112,7 @@ 
Method Details

   "creator": "A String", # Output only. The email address of the user who created the batch.
   "environmentConfig": { # Environment configuration for a workload. # Optional. Environment configuration for the batch execution.
     "executionConfig": { # Execution configuration for a workload. # Optional. Execution configuration for a workload.
+      "idleTtl": "A String", # Optional. The duration to keep the underlying cluster alive while idling Passing this threshold will cause the cluster to be terminated. Minimum value is 30 minutes; maximum value is 14 days (see JSON representation of Duration (https://developers.google.com/protocol-buffers/docs/proto3#json)).
       "kmsKey": "A String", # Optional. The Cloud KMS key to use for encryption.
       "networkTags": [ # Optional. Tags used for network traffic control.
         "A String",
@@ -282,6 +283,7 @@ 
Method Details

   "creator": "A String", # Output only. The email address of the user who created the batch.
   "environmentConfig": { # Environment configuration for a workload. # Optional. Environment configuration for the batch execution.
     "executionConfig": { # Execution configuration for a workload. # Optional. Execution configuration for a workload.
+      "idleTtl": "A String", # Optional. The duration to keep the underlying cluster alive while idling Passing this threshold will cause the cluster to be terminated. Minimum value is 30 minutes; maximum value is 14 days (see JSON representation of Duration (https://developers.google.com/protocol-buffers/docs/proto3#json)).
       "kmsKey": "A String", # Optional. The Cloud KMS key to use for encryption.
       "networkTags": [ # Optional. Tags used for network traffic control.
         "A String",
@@ -408,6 +410,7 @@ 
Method Details

       "creator": "A String", # Output only. The email address of the user who created the batch.
       "environmentConfig": { # Environment configuration for a workload. # Optional. Environment configuration for the batch execution.
         "executionConfig": { # Execution configuration for a workload. # Optional. Execution configuration for a workload.
+          "idleTtl": "A String", # Optional. The duration to keep the underlying cluster alive while idling Passing this threshold will cause the cluster to be terminated. Minimum value is 30 minutes; maximum value is 14 days (see JSON representation of Duration (https://developers.google.com/protocol-buffers/docs/proto3#json)).
           "kmsKey": "A String", # Optional. The Cloud KMS key to use for encryption.
           "networkTags": [ # Optional. Tags used for network traffic control.
             "A String",
diff --git a/docs/dyn/datastore_v1beta3.projects.html b/docs/dyn/datastore_v1beta3.projects.html
index 11cb4313e7e..c3b557ac32e 100644
--- a/docs/dyn/datastore_v1beta3.projects.html
+++ b/docs/dyn/datastore_v1beta3.projects.html
@@ -233,7 +233,40 @@ 
Method Details

           ],
         },
         "properties": { # The entity's properties. The map's keys are property names. A property name matching regex `__.*__` is reserved. A reserved property name is forbidden in certain documented contexts. The name must not contain more than 500 characters. The name cannot be `""`.
-          "a_key": # Object with schema name: Value
+          "a_key": { # A message that can hold any of the supported value types and associated metadata.
+            "arrayValue": { # An array value. # An array value. Cannot contain another array value. A `Value` instance that sets field `array_value` must not set fields `meaning` or `exclude_from_indexes`.
+              "values": [ # Values in the array. The order of values in an array is preserved as long as all values have identical settings for 'exclude_from_indexes'.
+                # Object with schema name: Value
+              ],
+            },
+            "blobValue": "A String", # A blob value. May have at most 1,000,000 bytes. When `exclude_from_indexes` is false, may have at most 1500 bytes. In JSON requests, must be base64-encoded.
+            "booleanValue": True or False, # A boolean value.
+            "doubleValue": 3.14, # A double value.
+            "entityValue": # Object with schema name: Entity # An entity value. - May have no key. - May have a key with an incomplete key path. - May have a reserved/read-only key.
+            "excludeFromIndexes": True or False, # If the value should be excluded from all indexes including those defined explicitly.
+            "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
+              "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
+              "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0].
+            },
+            "integerValue": "A String", # An integer value.
+            "keyValue": { # A unique identifier for an entity. If a key's partition ID or any of its path kinds or names are reserved/read-only, the key is reserved/read-only. A reserved/read-only key is forbidden in certain documented contexts. # A key value.
+              "partitionId": { # A partition ID identifies a grouping of entities. The grouping is always by project and namespace, however the namespace ID may be empty. A partition ID contains several dimensions: project ID and namespace ID. Partition dimensions: - May be `""`. - Must be valid UTF-8 bytes. - Must have values that match regex `[A-Za-z\d\.\-_]{1,100}` If the value of any dimension matches regex `__.*__`, the partition is reserved/read-only. A reserved/read-only partition ID is forbidden in certain documented contexts. Foreign partition IDs (in which the project ID does not match the context project ID ) are discouraged. Reads and writes of foreign partition IDs may fail if the project is not in an active state. # Entities are partitioned into subsets, currently identified by a project ID and namespace ID. Queries are scoped to a single partition.
+                "namespaceId": "A String", # If not empty, the ID of the namespace to which the entities belong.
+                "projectId": "A String", # The ID of the project to which the entities belong.
+              },
+              "path": [ # The entity path. An entity path consists of one or more elements composed of a kind and a string or numerical identifier, which identify entities. The first element identifies a _root entity_, the second element identifies a _child_ of the root entity, the third element identifies a child of the second entity, and so forth. The entities identified by all prefixes of the path are called the element's _ancestors_. An entity path is always fully complete: *all* of the entity's ancestors are required to be in the path along with the entity identifier itself. The only exception is that in some documented cases, the identifier in the last path element (for the entity) itself may be omitted. For example, the last path element of the key of `Mutation.insert` may have no identifier. A path can never be empty, and a path can have at most 100 elements.
+                { # A (kind, ID/name) pair used to construct a key path. If either name or ID is set, the element is complete. If neither is set, the element is incomplete.
+                  "id": "A String", # The auto-allocated ID of the entity. Never equal to zero. Values less than zero are discouraged and may not be supported in the future.
+                  "kind": "A String", # The kind of the entity. A kind matching regex `__.*__` is reserved/read-only. A kind must not contain more than 1500 bytes when UTF-8 encoded. Cannot be `""`. Must be valid UTF-8 bytes. Legacy values that are not valid UTF-8 are encoded as `__bytes__` where `` is the base-64 encoding of the bytes.
+                  "name": "A String", # The name of the entity. A name matching regex `__.*__` is reserved/read-only. A name must not be more than 1500 bytes when UTF-8 encoded. Cannot be `""`. Must be valid UTF-8 bytes. Legacy values that are not valid UTF-8 are encoded as `__bytes__` where `` is the base-64 encoding of the bytes.
+                },
+              ],
+            },
+            "meaning": 42, # The `meaning` field should only be populated for backwards compatibility.
+            "nullValue": "A String", # A null value.
+            "stringValue": "A String", # A UTF-8 encoded string value. When `exclude_from_indexes` is false (it is indexed) , may have at most 1500 bytes. Otherwise, may be set to at most 1,000,000 bytes.
+            "timestampValue": "A String", # A timestamp value. When stored in the Datastore, precise only to microseconds; any additional precision is rounded down.
+          },
         },
       },
       "update": { # A Datastore data object. An entity is limited to 1 megabyte when stored. That _roughly_ corresponds to a limit of 1 megabyte for the serialized form of this message. # The entity to update. The entity must already exist. Must have a complete key path.
@@ -251,7 +284,40 @@ 
Method Details

           ],
         },
         "properties": { # The entity's properties. The map's keys are property names. A property name matching regex `__.*__` is reserved. A reserved property name is forbidden in certain documented contexts. The name must not contain more than 500 characters. The name cannot be `""`.
-          "a_key": # Object with schema name: Value
+          "a_key": { # A message that can hold any of the supported value types and associated metadata.
+            "arrayValue": { # An array value. # An array value. Cannot contain another array value. A `Value` instance that sets field `array_value` must not set fields `meaning` or `exclude_from_indexes`.
+              "values": [ # Values in the array. The order of values in an array is preserved as long as all values have identical settings for 'exclude_from_indexes'.
+                # Object with schema name: Value
+              ],
+            },
+            "blobValue": "A String", # A blob value. May have at most 1,000,000 bytes. When `exclude_from_indexes` is false, may have at most 1500 bytes. In JSON requests, must be base64-encoded.
+            "booleanValue": True or False, # A boolean value.
+            "doubleValue": 3.14, # A double value.
+            "entityValue": # Object with schema name: Entity # An entity value. - May have no key. - May have a key with an incomplete key path. - May have a reserved/read-only key.
+            "excludeFromIndexes": True or False, # If the value should be excluded from all indexes including those defined explicitly.
+            "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
+              "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
+              "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0].
+            },
+            "integerValue": "A String", # An integer value.
+            "keyValue": { # A unique identifier for an entity. If a key's partition ID or any of its path kinds or names are reserved/read-only, the key is reserved/read-only. A reserved/read-only key is forbidden in certain documented contexts. # A key value.
+              "partitionId": { # A partition ID identifies a grouping of entities. The grouping is always by project and namespace, however the namespace ID may be empty. A partition ID contains several dimensions: project ID and namespace ID. Partition dimensions: - May be `""`. - Must be valid UTF-8 bytes. - Must have values that match regex `[A-Za-z\d\.\-_]{1,100}` If the value of any dimension matches regex `__.*__`, the partition is reserved/read-only. A reserved/read-only partition ID is forbidden in certain documented contexts. Foreign partition IDs (in which the project ID does not match the context project ID ) are discouraged. Reads and writes of foreign partition IDs may fail if the project is not in an active state. # Entities are partitioned into subsets, currently identified by a project ID and namespace ID. Queries are scoped to a single partition.
+                "namespaceId": "A String", # If not empty, the ID of the namespace to which the entities belong.
+                "projectId": "A String", # The ID of the project to which the entities belong.
+              },
+              "path": [ # The entity path. An entity path consists of one or more elements composed of a kind and a string or numerical identifier, which identify entities. The first element identifies a _root entity_, the second element identifies a _child_ of the root entity, the third element identifies a child of the second entity, and so forth. The entities identified by all prefixes of the path are called the element's _ancestors_. An entity path is always fully complete: *all* of the entity's ancestors are required to be in the path along with the entity identifier itself. The only exception is that in some documented cases, the identifier in the last path element (for the entity) itself may be omitted. For example, the last path element of the key of `Mutation.insert` may have no identifier. A path can never be empty, and a path can have at most 100 elements.
+                { # A (kind, ID/name) pair used to construct a key path. If either name or ID is set, the element is complete. If neither is set, the element is incomplete.
+                  "id": "A String", # The auto-allocated ID of the entity. Never equal to zero. Values less than zero are discouraged and may not be supported in the future.
+                  "kind": "A String", # The kind of the entity. A kind matching regex `__.*__` is reserved/read-only. A kind must not contain more than 1500 bytes when UTF-8 encoded. Cannot be `""`. Must be valid UTF-8 bytes. Legacy values that are not valid UTF-8 are encoded as `__bytes__` where `` is the base-64 encoding of the bytes.
+                  "name": "A String", # The name of the entity. A name matching regex `__.*__` is reserved/read-only. A name must not be more than 1500 bytes when UTF-8 encoded. Cannot be `""`. Must be valid UTF-8 bytes. Legacy values that are not valid UTF-8 are encoded as `__bytes__` where `` is the base-64 encoding of the bytes.
+                },
+              ],
+            },
+            "meaning": 42, # The `meaning` field should only be populated for backwards compatibility.
+            "nullValue": "A String", # A null value.
+            "stringValue": "A String", # A UTF-8 encoded string value. When `exclude_from_indexes` is false (it is indexed) , may have at most 1500 bytes. Otherwise, may be set to at most 1,000,000 bytes.
+            "timestampValue": "A String", # A timestamp value. When stored in the Datastore, precise only to microseconds; any additional precision is rounded down.
+          },
         },
       },
       "updateTime": "A String", # The update time of the entity that this mutation is being applied to. If this does not match the current update time on the server, the mutation conflicts.
@@ -270,7 +336,40 @@ 
Method Details

           ],
         },
         "properties": { # The entity's properties. The map's keys are property names. A property name matching regex `__.*__` is reserved. A reserved property name is forbidden in certain documented contexts. The name must not contain more than 500 characters. The name cannot be `""`.
-          "a_key": # Object with schema name: Value
+          "a_key": { # A message that can hold any of the supported value types and associated metadata.
+            "arrayValue": { # An array value. # An array value. Cannot contain another array value. A `Value` instance that sets field `array_value` must not set fields `meaning` or `exclude_from_indexes`.
+              "values": [ # Values in the array. The order of values in an array is preserved as long as all values have identical settings for 'exclude_from_indexes'.
+                # Object with schema name: Value
+              ],
+            },
+            "blobValue": "A String", # A blob value. May have at most 1,000,000 bytes. When `exclude_from_indexes` is false, may have at most 1500 bytes. In JSON requests, must be base64-encoded.
+            "booleanValue": True or False, # A boolean value.
+            "doubleValue": 3.14, # A double value.
+            "entityValue": # Object with schema name: Entity # An entity value. - May have no key. - May have a key with an incomplete key path. - May have a reserved/read-only key.
+            "excludeFromIndexes": True or False, # If the value should be excluded from all indexes including those defined explicitly.
+            "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
+              "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
+              "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0].
+            },
+            "integerValue": "A String", # An integer value.
+            "keyValue": { # A unique identifier for an entity. If a key's partition ID or any of its path kinds or names are reserved/read-only, the key is reserved/read-only. A reserved/read-only key is forbidden in certain documented contexts. # A key value.
+              "partitionId": { # A partition ID identifies a grouping of entities. The grouping is always by project and namespace, however the namespace ID may be empty. A partition ID contains several dimensions: project ID and namespace ID. Partition dimensions: - May be `""`. - Must be valid UTF-8 bytes. - Must have values that match regex `[A-Za-z\d\.\-_]{1,100}` If the value of any dimension matches regex `__.*__`, the partition is reserved/read-only. A reserved/read-only partition ID is forbidden in certain documented contexts. Foreign partition IDs (in which the project ID does not match the context project ID ) are discouraged. Reads and writes of foreign partition IDs may fail if the project is not in an active state. # Entities are partitioned into subsets, currently identified by a project ID and namespace ID. Queries are scoped to a single partition.
+                "namespaceId": "A String", # If not empty, the ID of the namespace to which the entities belong.
+                "projectId": "A String", # The ID of the project to which the entities belong.
+              },
+              "path": [ # The entity path. An entity path consists of one or more elements composed of a kind and a string or numerical identifier, which identify entities. The first element identifies a _root entity_, the second element identifies a _child_ of the root entity, the third element identifies a child of the second entity, and so forth. The entities identified by all prefixes of the path are called the element's _ancestors_. An entity path is always fully complete: *all* of the entity's ancestors are required to be in the path along with the entity identifier itself. The only exception is that in some documented cases, the identifier in the last path element (for the entity) itself may be omitted. For example, the last path element of the key of `Mutation.insert` may have no identifier. A path can never be empty, and a path can have at most 100 elements.
+                { # A (kind, ID/name) pair used to construct a key path. If either name or ID is set, the element is complete. If neither is set, the element is incomplete.
+                  "id": "A String", # The auto-allocated ID of the entity. Never equal to zero. Values less than zero are discouraged and may not be supported in the future.
+                  "kind": "A String", # The kind of the entity. A kind matching regex `__.*__` is reserved/read-only. A kind must not contain more than 1500 bytes when UTF-8 encoded. Cannot be `""`. Must be valid UTF-8 bytes. Legacy values that are not valid UTF-8 are encoded as `__bytes__` where `` is the base-64 encoding of the bytes.
+                  "name": "A String", # The name of the entity. A name matching regex `__.*__` is reserved/read-only. A name must not be more than 1500 bytes when UTF-8 encoded. Cannot be `""`. Must be valid UTF-8 bytes. Legacy values that are not valid UTF-8 are encoded as `__bytes__` where `` is the base-64 encoding of the bytes.
+                },
+              ],
+            },
+            "meaning": 42, # The `meaning` field should only be populated for backwards compatibility.
+            "nullValue": "A String", # A null value.
+            "stringValue": "A String", # A UTF-8 encoded string value. When `exclude_from_indexes` is false (it is indexed) , may have at most 1500 bytes. Otherwise, may be set to at most 1,000,000 bytes.
+            "timestampValue": "A String", # A timestamp value. When stored in the Datastore, precise only to microseconds; any additional precision is rounded down.
+          },
         },
       },
     },
@@ -386,7 +485,40 @@ 
Method Details

           ],
         },
         "properties": { # The entity's properties. The map's keys are property names. A property name matching regex `__.*__` is reserved. A reserved property name is forbidden in certain documented contexts. The name must not contain more than 500 characters. The name cannot be `""`.
-          "a_key": # Object with schema name: Value
+          "a_key": { # A message that can hold any of the supported value types and associated metadata.
+            "arrayValue": { # An array value. # An array value. Cannot contain another array value. A `Value` instance that sets field `array_value` must not set fields `meaning` or `exclude_from_indexes`.
+              "values": [ # Values in the array. The order of values in an array is preserved as long as all values have identical settings for 'exclude_from_indexes'.
+                # Object with schema name: Value
+              ],
+            },
+            "blobValue": "A String", # A blob value. May have at most 1,000,000 bytes. When `exclude_from_indexes` is false, may have at most 1500 bytes. In JSON requests, must be base64-encoded.
+            "booleanValue": True or False, # A boolean value.
+            "doubleValue": 3.14, # A double value.
+            "entityValue": # Object with schema name: Entity # An entity value. - May have no key. - May have a key with an incomplete key path. - May have a reserved/read-only key.
+            "excludeFromIndexes": True or False, # If the value should be excluded from all indexes including those defined explicitly.
+            "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
+              "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
+              "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0].
+            },
+            "integerValue": "A String", # An integer value.
+            "keyValue": { # A unique identifier for an entity. If a key's partition ID or any of its path kinds or names are reserved/read-only, the key is reserved/read-only. A reserved/read-only key is forbidden in certain documented contexts. # A key value.
+              "partitionId": { # A partition ID identifies a grouping of entities. The grouping is always by project and namespace, however the namespace ID may be empty. A partition ID contains several dimensions: project ID and namespace ID. Partition dimensions: - May be `""`. - Must be valid UTF-8 bytes. - Must have values that match regex `[A-Za-z\d\.\-_]{1,100}` If the value of any dimension matches regex `__.*__`, the partition is reserved/read-only. A reserved/read-only partition ID is forbidden in certain documented contexts. Foreign partition IDs (in which the project ID does not match the context project ID ) are discouraged. Reads and writes of foreign partition IDs may fail if the project is not in an active state. # Entities are partitioned into subsets, currently identified by a project ID and namespace ID. Queries are scoped to a single partition.
+                "namespaceId": "A String", # If not empty, the ID of the namespace to which the entities belong.
+                "projectId": "A String", # The ID of the project to which the entities belong.
+              },
+              "path": [ # The entity path. An entity path consists of one or more elements composed of a kind and a string or numerical identifier, which identify entities. The first element identifies a _root entity_, the second element identifies a _child_ of the root entity, the third element identifies a child of the second entity, and so forth. The entities identified by all prefixes of the path are called the element's _ancestors_. An entity path is always fully complete: *all* of the entity's ancestors are required to be in the path along with the entity identifier itself. The only exception is that in some documented cases, the identifier in the last path element (for the entity) itself may be omitted. For example, the last path element of the key of `Mutation.insert` may have no identifier. A path can never be empty, and a path can have at most 100 elements.
+                { # A (kind, ID/name) pair used to construct a key path. If either name or ID is set, the element is complete. If neither is set, the element is incomplete.
+                  "id": "A String", # The auto-allocated ID of the entity. Never equal to zero. Values less than zero are discouraged and may not be supported in the future.
+                  "kind": "A String", # The kind of the entity. A kind matching regex `__.*__` is reserved/read-only. A kind must not contain more than 1500 bytes when UTF-8 encoded. Cannot be `""`. Must be valid UTF-8 bytes. Legacy values that are not valid UTF-8 are encoded as `__bytes__` where `` is the base-64 encoding of the bytes.
+                  "name": "A String", # The name of the entity. A name matching regex `__.*__` is reserved/read-only. A name must not be more than 1500 bytes when UTF-8 encoded. Cannot be `""`. Must be valid UTF-8 bytes. Legacy values that are not valid UTF-8 are encoded as `__bytes__` where `` is the base-64 encoding of the bytes.
+                },
+              ],
+            },
+            "meaning": 42, # The `meaning` field should only be populated for backwards compatibility.
+            "nullValue": "A String", # A null value.
+            "stringValue": "A String", # A UTF-8 encoded string value. When `exclude_from_indexes` is false (it is indexed) , may have at most 1500 bytes. Otherwise, may be set to at most 1,000,000 bytes.
+            "timestampValue": "A String", # A timestamp value. When stored in the Datastore, precise only to microseconds; any additional precision is rounded down.
+          },
         },
       },
       "updateTime": "A String", # The time at which the entity was last changed. This field is set for `FULL` entity results. If this entity is missing, this field will not be set.
@@ -411,7 +543,40 @@ 
Method Details

           ],
         },
         "properties": { # The entity's properties. The map's keys are property names. A property name matching regex `__.*__` is reserved. A reserved property name is forbidden in certain documented contexts. The name must not contain more than 500 characters. The name cannot be `""`.
-          "a_key": # Object with schema name: Value
+          "a_key": { # A message that can hold any of the supported value types and associated metadata.
+            "arrayValue": { # An array value. # An array value. Cannot contain another array value. A `Value` instance that sets field `array_value` must not set fields `meaning` or `exclude_from_indexes`.
+              "values": [ # Values in the array. The order of values in an array is preserved as long as all values have identical settings for 'exclude_from_indexes'.
+                # Object with schema name: Value
+              ],
+            },
+            "blobValue": "A String", # A blob value. May have at most 1,000,000 bytes. When `exclude_from_indexes` is false, may have at most 1500 bytes. In JSON requests, must be base64-encoded.
+            "booleanValue": True or False, # A boolean value.
+            "doubleValue": 3.14, # A double value.
+            "entityValue": # Object with schema name: Entity # An entity value. - May have no key. - May have a key with an incomplete key path. - May have a reserved/read-only key.
+            "excludeFromIndexes": True or False, # If the value should be excluded from all indexes including those defined explicitly.
+            "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
+              "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
+              "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0].
+            },
+            "integerValue": "A String", # An integer value.
+            "keyValue": { # A unique identifier for an entity. If a key's partition ID or any of its path kinds or names are reserved/read-only, the key is reserved/read-only. A reserved/read-only key is forbidden in certain documented contexts. # A key value.
+              "partitionId": { # A partition ID identifies a grouping of entities. The grouping is always by project and namespace, however the namespace ID may be empty. A partition ID contains several dimensions: project ID and namespace ID. Partition dimensions: - May be `""`. - Must be valid UTF-8 bytes. - Must have values that match regex `[A-Za-z\d\.\-_]{1,100}` If the value of any dimension matches regex `__.*__`, the partition is reserved/read-only. A reserved/read-only partition ID is forbidden in certain documented contexts. Foreign partition IDs (in which the project ID does not match the context project ID ) are discouraged. Reads and writes of foreign partition IDs may fail if the project is not in an active state. # Entities are partitioned into subsets, currently identified by a project ID and namespace ID. Queries are scoped to a single partition.
+                "namespaceId": "A String", # If not empty, the ID of the namespace to which the entities belong.
+                "projectId": "A String", # The ID of the project to which the entities belong.
+              },
+              "path": [ # The entity path. An entity path consists of one or more elements composed of a kind and a string or numerical identifier, which identify entities. The first element identifies a _root entity_, the second element identifies a _child_ of the root entity, the third element identifies a child of the second entity, and so forth. The entities identified by all prefixes of the path are called the element's _ancestors_. An entity path is always fully complete: *all* of the entity's ancestors are required to be in the path along with the entity identifier itself. The only exception is that in some documented cases, the identifier in the last path element (for the entity) itself may be omitted. For example, the last path element of the key of `Mutation.insert` may have no identifier. A path can never be empty, and a path can have at most 100 elements.
+                { # A (kind, ID/name) pair used to construct a key path. If either name or ID is set, the element is complete. If neither is set, the element is incomplete.
+                  "id": "A String", # The auto-allocated ID of the entity. Never equal to zero. Values less than zero are discouraged and may not be supported in the future.
+                  "kind": "A String", # The kind of the entity. A kind matching regex `__.*__` is reserved/read-only. A kind must not contain more than 1500 bytes when UTF-8 encoded. Cannot be `""`. Must be valid UTF-8 bytes. Legacy values that are not valid UTF-8 are encoded as `__bytes__` where `` is the base-64 encoding of the bytes.
+                  "name": "A String", # The name of the entity. A name matching regex `__.*__` is reserved/read-only. A name must not be more than 1500 bytes when UTF-8 encoded. Cannot be `""`. Must be valid UTF-8 bytes. Legacy values that are not valid UTF-8 are encoded as `__bytes__` where `` is the base-64 encoding of the bytes.
+                },
+              ],
+            },
+            "meaning": 42, # The `meaning` field should only be populated for backwards compatibility.
+            "nullValue": "A String", # A null value.
+            "stringValue": "A String", # A UTF-8 encoded string value. When `exclude_from_indexes` is false (it is indexed) , may have at most 1500 bytes. Otherwise, may be set to at most 1,000,000 bytes.
+            "timestampValue": "A String", # A timestamp value. When stored in the Datastore, precise only to microseconds; any additional precision is rounded down.
+          },
         },
       },
       "updateTime": "A String", # The time at which the entity was last changed. This field is set for `FULL` entity results. If this entity is missing, this field will not be set.
@@ -511,24 +676,7 @@ 
Method Details

           "blobValue": "A String", # A blob value. May have at most 1,000,000 bytes. When `exclude_from_indexes` is false, may have at most 1500 bytes. In JSON requests, must be base64-encoded.
           "booleanValue": True or False, # A boolean value.
           "doubleValue": 3.14, # A double value.
-          "entityValue": { # A Datastore data object. An entity is limited to 1 megabyte when stored. That _roughly_ corresponds to a limit of 1 megabyte for the serialized form of this message. # An entity value. - May have no key. - May have a key with an incomplete key path. - May have a reserved/read-only key.
-            "key": { # A unique identifier for an entity. If a key's partition ID or any of its path kinds or names are reserved/read-only, the key is reserved/read-only. A reserved/read-only key is forbidden in certain documented contexts. # The entity's key. An entity must have a key, unless otherwise documented (for example, an entity in `Value.entity_value` may have no key). An entity's kind is its key path's last element's kind, or null if it has no key.
-              "partitionId": { # A partition ID identifies a grouping of entities. The grouping is always by project and namespace, however the namespace ID may be empty. A partition ID contains several dimensions: project ID and namespace ID. Partition dimensions: - May be `""`. - Must be valid UTF-8 bytes. - Must have values that match regex `[A-Za-z\d\.\-_]{1,100}` If the value of any dimension matches regex `__.*__`, the partition is reserved/read-only. A reserved/read-only partition ID is forbidden in certain documented contexts. Foreign partition IDs (in which the project ID does not match the context project ID ) are discouraged. Reads and writes of foreign partition IDs may fail if the project is not in an active state. # Entities are partitioned into subsets, currently identified by a project ID and namespace ID. Queries are scoped to a single partition.
-                "namespaceId": "A String", # If not empty, the ID of the namespace to which the entities belong.
-                "projectId": "A String", # The ID of the project to which the entities belong.
-              },
-              "path": [ # The entity path. An entity path consists of one or more elements composed of a kind and a string or numerical identifier, which identify entities. The first element identifies a _root entity_, the second element identifies a _child_ of the root entity, the third element identifies a child of the second entity, and so forth. The entities identified by all prefixes of the path are called the element's _ancestors_. An entity path is always fully complete: *all* of the entity's ancestors are required to be in the path along with the entity identifier itself. The only exception is that in some documented cases, the identifier in the last path element (for the entity) itself may be omitted. For example, the last path element of the key of `Mutation.insert` may have no identifier. A path can never be empty, and a path can have at most 100 elements.
-                { # A (kind, ID/name) pair used to construct a key path. If either name or ID is set, the element is complete. If neither is set, the element is incomplete.
-                  "id": "A String", # The auto-allocated ID of the entity. Never equal to zero. Values less than zero are discouraged and may not be supported in the future.
-                  "kind": "A String", # The kind of the entity. A kind matching regex `__.*__` is reserved/read-only. A kind must not contain more than 1500 bytes when UTF-8 encoded. Cannot be `""`. Must be valid UTF-8 bytes. Legacy values that are not valid UTF-8 are encoded as `__bytes__` where `` is the base-64 encoding of the bytes.
-                  "name": "A String", # The name of the entity. A name matching regex `__.*__` is reserved/read-only. A name must not be more than 1500 bytes when UTF-8 encoded. Cannot be `""`. Must be valid UTF-8 bytes. Legacy values that are not valid UTF-8 are encoded as `__bytes__` where `` is the base-64 encoding of the bytes.
-                },
-              ],
-            },
-            "properties": { # The entity's properties. The map's keys are property names. A property name matching regex `__.*__` is reserved. A reserved property name is forbidden in certain documented contexts. The name must not contain more than 500 characters. The name cannot be `""`.
-              "a_key": # Object with schema name: Value
-            },
-          },
+          "entityValue": # Object with schema name: Entity # An entity value. - May have no key. - May have a key with an incomplete key path. - May have a reserved/read-only key.
           "excludeFromIndexes": True or False, # If the value should be excluded from all indexes including those defined explicitly.
           "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
             "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
@@ -567,24 +715,7 @@ 
Method Details

           "blobValue": "A String", # A blob value. May have at most 1,000,000 bytes. When `exclude_from_indexes` is false, may have at most 1500 bytes. In JSON requests, must be base64-encoded.
           "booleanValue": True or False, # A boolean value.
           "doubleValue": 3.14, # A double value.
-          "entityValue": { # A Datastore data object. An entity is limited to 1 megabyte when stored. That _roughly_ corresponds to a limit of 1 megabyte for the serialized form of this message. # An entity value. - May have no key. - May have a key with an incomplete key path. - May have a reserved/read-only key.
-            "key": { # A unique identifier for an entity. If a key's partition ID or any of its path kinds or names are reserved/read-only, the key is reserved/read-only. A reserved/read-only key is forbidden in certain documented contexts. # The entity's key. An entity must have a key, unless otherwise documented (for example, an entity in `Value.entity_value` may have no key). An entity's kind is its key path's last element's kind, or null if it has no key.
-              "partitionId": { # A partition ID identifies a grouping of entities. The grouping is always by project and namespace, however the namespace ID may be empty. A partition ID contains several dimensions: project ID and namespace ID. Partition dimensions: - May be `""`. - Must be valid UTF-8 bytes. - Must have values that match regex `[A-Za-z\d\.\-_]{1,100}` If the value of any dimension matches regex `__.*__`, the partition is reserved/read-only. A reserved/read-only partition ID is forbidden in certain documented contexts. Foreign partition IDs (in which the project ID does not match the context project ID ) are discouraged. Reads and writes of foreign partition IDs may fail if the project is not in an active state. # Entities are partitioned into subsets, currently identified by a project ID and namespace ID. Queries are scoped to a single partition.
-                "namespaceId": "A String", # If not empty, the ID of the namespace to which the entities belong.
-                "projectId": "A String", # The ID of the project to which the entities belong.
-              },
-              "path": [ # The entity path. An entity path consists of one or more elements composed of a kind and a string or numerical identifier, which identify entities. The first element identifies a _root entity_, the second element identifies a _child_ of the root entity, the third element identifies a child of the second entity, and so forth. The entities identified by all prefixes of the path are called the element's _ancestors_. An entity path is always fully complete: *all* of the entity's ancestors are required to be in the path along with the entity identifier itself. The only exception is that in some documented cases, the identifier in the last path element (for the entity) itself may be omitted. For example, the last path element of the key of `Mutation.insert` may have no identifier. A path can never be empty, and a path can have at most 100 elements.
-                { # A (kind, ID/name) pair used to construct a key path. If either name or ID is set, the element is complete. If neither is set, the element is incomplete.
-                  "id": "A String", # The auto-allocated ID of the entity. Never equal to zero. Values less than zero are discouraged and may not be supported in the future.
-                  "kind": "A String", # The kind of the entity. A kind matching regex `__.*__` is reserved/read-only. A kind must not contain more than 1500 bytes when UTF-8 encoded. Cannot be `""`. Must be valid UTF-8 bytes. Legacy values that are not valid UTF-8 are encoded as `__bytes__` where `` is the base-64 encoding of the bytes.
-                  "name": "A String", # The name of the entity. A name matching regex `__.*__` is reserved/read-only. A name must not be more than 1500 bytes when UTF-8 encoded. Cannot be `""`. Must be valid UTF-8 bytes. Legacy values that are not valid UTF-8 are encoded as `__bytes__` where `` is the base-64 encoding of the bytes.
-                },
-              ],
-            },
-            "properties": { # The entity's properties. The map's keys are property names. A property name matching regex `__.*__` is reserved. A reserved property name is forbidden in certain documented contexts. The name must not contain more than 500 characters. The name cannot be `""`.
-              "a_key": # Object with schema name: Value
-            },
-          },
+          "entityValue": # Object with schema name: Entity # An entity value. - May have no key. - May have a key with an incomplete key path. - May have a reserved/read-only key.
           "excludeFromIndexes": True or False, # If the value should be excluded from all indexes including those defined explicitly.
           "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
             "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
@@ -645,24 +776,7 @@ 
Method Details

           "blobValue": "A String", # A blob value. May have at most 1,000,000 bytes. When `exclude_from_indexes` is false, may have at most 1500 bytes. In JSON requests, must be base64-encoded.
           "booleanValue": True or False, # A boolean value.
           "doubleValue": 3.14, # A double value.
-          "entityValue": { # A Datastore data object. An entity is limited to 1 megabyte when stored. That _roughly_ corresponds to a limit of 1 megabyte for the serialized form of this message. # An entity value. - May have no key. - May have a key with an incomplete key path. - May have a reserved/read-only key.
-            "key": { # A unique identifier for an entity. If a key's partition ID or any of its path kinds or names are reserved/read-only, the key is reserved/read-only. A reserved/read-only key is forbidden in certain documented contexts. # The entity's key. An entity must have a key, unless otherwise documented (for example, an entity in `Value.entity_value` may have no key). An entity's kind is its key path's last element's kind, or null if it has no key.
-              "partitionId": { # A partition ID identifies a grouping of entities. The grouping is always by project and namespace, however the namespace ID may be empty. A partition ID contains several dimensions: project ID and namespace ID. Partition dimensions: - May be `""`. - Must be valid UTF-8 bytes. - Must have values that match regex `[A-Za-z\d\.\-_]{1,100}` If the value of any dimension matches regex `__.*__`, the partition is reserved/read-only. A reserved/read-only partition ID is forbidden in certain documented contexts. Foreign partition IDs (in which the project ID does not match the context project ID ) are discouraged. Reads and writes of foreign partition IDs may fail if the project is not in an active state. # Entities are partitioned into subsets, currently identified by a project ID and namespace ID. Queries are scoped to a single partition.
-                "namespaceId": "A String", # If not empty, the ID of the namespace to which the entities belong.
-                "projectId": "A String", # The ID of the project to which the entities belong.
-              },
-              "path": [ # The entity path. An entity path consists of one or more elements composed of a kind and a string or numerical identifier, which identify entities. The first element identifies a _root entity_, the second element identifies a _child_ of the root entity, the third element identifies a child of the second entity, and so forth. The entities identified by all prefixes of the path are called the element's _ancestors_. An entity path is always fully complete: *all* of the entity's ancestors are required to be in the path along with the entity identifier itself. The only exception is that in some documented cases, the identifier in the last path element (for the entity) itself may be omitted. For example, the last path element of the key of `Mutation.insert` may have no identifier. A path can never be empty, and a path can have at most 100 elements.
-                { # A (kind, ID/name) pair used to construct a key path. If either name or ID is set, the element is complete. If neither is set, the element is incomplete.
-                  "id": "A String", # The auto-allocated ID of the entity. Never equal to zero. Values less than zero are discouraged and may not be supported in the future.
-                  "kind": "A String", # The kind of the entity. A kind matching regex `__.*__` is reserved/read-only. A kind must not contain more than 1500 bytes when UTF-8 encoded. Cannot be `""`. Must be valid UTF-8 bytes. Legacy values that are not valid UTF-8 are encoded as `__bytes__` where `` is the base-64 encoding of the bytes.
-                  "name": "A String", # The name of the entity. A name matching regex `__.*__` is reserved/read-only. A name must not be more than 1500 bytes when UTF-8 encoded. Cannot be `""`. Must be valid UTF-8 bytes. Legacy values that are not valid UTF-8 are encoded as `__bytes__` where `` is the base-64 encoding of the bytes.
-                },
-              ],
-            },
-            "properties": { # The entity's properties. The map's keys are property names. A property name matching regex `__.*__` is reserved. A reserved property name is forbidden in certain documented contexts. The name must not contain more than 500 characters. The name cannot be `""`.
-              "a_key": # Object with schema name: Value
-            },
-          },
+          "entityValue": # Object with schema name: Entity # An entity value. - May have no key. - May have a key with an incomplete key path. - May have a reserved/read-only key.
           "excludeFromIndexes": True or False, # If the value should be excluded from all indexes including those defined explicitly.
           "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
             "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
@@ -750,7 +864,40 @@ 
Method Details

             ],
           },
           "properties": { # The entity's properties. The map's keys are property names. A property name matching regex `__.*__` is reserved. A reserved property name is forbidden in certain documented contexts. The name must not contain more than 500 characters. The name cannot be `""`.
-            "a_key": # Object with schema name: Value
+            "a_key": { # A message that can hold any of the supported value types and associated metadata.
+              "arrayValue": { # An array value. # An array value. Cannot contain another array value. A `Value` instance that sets field `array_value` must not set fields `meaning` or `exclude_from_indexes`.
+                "values": [ # Values in the array. The order of values in an array is preserved as long as all values have identical settings for 'exclude_from_indexes'.
+                  # Object with schema name: Value
+                ],
+              },
+              "blobValue": "A String", # A blob value. May have at most 1,000,000 bytes. When `exclude_from_indexes` is false, may have at most 1500 bytes. In JSON requests, must be base64-encoded.
+              "booleanValue": True or False, # A boolean value.
+              "doubleValue": 3.14, # A double value.
+              "entityValue": # Object with schema name: Entity # An entity value. - May have no key. - May have a key with an incomplete key path. - May have a reserved/read-only key.
+              "excludeFromIndexes": True or False, # If the value should be excluded from all indexes including those defined explicitly.
+              "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
+                "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
+                "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0].
+              },
+              "integerValue": "A String", # An integer value.
+              "keyValue": { # A unique identifier for an entity. If a key's partition ID or any of its path kinds or names are reserved/read-only, the key is reserved/read-only. A reserved/read-only key is forbidden in certain documented contexts. # A key value.
+                "partitionId": { # A partition ID identifies a grouping of entities. The grouping is always by project and namespace, however the namespace ID may be empty. A partition ID contains several dimensions: project ID and namespace ID. Partition dimensions: - May be `""`. - Must be valid UTF-8 bytes. - Must have values that match regex `[A-Za-z\d\.\-_]{1,100}` If the value of any dimension matches regex `__.*__`, the partition is reserved/read-only. A reserved/read-only partition ID is forbidden in certain documented contexts. Foreign partition IDs (in which the project ID does not match the context project ID ) are discouraged. Reads and writes of foreign partition IDs may fail if the project is not in an active state. # Entities are partitioned into subsets, currently identified by a project ID and namespace ID. Queries are scoped to a single partition.
+                  "namespaceId": "A String", # If not empty, the ID of the namespace to which the entities belong.
+                  "projectId": "A String", # The ID of the project to which the entities belong.
+                },
+                "path": [ # The entity path. An entity path consists of one or more elements composed of a kind and a string or numerical identifier, which identify entities. The first element identifies a _root entity_, the second element identifies a _child_ of the root entity, the third element identifies a child of the second entity, and so forth. The entities identified by all prefixes of the path are called the element's _ancestors_. An entity path is always fully complete: *all* of the entity's ancestors are required to be in the path along with the entity identifier itself. The only exception is that in some documented cases, the identifier in the last path element (for the entity) itself may be omitted. For example, the last path element of the key of `Mutation.insert` may have no identifier. A path can never be empty, and a path can have at most 100 elements.
+                  { # A (kind, ID/name) pair used to construct a key path. If either name or ID is set, the element is complete. If neither is set, the element is incomplete.
+                    "id": "A String", # The auto-allocated ID of the entity. Never equal to zero. Values less than zero are discouraged and may not be supported in the future.
+                    "kind": "A String", # The kind of the entity. A kind matching regex `__.*__` is reserved/read-only. A kind must not contain more than 1500 bytes when UTF-8 encoded. Cannot be `""`. Must be valid UTF-8 bytes. Legacy values that are not valid UTF-8 are encoded as `__bytes__` where `` is the base-64 encoding of the bytes.
+                    "name": "A String", # The name of the entity. A name matching regex `__.*__` is reserved/read-only. A name must not be more than 1500 bytes when UTF-8 encoded. Cannot be `""`. Must be valid UTF-8 bytes. Legacy values that are not valid UTF-8 are encoded as `__bytes__` where `` is the base-64 encoding of the bytes.
+                  },
+                ],
+              },
+              "meaning": 42, # The `meaning` field should only be populated for backwards compatibility.
+              "nullValue": "A String", # A null value.
+              "stringValue": "A String", # A UTF-8 encoded string value. When `exclude_from_indexes` is false (it is indexed) , may have at most 1500 bytes. Otherwise, may be set to at most 1,000,000 bytes.
+              "timestampValue": "A String", # A timestamp value. When stored in the Datastore, precise only to microseconds; any additional precision is rounded down.
+            },
           },
         },
         "updateTime": "A String", # The time at which the entity was last changed. This field is set for `FULL` entity results. If this entity is missing, this field will not be set.
@@ -791,24 +938,7 @@ 
Method Details

           "blobValue": "A String", # A blob value. May have at most 1,000,000 bytes. When `exclude_from_indexes` is false, may have at most 1500 bytes. In JSON requests, must be base64-encoded.
           "booleanValue": True or False, # A boolean value.
           "doubleValue": 3.14, # A double value.
-          "entityValue": { # A Datastore data object. An entity is limited to 1 megabyte when stored. That _roughly_ corresponds to a limit of 1 megabyte for the serialized form of this message. # An entity value. - May have no key. - May have a key with an incomplete key path. - May have a reserved/read-only key.
-            "key": { # A unique identifier for an entity. If a key's partition ID or any of its path kinds or names are reserved/read-only, the key is reserved/read-only. A reserved/read-only key is forbidden in certain documented contexts. # The entity's key. An entity must have a key, unless otherwise documented (for example, an entity in `Value.entity_value` may have no key). An entity's kind is its key path's last element's kind, or null if it has no key.
-              "partitionId": { # A partition ID identifies a grouping of entities. The grouping is always by project and namespace, however the namespace ID may be empty. A partition ID contains several dimensions: project ID and namespace ID. Partition dimensions: - May be `""`. - Must be valid UTF-8 bytes. - Must have values that match regex `[A-Za-z\d\.\-_]{1,100}` If the value of any dimension matches regex `__.*__`, the partition is reserved/read-only. A reserved/read-only partition ID is forbidden in certain documented contexts. Foreign partition IDs (in which the project ID does not match the context project ID ) are discouraged. Reads and writes of foreign partition IDs may fail if the project is not in an active state. # Entities are partitioned into subsets, currently identified by a project ID and namespace ID. Queries are scoped to a single partition.
-                "namespaceId": "A String", # If not empty, the ID of the namespace to which the entities belong.
-                "projectId": "A String", # The ID of the project to which the entities belong.
-              },
-              "path": [ # The entity path. An entity path consists of one or more elements composed of a kind and a string or numerical identifier, which identify entities. The first element identifies a _root entity_, the second element identifies a _child_ of the root entity, the third element identifies a child of the second entity, and so forth. The entities identified by all prefixes of the path are called the element's _ancestors_. An entity path is always fully complete: *all* of the entity's ancestors are required to be in the path along with the entity identifier itself. The only exception is that in some documented cases, the identifier in the last path element (for the entity) itself may be omitted. For example, the last path element of the key of `Mutation.insert` may have no identifier. A path can never be empty, and a path can have at most 100 elements.
-                { # A (kind, ID/name) pair used to construct a key path. If either name or ID is set, the element is complete. If neither is set, the element is incomplete.
-                  "id": "A String", # The auto-allocated ID of the entity. Never equal to zero. Values less than zero are discouraged and may not be supported in the future.
-                  "kind": "A String", # The kind of the entity. A kind matching regex `__.*__` is reserved/read-only. A kind must not contain more than 1500 bytes when UTF-8 encoded. Cannot be `""`. Must be valid UTF-8 bytes. Legacy values that are not valid UTF-8 are encoded as `__bytes__` where `` is the base-64 encoding of the bytes.
-                  "name": "A String", # The name of the entity. A name matching regex `__.*__` is reserved/read-only. A name must not be more than 1500 bytes when UTF-8 encoded. Cannot be `""`. Must be valid UTF-8 bytes. Legacy values that are not valid UTF-8 are encoded as `__bytes__` where `` is the base-64 encoding of the bytes.
-                },
-              ],
-            },
-            "properties": { # The entity's properties. The map's keys are property names. A property name matching regex `__.*__` is reserved. A reserved property name is forbidden in certain documented contexts. The name must not contain more than 500 characters. The name cannot be `""`.
-              "a_key": # Object with schema name: Value
-            },
-          },
+          "entityValue": # Object with schema name: Entity # An entity value. - May have no key. - May have a key with an incomplete key path. - May have a reserved/read-only key.
           "excludeFromIndexes": True or False, # If the value should be excluded from all indexes including those defined explicitly.
           "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
             "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
diff --git a/docs/dyn/displayvideo_v1.advertisers.insertionOrders.html b/docs/dyn/displayvideo_v1.advertisers.insertionOrders.html
index d7f9432a567..dd626b0f026 100644
--- a/docs/dyn/displayvideo_v1.advertisers.insertionOrders.html
+++ b/docs/dyn/displayvideo_v1.advertisers.insertionOrders.html
@@ -645,7 +645,7 @@ 
Method Details

 
 Args:
   advertiserId: string, The ID of the advertiser this insertion order belongs to. (required)
-  insertionOrderId: string, The ID of the insertion order we need to delete. (required)
+  insertionOrderId: string, The ID of the insertion order to delete. (required)
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
diff --git a/docs/dyn/displayvideo_v1.advertisers.lineItems.html b/docs/dyn/displayvideo_v1.advertisers.lineItems.html
index 398c9047acc..0a8868b1d83 100644
--- a/docs/dyn/displayvideo_v1.advertisers.lineItems.html
+++ b/docs/dyn/displayvideo_v1.advertisers.lineItems.html
@@ -1347,7 +1347,7 @@ 
Method Details

 
 Args:
   advertiserId: string, The ID of the advertiser this line item belongs to. (required)
-  lineItemId: string, The ID of the line item we need to fetch. (required)
+  lineItemId: string, The ID of the line item to delete. (required)
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
diff --git a/docs/dyn/displayvideo_v1.advertisers.targetingTypes.assignedTargetingOptions.html b/docs/dyn/displayvideo_v1.advertisers.targetingTypes.assignedTargetingOptions.html
index e07b523e016..7b0f132fdea 100644
--- a/docs/dyn/displayvideo_v1.advertisers.targetingTypes.assignedTargetingOptions.html
+++ b/docs/dyn/displayvideo_v1.advertisers.targetingTypes.assignedTargetingOptions.html
@@ -841,7 +841,7 @@ 
Method Details

 
 Args:
   advertiserId: string, Required. The ID of the advertiser. (required)
-  targetingType: string, Required. Identifies the type of this assigned targeting option. Supported targeting types: * `TARGETING_TYPE_CHANNEL` * `TARGETING_TYPE_DIGITAL_CONTENT_LABEL_EXCLUSION` * `TARGETING_TYPE_OMID` * `TARGETING_TYPE_SENSITIVE_CATEGORY_EXCLUSION` (required)
+  targetingType: string, Required. Identifies the type of this assigned targeting option. Supported targeting types: * `TARGETING_TYPE_CHANNEL` * `TARGETING_TYPE_DIGITAL_CONTENT_LABEL_EXCLUSION` * `TARGETING_TYPE_OMID` * `TARGETING_TYPE_SENSITIVE_CATEGORY_EXCLUSION` * `TARGETING_TYPE_YOUTUBE_VIDEO` * `TARGETING_TYPE_YOUTUBE_CHANNEL` (required)
     Allowed values
       TARGETING_TYPE_UNSPECIFIED - Default value when type is not specified or is unknown in this version.
       TARGETING_TYPE_CHANNEL - Target a channel (a custom group of related websites or apps).
@@ -1207,7 +1207,7 @@ 
Method Details

 
 Args:
   advertiserId: string, Required. The ID of the advertiser. (required)
-  targetingType: string, Required. Identifies the type of assigned targeting options to list. Supported targeting types: * `TARGETING_TYPE_CHANNEL` * `TARGETING_TYPE_DIGITAL_CONTENT_LABEL_EXCLUSION` * `TARGETING_TYPE_OMID` * `TARGETING_TYPE_SENSITIVE_CATEGORY_EXCLUSION` (required)
+  targetingType: string, Required. Identifies the type of assigned targeting options to list. Supported targeting types: * `TARGETING_TYPE_CHANNEL` * `TARGETING_TYPE_DIGITAL_CONTENT_LABEL_EXCLUSION` * `TARGETING_TYPE_OMID` * `TARGETING_TYPE_SENSITIVE_CATEGORY_EXCLUSION` * `TARGETING_TYPE_YOUTUBE_VIDEO` * `TARGETING_TYPE_YOUTUBE_CHANNEL` (required)
     Allowed values
       TARGETING_TYPE_UNSPECIFIED - Default value when type is not specified or is unknown in this version.
       TARGETING_TYPE_CHANNEL - Target a channel (a custom group of related websites or apps).
diff --git a/docs/dyn/dlp_v2.organizations.deidentifyTemplates.html b/docs/dyn/dlp_v2.organizations.deidentifyTemplates.html
index 0522d40ed47..08258d14c77 100644
--- a/docs/dyn/dlp_v2.organizations.deidentifyTemplates.html
+++ b/docs/dyn/dlp_v2.organizations.deidentifyTemplates.html
@@ -114,6 +114,29 @@ 
Method Details

   "deidentifyTemplate": { # DeidentifyTemplates contains instructions on how to de-identify content. See https://cloud.google.com/dlp/docs/concepts-templates to learn more. # Required. The DeidentifyTemplate to create.
     "createTime": "A String", # Output only. The creation timestamp of an inspectTemplate.
     "deidentifyConfig": { # The configuration that controls how the data will change. # The core content of the template.
+      "imageTransformations": { # A type of transformation that is applied over images. # Treat the dataset as an image and redact.
+        "transforms": [
+          { # Configuration for determining how redaction of images should occur.
+            "allInfoTypes": { # Apply transformation to all findings. # Apply transformation to all findings not specified in other ImageTransformation's selected_info_types. Only one instance is allowed within the ImageTransformations message.
+            },
+            "allText": { # Apply to all text. # Apply transformation to all text that doesn't match an infoType. Only one instance is allowed within the ImageTransformations message.
+            },
+            "redactionColor": { # Represents a color in the RGB color space. # The color to use when redacting content from an image. If not specified, the default is black.
+              "blue": 3.14, # The amount of blue in the color as a value in the interval [0, 1].
+              "green": 3.14, # The amount of green in the color as a value in the interval [0, 1].
+              "red": 3.14, # The amount of red in the color as a value in the interval [0, 1].
+            },
+            "selectedInfoTypes": { # Apply transformation to the selected info_types. # Apply transformation to the selected info_types.
+              "infoTypes": [ # Required. InfoTypes to apply the transformation to. Required. Provided InfoType must be unique within the ImageTransformations message.
+                { # Type of information detected by the API.
+                  "name": "A String", # Name of the information type. Either a name of your choosing when creating a CustomInfoType, or one of the names listed at https://cloud.google.com/dlp/docs/infotypes-reference when specifying a built-in type. When sending Cloud DLP results to Data Catalog, infoType names should conform to the pattern `[A-Za-z0-9$-_]{1,64}`.
+                  "version": "A String", # Optional version name for this InfoType.
+                },
+              ],
+            },
+          },
+        ],
+      },
       "infoTypeTransformations": { # A type of transformation that will scan unstructured text and apply various `PrimitiveTransformation`s to each finding, where the transformation is applied to only values that were identified as a specific info_type. # Treat the dataset as free-form text and apply the same free text transformation everywhere.
         "transformations": [ # Required. Transformation for each infoType. Cannot specify more than one for a given infoType.
           { # A transformation to apply to text that is identified as a specific info_type.
@@ -938,6 +961,29 @@ 
Method Details

     { # DeidentifyTemplates contains instructions on how to de-identify content. See https://cloud.google.com/dlp/docs/concepts-templates to learn more.
   "createTime": "A String", # Output only. The creation timestamp of an inspectTemplate.
   "deidentifyConfig": { # The configuration that controls how the data will change. # The core content of the template.
+    "imageTransformations": { # A type of transformation that is applied over images. # Treat the dataset as an image and redact.
+      "transforms": [
+        { # Configuration for determining how redaction of images should occur.
+          "allInfoTypes": { # Apply transformation to all findings. # Apply transformation to all findings not specified in other ImageTransformation's selected_info_types. Only one instance is allowed within the ImageTransformations message.
+          },
+          "allText": { # Apply to all text. # Apply transformation to all text that doesn't match an infoType. Only one instance is allowed within the ImageTransformations message.
+          },
+          "redactionColor": { # Represents a color in the RGB color space. # The color to use when redacting content from an image. If not specified, the default is black.
+            "blue": 3.14, # The amount of blue in the color as a value in the interval [0, 1].
+            "green": 3.14, # The amount of green in the color as a value in the interval [0, 1].
+            "red": 3.14, # The amount of red in the color as a value in the interval [0, 1].
+          },
+          "selectedInfoTypes": { # Apply transformation to the selected info_types. # Apply transformation to the selected info_types.
+            "infoTypes": [ # Required. InfoTypes to apply the transformation to. Required. Provided InfoType must be unique within the ImageTransformations message.
+              { # Type of information detected by the API.
+                "name": "A String", # Name of the information type. Either a name of your choosing when creating a CustomInfoType, or one of the names listed at https://cloud.google.com/dlp/docs/infotypes-reference when specifying a built-in type. When sending Cloud DLP results to Data Catalog, infoType names should conform to the pattern `[A-Za-z0-9$-_]{1,64}`.
+                "version": "A String", # Optional version name for this InfoType.
+              },
+            ],
+          },
+        },
+      ],
+    },
     "infoTypeTransformations": { # A type of transformation that will scan unstructured text and apply various `PrimitiveTransformation`s to each finding, where the transformation is applied to only values that were identified as a specific info_type. # Treat the dataset as free-form text and apply the same free text transformation everywhere.
       "transformations": [ # Required. Transformation for each infoType. Cannot specify more than one for a given infoType.
         { # A transformation to apply to text that is identified as a specific info_type.
@@ -1784,6 +1830,29 @@ 
Method Details

     { # DeidentifyTemplates contains instructions on how to de-identify content. See https://cloud.google.com/dlp/docs/concepts-templates to learn more.
   "createTime": "A String", # Output only. The creation timestamp of an inspectTemplate.
   "deidentifyConfig": { # The configuration that controls how the data will change. # The core content of the template.
+    "imageTransformations": { # A type of transformation that is applied over images. # Treat the dataset as an image and redact.
+      "transforms": [
+        { # Configuration for determining how redaction of images should occur.
+          "allInfoTypes": { # Apply transformation to all findings. # Apply transformation to all findings not specified in other ImageTransformation's selected_info_types. Only one instance is allowed within the ImageTransformations message.
+          },
+          "allText": { # Apply to all text. # Apply transformation to all text that doesn't match an infoType. Only one instance is allowed within the ImageTransformations message.
+          },
+          "redactionColor": { # Represents a color in the RGB color space. # The color to use when redacting content from an image. If not specified, the default is black.
+            "blue": 3.14, # The amount of blue in the color as a value in the interval [0, 1].
+            "green": 3.14, # The amount of green in the color as a value in the interval [0, 1].
+            "red": 3.14, # The amount of red in the color as a value in the interval [0, 1].
+          },
+          "selectedInfoTypes": { # Apply transformation to the selected info_types. # Apply transformation to the selected info_types.
+            "infoTypes": [ # Required. InfoTypes to apply the transformation to. Required. Provided InfoType must be unique within the ImageTransformations message.
+              { # Type of information detected by the API.
+                "name": "A String", # Name of the information type. Either a name of your choosing when creating a CustomInfoType, or one of the names listed at https://cloud.google.com/dlp/docs/infotypes-reference when specifying a built-in type. When sending Cloud DLP results to Data Catalog, infoType names should conform to the pattern `[A-Za-z0-9$-_]{1,64}`.
+                "version": "A String", # Optional version name for this InfoType.
+              },
+            ],
+          },
+        },
+      ],
+    },
     "infoTypeTransformations": { # A type of transformation that will scan unstructured text and apply various `PrimitiveTransformation`s to each finding, where the transformation is applied to only values that were identified as a specific info_type. # Treat the dataset as free-form text and apply the same free text transformation everywhere.
       "transformations": [ # Required. Transformation for each infoType. Cannot specify more than one for a given infoType.
         { # A transformation to apply to text that is identified as a specific info_type.
@@ -2618,6 +2687,29 @@ 
Method Details

     { # DeidentifyTemplates contains instructions on how to de-identify content. See https://cloud.google.com/dlp/docs/concepts-templates to learn more.
       "createTime": "A String", # Output only. The creation timestamp of an inspectTemplate.
       "deidentifyConfig": { # The configuration that controls how the data will change. # The core content of the template.
+        "imageTransformations": { # A type of transformation that is applied over images. # Treat the dataset as an image and redact.
+          "transforms": [
+            { # Configuration for determining how redaction of images should occur.
+              "allInfoTypes": { # Apply transformation to all findings. # Apply transformation to all findings not specified in other ImageTransformation's selected_info_types. Only one instance is allowed within the ImageTransformations message.
+              },
+              "allText": { # Apply to all text. # Apply transformation to all text that doesn't match an infoType. Only one instance is allowed within the ImageTransformations message.
+              },
+              "redactionColor": { # Represents a color in the RGB color space. # The color to use when redacting content from an image. If not specified, the default is black.
+                "blue": 3.14, # The amount of blue in the color as a value in the interval [0, 1].
+                "green": 3.14, # The amount of green in the color as a value in the interval [0, 1].
+                "red": 3.14, # The amount of red in the color as a value in the interval [0, 1].
+              },
+              "selectedInfoTypes": { # Apply transformation to the selected info_types. # Apply transformation to the selected info_types.
+                "infoTypes": [ # Required. InfoTypes to apply the transformation to. Required. Provided InfoType must be unique within the ImageTransformations message.
+                  { # Type of information detected by the API.
+                    "name": "A String", # Name of the information type. Either a name of your choosing when creating a CustomInfoType, or one of the names listed at https://cloud.google.com/dlp/docs/infotypes-reference when specifying a built-in type. When sending Cloud DLP results to Data Catalog, infoType names should conform to the pattern `[A-Za-z0-9$-_]{1,64}`.
+                    "version": "A String", # Optional version name for this InfoType.
+                  },
+                ],
+              },
+            },
+          ],
+        },
         "infoTypeTransformations": { # A type of transformation that will scan unstructured text and apply various `PrimitiveTransformation`s to each finding, where the transformation is applied to only values that were identified as a specific info_type. # Treat the dataset as free-form text and apply the same free text transformation everywhere.
           "transformations": [ # Required. Transformation for each infoType. Cannot specify more than one for a given infoType.
             { # A transformation to apply to text that is identified as a specific info_type.
@@ -3459,6 +3551,29 @@ 
Method Details

   "deidentifyTemplate": { # DeidentifyTemplates contains instructions on how to de-identify content. See https://cloud.google.com/dlp/docs/concepts-templates to learn more. # New DeidentifyTemplate value.
     "createTime": "A String", # Output only. The creation timestamp of an inspectTemplate.
     "deidentifyConfig": { # The configuration that controls how the data will change. # The core content of the template.
+      "imageTransformations": { # A type of transformation that is applied over images. # Treat the dataset as an image and redact.
+        "transforms": [
+          { # Configuration for determining how redaction of images should occur.
+            "allInfoTypes": { # Apply transformation to all findings. # Apply transformation to all findings not specified in other ImageTransformation's selected_info_types. Only one instance is allowed within the ImageTransformations message.
+            },
+            "allText": { # Apply to all text. # Apply transformation to all text that doesn't match an infoType. Only one instance is allowed within the ImageTransformations message.
+            },
+            "redactionColor": { # Represents a color in the RGB color space. # The color to use when redacting content from an image. If not specified, the default is black.
+              "blue": 3.14, # The amount of blue in the color as a value in the interval [0, 1].
+              "green": 3.14, # The amount of green in the color as a value in the interval [0, 1].
+              "red": 3.14, # The amount of red in the color as a value in the interval [0, 1].
+            },
+            "selectedInfoTypes": { # Apply transformation to the selected info_types. # Apply transformation to the selected info_types.
+              "infoTypes": [ # Required. InfoTypes to apply the transformation to. Required. Provided InfoType must be unique within the ImageTransformations message.
+                { # Type of information detected by the API.
+                  "name": "A String", # Name of the information type. Either a name of your choosing when creating a CustomInfoType, or one of the names listed at https://cloud.google.com/dlp/docs/infotypes-reference when specifying a built-in type. When sending Cloud DLP results to Data Catalog, infoType names should conform to the pattern `[A-Za-z0-9$-_]{1,64}`.
+                  "version": "A String", # Optional version name for this InfoType.
+                },
+              ],
+            },
+          },
+        ],
+      },
       "infoTypeTransformations": { # A type of transformation that will scan unstructured text and apply various `PrimitiveTransformation`s to each finding, where the transformation is applied to only values that were identified as a specific info_type. # Treat the dataset as free-form text and apply the same free text transformation everywhere.
         "transformations": [ # Required. Transformation for each infoType. Cannot specify more than one for a given infoType.
           { # A transformation to apply to text that is identified as a specific info_type.
@@ -4282,6 +4397,29 @@ 
Method Details

     { # DeidentifyTemplates contains instructions on how to de-identify content. See https://cloud.google.com/dlp/docs/concepts-templates to learn more.
   "createTime": "A String", # Output only. The creation timestamp of an inspectTemplate.
   "deidentifyConfig": { # The configuration that controls how the data will change. # The core content of the template.
+    "imageTransformations": { # A type of transformation that is applied over images. # Treat the dataset as an image and redact.
+      "transforms": [
+        { # Configuration for determining how redaction of images should occur.
+          "allInfoTypes": { # Apply transformation to all findings. # Apply transformation to all findings not specified in other ImageTransformation's selected_info_types. Only one instance is allowed within the ImageTransformations message.
+          },
+          "allText": { # Apply to all text. # Apply transformation to all text that doesn't match an infoType. Only one instance is allowed within the ImageTransformations message.
+          },
+          "redactionColor": { # Represents a color in the RGB color space. # The color to use when redacting content from an image. If not specified, the default is black.
+            "blue": 3.14, # The amount of blue in the color as a value in the interval [0, 1].
+            "green": 3.14, # The amount of green in the color as a value in the interval [0, 1].
+            "red": 3.14, # The amount of red in the color as a value in the interval [0, 1].
+          },
+          "selectedInfoTypes": { # Apply transformation to the selected info_types. # Apply transformation to the selected info_types.
+            "infoTypes": [ # Required. InfoTypes to apply the transformation to. Required. Provided InfoType must be unique within the ImageTransformations message.
+              { # Type of information detected by the API.
+                "name": "A String", # Name of the information type. Either a name of your choosing when creating a CustomInfoType, or one of the names listed at https://cloud.google.com/dlp/docs/infotypes-reference when specifying a built-in type. When sending Cloud DLP results to Data Catalog, infoType names should conform to the pattern `[A-Za-z0-9$-_]{1,64}`.
+                "version": "A String", # Optional version name for this InfoType.
+              },
+            ],
+          },
+        },
+      ],
+    },
     "infoTypeTransformations": { # A type of transformation that will scan unstructured text and apply various `PrimitiveTransformation`s to each finding, where the transformation is applied to only values that were identified as a specific info_type. # Treat the dataset as free-form text and apply the same free text transformation everywhere.
       "transformations": [ # Required. Transformation for each infoType. Cannot specify more than one for a given infoType.
         { # A transformation to apply to text that is identified as a specific info_type.
diff --git a/docs/dyn/dlp_v2.organizations.locations.deidentifyTemplates.html b/docs/dyn/dlp_v2.organizations.locations.deidentifyTemplates.html
index 904f0a85cc5..4f38003cfd7 100644
--- a/docs/dyn/dlp_v2.organizations.locations.deidentifyTemplates.html
+++ b/docs/dyn/dlp_v2.organizations.locations.deidentifyTemplates.html
@@ -114,6 +114,29 @@ 
Method Details

   "deidentifyTemplate": { # DeidentifyTemplates contains instructions on how to de-identify content. See https://cloud.google.com/dlp/docs/concepts-templates to learn more. # Required. The DeidentifyTemplate to create.
     "createTime": "A String", # Output only. The creation timestamp of an inspectTemplate.
     "deidentifyConfig": { # The configuration that controls how the data will change. # The core content of the template.
+      "imageTransformations": { # A type of transformation that is applied over images. # Treat the dataset as an image and redact.
+        "transforms": [
+          { # Configuration for determining how redaction of images should occur.
+            "allInfoTypes": { # Apply transformation to all findings. # Apply transformation to all findings not specified in other ImageTransformation's selected_info_types. Only one instance is allowed within the ImageTransformations message.
+            },
+            "allText": { # Apply to all text. # Apply transformation to all text that doesn't match an infoType. Only one instance is allowed within the ImageTransformations message.
+            },
+            "redactionColor": { # Represents a color in the RGB color space. # The color to use when redacting content from an image. If not specified, the default is black.
+              "blue": 3.14, # The amount of blue in the color as a value in the interval [0, 1].
+              "green": 3.14, # The amount of green in the color as a value in the interval [0, 1].
+              "red": 3.14, # The amount of red in the color as a value in the interval [0, 1].
+            },
+            "selectedInfoTypes": { # Apply transformation to the selected info_types. # Apply transformation to the selected info_types.
+              "infoTypes": [ # Required. InfoTypes to apply the transformation to. Required. Provided InfoType must be unique within the ImageTransformations message.
+                { # Type of information detected by the API.
+                  "name": "A String", # Name of the information type. Either a name of your choosing when creating a CustomInfoType, or one of the names listed at https://cloud.google.com/dlp/docs/infotypes-reference when specifying a built-in type. When sending Cloud DLP results to Data Catalog, infoType names should conform to the pattern `[A-Za-z0-9$-_]{1,64}`.
+                  "version": "A String", # Optional version name for this InfoType.
+                },
+              ],
+            },
+          },
+        ],
+      },
       "infoTypeTransformations": { # A type of transformation that will scan unstructured text and apply various `PrimitiveTransformation`s to each finding, where the transformation is applied to only values that were identified as a specific info_type. # Treat the dataset as free-form text and apply the same free text transformation everywhere.
         "transformations": [ # Required. Transformation for each infoType. Cannot specify more than one for a given infoType.
           { # A transformation to apply to text that is identified as a specific info_type.
@@ -938,6 +961,29 @@ 
Method Details

     { # DeidentifyTemplates contains instructions on how to de-identify content. See https://cloud.google.com/dlp/docs/concepts-templates to learn more.
   "createTime": "A String", # Output only. The creation timestamp of an inspectTemplate.
   "deidentifyConfig": { # The configuration that controls how the data will change. # The core content of the template.
+    "imageTransformations": { # A type of transformation that is applied over images. # Treat the dataset as an image and redact.
+      "transforms": [
+        { # Configuration for determining how redaction of images should occur.
+          "allInfoTypes": { # Apply transformation to all findings. # Apply transformation to all findings not specified in other ImageTransformation's selected_info_types. Only one instance is allowed within the ImageTransformations message.
+          },
+          "allText": { # Apply to all text. # Apply transformation to all text that doesn't match an infoType. Only one instance is allowed within the ImageTransformations message.
+          },
+          "redactionColor": { # Represents a color in the RGB color space. # The color to use when redacting content from an image. If not specified, the default is black.
+            "blue": 3.14, # The amount of blue in the color as a value in the interval [0, 1].
+            "green": 3.14, # The amount of green in the color as a value in the interval [0, 1].
+            "red": 3.14, # The amount of red in the color as a value in the interval [0, 1].
+          },
+          "selectedInfoTypes": { # Apply transformation to the selected info_types. # Apply transformation to the selected info_types.
+            "infoTypes": [ # Required. InfoTypes to apply the transformation to. Required. Provided InfoType must be unique within the ImageTransformations message.
+              { # Type of information detected by the API.
+                "name": "A String", # Name of the information type. Either a name of your choosing when creating a CustomInfoType, or one of the names listed at https://cloud.google.com/dlp/docs/infotypes-reference when specifying a built-in type. When sending Cloud DLP results to Data Catalog, infoType names should conform to the pattern `[A-Za-z0-9$-_]{1,64}`.
+                "version": "A String", # Optional version name for this InfoType.
+              },
+            ],
+          },
+        },
+      ],
+    },
     "infoTypeTransformations": { # A type of transformation that will scan unstructured text and apply various `PrimitiveTransformation`s to each finding, where the transformation is applied to only values that were identified as a specific info_type. # Treat the dataset as free-form text and apply the same free text transformation everywhere.
       "transformations": [ # Required. Transformation for each infoType. Cannot specify more than one for a given infoType.
         { # A transformation to apply to text that is identified as a specific info_type.
@@ -1784,6 +1830,29 @@ 
Method Details

     { # DeidentifyTemplates contains instructions on how to de-identify content. See https://cloud.google.com/dlp/docs/concepts-templates to learn more.
   "createTime": "A String", # Output only. The creation timestamp of an inspectTemplate.
   "deidentifyConfig": { # The configuration that controls how the data will change. # The core content of the template.
+    "imageTransformations": { # A type of transformation that is applied over images. # Treat the dataset as an image and redact.
+      "transforms": [
+        { # Configuration for determining how redaction of images should occur.
+          "allInfoTypes": { # Apply transformation to all findings. # Apply transformation to all findings not specified in other ImageTransformation's selected_info_types. Only one instance is allowed within the ImageTransformations message.
+          },
+          "allText": { # Apply to all text. # Apply transformation to all text that doesn't match an infoType. Only one instance is allowed within the ImageTransformations message.
+          },
+          "redactionColor": { # Represents a color in the RGB color space. # The color to use when redacting content from an image. If not specified, the default is black.
+            "blue": 3.14, # The amount of blue in the color as a value in the interval [0, 1].
+            "green": 3.14, # The amount of green in the color as a value in the interval [0, 1].
+            "red": 3.14, # The amount of red in the color as a value in the interval [0, 1].
+          },
+          "selectedInfoTypes": { # Apply transformation to the selected info_types. # Apply transformation to the selected info_types.
+            "infoTypes": [ # Required. InfoTypes to apply the transformation to. Required. Provided InfoType must be unique within the ImageTransformations message.
+              { # Type of information detected by the API.
+                "name": "A String", # Name of the information type. Either a name of your choosing when creating a CustomInfoType, or one of the names listed at https://cloud.google.com/dlp/docs/infotypes-reference when specifying a built-in type. When sending Cloud DLP results to Data Catalog, infoType names should conform to the pattern `[A-Za-z0-9$-_]{1,64}`.
+                "version": "A String", # Optional version name for this InfoType.
+              },
+            ],
+          },
+        },
+      ],
+    },
     "infoTypeTransformations": { # A type of transformation that will scan unstructured text and apply various `PrimitiveTransformation`s to each finding, where the transformation is applied to only values that were identified as a specific info_type. # Treat the dataset as free-form text and apply the same free text transformation everywhere.
       "transformations": [ # Required. Transformation for each infoType. Cannot specify more than one for a given infoType.
         { # A transformation to apply to text that is identified as a specific info_type.
@@ -2618,6 +2687,29 @@ 
Method Details

     { # DeidentifyTemplates contains instructions on how to de-identify content. See https://cloud.google.com/dlp/docs/concepts-templates to learn more.
       "createTime": "A String", # Output only. The creation timestamp of an inspectTemplate.
       "deidentifyConfig": { # The configuration that controls how the data will change. # The core content of the template.
+        "imageTransformations": { # A type of transformation that is applied over images. # Treat the dataset as an image and redact.
+          "transforms": [
+            { # Configuration for determining how redaction of images should occur.
+              "allInfoTypes": { # Apply transformation to all findings. # Apply transformation to all findings not specified in other ImageTransformation's selected_info_types. Only one instance is allowed within the ImageTransformations message.
+              },
+              "allText": { # Apply to all text. # Apply transformation to all text that doesn't match an infoType. Only one instance is allowed within the ImageTransformations message.
+              },
+              "redactionColor": { # Represents a color in the RGB color space. # The color to use when redacting content from an image. If not specified, the default is black.
+                "blue": 3.14, # The amount of blue in the color as a value in the interval [0, 1].
+                "green": 3.14, # The amount of green in the color as a value in the interval [0, 1].
+                "red": 3.14, # The amount of red in the color as a value in the interval [0, 1].
+              },
+              "selectedInfoTypes": { # Apply transformation to the selected info_types. # Apply transformation to the selected info_types.
+                "infoTypes": [ # Required. InfoTypes to apply the transformation to. Required. Provided InfoType must be unique within the ImageTransformations message.
+                  { # Type of information detected by the API.
+                    "name": "A String", # Name of the information type. Either a name of your choosing when creating a CustomInfoType, or one of the names listed at https://cloud.google.com/dlp/docs/infotypes-reference when specifying a built-in type. When sending Cloud DLP results to Data Catalog, infoType names should conform to the pattern `[A-Za-z0-9$-_]{1,64}`.
+                    "version": "A String", # Optional version name for this InfoType.
+                  },
+                ],
+              },
+            },
+          ],
+        },
         "infoTypeTransformations": { # A type of transformation that will scan unstructured text and apply various `PrimitiveTransformation`s to each finding, where the transformation is applied to only values that were identified as a specific info_type. # Treat the dataset as free-form text and apply the same free text transformation everywhere.
           "transformations": [ # Required. Transformation for each infoType. Cannot specify more than one for a given infoType.
             { # A transformation to apply to text that is identified as a specific info_type.
@@ -3459,6 +3551,29 @@ 
Method Details

   "deidentifyTemplate": { # DeidentifyTemplates contains instructions on how to de-identify content. See https://cloud.google.com/dlp/docs/concepts-templates to learn more. # New DeidentifyTemplate value.
     "createTime": "A String", # Output only. The creation timestamp of an inspectTemplate.
     "deidentifyConfig": { # The configuration that controls how the data will change. # The core content of the template.
+      "imageTransformations": { # A type of transformation that is applied over images. # Treat the dataset as an image and redact.
+        "transforms": [
+          { # Configuration for determining how redaction of images should occur.
+            "allInfoTypes": { # Apply transformation to all findings. # Apply transformation to all findings not specified in other ImageTransformation's selected_info_types. Only one instance is allowed within the ImageTransformations message.
+            },
+            "allText": { # Apply to all text. # Apply transformation to all text that doesn't match an infoType. Only one instance is allowed within the ImageTransformations message.
+            },
+            "redactionColor": { # Represents a color in the RGB color space. # The color to use when redacting content from an image. If not specified, the default is black.
+              "blue": 3.14, # The amount of blue in the color as a value in the interval [0, 1].
+              "green": 3.14, # The amount of green in the color as a value in the interval [0, 1].
+              "red": 3.14, # The amount of red in the color as a value in the interval [0, 1].
+            },
+            "selectedInfoTypes": { # Apply transformation to the selected info_types. # Apply transformation to the selected info_types.
+              "infoTypes": [ # Required. InfoTypes to apply the transformation to. Required. Provided InfoType must be unique within the ImageTransformations message.
+                { # Type of information detected by the API.
+                  "name": "A String", # Name of the information type. Either a name of your choosing when creating a CustomInfoType, or one of the names listed at https://cloud.google.com/dlp/docs/infotypes-reference when specifying a built-in type. When sending Cloud DLP results to Data Catalog, infoType names should conform to the pattern `[A-Za-z0-9$-_]{1,64}`.
+                  "version": "A String", # Optional version name for this InfoType.
+                },
+              ],
+            },
+          },
+        ],
+      },
       "infoTypeTransformations": { # A type of transformation that will scan unstructured text and apply various `PrimitiveTransformation`s to each finding, where the transformation is applied to only values that were identified as a specific info_type. # Treat the dataset as free-form text and apply the same free text transformation everywhere.
         "transformations": [ # Required. Transformation for each infoType. Cannot specify more than one for a given infoType.
           { # A transformation to apply to text that is identified as a specific info_type.
@@ -4282,6 +4397,29 @@ 
Method Details

     { # DeidentifyTemplates contains instructions on how to de-identify content. See https://cloud.google.com/dlp/docs/concepts-templates to learn more.
   "createTime": "A String", # Output only. The creation timestamp of an inspectTemplate.
   "deidentifyConfig": { # The configuration that controls how the data will change. # The core content of the template.
+    "imageTransformations": { # A type of transformation that is applied over images. # Treat the dataset as an image and redact.
+      "transforms": [
+        { # Configuration for determining how redaction of images should occur.
+          "allInfoTypes": { # Apply transformation to all findings. # Apply transformation to all findings not specified in other ImageTransformation's selected_info_types. Only one instance is allowed within the ImageTransformations message.
+          },
+          "allText": { # Apply to all text. # Apply transformation to all text that doesn't match an infoType. Only one instance is allowed within the ImageTransformations message.
+          },
+          "redactionColor": { # Represents a color in the RGB color space. # The color to use when redacting content from an image. If not specified, the default is black.
+            "blue": 3.14, # The amount of blue in the color as a value in the interval [0, 1].
+            "green": 3.14, # The amount of green in the color as a value in the interval [0, 1].
+            "red": 3.14, # The amount of red in the color as a value in the interval [0, 1].
+          },
+          "selectedInfoTypes": { # Apply transformation to the selected info_types. # Apply transformation to the selected info_types.
+            "infoTypes": [ # Required. InfoTypes to apply the transformation to. Required. Provided InfoType must be unique within the ImageTransformations message.
+              { # Type of information detected by the API.
+                "name": "A String", # Name of the information type. Either a name of your choosing when creating a CustomInfoType, or one of the names listed at https://cloud.google.com/dlp/docs/infotypes-reference when specifying a built-in type. When sending Cloud DLP results to Data Catalog, infoType names should conform to the pattern `[A-Za-z0-9$-_]{1,64}`.
+                "version": "A String", # Optional version name for this InfoType.
+              },
+            ],
+          },
+        },
+      ],
+    },
     "infoTypeTransformations": { # A type of transformation that will scan unstructured text and apply various `PrimitiveTransformation`s to each finding, where the transformation is applied to only values that were identified as a specific info_type. # Treat the dataset as free-form text and apply the same free text transformation everywhere.
       "transformations": [ # Required. Transformation for each infoType. Cannot specify more than one for a given infoType.
         { # A transformation to apply to text that is identified as a specific info_type.
diff --git a/docs/dyn/dlp_v2.organizations.locations.dlpJobs.html b/docs/dyn/dlp_v2.organizations.locations.dlpJobs.html
index a13f86587f1..2e229b865df 100644
--- a/docs/dyn/dlp_v2.organizations.locations.dlpJobs.html
+++ b/docs/dyn/dlp_v2.organizations.locations.dlpJobs.html
@@ -139,8 +139,8 @@ 
Method Details

           "jobConfig": { # Controls what and how to inspect for findings. # Inspect config.
             "actions": [ # Actions to execute at the completion of the job.
               { # A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
-                "deidentify": { # Create a de-identified copy of the requested table or files. . A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data. Applicable for non-image data only. The de-identified copy is in the same location as the original data.
-                  "cloudStorageOutput": "A String", # Required. User settable GCS bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output GCS bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
+                "deidentify": { # Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data.
+                  "cloudStorageOutput": "A String", # Required. User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
                   "fileTypesToTransform": [ # List of user-specified file type groups to transform. If specified, only the files with these filetypes will be transformed. If empty, all supported files will be transformed. Supported types may be automatically added over time. If a file type is set in this field that isn't supported by the Deidentify action then the job will fail and will not be successfully created/started. Currently the only filetypes supported are: IMAGES, TEXT_FILES, CSV, TSV.
                     "A String",
                   ],
@@ -157,7 +157,7 @@ 
Method Details

                     },
                   },
                 },
-                "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's completion/failure. # Enable email notification for project owners and editors on job's completion/failure.
+                "jobNotificationEmails": { # Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). # Enable email notification for project owners and editors on job's completion/failure.
                 },
                 "pubSub": { # Publish a message into a given Pub/Sub topic when DlpJob has completed. The message contains a single field, `DlpJobName`, which is equal to the finished job's [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). Compatible with: Inspect, Risk # Publish a notification to a pubsub topic.
                   "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}.
@@ -833,8 +833,8 @@ 
Method Details

           "jobConfig": { # Configuration for a risk analysis job. See https://cloud.google.com/dlp/docs/concepts-risk-analysis to learn more. # The job config for the risk job.
             "actions": [ # Actions to execute at the completion of the job. Are executed in the order provided.
               { # A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
-                "deidentify": { # Create a de-identified copy of the requested table or files. . A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data. Applicable for non-image data only. The de-identified copy is in the same location as the original data.
-                  "cloudStorageOutput": "A String", # Required. User settable GCS bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output GCS bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
+                "deidentify": { # Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data.
+                  "cloudStorageOutput": "A String", # Required. User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
                   "fileTypesToTransform": [ # List of user-specified file type groups to transform. If specified, only the files with these filetypes will be transformed. If empty, all supported files will be transformed. Supported types may be automatically added over time. If a file type is set in this field that isn't supported by the Deidentify action then the job will fail and will not be successfully created/started. Currently the only filetypes supported are: IMAGES, TEXT_FILES, CSV, TSV.
                     "A String",
                   ],
@@ -851,7 +851,7 @@ 
Method Details

                     },
                   },
                 },
-                "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's completion/failure. # Enable email notification for project owners and editors on job's completion/failure.
+                "jobNotificationEmails": { # Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). # Enable email notification for project owners and editors on job's completion/failure.
                 },
                 "pubSub": { # Publish a message into a given Pub/Sub topic when DlpJob has completed. The message contains a single field, `DlpJobName`, which is equal to the finished job's [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). Compatible with: Inspect, Risk # Publish a notification to a pubsub topic.
                   "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}.
diff --git a/docs/dyn/dlp_v2.organizations.locations.jobTriggers.html b/docs/dyn/dlp_v2.organizations.locations.jobTriggers.html
index 5c7aaa3b59d..e0dc3fb626f 100644
--- a/docs/dyn/dlp_v2.organizations.locations.jobTriggers.html
+++ b/docs/dyn/dlp_v2.organizations.locations.jobTriggers.html
@@ -134,8 +134,8 @@ 
Method Details

     "inspectJob": { # Controls what and how to inspect for findings. # For inspect jobs, a snapshot of the configuration.
       "actions": [ # Actions to execute at the completion of the job.
         { # A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
-          "deidentify": { # Create a de-identified copy of the requested table or files. . A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data. Applicable for non-image data only. The de-identified copy is in the same location as the original data.
-            "cloudStorageOutput": "A String", # Required. User settable GCS bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output GCS bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
+          "deidentify": { # Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data.
+            "cloudStorageOutput": "A String", # Required. User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
             "fileTypesToTransform": [ # List of user-specified file type groups to transform. If specified, only the files with these filetypes will be transformed. If empty, all supported files will be transformed. Supported types may be automatically added over time. If a file type is set in this field that isn't supported by the Deidentify action then the job will fail and will not be successfully created/started. Currently the only filetypes supported are: IMAGES, TEXT_FILES, CSV, TSV.
               "A String",
             ],
@@ -152,7 +152,7 @@ 
Method Details

               },
             },
           },
-          "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's completion/failure. # Enable email notification for project owners and editors on job's completion/failure.
+          "jobNotificationEmails": { # Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). # Enable email notification for project owners and editors on job's completion/failure.
           },
           "pubSub": { # Publish a message into a given Pub/Sub topic when DlpJob has completed. The message contains a single field, `DlpJobName`, which is equal to the finished job's [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). Compatible with: Inspect, Risk # Publish a notification to a pubsub topic.
             "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}.
@@ -443,8 +443,8 @@ 
Method Details

   "inspectJob": { # Controls what and how to inspect for findings. # For inspect jobs, a snapshot of the configuration.
     "actions": [ # Actions to execute at the completion of the job.
       { # A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
-        "deidentify": { # Create a de-identified copy of the requested table or files. . A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data. Applicable for non-image data only. The de-identified copy is in the same location as the original data.
-          "cloudStorageOutput": "A String", # Required. User settable GCS bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output GCS bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
+        "deidentify": { # Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data.
+          "cloudStorageOutput": "A String", # Required. User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
           "fileTypesToTransform": [ # List of user-specified file type groups to transform. If specified, only the files with these filetypes will be transformed. If empty, all supported files will be transformed. Supported types may be automatically added over time. If a file type is set in this field that isn't supported by the Deidentify action then the job will fail and will not be successfully created/started. Currently the only filetypes supported are: IMAGES, TEXT_FILES, CSV, TSV.
             "A String",
           ],
@@ -461,7 +461,7 @@ 
Method Details

             },
           },
         },
-        "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's completion/failure. # Enable email notification for project owners and editors on job's completion/failure.
+        "jobNotificationEmails": { # Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). # Enable email notification for project owners and editors on job's completion/failure.
         },
         "pubSub": { # Publish a message into a given Pub/Sub topic when DlpJob has completed. The message contains a single field, `DlpJobName`, which is equal to the finished job's [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). Compatible with: Inspect, Risk # Publish a notification to a pubsub topic.
           "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}.
@@ -774,8 +774,8 @@ 
Method Details

   "inspectJob": { # Controls what and how to inspect for findings. # For inspect jobs, a snapshot of the configuration.
     "actions": [ # Actions to execute at the completion of the job.
       { # A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
-        "deidentify": { # Create a de-identified copy of the requested table or files. . A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data. Applicable for non-image data only. The de-identified copy is in the same location as the original data.
-          "cloudStorageOutput": "A String", # Required. User settable GCS bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output GCS bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
+        "deidentify": { # Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data.
+          "cloudStorageOutput": "A String", # Required. User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
           "fileTypesToTransform": [ # List of user-specified file type groups to transform. If specified, only the files with these filetypes will be transformed. If empty, all supported files will be transformed. Supported types may be automatically added over time. If a file type is set in this field that isn't supported by the Deidentify action then the job will fail and will not be successfully created/started. Currently the only filetypes supported are: IMAGES, TEXT_FILES, CSV, TSV.
             "A String",
           ],
@@ -792,7 +792,7 @@ 
Method Details

             },
           },
         },
-        "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's completion/failure. # Enable email notification for project owners and editors on job's completion/failure.
+        "jobNotificationEmails": { # Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). # Enable email notification for project owners and editors on job's completion/failure.
         },
         "pubSub": { # Publish a message into a given Pub/Sub topic when DlpJob has completed. The message contains a single field, `DlpJobName`, which is equal to the finished job's [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). Compatible with: Inspect, Risk # Publish a notification to a pubsub topic.
           "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}.
@@ -1099,8 +1099,8 @@ 
Method Details

       "inspectJob": { # Controls what and how to inspect for findings. # For inspect jobs, a snapshot of the configuration.
         "actions": [ # Actions to execute at the completion of the job.
           { # A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
-            "deidentify": { # Create a de-identified copy of the requested table or files. . A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data. Applicable for non-image data only. The de-identified copy is in the same location as the original data.
-              "cloudStorageOutput": "A String", # Required. User settable GCS bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output GCS bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
+            "deidentify": { # Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data.
+              "cloudStorageOutput": "A String", # Required. User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
               "fileTypesToTransform": [ # List of user-specified file type groups to transform. If specified, only the files with these filetypes will be transformed. If empty, all supported files will be transformed. Supported types may be automatically added over time. If a file type is set in this field that isn't supported by the Deidentify action then the job will fail and will not be successfully created/started. Currently the only filetypes supported are: IMAGES, TEXT_FILES, CSV, TSV.
                 "A String",
               ],
@@ -1117,7 +1117,7 @@ 
Method Details

                 },
               },
             },
-            "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's completion/failure. # Enable email notification for project owners and editors on job's completion/failure.
+            "jobNotificationEmails": { # Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). # Enable email notification for project owners and editors on job's completion/failure.
             },
             "pubSub": { # Publish a message into a given Pub/Sub topic when DlpJob has completed. The message contains a single field, `DlpJobName`, which is equal to the finished job's [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). Compatible with: Inspect, Risk # Publish a notification to a pubsub topic.
               "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}.
@@ -1425,8 +1425,8 @@ 
Method Details

     "inspectJob": { # Controls what and how to inspect for findings. # For inspect jobs, a snapshot of the configuration.
       "actions": [ # Actions to execute at the completion of the job.
         { # A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
-          "deidentify": { # Create a de-identified copy of the requested table or files. . A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data. Applicable for non-image data only. The de-identified copy is in the same location as the original data.
-            "cloudStorageOutput": "A String", # Required. User settable GCS bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output GCS bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
+          "deidentify": { # Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data.
+            "cloudStorageOutput": "A String", # Required. User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
             "fileTypesToTransform": [ # List of user-specified file type groups to transform. If specified, only the files with these filetypes will be transformed. If empty, all supported files will be transformed. Supported types may be automatically added over time. If a file type is set in this field that isn't supported by the Deidentify action then the job will fail and will not be successfully created/started. Currently the only filetypes supported are: IMAGES, TEXT_FILES, CSV, TSV.
               "A String",
             ],
@@ -1443,7 +1443,7 @@ 
Method Details

               },
             },
           },
-          "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's completion/failure. # Enable email notification for project owners and editors on job's completion/failure.
+          "jobNotificationEmails": { # Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). # Enable email notification for project owners and editors on job's completion/failure.
           },
           "pubSub": { # Publish a message into a given Pub/Sub topic when DlpJob has completed. The message contains a single field, `DlpJobName`, which is equal to the finished job's [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). Compatible with: Inspect, Risk # Publish a notification to a pubsub topic.
             "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}.
@@ -1733,8 +1733,8 @@ 
Method Details

   "inspectJob": { # Controls what and how to inspect for findings. # For inspect jobs, a snapshot of the configuration.
     "actions": [ # Actions to execute at the completion of the job.
       { # A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
-        "deidentify": { # Create a de-identified copy of the requested table or files. . A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data. Applicable for non-image data only. The de-identified copy is in the same location as the original data.
-          "cloudStorageOutput": "A String", # Required. User settable GCS bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output GCS bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
+        "deidentify": { # Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data.
+          "cloudStorageOutput": "A String", # Required. User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
           "fileTypesToTransform": [ # List of user-specified file type groups to transform. If specified, only the files with these filetypes will be transformed. If empty, all supported files will be transformed. Supported types may be automatically added over time. If a file type is set in this field that isn't supported by the Deidentify action then the job will fail and will not be successfully created/started. Currently the only filetypes supported are: IMAGES, TEXT_FILES, CSV, TSV.
             "A String",
           ],
@@ -1751,7 +1751,7 @@ 
Method Details

             },
           },
         },
-        "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's completion/failure. # Enable email notification for project owners and editors on job's completion/failure.
+        "jobNotificationEmails": { # Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). # Enable email notification for project owners and editors on job's completion/failure.
         },
         "pubSub": { # Publish a message into a given Pub/Sub topic when DlpJob has completed. The message contains a single field, `DlpJobName`, which is equal to the finished job's [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). Compatible with: Inspect, Risk # Publish a notification to a pubsub topic.
           "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}.
diff --git a/docs/dyn/dlp_v2.organizations.locations.storedInfoTypes.html b/docs/dyn/dlp_v2.organizations.locations.storedInfoTypes.html
index 2607de490e0..fac0e6c4824 100644
--- a/docs/dyn/dlp_v2.organizations.locations.storedInfoTypes.html
+++ b/docs/dyn/dlp_v2.organizations.locations.storedInfoTypes.html
@@ -464,7 +464,7 @@ 
Method Details

   
Lists stored infoTypes. See https://cloud.google.com/dlp/docs/creating-stored-infotypes to learn more.
 
 Args:
-  parent: string, Required. Parent resource name. The format of this value varies depending on the scope of the request (project or organization) and whether you have [specified a processing location](https://cloud.google.com/dlp/docs/specifying-location): + Projects scope, location specified: `projects/`PROJECT_ID`/locations/`LOCATION_ID + Projects scope, no location specified (defaults to global): `projects/`PROJECT_ID + Organizations scope, location specified: `organizations/`ORG_ID`/locations/`LOCATION_ID + Organizations scope, no location specified (defaults to global): `organizations/`ORG_ID The following example `parent` string specifies a parent project with the identifier `example-project`, and specifies the `europe-west3` location for processing data: parent=projects/example-project/locations/europe-west3 (required)
+  parent: string, Required. Parent resource name. The format of this value varies depending on the scope of the request (project or organization) and whether you have [specified a processing location](https://cloud.google.com/dlp/docs/specifying-location): + Projects scope, location specified: `projects/`PROJECT_ID`/locations/`LOCATION_ID + Projects scope, no location specified (defaults to global): `projects/`PROJECT_ID The following example `parent` string specifies a parent project with the identifier `example-project`, and specifies the `europe-west3` location for processing data: parent=projects/example-project/locations/europe-west3 (required)
   locationId: string, Deprecated. This field has no effect.
   orderBy: string, Comma separated list of fields to order by, followed by `asc` or `desc` postfix. This list is case-insensitive, default sorting order is ascending, redundant space characters are insignificant. Example: `name asc, display_name, create_time desc` Supported fields are: - `create_time`: corresponds to the time the most recent version of the resource was created. - `state`: corresponds to the state of the resource. - `name`: corresponds to resource name. - `display_name`: corresponds to info type's display name.
   pageSize: integer, Size of the page, can be limited by the server. If zero server returns a page of max size 100.
diff --git a/docs/dyn/dlp_v2.organizations.storedInfoTypes.html b/docs/dyn/dlp_v2.organizations.storedInfoTypes.html
index ce667bb2079..b3d30731395 100644
--- a/docs/dyn/dlp_v2.organizations.storedInfoTypes.html
+++ b/docs/dyn/dlp_v2.organizations.storedInfoTypes.html
@@ -464,7 +464,7 @@ 
Method Details

   
Lists stored infoTypes. See https://cloud.google.com/dlp/docs/creating-stored-infotypes to learn more.
 
 Args:
-  parent: string, Required. Parent resource name. The format of this value varies depending on the scope of the request (project or organization) and whether you have [specified a processing location](https://cloud.google.com/dlp/docs/specifying-location): + Projects scope, location specified: `projects/`PROJECT_ID`/locations/`LOCATION_ID + Projects scope, no location specified (defaults to global): `projects/`PROJECT_ID + Organizations scope, location specified: `organizations/`ORG_ID`/locations/`LOCATION_ID + Organizations scope, no location specified (defaults to global): `organizations/`ORG_ID The following example `parent` string specifies a parent project with the identifier `example-project`, and specifies the `europe-west3` location for processing data: parent=projects/example-project/locations/europe-west3 (required)
+  parent: string, Required. Parent resource name. The format of this value varies depending on the scope of the request (project or organization) and whether you have [specified a processing location](https://cloud.google.com/dlp/docs/specifying-location): + Projects scope, location specified: `projects/`PROJECT_ID`/locations/`LOCATION_ID + Projects scope, no location specified (defaults to global): `projects/`PROJECT_ID The following example `parent` string specifies a parent project with the identifier `example-project`, and specifies the `europe-west3` location for processing data: parent=projects/example-project/locations/europe-west3 (required)
   locationId: string, Deprecated. This field has no effect.
   orderBy: string, Comma separated list of fields to order by, followed by `asc` or `desc` postfix. This list is case-insensitive, default sorting order is ascending, redundant space characters are insignificant. Example: `name asc, display_name, create_time desc` Supported fields are: - `create_time`: corresponds to the time the most recent version of the resource was created. - `state`: corresponds to the state of the resource. - `name`: corresponds to resource name. - `display_name`: corresponds to info type's display name.
   pageSize: integer, Size of the page, can be limited by the server. If zero server returns a page of max size 100.
diff --git a/docs/dyn/dlp_v2.projects.content.html b/docs/dyn/dlp_v2.projects.content.html
index 85f0b01c97f..b6ba276b9ca 100644
--- a/docs/dyn/dlp_v2.projects.content.html
+++ b/docs/dyn/dlp_v2.projects.content.html
@@ -103,6 +103,29 @@ 
Method Details

 
 { # Request to de-identify a ContentItem.
   "deidentifyConfig": { # The configuration that controls how the data will change. # Configuration for the de-identification of the content item. Items specified here will override the template referenced by the deidentify_template_name argument.
+    "imageTransformations": { # A type of transformation that is applied over images. # Treat the dataset as an image and redact.
+      "transforms": [
+        { # Configuration for determining how redaction of images should occur.
+          "allInfoTypes": { # Apply transformation to all findings. # Apply transformation to all findings not specified in other ImageTransformation's selected_info_types. Only one instance is allowed within the ImageTransformations message.
+          },
+          "allText": { # Apply to all text. # Apply transformation to all text that doesn't match an infoType. Only one instance is allowed within the ImageTransformations message.
+          },
+          "redactionColor": { # Represents a color in the RGB color space. # The color to use when redacting content from an image. If not specified, the default is black.
+            "blue": 3.14, # The amount of blue in the color as a value in the interval [0, 1].
+            "green": 3.14, # The amount of green in the color as a value in the interval [0, 1].
+            "red": 3.14, # The amount of red in the color as a value in the interval [0, 1].
+          },
+          "selectedInfoTypes": { # Apply transformation to the selected info_types. # Apply transformation to the selected info_types.
+            "infoTypes": [ # Required. InfoTypes to apply the transformation to. Required. Provided InfoType must be unique within the ImageTransformations message.
+              { # Type of information detected by the API.
+                "name": "A String", # Name of the information type. Either a name of your choosing when creating a CustomInfoType, or one of the names listed at https://cloud.google.com/dlp/docs/infotypes-reference when specifying a built-in type. When sending Cloud DLP results to Data Catalog, infoType names should conform to the pattern `[A-Za-z0-9$-_]{1,64}`.
+                "version": "A String", # Optional version name for this InfoType.
+              },
+            ],
+          },
+        },
+      ],
+    },
     "infoTypeTransformations": { # A type of transformation that will scan unstructured text and apply various `PrimitiveTransformation`s to each finding, where the transformation is applied to only values that were identified as a specific info_type. # Treat the dataset as free-form text and apply the same free text transformation everywhere.
       "transformations": [ # Required. Transformation for each infoType. Cannot specify more than one for a given infoType.
         { # A transformation to apply to text that is identified as a specific info_type.
@@ -2453,6 +2476,29 @@ 
Method Details

   },
   "locationId": "A String", # Deprecated. This field has no effect.
   "reidentifyConfig": { # The configuration that controls how the data will change. # Configuration for the re-identification of the content item. This field shares the same proto message type that is used for de-identification, however its usage here is for the reversal of the previous de-identification. Re-identification is performed by examining the transformations used to de-identify the items and executing the reverse. This requires that only reversible transformations be provided here. The reversible transformations are: - `CryptoDeterministicConfig` - `CryptoReplaceFfxFpeConfig`
+    "imageTransformations": { # A type of transformation that is applied over images. # Treat the dataset as an image and redact.
+      "transforms": [
+        { # Configuration for determining how redaction of images should occur.
+          "allInfoTypes": { # Apply transformation to all findings. # Apply transformation to all findings not specified in other ImageTransformation's selected_info_types. Only one instance is allowed within the ImageTransformations message.
+          },
+          "allText": { # Apply to all text. # Apply transformation to all text that doesn't match an infoType. Only one instance is allowed within the ImageTransformations message.
+          },
+          "redactionColor": { # Represents a color in the RGB color space. # The color to use when redacting content from an image. If not specified, the default is black.
+            "blue": 3.14, # The amount of blue in the color as a value in the interval [0, 1].
+            "green": 3.14, # The amount of green in the color as a value in the interval [0, 1].
+            "red": 3.14, # The amount of red in the color as a value in the interval [0, 1].
+          },
+          "selectedInfoTypes": { # Apply transformation to the selected info_types. # Apply transformation to the selected info_types.
+            "infoTypes": [ # Required. InfoTypes to apply the transformation to. Required. Provided InfoType must be unique within the ImageTransformations message.
+              { # Type of information detected by the API.
+                "name": "A String", # Name of the information type. Either a name of your choosing when creating a CustomInfoType, or one of the names listed at https://cloud.google.com/dlp/docs/infotypes-reference when specifying a built-in type. When sending Cloud DLP results to Data Catalog, infoType names should conform to the pattern `[A-Za-z0-9$-_]{1,64}`.
+                "version": "A String", # Optional version name for this InfoType.
+              },
+            ],
+          },
+        },
+      ],
+    },
     "infoTypeTransformations": { # A type of transformation that will scan unstructured text and apply various `PrimitiveTransformation`s to each finding, where the transformation is applied to only values that were identified as a specific info_type. # Treat the dataset as free-form text and apply the same free text transformation everywhere.
       "transformations": [ # Required. Transformation for each infoType. Cannot specify more than one for a given infoType.
         { # A transformation to apply to text that is identified as a specific info_type.
diff --git a/docs/dyn/dlp_v2.projects.deidentifyTemplates.html b/docs/dyn/dlp_v2.projects.deidentifyTemplates.html
index bd716549265..c509b40abbc 100644
--- a/docs/dyn/dlp_v2.projects.deidentifyTemplates.html
+++ b/docs/dyn/dlp_v2.projects.deidentifyTemplates.html
@@ -114,6 +114,29 @@ 
Method Details

   "deidentifyTemplate": { # DeidentifyTemplates contains instructions on how to de-identify content. See https://cloud.google.com/dlp/docs/concepts-templates to learn more. # Required. The DeidentifyTemplate to create.
     "createTime": "A String", # Output only. The creation timestamp of an inspectTemplate.
     "deidentifyConfig": { # The configuration that controls how the data will change. # The core content of the template.
+      "imageTransformations": { # A type of transformation that is applied over images. # Treat the dataset as an image and redact.
+        "transforms": [
+          { # Configuration for determining how redaction of images should occur.
+            "allInfoTypes": { # Apply transformation to all findings. # Apply transformation to all findings not specified in other ImageTransformation's selected_info_types. Only one instance is allowed within the ImageTransformations message.
+            },
+            "allText": { # Apply to all text. # Apply transformation to all text that doesn't match an infoType. Only one instance is allowed within the ImageTransformations message.
+            },
+            "redactionColor": { # Represents a color in the RGB color space. # The color to use when redacting content from an image. If not specified, the default is black.
+              "blue": 3.14, # The amount of blue in the color as a value in the interval [0, 1].
+              "green": 3.14, # The amount of green in the color as a value in the interval [0, 1].
+              "red": 3.14, # The amount of red in the color as a value in the interval [0, 1].
+            },
+            "selectedInfoTypes": { # Apply transformation to the selected info_types. # Apply transformation to the selected info_types.
+              "infoTypes": [ # Required. InfoTypes to apply the transformation to. Required. Provided InfoType must be unique within the ImageTransformations message.
+                { # Type of information detected by the API.
+                  "name": "A String", # Name of the information type. Either a name of your choosing when creating a CustomInfoType, or one of the names listed at https://cloud.google.com/dlp/docs/infotypes-reference when specifying a built-in type. When sending Cloud DLP results to Data Catalog, infoType names should conform to the pattern `[A-Za-z0-9$-_]{1,64}`.
+                  "version": "A String", # Optional version name for this InfoType.
+                },
+              ],
+            },
+          },
+        ],
+      },
       "infoTypeTransformations": { # A type of transformation that will scan unstructured text and apply various `PrimitiveTransformation`s to each finding, where the transformation is applied to only values that were identified as a specific info_type. # Treat the dataset as free-form text and apply the same free text transformation everywhere.
         "transformations": [ # Required. Transformation for each infoType. Cannot specify more than one for a given infoType.
           { # A transformation to apply to text that is identified as a specific info_type.
@@ -938,6 +961,29 @@ 
Method Details

     { # DeidentifyTemplates contains instructions on how to de-identify content. See https://cloud.google.com/dlp/docs/concepts-templates to learn more.
   "createTime": "A String", # Output only. The creation timestamp of an inspectTemplate.
   "deidentifyConfig": { # The configuration that controls how the data will change. # The core content of the template.
+    "imageTransformations": { # A type of transformation that is applied over images. # Treat the dataset as an image and redact.
+      "transforms": [
+        { # Configuration for determining how redaction of images should occur.
+          "allInfoTypes": { # Apply transformation to all findings. # Apply transformation to all findings not specified in other ImageTransformation's selected_info_types. Only one instance is allowed within the ImageTransformations message.
+          },
+          "allText": { # Apply to all text. # Apply transformation to all text that doesn't match an infoType. Only one instance is allowed within the ImageTransformations message.
+          },
+          "redactionColor": { # Represents a color in the RGB color space. # The color to use when redacting content from an image. If not specified, the default is black.
+            "blue": 3.14, # The amount of blue in the color as a value in the interval [0, 1].
+            "green": 3.14, # The amount of green in the color as a value in the interval [0, 1].
+            "red": 3.14, # The amount of red in the color as a value in the interval [0, 1].
+          },
+          "selectedInfoTypes": { # Apply transformation to the selected info_types. # Apply transformation to the selected info_types.
+            "infoTypes": [ # Required. InfoTypes to apply the transformation to. Required. Provided InfoType must be unique within the ImageTransformations message.
+              { # Type of information detected by the API.
+                "name": "A String", # Name of the information type. Either a name of your choosing when creating a CustomInfoType, or one of the names listed at https://cloud.google.com/dlp/docs/infotypes-reference when specifying a built-in type. When sending Cloud DLP results to Data Catalog, infoType names should conform to the pattern `[A-Za-z0-9$-_]{1,64}`.
+                "version": "A String", # Optional version name for this InfoType.
+              },
+            ],
+          },
+        },
+      ],
+    },
     "infoTypeTransformations": { # A type of transformation that will scan unstructured text and apply various `PrimitiveTransformation`s to each finding, where the transformation is applied to only values that were identified as a specific info_type. # Treat the dataset as free-form text and apply the same free text transformation everywhere.
       "transformations": [ # Required. Transformation for each infoType. Cannot specify more than one for a given infoType.
         { # A transformation to apply to text that is identified as a specific info_type.
@@ -1784,6 +1830,29 @@ 
Method Details

     { # DeidentifyTemplates contains instructions on how to de-identify content. See https://cloud.google.com/dlp/docs/concepts-templates to learn more.
   "createTime": "A String", # Output only. The creation timestamp of an inspectTemplate.
   "deidentifyConfig": { # The configuration that controls how the data will change. # The core content of the template.
+    "imageTransformations": { # A type of transformation that is applied over images. # Treat the dataset as an image and redact.
+      "transforms": [
+        { # Configuration for determining how redaction of images should occur.
+          "allInfoTypes": { # Apply transformation to all findings. # Apply transformation to all findings not specified in other ImageTransformation's selected_info_types. Only one instance is allowed within the ImageTransformations message.
+          },
+          "allText": { # Apply to all text. # Apply transformation to all text that doesn't match an infoType. Only one instance is allowed within the ImageTransformations message.
+          },
+          "redactionColor": { # Represents a color in the RGB color space. # The color to use when redacting content from an image. If not specified, the default is black.
+            "blue": 3.14, # The amount of blue in the color as a value in the interval [0, 1].
+            "green": 3.14, # The amount of green in the color as a value in the interval [0, 1].
+            "red": 3.14, # The amount of red in the color as a value in the interval [0, 1].
+          },
+          "selectedInfoTypes": { # Apply transformation to the selected info_types. # Apply transformation to the selected info_types.
+            "infoTypes": [ # Required. InfoTypes to apply the transformation to. Required. Provided InfoType must be unique within the ImageTransformations message.
+              { # Type of information detected by the API.
+                "name": "A String", # Name of the information type. Either a name of your choosing when creating a CustomInfoType, or one of the names listed at https://cloud.google.com/dlp/docs/infotypes-reference when specifying a built-in type. When sending Cloud DLP results to Data Catalog, infoType names should conform to the pattern `[A-Za-z0-9$-_]{1,64}`.
+                "version": "A String", # Optional version name for this InfoType.
+              },
+            ],
+          },
+        },
+      ],
+    },
     "infoTypeTransformations": { # A type of transformation that will scan unstructured text and apply various `PrimitiveTransformation`s to each finding, where the transformation is applied to only values that were identified as a specific info_type. # Treat the dataset as free-form text and apply the same free text transformation everywhere.
       "transformations": [ # Required. Transformation for each infoType. Cannot specify more than one for a given infoType.
         { # A transformation to apply to text that is identified as a specific info_type.
@@ -2618,6 +2687,29 @@ 
Method Details

     { # DeidentifyTemplates contains instructions on how to de-identify content. See https://cloud.google.com/dlp/docs/concepts-templates to learn more.
       "createTime": "A String", # Output only. The creation timestamp of an inspectTemplate.
       "deidentifyConfig": { # The configuration that controls how the data will change. # The core content of the template.
+        "imageTransformations": { # A type of transformation that is applied over images. # Treat the dataset as an image and redact.
+          "transforms": [
+            { # Configuration for determining how redaction of images should occur.
+              "allInfoTypes": { # Apply transformation to all findings. # Apply transformation to all findings not specified in other ImageTransformation's selected_info_types. Only one instance is allowed within the ImageTransformations message.
+              },
+              "allText": { # Apply to all text. # Apply transformation to all text that doesn't match an infoType. Only one instance is allowed within the ImageTransformations message.
+              },
+              "redactionColor": { # Represents a color in the RGB color space. # The color to use when redacting content from an image. If not specified, the default is black.
+                "blue": 3.14, # The amount of blue in the color as a value in the interval [0, 1].
+                "green": 3.14, # The amount of green in the color as a value in the interval [0, 1].
+                "red": 3.14, # The amount of red in the color as a value in the interval [0, 1].
+              },
+              "selectedInfoTypes": { # Apply transformation to the selected info_types. # Apply transformation to the selected info_types.
+                "infoTypes": [ # Required. InfoTypes to apply the transformation to. Required. Provided InfoType must be unique within the ImageTransformations message.
+                  { # Type of information detected by the API.
+                    "name": "A String", # Name of the information type. Either a name of your choosing when creating a CustomInfoType, or one of the names listed at https://cloud.google.com/dlp/docs/infotypes-reference when specifying a built-in type. When sending Cloud DLP results to Data Catalog, infoType names should conform to the pattern `[A-Za-z0-9$-_]{1,64}`.
+                    "version": "A String", # Optional version name for this InfoType.
+                  },
+                ],
+              },
+            },
+          ],
+        },
         "infoTypeTransformations": { # A type of transformation that will scan unstructured text and apply various `PrimitiveTransformation`s to each finding, where the transformation is applied to only values that were identified as a specific info_type. # Treat the dataset as free-form text and apply the same free text transformation everywhere.
           "transformations": [ # Required. Transformation for each infoType. Cannot specify more than one for a given infoType.
             { # A transformation to apply to text that is identified as a specific info_type.
@@ -3459,6 +3551,29 @@ 
Method Details

   "deidentifyTemplate": { # DeidentifyTemplates contains instructions on how to de-identify content. See https://cloud.google.com/dlp/docs/concepts-templates to learn more. # New DeidentifyTemplate value.
     "createTime": "A String", # Output only. The creation timestamp of an inspectTemplate.
     "deidentifyConfig": { # The configuration that controls how the data will change. # The core content of the template.
+      "imageTransformations": { # A type of transformation that is applied over images. # Treat the dataset as an image and redact.
+        "transforms": [
+          { # Configuration for determining how redaction of images should occur.
+            "allInfoTypes": { # Apply transformation to all findings. # Apply transformation to all findings not specified in other ImageTransformation's selected_info_types. Only one instance is allowed within the ImageTransformations message.
+            },
+            "allText": { # Apply to all text. # Apply transformation to all text that doesn't match an infoType. Only one instance is allowed within the ImageTransformations message.
+            },
+            "redactionColor": { # Represents a color in the RGB color space. # The color to use when redacting content from an image. If not specified, the default is black.
+              "blue": 3.14, # The amount of blue in the color as a value in the interval [0, 1].
+              "green": 3.14, # The amount of green in the color as a value in the interval [0, 1].
+              "red": 3.14, # The amount of red in the color as a value in the interval [0, 1].
+            },
+            "selectedInfoTypes": { # Apply transformation to the selected info_types. # Apply transformation to the selected info_types.
+              "infoTypes": [ # Required. InfoTypes to apply the transformation to. Required. Provided InfoType must be unique within the ImageTransformations message.
+                { # Type of information detected by the API.
+                  "name": "A String", # Name of the information type. Either a name of your choosing when creating a CustomInfoType, or one of the names listed at https://cloud.google.com/dlp/docs/infotypes-reference when specifying a built-in type. When sending Cloud DLP results to Data Catalog, infoType names should conform to the pattern `[A-Za-z0-9$-_]{1,64}`.
+                  "version": "A String", # Optional version name for this InfoType.
+                },
+              ],
+            },
+          },
+        ],
+      },
       "infoTypeTransformations": { # A type of transformation that will scan unstructured text and apply various `PrimitiveTransformation`s to each finding, where the transformation is applied to only values that were identified as a specific info_type. # Treat the dataset as free-form text and apply the same free text transformation everywhere.
         "transformations": [ # Required. Transformation for each infoType. Cannot specify more than one for a given infoType.
           { # A transformation to apply to text that is identified as a specific info_type.
@@ -4282,6 +4397,29 @@ 
Method Details

     { # DeidentifyTemplates contains instructions on how to de-identify content. See https://cloud.google.com/dlp/docs/concepts-templates to learn more.
   "createTime": "A String", # Output only. The creation timestamp of an inspectTemplate.
   "deidentifyConfig": { # The configuration that controls how the data will change. # The core content of the template.
+    "imageTransformations": { # A type of transformation that is applied over images. # Treat the dataset as an image and redact.
+      "transforms": [
+        { # Configuration for determining how redaction of images should occur.
+          "allInfoTypes": { # Apply transformation to all findings. # Apply transformation to all findings not specified in other ImageTransformation's selected_info_types. Only one instance is allowed within the ImageTransformations message.
+          },
+          "allText": { # Apply to all text. # Apply transformation to all text that doesn't match an infoType. Only one instance is allowed within the ImageTransformations message.
+          },
+          "redactionColor": { # Represents a color in the RGB color space. # The color to use when redacting content from an image. If not specified, the default is black.
+            "blue": 3.14, # The amount of blue in the color as a value in the interval [0, 1].
+            "green": 3.14, # The amount of green in the color as a value in the interval [0, 1].
+            "red": 3.14, # The amount of red in the color as a value in the interval [0, 1].
+          },
+          "selectedInfoTypes": { # Apply transformation to the selected info_types. # Apply transformation to the selected info_types.
+            "infoTypes": [ # Required. InfoTypes to apply the transformation to. Required. Provided InfoType must be unique within the ImageTransformations message.
+              { # Type of information detected by the API.
+                "name": "A String", # Name of the information type. Either a name of your choosing when creating a CustomInfoType, or one of the names listed at https://cloud.google.com/dlp/docs/infotypes-reference when specifying a built-in type. When sending Cloud DLP results to Data Catalog, infoType names should conform to the pattern `[A-Za-z0-9$-_]{1,64}`.
+                "version": "A String", # Optional version name for this InfoType.
+              },
+            ],
+          },
+        },
+      ],
+    },
     "infoTypeTransformations": { # A type of transformation that will scan unstructured text and apply various `PrimitiveTransformation`s to each finding, where the transformation is applied to only values that were identified as a specific info_type. # Treat the dataset as free-form text and apply the same free text transformation everywhere.
       "transformations": [ # Required. Transformation for each infoType. Cannot specify more than one for a given infoType.
         { # A transformation to apply to text that is identified as a specific info_type.
diff --git a/docs/dyn/dlp_v2.projects.dlpJobs.html b/docs/dyn/dlp_v2.projects.dlpJobs.html
index 4ec7793760f..e8822ad249c 100644
--- a/docs/dyn/dlp_v2.projects.dlpJobs.html
+++ b/docs/dyn/dlp_v2.projects.dlpJobs.html
@@ -138,8 +138,8 @@ 
Method Details

   "inspectJob": { # Controls what and how to inspect for findings. # An inspection job scans a storage repository for InfoTypes.
     "actions": [ # Actions to execute at the completion of the job.
       { # A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
-        "deidentify": { # Create a de-identified copy of the requested table or files. . A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data. Applicable for non-image data only. The de-identified copy is in the same location as the original data.
-          "cloudStorageOutput": "A String", # Required. User settable GCS bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output GCS bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
+        "deidentify": { # Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data.
+          "cloudStorageOutput": "A String", # Required. User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
           "fileTypesToTransform": [ # List of user-specified file type groups to transform. If specified, only the files with these filetypes will be transformed. If empty, all supported files will be transformed. Supported types may be automatically added over time. If a file type is set in this field that isn't supported by the Deidentify action then the job will fail and will not be successfully created/started. Currently the only filetypes supported are: IMAGES, TEXT_FILES, CSV, TSV.
             "A String",
           ],
@@ -156,7 +156,7 @@ 
Method Details

             },
           },
         },
-        "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's completion/failure. # Enable email notification for project owners and editors on job's completion/failure.
+        "jobNotificationEmails": { # Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). # Enable email notification for project owners and editors on job's completion/failure.
         },
         "pubSub": { # Publish a message into a given Pub/Sub topic when DlpJob has completed. The message contains a single field, `DlpJobName`, which is equal to the finished job's [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). Compatible with: Inspect, Risk # Publish a notification to a pubsub topic.
           "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}.
@@ -403,8 +403,8 @@ 
Method Details

   "riskJob": { # Configuration for a risk analysis job. See https://cloud.google.com/dlp/docs/concepts-risk-analysis to learn more. # A risk analysis job calculates re-identification risk metrics for a BigQuery table.
     "actions": [ # Actions to execute at the completion of the job. Are executed in the order provided.
       { # A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
-        "deidentify": { # Create a de-identified copy of the requested table or files. . A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data. Applicable for non-image data only. The de-identified copy is in the same location as the original data.
-          "cloudStorageOutput": "A String", # Required. User settable GCS bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output GCS bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
+        "deidentify": { # Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data.
+          "cloudStorageOutput": "A String", # Required. User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
           "fileTypesToTransform": [ # List of user-specified file type groups to transform. If specified, only the files with these filetypes will be transformed. If empty, all supported files will be transformed. Supported types may be automatically added over time. If a file type is set in this field that isn't supported by the Deidentify action then the job will fail and will not be successfully created/started. Currently the only filetypes supported are: IMAGES, TEXT_FILES, CSV, TSV.
             "A String",
           ],
@@ -421,7 +421,7 @@ 
Method Details

             },
           },
         },
-        "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's completion/failure. # Enable email notification for project owners and editors on job's completion/failure.
+        "jobNotificationEmails": { # Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). # Enable email notification for project owners and editors on job's completion/failure.
         },
         "pubSub": { # Publish a message into a given Pub/Sub topic when DlpJob has completed. The message contains a single field, `DlpJobName`, which is equal to the finished job's [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). Compatible with: Inspect, Risk # Publish a notification to a pubsub topic.
           "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}.
@@ -592,8 +592,8 @@ 
Method Details

       "jobConfig": { # Controls what and how to inspect for findings. # Inspect config.
         "actions": [ # Actions to execute at the completion of the job.
           { # A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
-            "deidentify": { # Create a de-identified copy of the requested table or files. . A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data. Applicable for non-image data only. The de-identified copy is in the same location as the original data.
-              "cloudStorageOutput": "A String", # Required. User settable GCS bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output GCS bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
+            "deidentify": { # Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data.
+              "cloudStorageOutput": "A String", # Required. User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
               "fileTypesToTransform": [ # List of user-specified file type groups to transform. If specified, only the files with these filetypes will be transformed. If empty, all supported files will be transformed. Supported types may be automatically added over time. If a file type is set in this field that isn't supported by the Deidentify action then the job will fail and will not be successfully created/started. Currently the only filetypes supported are: IMAGES, TEXT_FILES, CSV, TSV.
                 "A String",
               ],
@@ -610,7 +610,7 @@ 
Method Details

                 },
               },
             },
-            "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's completion/failure. # Enable email notification for project owners and editors on job's completion/failure.
+            "jobNotificationEmails": { # Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). # Enable email notification for project owners and editors on job's completion/failure.
             },
             "pubSub": { # Publish a message into a given Pub/Sub topic when DlpJob has completed. The message contains a single field, `DlpJobName`, which is equal to the finished job's [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). Compatible with: Inspect, Risk # Publish a notification to a pubsub topic.
               "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}.
@@ -1286,8 +1286,8 @@ 
Method Details

       "jobConfig": { # Configuration for a risk analysis job. See https://cloud.google.com/dlp/docs/concepts-risk-analysis to learn more. # The job config for the risk job.
         "actions": [ # Actions to execute at the completion of the job. Are executed in the order provided.
           { # A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
-            "deidentify": { # Create a de-identified copy of the requested table or files. . A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data. Applicable for non-image data only. The de-identified copy is in the same location as the original data.
-              "cloudStorageOutput": "A String", # Required. User settable GCS bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output GCS bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
+            "deidentify": { # Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data.
+              "cloudStorageOutput": "A String", # Required. User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
               "fileTypesToTransform": [ # List of user-specified file type groups to transform. If specified, only the files with these filetypes will be transformed. If empty, all supported files will be transformed. Supported types may be automatically added over time. If a file type is set in this field that isn't supported by the Deidentify action then the job will fail and will not be successfully created/started. Currently the only filetypes supported are: IMAGES, TEXT_FILES, CSV, TSV.
                 "A String",
               ],
@@ -1304,7 +1304,7 @@ 
Method Details

                 },
               },
             },
-            "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's completion/failure. # Enable email notification for project owners and editors on job's completion/failure.
+            "jobNotificationEmails": { # Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). # Enable email notification for project owners and editors on job's completion/failure.
             },
             "pubSub": { # Publish a message into a given Pub/Sub topic when DlpJob has completed. The message contains a single field, `DlpJobName`, which is equal to the finished job's [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). Compatible with: Inspect, Risk # Publish a notification to a pubsub topic.
               "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}.
@@ -1618,8 +1618,8 @@ 
Method Details

       "jobConfig": { # Controls what and how to inspect for findings. # Inspect config.
         "actions": [ # Actions to execute at the completion of the job.
           { # A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
-            "deidentify": { # Create a de-identified copy of the requested table or files. . A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data. Applicable for non-image data only. The de-identified copy is in the same location as the original data.
-              "cloudStorageOutput": "A String", # Required. User settable GCS bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output GCS bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
+            "deidentify": { # Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data.
+              "cloudStorageOutput": "A String", # Required. User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
               "fileTypesToTransform": [ # List of user-specified file type groups to transform. If specified, only the files with these filetypes will be transformed. If empty, all supported files will be transformed. Supported types may be automatically added over time. If a file type is set in this field that isn't supported by the Deidentify action then the job will fail and will not be successfully created/started. Currently the only filetypes supported are: IMAGES, TEXT_FILES, CSV, TSV.
                 "A String",
               ],
@@ -1636,7 +1636,7 @@ 
Method Details

                 },
               },
             },
-            "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's completion/failure. # Enable email notification for project owners and editors on job's completion/failure.
+            "jobNotificationEmails": { # Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). # Enable email notification for project owners and editors on job's completion/failure.
             },
             "pubSub": { # Publish a message into a given Pub/Sub topic when DlpJob has completed. The message contains a single field, `DlpJobName`, which is equal to the finished job's [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). Compatible with: Inspect, Risk # Publish a notification to a pubsub topic.
               "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}.
@@ -2312,8 +2312,8 @@ 
Method Details

       "jobConfig": { # Configuration for a risk analysis job. See https://cloud.google.com/dlp/docs/concepts-risk-analysis to learn more. # The job config for the risk job.
         "actions": [ # Actions to execute at the completion of the job. Are executed in the order provided.
           { # A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
-            "deidentify": { # Create a de-identified copy of the requested table or files. . A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data. Applicable for non-image data only. The de-identified copy is in the same location as the original data.
-              "cloudStorageOutput": "A String", # Required. User settable GCS bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output GCS bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
+            "deidentify": { # Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data.
+              "cloudStorageOutput": "A String", # Required. User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
               "fileTypesToTransform": [ # List of user-specified file type groups to transform. If specified, only the files with these filetypes will be transformed. If empty, all supported files will be transformed. Supported types may be automatically added over time. If a file type is set in this field that isn't supported by the Deidentify action then the job will fail and will not be successfully created/started. Currently the only filetypes supported are: IMAGES, TEXT_FILES, CSV, TSV.
                 "A String",
               ],
@@ -2330,7 +2330,7 @@ 
Method Details

                 },
               },
             },
-            "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's completion/failure. # Enable email notification for project owners and editors on job's completion/failure.
+            "jobNotificationEmails": { # Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). # Enable email notification for project owners and editors on job's completion/failure.
             },
             "pubSub": { # Publish a message into a given Pub/Sub topic when DlpJob has completed. The message contains a single field, `DlpJobName`, which is equal to the finished job's [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). Compatible with: Inspect, Risk # Publish a notification to a pubsub topic.
               "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}.
@@ -2638,8 +2638,8 @@ 
Method Details

           "jobConfig": { # Controls what and how to inspect for findings. # Inspect config.
             "actions": [ # Actions to execute at the completion of the job.
               { # A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
-                "deidentify": { # Create a de-identified copy of the requested table or files. . A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data. Applicable for non-image data only. The de-identified copy is in the same location as the original data.
-                  "cloudStorageOutput": "A String", # Required. User settable GCS bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output GCS bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
+                "deidentify": { # Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data.
+                  "cloudStorageOutput": "A String", # Required. User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
                   "fileTypesToTransform": [ # List of user-specified file type groups to transform. If specified, only the files with these filetypes will be transformed. If empty, all supported files will be transformed. Supported types may be automatically added over time. If a file type is set in this field that isn't supported by the Deidentify action then the job will fail and will not be successfully created/started. Currently the only filetypes supported are: IMAGES, TEXT_FILES, CSV, TSV.
                     "A String",
                   ],
@@ -2656,7 +2656,7 @@ 
Method Details

                     },
                   },
                 },
-                "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's completion/failure. # Enable email notification for project owners and editors on job's completion/failure.
+                "jobNotificationEmails": { # Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). # Enable email notification for project owners and editors on job's completion/failure.
                 },
                 "pubSub": { # Publish a message into a given Pub/Sub topic when DlpJob has completed. The message contains a single field, `DlpJobName`, which is equal to the finished job's [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). Compatible with: Inspect, Risk # Publish a notification to a pubsub topic.
                   "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}.
@@ -3332,8 +3332,8 @@ 
Method Details

           "jobConfig": { # Configuration for a risk analysis job. See https://cloud.google.com/dlp/docs/concepts-risk-analysis to learn more. # The job config for the risk job.
             "actions": [ # Actions to execute at the completion of the job. Are executed in the order provided.
               { # A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
-                "deidentify": { # Create a de-identified copy of the requested table or files. . A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data. Applicable for non-image data only. The de-identified copy is in the same location as the original data.
-                  "cloudStorageOutput": "A String", # Required. User settable GCS bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output GCS bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
+                "deidentify": { # Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data.
+                  "cloudStorageOutput": "A String", # Required. User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
                   "fileTypesToTransform": [ # List of user-specified file type groups to transform. If specified, only the files with these filetypes will be transformed. If empty, all supported files will be transformed. Supported types may be automatically added over time. If a file type is set in this field that isn't supported by the Deidentify action then the job will fail and will not be successfully created/started. Currently the only filetypes supported are: IMAGES, TEXT_FILES, CSV, TSV.
                     "A String",
                   ],
@@ -3350,7 +3350,7 @@ 
Method Details

                     },
                   },
                 },
-                "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's completion/failure. # Enable email notification for project owners and editors on job's completion/failure.
+                "jobNotificationEmails": { # Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). # Enable email notification for project owners and editors on job's completion/failure.
                 },
                 "pubSub": { # Publish a message into a given Pub/Sub topic when DlpJob has completed. The message contains a single field, `DlpJobName`, which is equal to the finished job's [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). Compatible with: Inspect, Risk # Publish a notification to a pubsub topic.
                   "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}.
diff --git a/docs/dyn/dlp_v2.projects.jobTriggers.html b/docs/dyn/dlp_v2.projects.jobTriggers.html
index 28de2766431..c124ace1dd0 100644
--- a/docs/dyn/dlp_v2.projects.jobTriggers.html
+++ b/docs/dyn/dlp_v2.projects.jobTriggers.html
@@ -143,8 +143,8 @@ 
Method Details

       "jobConfig": { # Controls what and how to inspect for findings. # Inspect config.
         "actions": [ # Actions to execute at the completion of the job.
           { # A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
-            "deidentify": { # Create a de-identified copy of the requested table or files. . A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data. Applicable for non-image data only. The de-identified copy is in the same location as the original data.
-              "cloudStorageOutput": "A String", # Required. User settable GCS bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output GCS bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
+            "deidentify": { # Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data.
+              "cloudStorageOutput": "A String", # Required. User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
               "fileTypesToTransform": [ # List of user-specified file type groups to transform. If specified, only the files with these filetypes will be transformed. If empty, all supported files will be transformed. Supported types may be automatically added over time. If a file type is set in this field that isn't supported by the Deidentify action then the job will fail and will not be successfully created/started. Currently the only filetypes supported are: IMAGES, TEXT_FILES, CSV, TSV.
                 "A String",
               ],
@@ -161,7 +161,7 @@ 
Method Details

                 },
               },
             },
-            "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's completion/failure. # Enable email notification for project owners and editors on job's completion/failure.
+            "jobNotificationEmails": { # Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). # Enable email notification for project owners and editors on job's completion/failure.
             },
             "pubSub": { # Publish a message into a given Pub/Sub topic when DlpJob has completed. The message contains a single field, `DlpJobName`, which is equal to the finished job's [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). Compatible with: Inspect, Risk # Publish a notification to a pubsub topic.
               "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}.
@@ -837,8 +837,8 @@ 
Method Details

       "jobConfig": { # Configuration for a risk analysis job. See https://cloud.google.com/dlp/docs/concepts-risk-analysis to learn more. # The job config for the risk job.
         "actions": [ # Actions to execute at the completion of the job. Are executed in the order provided.
           { # A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
-            "deidentify": { # Create a de-identified copy of the requested table or files. . A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data. Applicable for non-image data only. The de-identified copy is in the same location as the original data.
-              "cloudStorageOutput": "A String", # Required. User settable GCS bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output GCS bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
+            "deidentify": { # Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data.
+              "cloudStorageOutput": "A String", # Required. User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
               "fileTypesToTransform": [ # List of user-specified file type groups to transform. If specified, only the files with these filetypes will be transformed. If empty, all supported files will be transformed. Supported types may be automatically added over time. If a file type is set in this field that isn't supported by the Deidentify action then the job will fail and will not be successfully created/started. Currently the only filetypes supported are: IMAGES, TEXT_FILES, CSV, TSV.
                 "A String",
               ],
@@ -855,7 +855,7 @@ 
Method Details

                 },
               },
             },
-            "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's completion/failure. # Enable email notification for project owners and editors on job's completion/failure.
+            "jobNotificationEmails": { # Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). # Enable email notification for project owners and editors on job's completion/failure.
             },
             "pubSub": { # Publish a message into a given Pub/Sub topic when DlpJob has completed. The message contains a single field, `DlpJobName`, which is equal to the finished job's [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). Compatible with: Inspect, Risk # Publish a notification to a pubsub topic.
               "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}.
@@ -1151,8 +1151,8 @@ 
Method Details

     "inspectJob": { # Controls what and how to inspect for findings. # For inspect jobs, a snapshot of the configuration.
       "actions": [ # Actions to execute at the completion of the job.
         { # A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
-          "deidentify": { # Create a de-identified copy of the requested table or files. . A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data. Applicable for non-image data only. The de-identified copy is in the same location as the original data.
-            "cloudStorageOutput": "A String", # Required. User settable GCS bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output GCS bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
+          "deidentify": { # Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data.
+            "cloudStorageOutput": "A String", # Required. User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
             "fileTypesToTransform": [ # List of user-specified file type groups to transform. If specified, only the files with these filetypes will be transformed. If empty, all supported files will be transformed. Supported types may be automatically added over time. If a file type is set in this field that isn't supported by the Deidentify action then the job will fail and will not be successfully created/started. Currently the only filetypes supported are: IMAGES, TEXT_FILES, CSV, TSV.
               "A String",
             ],
@@ -1169,7 +1169,7 @@ 
Method Details

               },
             },
           },
-          "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's completion/failure. # Enable email notification for project owners and editors on job's completion/failure.
+          "jobNotificationEmails": { # Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). # Enable email notification for project owners and editors on job's completion/failure.
           },
           "pubSub": { # Publish a message into a given Pub/Sub topic when DlpJob has completed. The message contains a single field, `DlpJobName`, which is equal to the finished job's [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). Compatible with: Inspect, Risk # Publish a notification to a pubsub topic.
             "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}.
@@ -1460,8 +1460,8 @@ 
Method Details

   "inspectJob": { # Controls what and how to inspect for findings. # For inspect jobs, a snapshot of the configuration.
     "actions": [ # Actions to execute at the completion of the job.
       { # A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
-        "deidentify": { # Create a de-identified copy of the requested table or files. . A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data. Applicable for non-image data only. The de-identified copy is in the same location as the original data.
-          "cloudStorageOutput": "A String", # Required. User settable GCS bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output GCS bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
+        "deidentify": { # Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data.
+          "cloudStorageOutput": "A String", # Required. User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
           "fileTypesToTransform": [ # List of user-specified file type groups to transform. If specified, only the files with these filetypes will be transformed. If empty, all supported files will be transformed. Supported types may be automatically added over time. If a file type is set in this field that isn't supported by the Deidentify action then the job will fail and will not be successfully created/started. Currently the only filetypes supported are: IMAGES, TEXT_FILES, CSV, TSV.
             "A String",
           ],
@@ -1478,7 +1478,7 @@ 
Method Details

             },
           },
         },
-        "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's completion/failure. # Enable email notification for project owners and editors on job's completion/failure.
+        "jobNotificationEmails": { # Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). # Enable email notification for project owners and editors on job's completion/failure.
         },
         "pubSub": { # Publish a message into a given Pub/Sub topic when DlpJob has completed. The message contains a single field, `DlpJobName`, which is equal to the finished job's [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). Compatible with: Inspect, Risk # Publish a notification to a pubsub topic.
           "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}.
@@ -1791,8 +1791,8 @@ 
Method Details

   "inspectJob": { # Controls what and how to inspect for findings. # For inspect jobs, a snapshot of the configuration.
     "actions": [ # Actions to execute at the completion of the job.
       { # A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
-        "deidentify": { # Create a de-identified copy of the requested table or files. . A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data. Applicable for non-image data only. The de-identified copy is in the same location as the original data.
-          "cloudStorageOutput": "A String", # Required. User settable GCS bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output GCS bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
+        "deidentify": { # Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data.
+          "cloudStorageOutput": "A String", # Required. User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
           "fileTypesToTransform": [ # List of user-specified file type groups to transform. If specified, only the files with these filetypes will be transformed. If empty, all supported files will be transformed. Supported types may be automatically added over time. If a file type is set in this field that isn't supported by the Deidentify action then the job will fail and will not be successfully created/started. Currently the only filetypes supported are: IMAGES, TEXT_FILES, CSV, TSV.
             "A String",
           ],
@@ -1809,7 +1809,7 @@ 
Method Details

             },
           },
         },
-        "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's completion/failure. # Enable email notification for project owners and editors on job's completion/failure.
+        "jobNotificationEmails": { # Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). # Enable email notification for project owners and editors on job's completion/failure.
         },
         "pubSub": { # Publish a message into a given Pub/Sub topic when DlpJob has completed. The message contains a single field, `DlpJobName`, which is equal to the finished job's [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). Compatible with: Inspect, Risk # Publish a notification to a pubsub topic.
           "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}.
@@ -2116,8 +2116,8 @@ 
Method Details

       "inspectJob": { # Controls what and how to inspect for findings. # For inspect jobs, a snapshot of the configuration.
         "actions": [ # Actions to execute at the completion of the job.
           { # A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
-            "deidentify": { # Create a de-identified copy of the requested table or files. . A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data. Applicable for non-image data only. The de-identified copy is in the same location as the original data.
-              "cloudStorageOutput": "A String", # Required. User settable GCS bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output GCS bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
+            "deidentify": { # Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data.
+              "cloudStorageOutput": "A String", # Required. User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
               "fileTypesToTransform": [ # List of user-specified file type groups to transform. If specified, only the files with these filetypes will be transformed. If empty, all supported files will be transformed. Supported types may be automatically added over time. If a file type is set in this field that isn't supported by the Deidentify action then the job will fail and will not be successfully created/started. Currently the only filetypes supported are: IMAGES, TEXT_FILES, CSV, TSV.
                 "A String",
               ],
@@ -2134,7 +2134,7 @@ 
Method Details

                 },
               },
             },
-            "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's completion/failure. # Enable email notification for project owners and editors on job's completion/failure.
+            "jobNotificationEmails": { # Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). # Enable email notification for project owners and editors on job's completion/failure.
             },
             "pubSub": { # Publish a message into a given Pub/Sub topic when DlpJob has completed. The message contains a single field, `DlpJobName`, which is equal to the finished job's [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). Compatible with: Inspect, Risk # Publish a notification to a pubsub topic.
               "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}.
@@ -2442,8 +2442,8 @@ 
Method Details

     "inspectJob": { # Controls what and how to inspect for findings. # For inspect jobs, a snapshot of the configuration.
       "actions": [ # Actions to execute at the completion of the job.
         { # A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
-          "deidentify": { # Create a de-identified copy of the requested table or files. . A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data. Applicable for non-image data only. The de-identified copy is in the same location as the original data.
-            "cloudStorageOutput": "A String", # Required. User settable GCS bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output GCS bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
+          "deidentify": { # Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data.
+            "cloudStorageOutput": "A String", # Required. User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
             "fileTypesToTransform": [ # List of user-specified file type groups to transform. If specified, only the files with these filetypes will be transformed. If empty, all supported files will be transformed. Supported types may be automatically added over time. If a file type is set in this field that isn't supported by the Deidentify action then the job will fail and will not be successfully created/started. Currently the only filetypes supported are: IMAGES, TEXT_FILES, CSV, TSV.
               "A String",
             ],
@@ -2460,7 +2460,7 @@ 
Method Details

               },
             },
           },
-          "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's completion/failure. # Enable email notification for project owners and editors on job's completion/failure.
+          "jobNotificationEmails": { # Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). # Enable email notification for project owners and editors on job's completion/failure.
           },
           "pubSub": { # Publish a message into a given Pub/Sub topic when DlpJob has completed. The message contains a single field, `DlpJobName`, which is equal to the finished job's [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). Compatible with: Inspect, Risk # Publish a notification to a pubsub topic.
             "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}.
@@ -2750,8 +2750,8 @@ 
Method Details

   "inspectJob": { # Controls what and how to inspect for findings. # For inspect jobs, a snapshot of the configuration.
     "actions": [ # Actions to execute at the completion of the job.
       { # A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
-        "deidentify": { # Create a de-identified copy of the requested table or files. . A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data. Applicable for non-image data only. The de-identified copy is in the same location as the original data.
-          "cloudStorageOutput": "A String", # Required. User settable GCS bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output GCS bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
+        "deidentify": { # Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data.
+          "cloudStorageOutput": "A String", # Required. User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
           "fileTypesToTransform": [ # List of user-specified file type groups to transform. If specified, only the files with these filetypes will be transformed. If empty, all supported files will be transformed. Supported types may be automatically added over time. If a file type is set in this field that isn't supported by the Deidentify action then the job will fail and will not be successfully created/started. Currently the only filetypes supported are: IMAGES, TEXT_FILES, CSV, TSV.
             "A String",
           ],
@@ -2768,7 +2768,7 @@ 
Method Details

             },
           },
         },
-        "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's completion/failure. # Enable email notification for project owners and editors on job's completion/failure.
+        "jobNotificationEmails": { # Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). # Enable email notification for project owners and editors on job's completion/failure.
         },
         "pubSub": { # Publish a message into a given Pub/Sub topic when DlpJob has completed. The message contains a single field, `DlpJobName`, which is equal to the finished job's [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). Compatible with: Inspect, Risk # Publish a notification to a pubsub topic.
           "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}.
diff --git a/docs/dyn/dlp_v2.projects.locations.content.html b/docs/dyn/dlp_v2.projects.locations.content.html
index c558e11914a..01318b80c85 100644
--- a/docs/dyn/dlp_v2.projects.locations.content.html
+++ b/docs/dyn/dlp_v2.projects.locations.content.html
@@ -103,6 +103,29 @@ 
Method Details

 
 { # Request to de-identify a ContentItem.
   "deidentifyConfig": { # The configuration that controls how the data will change. # Configuration for the de-identification of the content item. Items specified here will override the template referenced by the deidentify_template_name argument.
+    "imageTransformations": { # A type of transformation that is applied over images. # Treat the dataset as an image and redact.
+      "transforms": [
+        { # Configuration for determining how redaction of images should occur.
+          "allInfoTypes": { # Apply transformation to all findings. # Apply transformation to all findings not specified in other ImageTransformation's selected_info_types. Only one instance is allowed within the ImageTransformations message.
+          },
+          "allText": { # Apply to all text. # Apply transformation to all text that doesn't match an infoType. Only one instance is allowed within the ImageTransformations message.
+          },
+          "redactionColor": { # Represents a color in the RGB color space. # The color to use when redacting content from an image. If not specified, the default is black.
+            "blue": 3.14, # The amount of blue in the color as a value in the interval [0, 1].
+            "green": 3.14, # The amount of green in the color as a value in the interval [0, 1].
+            "red": 3.14, # The amount of red in the color as a value in the interval [0, 1].
+          },
+          "selectedInfoTypes": { # Apply transformation to the selected info_types. # Apply transformation to the selected info_types.
+            "infoTypes": [ # Required. InfoTypes to apply the transformation to. Required. Provided InfoType must be unique within the ImageTransformations message.
+              { # Type of information detected by the API.
+                "name": "A String", # Name of the information type. Either a name of your choosing when creating a CustomInfoType, or one of the names listed at https://cloud.google.com/dlp/docs/infotypes-reference when specifying a built-in type. When sending Cloud DLP results to Data Catalog, infoType names should conform to the pattern `[A-Za-z0-9$-_]{1,64}`.
+                "version": "A String", # Optional version name for this InfoType.
+              },
+            ],
+          },
+        },
+      ],
+    },
     "infoTypeTransformations": { # A type of transformation that will scan unstructured text and apply various `PrimitiveTransformation`s to each finding, where the transformation is applied to only values that were identified as a specific info_type. # Treat the dataset as free-form text and apply the same free text transformation everywhere.
       "transformations": [ # Required. Transformation for each infoType. Cannot specify more than one for a given infoType.
         { # A transformation to apply to text that is identified as a specific info_type.
@@ -2453,6 +2476,29 @@ 
Method Details

   },
   "locationId": "A String", # Deprecated. This field has no effect.
   "reidentifyConfig": { # The configuration that controls how the data will change. # Configuration for the re-identification of the content item. This field shares the same proto message type that is used for de-identification, however its usage here is for the reversal of the previous de-identification. Re-identification is performed by examining the transformations used to de-identify the items and executing the reverse. This requires that only reversible transformations be provided here. The reversible transformations are: - `CryptoDeterministicConfig` - `CryptoReplaceFfxFpeConfig`
+    "imageTransformations": { # A type of transformation that is applied over images. # Treat the dataset as an image and redact.
+      "transforms": [
+        { # Configuration for determining how redaction of images should occur.
+          "allInfoTypes": { # Apply transformation to all findings. # Apply transformation to all findings not specified in other ImageTransformation's selected_info_types. Only one instance is allowed within the ImageTransformations message.
+          },
+          "allText": { # Apply to all text. # Apply transformation to all text that doesn't match an infoType. Only one instance is allowed within the ImageTransformations message.
+          },
+          "redactionColor": { # Represents a color in the RGB color space. # The color to use when redacting content from an image. If not specified, the default is black.
+            "blue": 3.14, # The amount of blue in the color as a value in the interval [0, 1].
+            "green": 3.14, # The amount of green in the color as a value in the interval [0, 1].
+            "red": 3.14, # The amount of red in the color as a value in the interval [0, 1].
+          },
+          "selectedInfoTypes": { # Apply transformation to the selected info_types. # Apply transformation to the selected info_types.
+            "infoTypes": [ # Required. InfoTypes to apply the transformation to. Required. Provided InfoType must be unique within the ImageTransformations message.
+              { # Type of information detected by the API.
+                "name": "A String", # Name of the information type. Either a name of your choosing when creating a CustomInfoType, or one of the names listed at https://cloud.google.com/dlp/docs/infotypes-reference when specifying a built-in type. When sending Cloud DLP results to Data Catalog, infoType names should conform to the pattern `[A-Za-z0-9$-_]{1,64}`.
+                "version": "A String", # Optional version name for this InfoType.
+              },
+            ],
+          },
+        },
+      ],
+    },
     "infoTypeTransformations": { # A type of transformation that will scan unstructured text and apply various `PrimitiveTransformation`s to each finding, where the transformation is applied to only values that were identified as a specific info_type. # Treat the dataset as free-form text and apply the same free text transformation everywhere.
       "transformations": [ # Required. Transformation for each infoType. Cannot specify more than one for a given infoType.
         { # A transformation to apply to text that is identified as a specific info_type.
diff --git a/docs/dyn/dlp_v2.projects.locations.deidentifyTemplates.html b/docs/dyn/dlp_v2.projects.locations.deidentifyTemplates.html
index 4d12368da8d..4d0255a5cbf 100644
--- a/docs/dyn/dlp_v2.projects.locations.deidentifyTemplates.html
+++ b/docs/dyn/dlp_v2.projects.locations.deidentifyTemplates.html
@@ -114,6 +114,29 @@ 
Method Details

   "deidentifyTemplate": { # DeidentifyTemplates contains instructions on how to de-identify content. See https://cloud.google.com/dlp/docs/concepts-templates to learn more. # Required. The DeidentifyTemplate to create.
     "createTime": "A String", # Output only. The creation timestamp of an inspectTemplate.
     "deidentifyConfig": { # The configuration that controls how the data will change. # The core content of the template.
+      "imageTransformations": { # A type of transformation that is applied over images. # Treat the dataset as an image and redact.
+        "transforms": [
+          { # Configuration for determining how redaction of images should occur.
+            "allInfoTypes": { # Apply transformation to all findings. # Apply transformation to all findings not specified in other ImageTransformation's selected_info_types. Only one instance is allowed within the ImageTransformations message.
+            },
+            "allText": { # Apply to all text. # Apply transformation to all text that doesn't match an infoType. Only one instance is allowed within the ImageTransformations message.
+            },
+            "redactionColor": { # Represents a color in the RGB color space. # The color to use when redacting content from an image. If not specified, the default is black.
+              "blue": 3.14, # The amount of blue in the color as a value in the interval [0, 1].
+              "green": 3.14, # The amount of green in the color as a value in the interval [0, 1].
+              "red": 3.14, # The amount of red in the color as a value in the interval [0, 1].
+            },
+            "selectedInfoTypes": { # Apply transformation to the selected info_types. # Apply transformation to the selected info_types.
+              "infoTypes": [ # Required. InfoTypes to apply the transformation to. Required. Provided InfoType must be unique within the ImageTransformations message.
+                { # Type of information detected by the API.
+                  "name": "A String", # Name of the information type. Either a name of your choosing when creating a CustomInfoType, or one of the names listed at https://cloud.google.com/dlp/docs/infotypes-reference when specifying a built-in type. When sending Cloud DLP results to Data Catalog, infoType names should conform to the pattern `[A-Za-z0-9$-_]{1,64}`.
+                  "version": "A String", # Optional version name for this InfoType.
+                },
+              ],
+            },
+          },
+        ],
+      },
       "infoTypeTransformations": { # A type of transformation that will scan unstructured text and apply various `PrimitiveTransformation`s to each finding, where the transformation is applied to only values that were identified as a specific info_type. # Treat the dataset as free-form text and apply the same free text transformation everywhere.
         "transformations": [ # Required. Transformation for each infoType. Cannot specify more than one for a given infoType.
           { # A transformation to apply to text that is identified as a specific info_type.
@@ -938,6 +961,29 @@ 
Method Details

     { # DeidentifyTemplates contains instructions on how to de-identify content. See https://cloud.google.com/dlp/docs/concepts-templates to learn more.
   "createTime": "A String", # Output only. The creation timestamp of an inspectTemplate.
   "deidentifyConfig": { # The configuration that controls how the data will change. # The core content of the template.
+    "imageTransformations": { # A type of transformation that is applied over images. # Treat the dataset as an image and redact.
+      "transforms": [
+        { # Configuration for determining how redaction of images should occur.
+          "allInfoTypes": { # Apply transformation to all findings. # Apply transformation to all findings not specified in other ImageTransformation's selected_info_types. Only one instance is allowed within the ImageTransformations message.
+          },
+          "allText": { # Apply to all text. # Apply transformation to all text that doesn't match an infoType. Only one instance is allowed within the ImageTransformations message.
+          },
+          "redactionColor": { # Represents a color in the RGB color space. # The color to use when redacting content from an image. If not specified, the default is black.
+            "blue": 3.14, # The amount of blue in the color as a value in the interval [0, 1].
+            "green": 3.14, # The amount of green in the color as a value in the interval [0, 1].
+            "red": 3.14, # The amount of red in the color as a value in the interval [0, 1].
+          },
+          "selectedInfoTypes": { # Apply transformation to the selected info_types. # Apply transformation to the selected info_types.
+            "infoTypes": [ # Required. InfoTypes to apply the transformation to. Required. Provided InfoType must be unique within the ImageTransformations message.
+              { # Type of information detected by the API.
+                "name": "A String", # Name of the information type. Either a name of your choosing when creating a CustomInfoType, or one of the names listed at https://cloud.google.com/dlp/docs/infotypes-reference when specifying a built-in type. When sending Cloud DLP results to Data Catalog, infoType names should conform to the pattern `[A-Za-z0-9$-_]{1,64}`.
+                "version": "A String", # Optional version name for this InfoType.
+              },
+            ],
+          },
+        },
+      ],
+    },
     "infoTypeTransformations": { # A type of transformation that will scan unstructured text and apply various `PrimitiveTransformation`s to each finding, where the transformation is applied to only values that were identified as a specific info_type. # Treat the dataset as free-form text and apply the same free text transformation everywhere.
       "transformations": [ # Required. Transformation for each infoType. Cannot specify more than one for a given infoType.
         { # A transformation to apply to text that is identified as a specific info_type.
@@ -1784,6 +1830,29 @@ 
Method Details

     { # DeidentifyTemplates contains instructions on how to de-identify content. See https://cloud.google.com/dlp/docs/concepts-templates to learn more.
   "createTime": "A String", # Output only. The creation timestamp of an inspectTemplate.
   "deidentifyConfig": { # The configuration that controls how the data will change. # The core content of the template.
+    "imageTransformations": { # A type of transformation that is applied over images. # Treat the dataset as an image and redact.
+      "transforms": [
+        { # Configuration for determining how redaction of images should occur.
+          "allInfoTypes": { # Apply transformation to all findings. # Apply transformation to all findings not specified in other ImageTransformation's selected_info_types. Only one instance is allowed within the ImageTransformations message.
+          },
+          "allText": { # Apply to all text. # Apply transformation to all text that doesn't match an infoType. Only one instance is allowed within the ImageTransformations message.
+          },
+          "redactionColor": { # Represents a color in the RGB color space. # The color to use when redacting content from an image. If not specified, the default is black.
+            "blue": 3.14, # The amount of blue in the color as a value in the interval [0, 1].
+            "green": 3.14, # The amount of green in the color as a value in the interval [0, 1].
+            "red": 3.14, # The amount of red in the color as a value in the interval [0, 1].
+          },
+          "selectedInfoTypes": { # Apply transformation to the selected info_types. # Apply transformation to the selected info_types.
+            "infoTypes": [ # Required. InfoTypes to apply the transformation to. Required. Provided InfoType must be unique within the ImageTransformations message.
+              { # Type of information detected by the API.
+                "name": "A String", # Name of the information type. Either a name of your choosing when creating a CustomInfoType, or one of the names listed at https://cloud.google.com/dlp/docs/infotypes-reference when specifying a built-in type. When sending Cloud DLP results to Data Catalog, infoType names should conform to the pattern `[A-Za-z0-9$-_]{1,64}`.
+                "version": "A String", # Optional version name for this InfoType.
+              },
+            ],
+          },
+        },
+      ],
+    },
     "infoTypeTransformations": { # A type of transformation that will scan unstructured text and apply various `PrimitiveTransformation`s to each finding, where the transformation is applied to only values that were identified as a specific info_type. # Treat the dataset as free-form text and apply the same free text transformation everywhere.
       "transformations": [ # Required. Transformation for each infoType. Cannot specify more than one for a given infoType.
         { # A transformation to apply to text that is identified as a specific info_type.
@@ -2618,6 +2687,29 @@ 
Method Details

     { # DeidentifyTemplates contains instructions on how to de-identify content. See https://cloud.google.com/dlp/docs/concepts-templates to learn more.
       "createTime": "A String", # Output only. The creation timestamp of an inspectTemplate.
       "deidentifyConfig": { # The configuration that controls how the data will change. # The core content of the template.
+        "imageTransformations": { # A type of transformation that is applied over images. # Treat the dataset as an image and redact.
+          "transforms": [
+            { # Configuration for determining how redaction of images should occur.
+              "allInfoTypes": { # Apply transformation to all findings. # Apply transformation to all findings not specified in other ImageTransformation's selected_info_types. Only one instance is allowed within the ImageTransformations message.
+              },
+              "allText": { # Apply to all text. # Apply transformation to all text that doesn't match an infoType. Only one instance is allowed within the ImageTransformations message.
+              },
+              "redactionColor": { # Represents a color in the RGB color space. # The color to use when redacting content from an image. If not specified, the default is black.
+                "blue": 3.14, # The amount of blue in the color as a value in the interval [0, 1].
+                "green": 3.14, # The amount of green in the color as a value in the interval [0, 1].
+                "red": 3.14, # The amount of red in the color as a value in the interval [0, 1].
+              },
+              "selectedInfoTypes": { # Apply transformation to the selected info_types. # Apply transformation to the selected info_types.
+                "infoTypes": [ # Required. InfoTypes to apply the transformation to. Required. Provided InfoType must be unique within the ImageTransformations message.
+                  { # Type of information detected by the API.
+                    "name": "A String", # Name of the information type. Either a name of your choosing when creating a CustomInfoType, or one of the names listed at https://cloud.google.com/dlp/docs/infotypes-reference when specifying a built-in type. When sending Cloud DLP results to Data Catalog, infoType names should conform to the pattern `[A-Za-z0-9$-_]{1,64}`.
+                    "version": "A String", # Optional version name for this InfoType.
+                  },
+                ],
+              },
+            },
+          ],
+        },
         "infoTypeTransformations": { # A type of transformation that will scan unstructured text and apply various `PrimitiveTransformation`s to each finding, where the transformation is applied to only values that were identified as a specific info_type. # Treat the dataset as free-form text and apply the same free text transformation everywhere.
           "transformations": [ # Required. Transformation for each infoType. Cannot specify more than one for a given infoType.
             { # A transformation to apply to text that is identified as a specific info_type.
@@ -3459,6 +3551,29 @@ 
Method Details

   "deidentifyTemplate": { # DeidentifyTemplates contains instructions on how to de-identify content. See https://cloud.google.com/dlp/docs/concepts-templates to learn more. # New DeidentifyTemplate value.
     "createTime": "A String", # Output only. The creation timestamp of an inspectTemplate.
     "deidentifyConfig": { # The configuration that controls how the data will change. # The core content of the template.
+      "imageTransformations": { # A type of transformation that is applied over images. # Treat the dataset as an image and redact.
+        "transforms": [
+          { # Configuration for determining how redaction of images should occur.
+            "allInfoTypes": { # Apply transformation to all findings. # Apply transformation to all findings not specified in other ImageTransformation's selected_info_types. Only one instance is allowed within the ImageTransformations message.
+            },
+            "allText": { # Apply to all text. # Apply transformation to all text that doesn't match an infoType. Only one instance is allowed within the ImageTransformations message.
+            },
+            "redactionColor": { # Represents a color in the RGB color space. # The color to use when redacting content from an image. If not specified, the default is black.
+              "blue": 3.14, # The amount of blue in the color as a value in the interval [0, 1].
+              "green": 3.14, # The amount of green in the color as a value in the interval [0, 1].
+              "red": 3.14, # The amount of red in the color as a value in the interval [0, 1].
+            },
+            "selectedInfoTypes": { # Apply transformation to the selected info_types. # Apply transformation to the selected info_types.
+              "infoTypes": [ # Required. InfoTypes to apply the transformation to. Required. Provided InfoType must be unique within the ImageTransformations message.
+                { # Type of information detected by the API.
+                  "name": "A String", # Name of the information type. Either a name of your choosing when creating a CustomInfoType, or one of the names listed at https://cloud.google.com/dlp/docs/infotypes-reference when specifying a built-in type. When sending Cloud DLP results to Data Catalog, infoType names should conform to the pattern `[A-Za-z0-9$-_]{1,64}`.
+                  "version": "A String", # Optional version name for this InfoType.
+                },
+              ],
+            },
+          },
+        ],
+      },
       "infoTypeTransformations": { # A type of transformation that will scan unstructured text and apply various `PrimitiveTransformation`s to each finding, where the transformation is applied to only values that were identified as a specific info_type. # Treat the dataset as free-form text and apply the same free text transformation everywhere.
         "transformations": [ # Required. Transformation for each infoType. Cannot specify more than one for a given infoType.
           { # A transformation to apply to text that is identified as a specific info_type.
@@ -4282,6 +4397,29 @@ 
Method Details

     { # DeidentifyTemplates contains instructions on how to de-identify content. See https://cloud.google.com/dlp/docs/concepts-templates to learn more.
   "createTime": "A String", # Output only. The creation timestamp of an inspectTemplate.
   "deidentifyConfig": { # The configuration that controls how the data will change. # The core content of the template.
+    "imageTransformations": { # A type of transformation that is applied over images. # Treat the dataset as an image and redact.
+      "transforms": [
+        { # Configuration for determining how redaction of images should occur.
+          "allInfoTypes": { # Apply transformation to all findings. # Apply transformation to all findings not specified in other ImageTransformation's selected_info_types. Only one instance is allowed within the ImageTransformations message.
+          },
+          "allText": { # Apply to all text. # Apply transformation to all text that doesn't match an infoType. Only one instance is allowed within the ImageTransformations message.
+          },
+          "redactionColor": { # Represents a color in the RGB color space. # The color to use when redacting content from an image. If not specified, the default is black.
+            "blue": 3.14, # The amount of blue in the color as a value in the interval [0, 1].
+            "green": 3.14, # The amount of green in the color as a value in the interval [0, 1].
+            "red": 3.14, # The amount of red in the color as a value in the interval [0, 1].
+          },
+          "selectedInfoTypes": { # Apply transformation to the selected info_types. # Apply transformation to the selected info_types.
+            "infoTypes": [ # Required. InfoTypes to apply the transformation to. Required. Provided InfoType must be unique within the ImageTransformations message.
+              { # Type of information detected by the API.
+                "name": "A String", # Name of the information type. Either a name of your choosing when creating a CustomInfoType, or one of the names listed at https://cloud.google.com/dlp/docs/infotypes-reference when specifying a built-in type. When sending Cloud DLP results to Data Catalog, infoType names should conform to the pattern `[A-Za-z0-9$-_]{1,64}`.
+                "version": "A String", # Optional version name for this InfoType.
+              },
+            ],
+          },
+        },
+      ],
+    },
     "infoTypeTransformations": { # A type of transformation that will scan unstructured text and apply various `PrimitiveTransformation`s to each finding, where the transformation is applied to only values that were identified as a specific info_type. # Treat the dataset as free-form text and apply the same free text transformation everywhere.
       "transformations": [ # Required. Transformation for each infoType. Cannot specify more than one for a given infoType.
         { # A transformation to apply to text that is identified as a specific info_type.
diff --git a/docs/dyn/dlp_v2.projects.locations.dlpJobs.html b/docs/dyn/dlp_v2.projects.locations.dlpJobs.html
index ef5ebef2841..6e65350ef3b 100644
--- a/docs/dyn/dlp_v2.projects.locations.dlpJobs.html
+++ b/docs/dyn/dlp_v2.projects.locations.dlpJobs.html
@@ -144,8 +144,8 @@ 
Method Details

   "inspectJob": { # Controls what and how to inspect for findings. # An inspection job scans a storage repository for InfoTypes.
     "actions": [ # Actions to execute at the completion of the job.
       { # A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
-        "deidentify": { # Create a de-identified copy of the requested table or files. . A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data. Applicable for non-image data only. The de-identified copy is in the same location as the original data.
-          "cloudStorageOutput": "A String", # Required. User settable GCS bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output GCS bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
+        "deidentify": { # Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data.
+          "cloudStorageOutput": "A String", # Required. User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
           "fileTypesToTransform": [ # List of user-specified file type groups to transform. If specified, only the files with these filetypes will be transformed. If empty, all supported files will be transformed. Supported types may be automatically added over time. If a file type is set in this field that isn't supported by the Deidentify action then the job will fail and will not be successfully created/started. Currently the only filetypes supported are: IMAGES, TEXT_FILES, CSV, TSV.
             "A String",
           ],
@@ -162,7 +162,7 @@ 
Method Details

             },
           },
         },
-        "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's completion/failure. # Enable email notification for project owners and editors on job's completion/failure.
+        "jobNotificationEmails": { # Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). # Enable email notification for project owners and editors on job's completion/failure.
         },
         "pubSub": { # Publish a message into a given Pub/Sub topic when DlpJob has completed. The message contains a single field, `DlpJobName`, which is equal to the finished job's [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). Compatible with: Inspect, Risk # Publish a notification to a pubsub topic.
           "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}.
@@ -409,8 +409,8 @@ 
Method Details

   "riskJob": { # Configuration for a risk analysis job. See https://cloud.google.com/dlp/docs/concepts-risk-analysis to learn more. # A risk analysis job calculates re-identification risk metrics for a BigQuery table.
     "actions": [ # Actions to execute at the completion of the job. Are executed in the order provided.
       { # A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
-        "deidentify": { # Create a de-identified copy of the requested table or files. . A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data. Applicable for non-image data only. The de-identified copy is in the same location as the original data.
-          "cloudStorageOutput": "A String", # Required. User settable GCS bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output GCS bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
+        "deidentify": { # Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data.
+          "cloudStorageOutput": "A String", # Required. User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
           "fileTypesToTransform": [ # List of user-specified file type groups to transform. If specified, only the files with these filetypes will be transformed. If empty, all supported files will be transformed. Supported types may be automatically added over time. If a file type is set in this field that isn't supported by the Deidentify action then the job will fail and will not be successfully created/started. Currently the only filetypes supported are: IMAGES, TEXT_FILES, CSV, TSV.
             "A String",
           ],
@@ -427,7 +427,7 @@ 
Method Details

             },
           },
         },
-        "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's completion/failure. # Enable email notification for project owners and editors on job's completion/failure.
+        "jobNotificationEmails": { # Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). # Enable email notification for project owners and editors on job's completion/failure.
         },
         "pubSub": { # Publish a message into a given Pub/Sub topic when DlpJob has completed. The message contains a single field, `DlpJobName`, which is equal to the finished job's [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). Compatible with: Inspect, Risk # Publish a notification to a pubsub topic.
           "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}.
@@ -598,8 +598,8 @@ 
Method Details

       "jobConfig": { # Controls what and how to inspect for findings. # Inspect config.
         "actions": [ # Actions to execute at the completion of the job.
           { # A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
-            "deidentify": { # Create a de-identified copy of the requested table or files. . A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data. Applicable for non-image data only. The de-identified copy is in the same location as the original data.
-              "cloudStorageOutput": "A String", # Required. User settable GCS bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output GCS bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
+            "deidentify": { # Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data.
+              "cloudStorageOutput": "A String", # Required. User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
               "fileTypesToTransform": [ # List of user-specified file type groups to transform. If specified, only the files with these filetypes will be transformed. If empty, all supported files will be transformed. Supported types may be automatically added over time. If a file type is set in this field that isn't supported by the Deidentify action then the job will fail and will not be successfully created/started. Currently the only filetypes supported are: IMAGES, TEXT_FILES, CSV, TSV.
                 "A String",
               ],
@@ -616,7 +616,7 @@ 
Method Details

                 },
               },
             },
-            "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's completion/failure. # Enable email notification for project owners and editors on job's completion/failure.
+            "jobNotificationEmails": { # Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). # Enable email notification for project owners and editors on job's completion/failure.
             },
             "pubSub": { # Publish a message into a given Pub/Sub topic when DlpJob has completed. The message contains a single field, `DlpJobName`, which is equal to the finished job's [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). Compatible with: Inspect, Risk # Publish a notification to a pubsub topic.
               "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}.
@@ -1292,8 +1292,8 @@ 
Method Details

       "jobConfig": { # Configuration for a risk analysis job. See https://cloud.google.com/dlp/docs/concepts-risk-analysis to learn more. # The job config for the risk job.
         "actions": [ # Actions to execute at the completion of the job. Are executed in the order provided.
           { # A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
-            "deidentify": { # Create a de-identified copy of the requested table or files. . A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data. Applicable for non-image data only. The de-identified copy is in the same location as the original data.
-              "cloudStorageOutput": "A String", # Required. User settable GCS bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output GCS bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
+            "deidentify": { # Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data.
+              "cloudStorageOutput": "A String", # Required. User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
               "fileTypesToTransform": [ # List of user-specified file type groups to transform. If specified, only the files with these filetypes will be transformed. If empty, all supported files will be transformed. Supported types may be automatically added over time. If a file type is set in this field that isn't supported by the Deidentify action then the job will fail and will not be successfully created/started. Currently the only filetypes supported are: IMAGES, TEXT_FILES, CSV, TSV.
                 "A String",
               ],
@@ -1310,7 +1310,7 @@ 
Method Details

                 },
               },
             },
-            "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's completion/failure. # Enable email notification for project owners and editors on job's completion/failure.
+            "jobNotificationEmails": { # Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). # Enable email notification for project owners and editors on job's completion/failure.
             },
             "pubSub": { # Publish a message into a given Pub/Sub topic when DlpJob has completed. The message contains a single field, `DlpJobName`, which is equal to the finished job's [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). Compatible with: Inspect, Risk # Publish a notification to a pubsub topic.
               "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}.
@@ -1648,8 +1648,8 @@ 
Method Details

       "jobConfig": { # Controls what and how to inspect for findings. # Inspect config.
         "actions": [ # Actions to execute at the completion of the job.
           { # A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
-            "deidentify": { # Create a de-identified copy of the requested table or files. . A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data. Applicable for non-image data only. The de-identified copy is in the same location as the original data.
-              "cloudStorageOutput": "A String", # Required. User settable GCS bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output GCS bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
+            "deidentify": { # Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data.
+              "cloudStorageOutput": "A String", # Required. User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
               "fileTypesToTransform": [ # List of user-specified file type groups to transform. If specified, only the files with these filetypes will be transformed. If empty, all supported files will be transformed. Supported types may be automatically added over time. If a file type is set in this field that isn't supported by the Deidentify action then the job will fail and will not be successfully created/started. Currently the only filetypes supported are: IMAGES, TEXT_FILES, CSV, TSV.
                 "A String",
               ],
@@ -1666,7 +1666,7 @@ 
Method Details

                 },
               },
             },
-            "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's completion/failure. # Enable email notification for project owners and editors on job's completion/failure.
+            "jobNotificationEmails": { # Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). # Enable email notification for project owners and editors on job's completion/failure.
             },
             "pubSub": { # Publish a message into a given Pub/Sub topic when DlpJob has completed. The message contains a single field, `DlpJobName`, which is equal to the finished job's [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). Compatible with: Inspect, Risk # Publish a notification to a pubsub topic.
               "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}.
@@ -2342,8 +2342,8 @@ 
Method Details

       "jobConfig": { # Configuration for a risk analysis job. See https://cloud.google.com/dlp/docs/concepts-risk-analysis to learn more. # The job config for the risk job.
         "actions": [ # Actions to execute at the completion of the job. Are executed in the order provided.
           { # A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
-            "deidentify": { # Create a de-identified copy of the requested table or files. . A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data. Applicable for non-image data only. The de-identified copy is in the same location as the original data.
-              "cloudStorageOutput": "A String", # Required. User settable GCS bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output GCS bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
+            "deidentify": { # Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data.
+              "cloudStorageOutput": "A String", # Required. User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
               "fileTypesToTransform": [ # List of user-specified file type groups to transform. If specified, only the files with these filetypes will be transformed. If empty, all supported files will be transformed. Supported types may be automatically added over time. If a file type is set in this field that isn't supported by the Deidentify action then the job will fail and will not be successfully created/started. Currently the only filetypes supported are: IMAGES, TEXT_FILES, CSV, TSV.
                 "A String",
               ],
@@ -2360,7 +2360,7 @@ 
Method Details

                 },
               },
             },
-            "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's completion/failure. # Enable email notification for project owners and editors on job's completion/failure.
+            "jobNotificationEmails": { # Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). # Enable email notification for project owners and editors on job's completion/failure.
             },
             "pubSub": { # Publish a message into a given Pub/Sub topic when DlpJob has completed. The message contains a single field, `DlpJobName`, which is equal to the finished job's [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). Compatible with: Inspect, Risk # Publish a notification to a pubsub topic.
               "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}.
@@ -2756,8 +2756,8 @@ 
Method Details

           "jobConfig": { # Controls what and how to inspect for findings. # Inspect config.
             "actions": [ # Actions to execute at the completion of the job.
               { # A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
-                "deidentify": { # Create a de-identified copy of the requested table or files. . A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data. Applicable for non-image data only. The de-identified copy is in the same location as the original data.
-                  "cloudStorageOutput": "A String", # Required. User settable GCS bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output GCS bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
+                "deidentify": { # Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data.
+                  "cloudStorageOutput": "A String", # Required. User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
                   "fileTypesToTransform": [ # List of user-specified file type groups to transform. If specified, only the files with these filetypes will be transformed. If empty, all supported files will be transformed. Supported types may be automatically added over time. If a file type is set in this field that isn't supported by the Deidentify action then the job will fail and will not be successfully created/started. Currently the only filetypes supported are: IMAGES, TEXT_FILES, CSV, TSV.
                     "A String",
                   ],
@@ -2774,7 +2774,7 @@ 
Method Details

                     },
                   },
                 },
-                "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's completion/failure. # Enable email notification for project owners and editors on job's completion/failure.
+                "jobNotificationEmails": { # Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). # Enable email notification for project owners and editors on job's completion/failure.
                 },
                 "pubSub": { # Publish a message into a given Pub/Sub topic when DlpJob has completed. The message contains a single field, `DlpJobName`, which is equal to the finished job's [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). Compatible with: Inspect, Risk # Publish a notification to a pubsub topic.
                   "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}.
@@ -3450,8 +3450,8 @@ 
Method Details

           "jobConfig": { # Configuration for a risk analysis job. See https://cloud.google.com/dlp/docs/concepts-risk-analysis to learn more. # The job config for the risk job.
             "actions": [ # Actions to execute at the completion of the job. Are executed in the order provided.
               { # A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
-                "deidentify": { # Create a de-identified copy of the requested table or files. . A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data. Applicable for non-image data only. The de-identified copy is in the same location as the original data.
-                  "cloudStorageOutput": "A String", # Required. User settable GCS bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output GCS bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
+                "deidentify": { # Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data.
+                  "cloudStorageOutput": "A String", # Required. User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
                   "fileTypesToTransform": [ # List of user-specified file type groups to transform. If specified, only the files with these filetypes will be transformed. If empty, all supported files will be transformed. Supported types may be automatically added over time. If a file type is set in this field that isn't supported by the Deidentify action then the job will fail and will not be successfully created/started. Currently the only filetypes supported are: IMAGES, TEXT_FILES, CSV, TSV.
                     "A String",
                   ],
@@ -3468,7 +3468,7 @@ 
Method Details

                     },
                   },
                 },
-                "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's completion/failure. # Enable email notification for project owners and editors on job's completion/failure.
+                "jobNotificationEmails": { # Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). # Enable email notification for project owners and editors on job's completion/failure.
                 },
                 "pubSub": { # Publish a message into a given Pub/Sub topic when DlpJob has completed. The message contains a single field, `DlpJobName`, which is equal to the finished job's [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). Compatible with: Inspect, Risk # Publish a notification to a pubsub topic.
                   "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}.
diff --git a/docs/dyn/dlp_v2.projects.locations.jobTriggers.html b/docs/dyn/dlp_v2.projects.locations.jobTriggers.html
index 257666caa5b..aa78d27dc69 100644
--- a/docs/dyn/dlp_v2.projects.locations.jobTriggers.html
+++ b/docs/dyn/dlp_v2.projects.locations.jobTriggers.html
@@ -146,8 +146,8 @@ 
Method Details

       "jobConfig": { # Controls what and how to inspect for findings. # Inspect config.
         "actions": [ # Actions to execute at the completion of the job.
           { # A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
-            "deidentify": { # Create a de-identified copy of the requested table or files. . A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data. Applicable for non-image data only. The de-identified copy is in the same location as the original data.
-              "cloudStorageOutput": "A String", # Required. User settable GCS bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output GCS bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
+            "deidentify": { # Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data.
+              "cloudStorageOutput": "A String", # Required. User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
               "fileTypesToTransform": [ # List of user-specified file type groups to transform. If specified, only the files with these filetypes will be transformed. If empty, all supported files will be transformed. Supported types may be automatically added over time. If a file type is set in this field that isn't supported by the Deidentify action then the job will fail and will not be successfully created/started. Currently the only filetypes supported are: IMAGES, TEXT_FILES, CSV, TSV.
                 "A String",
               ],
@@ -164,7 +164,7 @@ 
Method Details

                 },
               },
             },
-            "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's completion/failure. # Enable email notification for project owners and editors on job's completion/failure.
+            "jobNotificationEmails": { # Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). # Enable email notification for project owners and editors on job's completion/failure.
             },
             "pubSub": { # Publish a message into a given Pub/Sub topic when DlpJob has completed. The message contains a single field, `DlpJobName`, which is equal to the finished job's [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). Compatible with: Inspect, Risk # Publish a notification to a pubsub topic.
               "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}.
@@ -840,8 +840,8 @@ 
Method Details

       "jobConfig": { # Configuration for a risk analysis job. See https://cloud.google.com/dlp/docs/concepts-risk-analysis to learn more. # The job config for the risk job.
         "actions": [ # Actions to execute at the completion of the job. Are executed in the order provided.
           { # A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
-            "deidentify": { # Create a de-identified copy of the requested table or files. . A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data. Applicable for non-image data only. The de-identified copy is in the same location as the original data.
-              "cloudStorageOutput": "A String", # Required. User settable GCS bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output GCS bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
+            "deidentify": { # Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data.
+              "cloudStorageOutput": "A String", # Required. User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
               "fileTypesToTransform": [ # List of user-specified file type groups to transform. If specified, only the files with these filetypes will be transformed. If empty, all supported files will be transformed. Supported types may be automatically added over time. If a file type is set in this field that isn't supported by the Deidentify action then the job will fail and will not be successfully created/started. Currently the only filetypes supported are: IMAGES, TEXT_FILES, CSV, TSV.
                 "A String",
               ],
@@ -858,7 +858,7 @@ 
Method Details

                 },
               },
             },
-            "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's completion/failure. # Enable email notification for project owners and editors on job's completion/failure.
+            "jobNotificationEmails": { # Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). # Enable email notification for project owners and editors on job's completion/failure.
             },
             "pubSub": { # Publish a message into a given Pub/Sub topic when DlpJob has completed. The message contains a single field, `DlpJobName`, which is equal to the finished job's [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). Compatible with: Inspect, Risk # Publish a notification to a pubsub topic.
               "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}.
@@ -1154,8 +1154,8 @@ 
Method Details

     "inspectJob": { # Controls what and how to inspect for findings. # For inspect jobs, a snapshot of the configuration.
       "actions": [ # Actions to execute at the completion of the job.
         { # A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
-          "deidentify": { # Create a de-identified copy of the requested table or files. . A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data. Applicable for non-image data only. The de-identified copy is in the same location as the original data.
-            "cloudStorageOutput": "A String", # Required. User settable GCS bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output GCS bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
+          "deidentify": { # Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data.
+            "cloudStorageOutput": "A String", # Required. User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
             "fileTypesToTransform": [ # List of user-specified file type groups to transform. If specified, only the files with these filetypes will be transformed. If empty, all supported files will be transformed. Supported types may be automatically added over time. If a file type is set in this field that isn't supported by the Deidentify action then the job will fail and will not be successfully created/started. Currently the only filetypes supported are: IMAGES, TEXT_FILES, CSV, TSV.
               "A String",
             ],
@@ -1172,7 +1172,7 @@ 
Method Details

               },
             },
           },
-          "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's completion/failure. # Enable email notification for project owners and editors on job's completion/failure.
+          "jobNotificationEmails": { # Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). # Enable email notification for project owners and editors on job's completion/failure.
           },
           "pubSub": { # Publish a message into a given Pub/Sub topic when DlpJob has completed. The message contains a single field, `DlpJobName`, which is equal to the finished job's [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). Compatible with: Inspect, Risk # Publish a notification to a pubsub topic.
             "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}.
@@ -1463,8 +1463,8 @@ 
Method Details

   "inspectJob": { # Controls what and how to inspect for findings. # For inspect jobs, a snapshot of the configuration.
     "actions": [ # Actions to execute at the completion of the job.
       { # A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
-        "deidentify": { # Create a de-identified copy of the requested table or files. . A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data. Applicable for non-image data only. The de-identified copy is in the same location as the original data.
-          "cloudStorageOutput": "A String", # Required. User settable GCS bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output GCS bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
+        "deidentify": { # Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data.
+          "cloudStorageOutput": "A String", # Required. User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
           "fileTypesToTransform": [ # List of user-specified file type groups to transform. If specified, only the files with these filetypes will be transformed. If empty, all supported files will be transformed. Supported types may be automatically added over time. If a file type is set in this field that isn't supported by the Deidentify action then the job will fail and will not be successfully created/started. Currently the only filetypes supported are: IMAGES, TEXT_FILES, CSV, TSV.
             "A String",
           ],
@@ -1481,7 +1481,7 @@ 
Method Details

             },
           },
         },
-        "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's completion/failure. # Enable email notification for project owners and editors on job's completion/failure.
+        "jobNotificationEmails": { # Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). # Enable email notification for project owners and editors on job's completion/failure.
         },
         "pubSub": { # Publish a message into a given Pub/Sub topic when DlpJob has completed. The message contains a single field, `DlpJobName`, which is equal to the finished job's [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). Compatible with: Inspect, Risk # Publish a notification to a pubsub topic.
           "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}.
@@ -1794,8 +1794,8 @@ 
Method Details

   "inspectJob": { # Controls what and how to inspect for findings. # For inspect jobs, a snapshot of the configuration.
     "actions": [ # Actions to execute at the completion of the job.
       { # A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
-        "deidentify": { # Create a de-identified copy of the requested table or files. . A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data. Applicable for non-image data only. The de-identified copy is in the same location as the original data.
-          "cloudStorageOutput": "A String", # Required. User settable GCS bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output GCS bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
+        "deidentify": { # Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data.
+          "cloudStorageOutput": "A String", # Required. User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
           "fileTypesToTransform": [ # List of user-specified file type groups to transform. If specified, only the files with these filetypes will be transformed. If empty, all supported files will be transformed. Supported types may be automatically added over time. If a file type is set in this field that isn't supported by the Deidentify action then the job will fail and will not be successfully created/started. Currently the only filetypes supported are: IMAGES, TEXT_FILES, CSV, TSV.
             "A String",
           ],
@@ -1812,7 +1812,7 @@ 
Method Details

             },
           },
         },
-        "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's completion/failure. # Enable email notification for project owners and editors on job's completion/failure.
+        "jobNotificationEmails": { # Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). # Enable email notification for project owners and editors on job's completion/failure.
         },
         "pubSub": { # Publish a message into a given Pub/Sub topic when DlpJob has completed. The message contains a single field, `DlpJobName`, which is equal to the finished job's [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). Compatible with: Inspect, Risk # Publish a notification to a pubsub topic.
           "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}.
@@ -2207,8 +2207,8 @@ 
Method Details

       "inspectJob": { # Controls what and how to inspect for findings. # For inspect jobs, a snapshot of the configuration.
         "actions": [ # Actions to execute at the completion of the job.
           { # A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
-            "deidentify": { # Create a de-identified copy of the requested table or files. . A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data. Applicable for non-image data only. The de-identified copy is in the same location as the original data.
-              "cloudStorageOutput": "A String", # Required. User settable GCS bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output GCS bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
+            "deidentify": { # Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data.
+              "cloudStorageOutput": "A String", # Required. User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
               "fileTypesToTransform": [ # List of user-specified file type groups to transform. If specified, only the files with these filetypes will be transformed. If empty, all supported files will be transformed. Supported types may be automatically added over time. If a file type is set in this field that isn't supported by the Deidentify action then the job will fail and will not be successfully created/started. Currently the only filetypes supported are: IMAGES, TEXT_FILES, CSV, TSV.
                 "A String",
               ],
@@ -2225,7 +2225,7 @@ 
Method Details

                 },
               },
             },
-            "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's completion/failure. # Enable email notification for project owners and editors on job's completion/failure.
+            "jobNotificationEmails": { # Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). # Enable email notification for project owners and editors on job's completion/failure.
             },
             "pubSub": { # Publish a message into a given Pub/Sub topic when DlpJob has completed. The message contains a single field, `DlpJobName`, which is equal to the finished job's [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). Compatible with: Inspect, Risk # Publish a notification to a pubsub topic.
               "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}.
@@ -2533,8 +2533,8 @@ 
Method Details

     "inspectJob": { # Controls what and how to inspect for findings. # For inspect jobs, a snapshot of the configuration.
       "actions": [ # Actions to execute at the completion of the job.
         { # A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
-          "deidentify": { # Create a de-identified copy of the requested table or files. . A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data. Applicable for non-image data only. The de-identified copy is in the same location as the original data.
-            "cloudStorageOutput": "A String", # Required. User settable GCS bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output GCS bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
+          "deidentify": { # Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data.
+            "cloudStorageOutput": "A String", # Required. User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
             "fileTypesToTransform": [ # List of user-specified file type groups to transform. If specified, only the files with these filetypes will be transformed. If empty, all supported files will be transformed. Supported types may be automatically added over time. If a file type is set in this field that isn't supported by the Deidentify action then the job will fail and will not be successfully created/started. Currently the only filetypes supported are: IMAGES, TEXT_FILES, CSV, TSV.
               "A String",
             ],
@@ -2551,7 +2551,7 @@ 
Method Details

               },
             },
           },
-          "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's completion/failure. # Enable email notification for project owners and editors on job's completion/failure.
+          "jobNotificationEmails": { # Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). # Enable email notification for project owners and editors on job's completion/failure.
           },
           "pubSub": { # Publish a message into a given Pub/Sub topic when DlpJob has completed. The message contains a single field, `DlpJobName`, which is equal to the finished job's [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). Compatible with: Inspect, Risk # Publish a notification to a pubsub topic.
             "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}.
@@ -2841,8 +2841,8 @@ 
Method Details

   "inspectJob": { # Controls what and how to inspect for findings. # For inspect jobs, a snapshot of the configuration.
     "actions": [ # Actions to execute at the completion of the job.
       { # A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
-        "deidentify": { # Create a de-identified copy of the requested table or files. . A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data. Applicable for non-image data only. The de-identified copy is in the same location as the original data.
-          "cloudStorageOutput": "A String", # Required. User settable GCS bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output GCS bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
+        "deidentify": { # Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect # Create a de-identified copy of the input data.
+          "cloudStorageOutput": "A String", # Required. User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket
           "fileTypesToTransform": [ # List of user-specified file type groups to transform. If specified, only the files with these filetypes will be transformed. If empty, all supported files will be transformed. Supported types may be automatically added over time. If a file type is set in this field that isn't supported by the Deidentify action then the job will fail and will not be successfully created/started. Currently the only filetypes supported are: IMAGES, TEXT_FILES, CSV, TSV.
             "A String",
           ],
@@ -2859,7 +2859,7 @@ 
Method Details

             },
           },
         },
-        "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's completion/failure. # Enable email notification for project owners and editors on job's completion/failure.
+        "jobNotificationEmails": { # Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). # Enable email notification for project owners and editors on job's completion/failure.
         },
         "pubSub": { # Publish a message into a given Pub/Sub topic when DlpJob has completed. The message contains a single field, `DlpJobName`, which is equal to the finished job's [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). Compatible with: Inspect, Risk # Publish a notification to a pubsub topic.
           "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}.
diff --git a/docs/dyn/dlp_v2.projects.locations.storedInfoTypes.html b/docs/dyn/dlp_v2.projects.locations.storedInfoTypes.html
index b038a1e104d..4baa9940048 100644
--- a/docs/dyn/dlp_v2.projects.locations.storedInfoTypes.html
+++ b/docs/dyn/dlp_v2.projects.locations.storedInfoTypes.html
@@ -464,7 +464,7 @@ 
Method Details

   
Lists stored infoTypes. See https://cloud.google.com/dlp/docs/creating-stored-infotypes to learn more.
 
 Args:
-  parent: string, Required. Parent resource name. The format of this value varies depending on the scope of the request (project or organization) and whether you have [specified a processing location](https://cloud.google.com/dlp/docs/specifying-location): + Projects scope, location specified: `projects/`PROJECT_ID`/locations/`LOCATION_ID + Projects scope, no location specified (defaults to global): `projects/`PROJECT_ID + Organizations scope, location specified: `organizations/`ORG_ID`/locations/`LOCATION_ID + Organizations scope, no location specified (defaults to global): `organizations/`ORG_ID The following example `parent` string specifies a parent project with the identifier `example-project`, and specifies the `europe-west3` location for processing data: parent=projects/example-project/locations/europe-west3 (required)
+  parent: string, Required. Parent resource name. The format of this value varies depending on the scope of the request (project or organization) and whether you have [specified a processing location](https://cloud.google.com/dlp/docs/specifying-location): + Projects scope, location specified: `projects/`PROJECT_ID`/locations/`LOCATION_ID + Projects scope, no location specified (defaults to global): `projects/`PROJECT_ID The following example `parent` string specifies a parent project with the identifier `example-project`, and specifies the `europe-west3` location for processing data: parent=projects/example-project/locations/europe-west3 (required)
   locationId: string, Deprecated. This field has no effect.
   orderBy: string, Comma separated list of fields to order by, followed by `asc` or `desc` postfix. This list is case-insensitive, default sorting order is ascending, redundant space characters are insignificant. Example: `name asc, display_name, create_time desc` Supported fields are: - `create_time`: corresponds to the time the most recent version of the resource was created. - `state`: corresponds to the state of the resource. - `name`: corresponds to resource name. - `display_name`: corresponds to info type's display name.
   pageSize: integer, Size of the page, can be limited by the server. If zero server returns a page of max size 100.
diff --git a/docs/dyn/dlp_v2.projects.storedInfoTypes.html b/docs/dyn/dlp_v2.projects.storedInfoTypes.html
index 75507d18453..3a3bd86b39a 100644
--- a/docs/dyn/dlp_v2.projects.storedInfoTypes.html
+++ b/docs/dyn/dlp_v2.projects.storedInfoTypes.html
@@ -464,7 +464,7 @@ 
Method Details

   
Lists stored infoTypes. See https://cloud.google.com/dlp/docs/creating-stored-infotypes to learn more.
 
 Args:
-  parent: string, Required. Parent resource name. The format of this value varies depending on the scope of the request (project or organization) and whether you have [specified a processing location](https://cloud.google.com/dlp/docs/specifying-location): + Projects scope, location specified: `projects/`PROJECT_ID`/locations/`LOCATION_ID + Projects scope, no location specified (defaults to global): `projects/`PROJECT_ID + Organizations scope, location specified: `organizations/`ORG_ID`/locations/`LOCATION_ID + Organizations scope, no location specified (defaults to global): `organizations/`ORG_ID The following example `parent` string specifies a parent project with the identifier `example-project`, and specifies the `europe-west3` location for processing data: parent=projects/example-project/locations/europe-west3 (required)
+  parent: string, Required. Parent resource name. The format of this value varies depending on the scope of the request (project or organization) and whether you have [specified a processing location](https://cloud.google.com/dlp/docs/specifying-location): + Projects scope, location specified: `projects/`PROJECT_ID`/locations/`LOCATION_ID + Projects scope, no location specified (defaults to global): `projects/`PROJECT_ID The following example `parent` string specifies a parent project with the identifier `example-project`, and specifies the `europe-west3` location for processing data: parent=projects/example-project/locations/europe-west3 (required)
   locationId: string, Deprecated. This field has no effect.
   orderBy: string, Comma separated list of fields to order by, followed by `asc` or `desc` postfix. This list is case-insensitive, default sorting order is ascending, redundant space characters are insignificant. Example: `name asc, display_name, create_time desc` Supported fields are: - `create_time`: corresponds to the time the most recent version of the resource was created. - `state`: corresponds to the state of the resource. - `name`: corresponds to resource name. - `display_name`: corresponds to info type's display name.
   pageSize: integer, Size of the page, can be limited by the server. If zero server returns a page of max size 100.
diff --git a/docs/dyn/documentai_v1.projects.locations.processors.html b/docs/dyn/documentai_v1.projects.locations.processors.html
index b985bb80b6e..5822f88a582 100644
--- a/docs/dyn/documentai_v1.projects.locations.processors.html
+++ b/docs/dyn/documentai_v1.projects.locations.processors.html
@@ -432,7 +432,6 @@ 
Method Details

         "id": "A String", # Optional. Canonical id. This will be a unique value in the entity list for this document.
         "mentionId": "A String", # Optional. Deprecated. Use `id` field instead.
         "mentionText": "A String", # Optional. Text value in the document e.g. `1600 Amphitheatre Pkwy`. If the entity is not present in the document, this field will be empty.
-        "nonPresent": True or False, # Optional. This attribute indicates that the processing didn't actually identify this entity, but a confidence score was assigned that represent the potential that this could be a false negative. A non-present entity should have an empty mention_text and text_anchor.
         "normalizedValue": { # Parsed and normalized entity value. # Optional. Normalized entity value. Absent if the extracted value could not be converted or the type (e.g. address) is not supported for certain parsers. This field is also only populated for certain supported document types.
           "addressValue": { # Represents a postal address, e.g. for postal delivery or payments addresses. Given a postal address, a postal service can deliver items to a premise, P.O. Box or similar. It is not intended to model geographical locations (roads, towns, mountains). In typical usage an address would be created via user input or from importing existing data, depending on the type of process. Advice on address input / editing: - Use an internationalization-ready address widget such as https://github.com/google/libaddressinput) - Users should not be presented with UI elements for input or editing of fields outside countries where that field is used. For more guidance on how to use this schema, please see: https://support.google.com/business/answer/6397478 # Postal address. See also: https://github.com/googleapis/googleapis/blob/master/google/type/postal_address.proto
             "addressLines": [ # Unstructured address lines describing the lower levels of an address. Because values in address_lines do not have type information and may sometimes contain multiple values in a single field (e.g. "Austin, TX"), it is important that the line order is clear. The order of address lines should be "envelope order" for the country/region of the address. In places where this can vary (e.g. Japan), address_language is used to make it explicit (e.g. "ja" for large-to-small ordering and "ja-Latn" or "en" for small-to-large). This way, the most specific line of an address can be selected based on the language. The minimum permitted structural representation of an address consists of a region_code with all remaining information placed in the address_lines. It would be possible to format such an address very approximately without geocoding, but no semantic reasoning could be made about any of the address components until it was at least partially resolved. Creating an address only containing a region_code and address_lines, and then geocoding is the recommended way to handle completely unstructured addresses (as opposed to guessing which parts of the address should be localities or administrative areas).
@@ -1246,7 +1245,6 @@ 
Method Details

         "id": "A String", # Optional. Canonical id. This will be a unique value in the entity list for this document.
         "mentionId": "A String", # Optional. Deprecated. Use `id` field instead.
         "mentionText": "A String", # Optional. Text value in the document e.g. `1600 Amphitheatre Pkwy`. If the entity is not present in the document, this field will be empty.
-        "nonPresent": True or False, # Optional. This attribute indicates that the processing didn't actually identify this entity, but a confidence score was assigned that represent the potential that this could be a false negative. A non-present entity should have an empty mention_text and text_anchor.
         "normalizedValue": { # Parsed and normalized entity value. # Optional. Normalized entity value. Absent if the extracted value could not be converted or the type (e.g. address) is not supported for certain parsers. This field is also only populated for certain supported document types.
           "addressValue": { # Represents a postal address, e.g. for postal delivery or payments addresses. Given a postal address, a postal service can deliver items to a premise, P.O. Box or similar. It is not intended to model geographical locations (roads, towns, mountains). In typical usage an address would be created via user input or from importing existing data, depending on the type of process. Advice on address input / editing: - Use an internationalization-ready address widget such as https://github.com/google/libaddressinput) - Users should not be presented with UI elements for input or editing of fields outside countries where that field is used. For more guidance on how to use this schema, please see: https://support.google.com/business/answer/6397478 # Postal address. See also: https://github.com/googleapis/googleapis/blob/master/google/type/postal_address.proto
             "addressLines": [ # Unstructured address lines describing the lower levels of an address. Because values in address_lines do not have type information and may sometimes contain multiple values in a single field (e.g. "Austin, TX"), it is important that the line order is clear. The order of address lines should be "envelope order" for the country/region of the address. In places where this can vary (e.g. Japan), address_language is used to make it explicit (e.g. "ja" for large-to-small ordering and "ja-Latn" or "en" for small-to-large). This way, the most specific line of an address can be selected based on the language. The minimum permitted structural representation of an address consists of a region_code with all remaining information placed in the address_lines. It would be possible to format such an address very approximately without geocoding, but no semantic reasoning could be made about any of the address components until it was at least partially resolved. Creating an address only containing a region_code and address_lines, and then geocoding is the recommended way to handle completely unstructured addresses (as opposed to guessing which parts of the address should be localities or administrative areas).
diff --git a/docs/dyn/documentai_v1.projects.locations.processors.humanReviewConfig.html b/docs/dyn/documentai_v1.projects.locations.processors.humanReviewConfig.html
index 7ec0030c6eb..a2f22945115 100644
--- a/docs/dyn/documentai_v1.projects.locations.processors.humanReviewConfig.html
+++ b/docs/dyn/documentai_v1.projects.locations.processors.humanReviewConfig.html
@@ -110,7 +110,7 @@ 
Method Details

             "A String",
           ],
         },
-        "name": "A String", # Name of the type. It must be unique within the schema file and cannot be a 'Common Type'. Besides that we use the following naming conventions: - *use snake_casing* - name matching is case-insensitive - Maximum 64 characters. - Must start with a letter. - Allowed characters: ASCII letters [a-z0-9_-]. (For backward compatibility internal infrastructure and tooling can handle any ascii character) - The '/' is sometimes used to denote a property of a type. For example line_item/amount. This convention is deprecated, but will still be honored for backward compatibility.
+        "name": "A String", # Name of the type. It must be unique within the schema file and cannot be a 'Common Type'. Besides that we use the following naming conventions: - *use snake_casing* - name matching is case-insensitive - Maximum 64 characters. - Must start with a letter. - Allowed characters: ASCII letters `[a-z0-9_-]`. (For backward compatibility internal infrastructure and tooling can handle any ascii character) - The '/' is sometimes used to denote a property of a type. For example line_item/amount. This convention is deprecated, but will still be honored for backward compatibility.
         "properties": [ # Describing the nested structure, or composition of an entity.
           { # Defines properties that can be part of the entity type.
             "name": "A String", # The name of the property. Follows the same guidelines as the EntityType name.
@@ -136,7 +136,6 @@ 
Method Details

         "id": "A String", # Optional. Canonical id. This will be a unique value in the entity list for this document.
         "mentionId": "A String", # Optional. Deprecated. Use `id` field instead.
         "mentionText": "A String", # Optional. Text value in the document e.g. `1600 Amphitheatre Pkwy`. If the entity is not present in the document, this field will be empty.
-        "nonPresent": True or False, # Optional. This attribute indicates that the processing didn't actually identify this entity, but a confidence score was assigned that represent the potential that this could be a false negative. A non-present entity should have an empty mention_text and text_anchor.
         "normalizedValue": { # Parsed and normalized entity value. # Optional. Normalized entity value. Absent if the extracted value could not be converted or the type (e.g. address) is not supported for certain parsers. This field is also only populated for certain supported document types.
           "addressValue": { # Represents a postal address, e.g. for postal delivery or payments addresses. Given a postal address, a postal service can deliver items to a premise, P.O. Box or similar. It is not intended to model geographical locations (roads, towns, mountains). In typical usage an address would be created via user input or from importing existing data, depending on the type of process. Advice on address input / editing: - Use an internationalization-ready address widget such as https://github.com/google/libaddressinput) - Users should not be presented with UI elements for input or editing of fields outside countries where that field is used. For more guidance on how to use this schema, please see: https://support.google.com/business/answer/6397478 # Postal address. See also: https://github.com/googleapis/googleapis/blob/master/google/type/postal_address.proto
             "addressLines": [ # Unstructured address lines describing the lower levels of an address. Because values in address_lines do not have type information and may sometimes contain multiple values in a single field (e.g. "Austin, TX"), it is important that the line order is clear. The order of address lines should be "envelope order" for the country/region of the address. In places where this can vary (e.g. Japan), address_language is used to make it explicit (e.g. "ja" for large-to-small ordering and "ja-Latn" or "en" for small-to-large). This way, the most specific line of an address can be selected based on the language. The minimum permitted structural representation of an address consists of a region_code with all remaining information placed in the address_lines. It would be possible to format such an address very approximately without geocoding, but no semantic reasoning could be made about any of the address components until it was at least partially resolved. Creating an address only containing a region_code and address_lines, and then geocoding is the recommended way to handle completely unstructured addresses (as opposed to guessing which parts of the address should be localities or administrative areas).
diff --git a/docs/dyn/documentai_v1.projects.locations.processors.processorVersions.html b/docs/dyn/documentai_v1.projects.locations.processors.processorVersions.html
index 271e5472d57..1ecac9f4723 100644
--- a/docs/dyn/documentai_v1.projects.locations.processors.processorVersions.html
+++ b/docs/dyn/documentai_v1.projects.locations.processors.processorVersions.html
@@ -341,7 +341,6 @@ 
Method Details

         "id": "A String", # Optional. Canonical id. This will be a unique value in the entity list for this document.
         "mentionId": "A String", # Optional. Deprecated. Use `id` field instead.
         "mentionText": "A String", # Optional. Text value in the document e.g. `1600 Amphitheatre Pkwy`. If the entity is not present in the document, this field will be empty.
-        "nonPresent": True or False, # Optional. This attribute indicates that the processing didn't actually identify this entity, but a confidence score was assigned that represent the potential that this could be a false negative. A non-present entity should have an empty mention_text and text_anchor.
         "normalizedValue": { # Parsed and normalized entity value. # Optional. Normalized entity value. Absent if the extracted value could not be converted or the type (e.g. address) is not supported for certain parsers. This field is also only populated for certain supported document types.
           "addressValue": { # Represents a postal address, e.g. for postal delivery or payments addresses. Given a postal address, a postal service can deliver items to a premise, P.O. Box or similar. It is not intended to model geographical locations (roads, towns, mountains). In typical usage an address would be created via user input or from importing existing data, depending on the type of process. Advice on address input / editing: - Use an internationalization-ready address widget such as https://github.com/google/libaddressinput) - Users should not be presented with UI elements for input or editing of fields outside countries where that field is used. For more guidance on how to use this schema, please see: https://support.google.com/business/answer/6397478 # Postal address. See also: https://github.com/googleapis/googleapis/blob/master/google/type/postal_address.proto
             "addressLines": [ # Unstructured address lines describing the lower levels of an address. Because values in address_lines do not have type information and may sometimes contain multiple values in a single field (e.g. "Austin, TX"), it is important that the line order is clear. The order of address lines should be "envelope order" for the country/region of the address. In places where this can vary (e.g. Japan), address_language is used to make it explicit (e.g. "ja" for large-to-small ordering and "ja-Latn" or "en" for small-to-large). This way, the most specific line of an address can be selected based on the language. The minimum permitted structural representation of an address consists of a region_code with all remaining information placed in the address_lines. It would be possible to format such an address very approximately without geocoding, but no semantic reasoning could be made about any of the address components until it was at least partially resolved. Creating an address only containing a region_code and address_lines, and then geocoding is the recommended way to handle completely unstructured addresses (as opposed to guessing which parts of the address should be localities or administrative areas).
@@ -1155,7 +1154,6 @@ 
Method Details

         "id": "A String", # Optional. Canonical id. This will be a unique value in the entity list for this document.
         "mentionId": "A String", # Optional. Deprecated. Use `id` field instead.
         "mentionText": "A String", # Optional. Text value in the document e.g. `1600 Amphitheatre Pkwy`. If the entity is not present in the document, this field will be empty.
-        "nonPresent": True or False, # Optional. This attribute indicates that the processing didn't actually identify this entity, but a confidence score was assigned that represent the potential that this could be a false negative. A non-present entity should have an empty mention_text and text_anchor.
         "normalizedValue": { # Parsed and normalized entity value. # Optional. Normalized entity value. Absent if the extracted value could not be converted or the type (e.g. address) is not supported for certain parsers. This field is also only populated for certain supported document types.
           "addressValue": { # Represents a postal address, e.g. for postal delivery or payments addresses. Given a postal address, a postal service can deliver items to a premise, P.O. Box or similar. It is not intended to model geographical locations (roads, towns, mountains). In typical usage an address would be created via user input or from importing existing data, depending on the type of process. Advice on address input / editing: - Use an internationalization-ready address widget such as https://github.com/google/libaddressinput) - Users should not be presented with UI elements for input or editing of fields outside countries where that field is used. For more guidance on how to use this schema, please see: https://support.google.com/business/answer/6397478 # Postal address. See also: https://github.com/googleapis/googleapis/blob/master/google/type/postal_address.proto
             "addressLines": [ # Unstructured address lines describing the lower levels of an address. Because values in address_lines do not have type information and may sometimes contain multiple values in a single field (e.g. "Austin, TX"), it is important that the line order is clear. The order of address lines should be "envelope order" for the country/region of the address. In places where this can vary (e.g. Japan), address_language is used to make it explicit (e.g. "ja" for large-to-small ordering and "ja-Latn" or "en" for small-to-large). This way, the most specific line of an address can be selected based on the language. The minimum permitted structural representation of an address consists of a region_code with all remaining information placed in the address_lines. It would be possible to format such an address very approximately without geocoding, but no semantic reasoning could be made about any of the address components until it was at least partially resolved. Creating an address only containing a region_code and address_lines, and then geocoding is the recommended way to handle completely unstructured addresses (as opposed to guessing which parts of the address should be localities or administrative areas).
diff --git a/docs/dyn/documentai_v1beta2.projects.documents.html b/docs/dyn/documentai_v1beta2.projects.documents.html
index 5da0b06d364..29d41e75658 100644
--- a/docs/dyn/documentai_v1beta2.projects.documents.html
+++ b/docs/dyn/documentai_v1beta2.projects.documents.html
@@ -292,7 +292,6 @@ 
Method Details

       "id": "A String", # Optional. Canonical id. This will be a unique value in the entity list for this document.
       "mentionId": "A String", # Optional. Deprecated. Use `id` field instead.
       "mentionText": "A String", # Optional. Text value in the document e.g. `1600 Amphitheatre Pkwy`. If the entity is not present in the document, this field will be empty.
-      "nonPresent": True or False, # Optional. This attribute indicates that the processing didn't actually identify this entity, but a confidence score was assigned that represent the potential that this could be a false negative. A non-present entity should have an empty mention_text and text_anchor.
       "normalizedValue": { # Parsed and normalized entity value. # Optional. Normalized entity value. Absent if the extracted value could not be converted or the type (e.g. address) is not supported for certain parsers. This field is also only populated for certain supported document types.
         "addressValue": { # Represents a postal address, e.g. for postal delivery or payments addresses. Given a postal address, a postal service can deliver items to a premise, P.O. Box or similar. It is not intended to model geographical locations (roads, towns, mountains). In typical usage an address would be created via user input or from importing existing data, depending on the type of process. Advice on address input / editing: - Use an internationalization-ready address widget such as https://github.com/google/libaddressinput) - Users should not be presented with UI elements for input or editing of fields outside countries where that field is used. For more guidance on how to use this schema, please see: https://support.google.com/business/answer/6397478 # Postal address. See also: https://github.com/googleapis/googleapis/blob/master/google/type/postal_address.proto
           "addressLines": [ # Unstructured address lines describing the lower levels of an address. Because values in address_lines do not have type information and may sometimes contain multiple values in a single field (e.g. "Austin, TX"), it is important that the line order is clear. The order of address lines should be "envelope order" for the country/region of the address. In places where this can vary (e.g. Japan), address_language is used to make it explicit (e.g. "ja" for large-to-small ordering and "ja-Latn" or "en" for small-to-large). This way, the most specific line of an address can be selected based on the language. The minimum permitted structural representation of an address consists of a region_code with all remaining information placed in the address_lines. It would be possible to format such an address very approximately without geocoding, but no semantic reasoning could be made about any of the address components until it was at least partially resolved. Creating an address only containing a region_code and address_lines, and then geocoding is the recommended way to handle completely unstructured addresses (as opposed to guessing which parts of the address should be localities or administrative areas).
diff --git a/docs/dyn/documentai_v1beta2.projects.locations.documents.html b/docs/dyn/documentai_v1beta2.projects.locations.documents.html
index bba3ae87ece..9c7e10c6c60 100644
--- a/docs/dyn/documentai_v1beta2.projects.locations.documents.html
+++ b/docs/dyn/documentai_v1beta2.projects.locations.documents.html
@@ -292,7 +292,6 @@ 
Method Details

       "id": "A String", # Optional. Canonical id. This will be a unique value in the entity list for this document.
       "mentionId": "A String", # Optional. Deprecated. Use `id` field instead.
       "mentionText": "A String", # Optional. Text value in the document e.g. `1600 Amphitheatre Pkwy`. If the entity is not present in the document, this field will be empty.
-      "nonPresent": True or False, # Optional. This attribute indicates that the processing didn't actually identify this entity, but a confidence score was assigned that represent the potential that this could be a false negative. A non-present entity should have an empty mention_text and text_anchor.
       "normalizedValue": { # Parsed and normalized entity value. # Optional. Normalized entity value. Absent if the extracted value could not be converted or the type (e.g. address) is not supported for certain parsers. This field is also only populated for certain supported document types.
         "addressValue": { # Represents a postal address, e.g. for postal delivery or payments addresses. Given a postal address, a postal service can deliver items to a premise, P.O. Box or similar. It is not intended to model geographical locations (roads, towns, mountains). In typical usage an address would be created via user input or from importing existing data, depending on the type of process. Advice on address input / editing: - Use an internationalization-ready address widget such as https://github.com/google/libaddressinput) - Users should not be presented with UI elements for input or editing of fields outside countries where that field is used. For more guidance on how to use this schema, please see: https://support.google.com/business/answer/6397478 # Postal address. See also: https://github.com/googleapis/googleapis/blob/master/google/type/postal_address.proto
           "addressLines": [ # Unstructured address lines describing the lower levels of an address. Because values in address_lines do not have type information and may sometimes contain multiple values in a single field (e.g. "Austin, TX"), it is important that the line order is clear. The order of address lines should be "envelope order" for the country/region of the address. In places where this can vary (e.g. Japan), address_language is used to make it explicit (e.g. "ja" for large-to-small ordering and "ja-Latn" or "en" for small-to-large). This way, the most specific line of an address can be selected based on the language. The minimum permitted structural representation of an address consists of a region_code with all remaining information placed in the address_lines. It would be possible to format such an address very approximately without geocoding, but no semantic reasoning could be made about any of the address components until it was at least partially resolved. Creating an address only containing a region_code and address_lines, and then geocoding is the recommended way to handle completely unstructured addresses (as opposed to guessing which parts of the address should be localities or administrative areas).
diff --git a/docs/dyn/documentai_v1beta3.projects.locations.processors.html b/docs/dyn/documentai_v1beta3.projects.locations.processors.html
index cb1511c4e8e..04672f542a5 100644
--- a/docs/dyn/documentai_v1beta3.projects.locations.processors.html
+++ b/docs/dyn/documentai_v1beta3.projects.locations.processors.html
@@ -440,7 +440,6 @@ 
Method Details

         "id": "A String", # Optional. Canonical id. This will be a unique value in the entity list for this document.
         "mentionId": "A String", # Optional. Deprecated. Use `id` field instead.
         "mentionText": "A String", # Optional. Text value in the document e.g. `1600 Amphitheatre Pkwy`. If the entity is not present in the document, this field will be empty.
-        "nonPresent": True or False, # Optional. This attribute indicates that the processing didn't actually identify this entity, but a confidence score was assigned that represent the potential that this could be a false negative. A non-present entity should have an empty mention_text and text_anchor.
         "normalizedValue": { # Parsed and normalized entity value. # Optional. Normalized entity value. Absent if the extracted value could not be converted or the type (e.g. address) is not supported for certain parsers. This field is also only populated for certain supported document types.
           "addressValue": { # Represents a postal address, e.g. for postal delivery or payments addresses. Given a postal address, a postal service can deliver items to a premise, P.O. Box or similar. It is not intended to model geographical locations (roads, towns, mountains). In typical usage an address would be created via user input or from importing existing data, depending on the type of process. Advice on address input / editing: - Use an internationalization-ready address widget such as https://github.com/google/libaddressinput) - Users should not be presented with UI elements for input or editing of fields outside countries where that field is used. For more guidance on how to use this schema, please see: https://support.google.com/business/answer/6397478 # Postal address. See also: https://github.com/googleapis/googleapis/blob/master/google/type/postal_address.proto
             "addressLines": [ # Unstructured address lines describing the lower levels of an address. Because values in address_lines do not have type information and may sometimes contain multiple values in a single field (e.g. "Austin, TX"), it is important that the line order is clear. The order of address lines should be "envelope order" for the country/region of the address. In places where this can vary (e.g. Japan), address_language is used to make it explicit (e.g. "ja" for large-to-small ordering and "ja-Latn" or "en" for small-to-large). This way, the most specific line of an address can be selected based on the language. The minimum permitted structural representation of an address consists of a region_code with all remaining information placed in the address_lines. It would be possible to format such an address very approximately without geocoding, but no semantic reasoning could be made about any of the address components until it was at least partially resolved. Creating an address only containing a region_code and address_lines, and then geocoding is the recommended way to handle completely unstructured addresses (as opposed to guessing which parts of the address should be localities or administrative areas).
@@ -1239,7 +1238,6 @@ 
Method Details

         "id": "A String", # Optional. Canonical id. This will be a unique value in the entity list for this document.
         "mentionId": "A String", # Optional. Deprecated. Use `id` field instead.
         "mentionText": "A String", # Optional. Text value in the document e.g. `1600 Amphitheatre Pkwy`. If the entity is not present in the document, this field will be empty.
-        "nonPresent": True or False, # Optional. This attribute indicates that the processing didn't actually identify this entity, but a confidence score was assigned that represent the potential that this could be a false negative. A non-present entity should have an empty mention_text and text_anchor.
         "normalizedValue": { # Parsed and normalized entity value. # Optional. Normalized entity value. Absent if the extracted value could not be converted or the type (e.g. address) is not supported for certain parsers. This field is also only populated for certain supported document types.
           "addressValue": { # Represents a postal address, e.g. for postal delivery or payments addresses. Given a postal address, a postal service can deliver items to a premise, P.O. Box or similar. It is not intended to model geographical locations (roads, towns, mountains). In typical usage an address would be created via user input or from importing existing data, depending on the type of process. Advice on address input / editing: - Use an internationalization-ready address widget such as https://github.com/google/libaddressinput) - Users should not be presented with UI elements for input or editing of fields outside countries where that field is used. For more guidance on how to use this schema, please see: https://support.google.com/business/answer/6397478 # Postal address. See also: https://github.com/googleapis/googleapis/blob/master/google/type/postal_address.proto
             "addressLines": [ # Unstructured address lines describing the lower levels of an address. Because values in address_lines do not have type information and may sometimes contain multiple values in a single field (e.g. "Austin, TX"), it is important that the line order is clear. The order of address lines should be "envelope order" for the country/region of the address. In places where this can vary (e.g. Japan), address_language is used to make it explicit (e.g. "ja" for large-to-small ordering and "ja-Latn" or "en" for small-to-large). This way, the most specific line of an address can be selected based on the language. The minimum permitted structural representation of an address consists of a region_code with all remaining information placed in the address_lines. It would be possible to format such an address very approximately without geocoding, but no semantic reasoning could be made about any of the address components until it was at least partially resolved. Creating an address only containing a region_code and address_lines, and then geocoding is the recommended way to handle completely unstructured addresses (as opposed to guessing which parts of the address should be localities or administrative areas).
@@ -2053,7 +2051,6 @@ 
Method Details

         "id": "A String", # Optional. Canonical id. This will be a unique value in the entity list for this document.
         "mentionId": "A String", # Optional. Deprecated. Use `id` field instead.
         "mentionText": "A String", # Optional. Text value in the document e.g. `1600 Amphitheatre Pkwy`. If the entity is not present in the document, this field will be empty.
-        "nonPresent": True or False, # Optional. This attribute indicates that the processing didn't actually identify this entity, but a confidence score was assigned that represent the potential that this could be a false negative. A non-present entity should have an empty mention_text and text_anchor.
         "normalizedValue": { # Parsed and normalized entity value. # Optional. Normalized entity value. Absent if the extracted value could not be converted or the type (e.g. address) is not supported for certain parsers. This field is also only populated for certain supported document types.
           "addressValue": { # Represents a postal address, e.g. for postal delivery or payments addresses. Given a postal address, a postal service can deliver items to a premise, P.O. Box or similar. It is not intended to model geographical locations (roads, towns, mountains). In typical usage an address would be created via user input or from importing existing data, depending on the type of process. Advice on address input / editing: - Use an internationalization-ready address widget such as https://github.com/google/libaddressinput) - Users should not be presented with UI elements for input or editing of fields outside countries where that field is used. For more guidance on how to use this schema, please see: https://support.google.com/business/answer/6397478 # Postal address. See also: https://github.com/googleapis/googleapis/blob/master/google/type/postal_address.proto
             "addressLines": [ # Unstructured address lines describing the lower levels of an address. Because values in address_lines do not have type information and may sometimes contain multiple values in a single field (e.g. "Austin, TX"), it is important that the line order is clear. The order of address lines should be "envelope order" for the country/region of the address. In places where this can vary (e.g. Japan), address_language is used to make it explicit (e.g. "ja" for large-to-small ordering and "ja-Latn" or "en" for small-to-large). This way, the most specific line of an address can be selected based on the language. The minimum permitted structural representation of an address consists of a region_code with all remaining information placed in the address_lines. It would be possible to format such an address very approximately without geocoding, but no semantic reasoning could be made about any of the address components until it was at least partially resolved. Creating an address only containing a region_code and address_lines, and then geocoding is the recommended way to handle completely unstructured addresses (as opposed to guessing which parts of the address should be localities or administrative areas).
diff --git a/docs/dyn/documentai_v1beta3.projects.locations.processors.humanReviewConfig.html b/docs/dyn/documentai_v1beta3.projects.locations.processors.humanReviewConfig.html
index 4dc1a808a6c..2617b0fc18b 100644
--- a/docs/dyn/documentai_v1beta3.projects.locations.processors.humanReviewConfig.html
+++ b/docs/dyn/documentai_v1beta3.projects.locations.processors.humanReviewConfig.html
@@ -104,7 +104,6 @@ 
Method Details

         "id": "A String", # Optional. Canonical id. This will be a unique value in the entity list for this document.
         "mentionId": "A String", # Optional. Deprecated. Use `id` field instead.
         "mentionText": "A String", # Optional. Text value in the document e.g. `1600 Amphitheatre Pkwy`. If the entity is not present in the document, this field will be empty.
-        "nonPresent": True or False, # Optional. This attribute indicates that the processing didn't actually identify this entity, but a confidence score was assigned that represent the potential that this could be a false negative. A non-present entity should have an empty mention_text and text_anchor.
         "normalizedValue": { # Parsed and normalized entity value. # Optional. Normalized entity value. Absent if the extracted value could not be converted or the type (e.g. address) is not supported for certain parsers. This field is also only populated for certain supported document types.
           "addressValue": { # Represents a postal address, e.g. for postal delivery or payments addresses. Given a postal address, a postal service can deliver items to a premise, P.O. Box or similar. It is not intended to model geographical locations (roads, towns, mountains). In typical usage an address would be created via user input or from importing existing data, depending on the type of process. Advice on address input / editing: - Use an internationalization-ready address widget such as https://github.com/google/libaddressinput) - Users should not be presented with UI elements for input or editing of fields outside countries where that field is used. For more guidance on how to use this schema, please see: https://support.google.com/business/answer/6397478 # Postal address. See also: https://github.com/googleapis/googleapis/blob/master/google/type/postal_address.proto
             "addressLines": [ # Unstructured address lines describing the lower levels of an address. Because values in address_lines do not have type information and may sometimes contain multiple values in a single field (e.g. "Austin, TX"), it is important that the line order is clear. The order of address lines should be "envelope order" for the country/region of the address. In places where this can vary (e.g. Japan), address_language is used to make it explicit (e.g. "ja" for large-to-small ordering and "ja-Latn" or "en" for small-to-large). This way, the most specific line of an address can be selected based on the language. The minimum permitted structural representation of an address consists of a region_code with all remaining information placed in the address_lines. It would be possible to format such an address very approximately without geocoding, but no semantic reasoning could be made about any of the address components until it was at least partially resolved. Creating an address only containing a region_code and address_lines, and then geocoding is the recommended way to handle completely unstructured addresses (as opposed to guessing which parts of the address should be localities or administrative areas).
@@ -908,7 +907,7 @@ 
Method Details

             "A String",
           ],
         },
-        "name": "A String", # Name of the type. It must be unique within the schema file and cannot be a 'Common Type'. Besides that we use the following naming conventions: - *use snake_casing* - name matching is case-insensitive - Maximum 64 characters. - Must start with a letter. - Allowed characters: ASCII letters [a-z0-9_-]. (For backward compatibility internal infrastructure and tooling can handle any ascii character) - The '/' is sometimes used to denote a property of a type. For example line_item/amount. This convention is deprecated, but will still be honored for backward compatibility.
+        "name": "A String", # Name of the type. It must be unique within the schema file and cannot be a 'Common Type'. Besides that we use the following naming conventions: - *use snake_casing* - name matching is case-insensitive - Maximum 64 characters. - Must start with a letter. - Allowed characters: ASCII letters `[a-z0-9_-]`. (For backward compatibility internal infrastructure and tooling can handle any ascii character) - The '/' is sometimes used to denote a property of a type. For example line_item/amount. This convention is deprecated, but will still be honored for backward compatibility.
         "properties": [ # Describing the nested structure, or composition of an entity.
           { # Defines properties that can be part of the entity type.
             "name": "A String", # The name of the property. Follows the same guidelines as the EntityType name.
@@ -934,7 +933,6 @@ 
Method Details

         "id": "A String", # Optional. Canonical id. This will be a unique value in the entity list for this document.
         "mentionId": "A String", # Optional. Deprecated. Use `id` field instead.
         "mentionText": "A String", # Optional. Text value in the document e.g. `1600 Amphitheatre Pkwy`. If the entity is not present in the document, this field will be empty.
-        "nonPresent": True or False, # Optional. This attribute indicates that the processing didn't actually identify this entity, but a confidence score was assigned that represent the potential that this could be a false negative. A non-present entity should have an empty mention_text and text_anchor.
         "normalizedValue": { # Parsed and normalized entity value. # Optional. Normalized entity value. Absent if the extracted value could not be converted or the type (e.g. address) is not supported for certain parsers. This field is also only populated for certain supported document types.
           "addressValue": { # Represents a postal address, e.g. for postal delivery or payments addresses. Given a postal address, a postal service can deliver items to a premise, P.O. Box or similar. It is not intended to model geographical locations (roads, towns, mountains). In typical usage an address would be created via user input or from importing existing data, depending on the type of process. Advice on address input / editing: - Use an internationalization-ready address widget such as https://github.com/google/libaddressinput) - Users should not be presented with UI elements for input or editing of fields outside countries where that field is used. For more guidance on how to use this schema, please see: https://support.google.com/business/answer/6397478 # Postal address. See also: https://github.com/googleapis/googleapis/blob/master/google/type/postal_address.proto
             "addressLines": [ # Unstructured address lines describing the lower levels of an address. Because values in address_lines do not have type information and may sometimes contain multiple values in a single field (e.g. "Austin, TX"), it is important that the line order is clear. The order of address lines should be "envelope order" for the country/region of the address. In places where this can vary (e.g. Japan), address_language is used to make it explicit (e.g. "ja" for large-to-small ordering and "ja-Latn" or "en" for small-to-large). This way, the most specific line of an address can be selected based on the language. The minimum permitted structural representation of an address consists of a region_code with all remaining information placed in the address_lines. It would be possible to format such an address very approximately without geocoding, but no semantic reasoning could be made about any of the address components until it was at least partially resolved. Creating an address only containing a region_code and address_lines, and then geocoding is the recommended way to handle completely unstructured addresses (as opposed to guessing which parts of the address should be localities or administrative areas).
diff --git a/docs/dyn/documentai_v1beta3.projects.locations.processors.processorVersions.html b/docs/dyn/documentai_v1beta3.projects.locations.processors.processorVersions.html
index 71a98864fa0..586ded38bbf 100644
--- a/docs/dyn/documentai_v1beta3.projects.locations.processors.processorVersions.html
+++ b/docs/dyn/documentai_v1beta3.projects.locations.processors.processorVersions.html
@@ -349,7 +349,6 @@ 
Method Details

         "id": "A String", # Optional. Canonical id. This will be a unique value in the entity list for this document.
         "mentionId": "A String", # Optional. Deprecated. Use `id` field instead.
         "mentionText": "A String", # Optional. Text value in the document e.g. `1600 Amphitheatre Pkwy`. If the entity is not present in the document, this field will be empty.
-        "nonPresent": True or False, # Optional. This attribute indicates that the processing didn't actually identify this entity, but a confidence score was assigned that represent the potential that this could be a false negative. A non-present entity should have an empty mention_text and text_anchor.
         "normalizedValue": { # Parsed and normalized entity value. # Optional. Normalized entity value. Absent if the extracted value could not be converted or the type (e.g. address) is not supported for certain parsers. This field is also only populated for certain supported document types.
           "addressValue": { # Represents a postal address, e.g. for postal delivery or payments addresses. Given a postal address, a postal service can deliver items to a premise, P.O. Box or similar. It is not intended to model geographical locations (roads, towns, mountains). In typical usage an address would be created via user input or from importing existing data, depending on the type of process. Advice on address input / editing: - Use an internationalization-ready address widget such as https://github.com/google/libaddressinput) - Users should not be presented with UI elements for input or editing of fields outside countries where that field is used. For more guidance on how to use this schema, please see: https://support.google.com/business/answer/6397478 # Postal address. See also: https://github.com/googleapis/googleapis/blob/master/google/type/postal_address.proto
             "addressLines": [ # Unstructured address lines describing the lower levels of an address. Because values in address_lines do not have type information and may sometimes contain multiple values in a single field (e.g. "Austin, TX"), it is important that the line order is clear. The order of address lines should be "envelope order" for the country/region of the address. In places where this can vary (e.g. Japan), address_language is used to make it explicit (e.g. "ja" for large-to-small ordering and "ja-Latn" or "en" for small-to-large). This way, the most specific line of an address can be selected based on the language. The minimum permitted structural representation of an address consists of a region_code with all remaining information placed in the address_lines. It would be possible to format such an address very approximately without geocoding, but no semantic reasoning could be made about any of the address components until it was at least partially resolved. Creating an address only containing a region_code and address_lines, and then geocoding is the recommended way to handle completely unstructured addresses (as opposed to guessing which parts of the address should be localities or administrative areas).
@@ -1148,7 +1147,6 @@ 
Method Details

         "id": "A String", # Optional. Canonical id. This will be a unique value in the entity list for this document.
         "mentionId": "A String", # Optional. Deprecated. Use `id` field instead.
         "mentionText": "A String", # Optional. Text value in the document e.g. `1600 Amphitheatre Pkwy`. If the entity is not present in the document, this field will be empty.
-        "nonPresent": True or False, # Optional. This attribute indicates that the processing didn't actually identify this entity, but a confidence score was assigned that represent the potential that this could be a false negative. A non-present entity should have an empty mention_text and text_anchor.
         "normalizedValue": { # Parsed and normalized entity value. # Optional. Normalized entity value. Absent if the extracted value could not be converted or the type (e.g. address) is not supported for certain parsers. This field is also only populated for certain supported document types.
           "addressValue": { # Represents a postal address, e.g. for postal delivery or payments addresses. Given a postal address, a postal service can deliver items to a premise, P.O. Box or similar. It is not intended to model geographical locations (roads, towns, mountains). In typical usage an address would be created via user input or from importing existing data, depending on the type of process. Advice on address input / editing: - Use an internationalization-ready address widget such as https://github.com/google/libaddressinput) - Users should not be presented with UI elements for input or editing of fields outside countries where that field is used. For more guidance on how to use this schema, please see: https://support.google.com/business/answer/6397478 # Postal address. See also: https://github.com/googleapis/googleapis/blob/master/google/type/postal_address.proto
             "addressLines": [ # Unstructured address lines describing the lower levels of an address. Because values in address_lines do not have type information and may sometimes contain multiple values in a single field (e.g. "Austin, TX"), it is important that the line order is clear. The order of address lines should be "envelope order" for the country/region of the address. In places where this can vary (e.g. Japan), address_language is used to make it explicit (e.g. "ja" for large-to-small ordering and "ja-Latn" or "en" for small-to-large). This way, the most specific line of an address can be selected based on the language. The minimum permitted structural representation of an address consists of a region_code with all remaining information placed in the address_lines. It would be possible to format such an address very approximately without geocoding, but no semantic reasoning could be made about any of the address components until it was at least partially resolved. Creating an address only containing a region_code and address_lines, and then geocoding is the recommended way to handle completely unstructured addresses (as opposed to guessing which parts of the address should be localities or administrative areas).
@@ -1962,7 +1960,6 @@ 
Method Details

         "id": "A String", # Optional. Canonical id. This will be a unique value in the entity list for this document.
         "mentionId": "A String", # Optional. Deprecated. Use `id` field instead.
         "mentionText": "A String", # Optional. Text value in the document e.g. `1600 Amphitheatre Pkwy`. If the entity is not present in the document, this field will be empty.
-        "nonPresent": True or False, # Optional. This attribute indicates that the processing didn't actually identify this entity, but a confidence score was assigned that represent the potential that this could be a false negative. A non-present entity should have an empty mention_text and text_anchor.
         "normalizedValue": { # Parsed and normalized entity value. # Optional. Normalized entity value. Absent if the extracted value could not be converted or the type (e.g. address) is not supported for certain parsers. This field is also only populated for certain supported document types.
           "addressValue": { # Represents a postal address, e.g. for postal delivery or payments addresses. Given a postal address, a postal service can deliver items to a premise, P.O. Box or similar. It is not intended to model geographical locations (roads, towns, mountains). In typical usage an address would be created via user input or from importing existing data, depending on the type of process. Advice on address input / editing: - Use an internationalization-ready address widget such as https://github.com/google/libaddressinput) - Users should not be presented with UI elements for input or editing of fields outside countries where that field is used. For more guidance on how to use this schema, please see: https://support.google.com/business/answer/6397478 # Postal address. See also: https://github.com/googleapis/googleapis/blob/master/google/type/postal_address.proto
             "addressLines": [ # Unstructured address lines describing the lower levels of an address. Because values in address_lines do not have type information and may sometimes contain multiple values in a single field (e.g. "Austin, TX"), it is important that the line order is clear. The order of address lines should be "envelope order" for the country/region of the address. In places where this can vary (e.g. Japan), address_language is used to make it explicit (e.g. "ja" for large-to-small ordering and "ja-Latn" or "en" for small-to-large). This way, the most specific line of an address can be selected based on the language. The minimum permitted structural representation of an address consists of a region_code with all remaining information placed in the address_lines. It would be possible to format such an address very approximately without geocoding, but no semantic reasoning could be made about any of the address components until it was at least partially resolved. Creating an address only containing a region_code and address_lines, and then geocoding is the recommended way to handle completely unstructured addresses (as opposed to guessing which parts of the address should be localities or administrative areas).
diff --git a/docs/dyn/drive_v2.changes.html b/docs/dyn/drive_v2.changes.html
index e6008747c9b..68b5aacf9e7 100644
--- a/docs/dyn/drive_v2.changes.html
+++ b/docs/dyn/drive_v2.changes.html
@@ -469,6 +469,8 @@ 
Method Details

     "quotaBytesUsed": "A String", # The number of quota bytes used by this file.
     "resourceKey": "A String", # A key needed to access the item via a shared link.
     "selfLink": "A String", # A link back to this file.
+    "sha1Checksum": "A String", # The SHA1 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
+    "sha256Checksum": "A String", # The SHA256 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
     "shareable": True or False, # Deprecated: use capabilities/canShare.
     "shared": True or False, # Whether the file has been shared. Not populated for items in shared drives.
     "sharedWithMeDate": "A String", # Time at which this file was shared with the user (formatted RFC 3339 timestamp).
@@ -1040,6 +1042,8 @@ 
Method Details

         "quotaBytesUsed": "A String", # The number of quota bytes used by this file.
         "resourceKey": "A String", # A key needed to access the item via a shared link.
         "selfLink": "A String", # A link back to this file.
+        "sha1Checksum": "A String", # The SHA1 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
+        "sha256Checksum": "A String", # The SHA256 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
         "shareable": True or False, # Deprecated: use capabilities/canShare.
         "shared": True or False, # Whether the file has been shared. Not populated for items in shared drives.
         "sharedWithMeDate": "A String", # Time at which this file was shared with the user (formatted RFC 3339 timestamp).
diff --git a/docs/dyn/drive_v2.files.html b/docs/dyn/drive_v2.files.html
index 61fc17c1ac4..93d322f003c 100644
--- a/docs/dyn/drive_v2.files.html
+++ b/docs/dyn/drive_v2.files.html
@@ -464,6 +464,8 @@ 
Method Details

   "quotaBytesUsed": "A String", # The number of quota bytes used by this file.
   "resourceKey": "A String", # A key needed to access the item via a shared link.
   "selfLink": "A String", # A link back to this file.
+  "sha1Checksum": "A String", # The SHA1 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
+  "sha256Checksum": "A String", # The SHA256 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
   "shareable": True or False, # Deprecated: use capabilities/canShare.
   "shared": True or False, # Whether the file has been shared. Not populated for items in shared drives.
   "sharedWithMeDate": "A String", # Time at which this file was shared with the user (formatted RFC 3339 timestamp).
@@ -907,6 +909,8 @@ 
Method Details

   "quotaBytesUsed": "A String", # The number of quota bytes used by this file.
   "resourceKey": "A String", # A key needed to access the item via a shared link.
   "selfLink": "A String", # A link back to this file.
+  "sha1Checksum": "A String", # The SHA1 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
+  "sha256Checksum": "A String", # The SHA256 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
   "shareable": True or False, # Deprecated: use capabilities/canShare.
   "shared": True or False, # Whether the file has been shared. Not populated for items in shared drives.
   "sharedWithMeDate": "A String", # Time at which this file was shared with the user (formatted RFC 3339 timestamp).
@@ -1415,6 +1419,8 @@ 
Method Details

   "quotaBytesUsed": "A String", # The number of quota bytes used by this file.
   "resourceKey": "A String", # A key needed to access the item via a shared link.
   "selfLink": "A String", # A link back to this file.
+  "sha1Checksum": "A String", # The SHA1 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
+  "sha256Checksum": "A String", # The SHA256 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
   "shareable": True or False, # Deprecated: use capabilities/canShare.
   "shared": True or False, # Whether the file has been shared. Not populated for items in shared drives.
   "sharedWithMeDate": "A String", # Time at which this file was shared with the user (formatted RFC 3339 timestamp).
@@ -1872,6 +1878,8 @@ 
Method Details

   "quotaBytesUsed": "A String", # The number of quota bytes used by this file.
   "resourceKey": "A String", # A key needed to access the item via a shared link.
   "selfLink": "A String", # A link back to this file.
+  "sha1Checksum": "A String", # The SHA1 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
+  "sha256Checksum": "A String", # The SHA256 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
   "shareable": True or False, # Deprecated: use capabilities/canShare.
   "shared": True or False, # Whether the file has been shared. Not populated for items in shared drives.
   "sharedWithMeDate": "A String", # Time at which this file was shared with the user (formatted RFC 3339 timestamp).
@@ -2318,6 +2326,8 @@ 
Method Details

   "quotaBytesUsed": "A String", # The number of quota bytes used by this file.
   "resourceKey": "A String", # A key needed to access the item via a shared link.
   "selfLink": "A String", # A link back to this file.
+  "sha1Checksum": "A String", # The SHA1 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
+  "sha256Checksum": "A String", # The SHA256 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
   "shareable": True or False, # Deprecated: use capabilities/canShare.
   "shared": True or False, # Whether the file has been shared. Not populated for items in shared drives.
   "sharedWithMeDate": "A String", # Time at which this file was shared with the user (formatted RFC 3339 timestamp).
@@ -2778,6 +2788,8 @@ 
Method Details

       "quotaBytesUsed": "A String", # The number of quota bytes used by this file.
       "resourceKey": "A String", # A key needed to access the item via a shared link.
       "selfLink": "A String", # A link back to this file.
+      "sha1Checksum": "A String", # The SHA1 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
+      "sha256Checksum": "A String", # The SHA256 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
       "shareable": True or False, # Deprecated: use capabilities/canShare.
       "shared": True or False, # Whether the file has been shared. Not populated for items in shared drives.
       "sharedWithMeDate": "A String", # Time at which this file was shared with the user (formatted RFC 3339 timestamp).
@@ -3401,6 +3413,8 @@ 
Method Details

   "quotaBytesUsed": "A String", # The number of quota bytes used by this file.
   "resourceKey": "A String", # A key needed to access the item via a shared link.
   "selfLink": "A String", # A link back to this file.
+  "sha1Checksum": "A String", # The SHA1 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
+  "sha256Checksum": "A String", # The SHA256 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
   "shareable": True or False, # Deprecated: use capabilities/canShare.
   "shared": True or False, # Whether the file has been shared. Not populated for items in shared drives.
   "sharedWithMeDate": "A String", # Time at which this file was shared with the user (formatted RFC 3339 timestamp).
@@ -3854,6 +3868,8 @@ 
Method Details

   "quotaBytesUsed": "A String", # The number of quota bytes used by this file.
   "resourceKey": "A String", # A key needed to access the item via a shared link.
   "selfLink": "A String", # A link back to this file.
+  "sha1Checksum": "A String", # The SHA1 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
+  "sha256Checksum": "A String", # The SHA256 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
   "shareable": True or False, # Deprecated: use capabilities/canShare.
   "shared": True or False, # Whether the file has been shared. Not populated for items in shared drives.
   "sharedWithMeDate": "A String", # Time at which this file was shared with the user (formatted RFC 3339 timestamp).
@@ -4293,6 +4309,8 @@ 
Method Details

   "quotaBytesUsed": "A String", # The number of quota bytes used by this file.
   "resourceKey": "A String", # A key needed to access the item via a shared link.
   "selfLink": "A String", # A link back to this file.
+  "sha1Checksum": "A String", # The SHA1 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
+  "sha256Checksum": "A String", # The SHA256 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
   "shareable": True or False, # Deprecated: use capabilities/canShare.
   "shared": True or False, # Whether the file has been shared. Not populated for items in shared drives.
   "sharedWithMeDate": "A String", # Time at which this file was shared with the user (formatted RFC 3339 timestamp).
@@ -4732,6 +4750,8 @@ 
Method Details

   "quotaBytesUsed": "A String", # The number of quota bytes used by this file.
   "resourceKey": "A String", # A key needed to access the item via a shared link.
   "selfLink": "A String", # A link back to this file.
+  "sha1Checksum": "A String", # The SHA1 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
+  "sha256Checksum": "A String", # The SHA256 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
   "shareable": True or False, # Deprecated: use capabilities/canShare.
   "shared": True or False, # Whether the file has been shared. Not populated for items in shared drives.
   "sharedWithMeDate": "A String", # Time at which this file was shared with the user (formatted RFC 3339 timestamp).
@@ -5171,6 +5191,8 @@ 
Method Details

   "quotaBytesUsed": "A String", # The number of quota bytes used by this file.
   "resourceKey": "A String", # A key needed to access the item via a shared link.
   "selfLink": "A String", # A link back to this file.
+  "sha1Checksum": "A String", # The SHA1 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
+  "sha256Checksum": "A String", # The SHA256 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
   "shareable": True or False, # Deprecated: use capabilities/canShare.
   "shared": True or False, # Whether the file has been shared. Not populated for items in shared drives.
   "sharedWithMeDate": "A String", # Time at which this file was shared with the user (formatted RFC 3339 timestamp).
@@ -5605,6 +5627,8 @@ 
Method Details

   "quotaBytesUsed": "A String", # The number of quota bytes used by this file.
   "resourceKey": "A String", # A key needed to access the item via a shared link.
   "selfLink": "A String", # A link back to this file.
+  "sha1Checksum": "A String", # The SHA1 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
+  "sha256Checksum": "A String", # The SHA256 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
   "shareable": True or False, # Deprecated: use capabilities/canShare.
   "shared": True or False, # Whether the file has been shared. Not populated for items in shared drives.
   "sharedWithMeDate": "A String", # Time at which this file was shared with the user (formatted RFC 3339 timestamp).
@@ -6060,6 +6084,8 @@ 
Method Details

   "quotaBytesUsed": "A String", # The number of quota bytes used by this file.
   "resourceKey": "A String", # A key needed to access the item via a shared link.
   "selfLink": "A String", # A link back to this file.
+  "sha1Checksum": "A String", # The SHA1 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
+  "sha256Checksum": "A String", # The SHA256 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
   "shareable": True or False, # Deprecated: use capabilities/canShare.
   "shared": True or False, # Whether the file has been shared. Not populated for items in shared drives.
   "sharedWithMeDate": "A String", # Time at which this file was shared with the user (formatted RFC 3339 timestamp).
diff --git a/docs/dyn/drive_v3.changes.html b/docs/dyn/drive_v3.changes.html
index 26a0e2cf4d2..5dc571664e2 100644
--- a/docs/dyn/drive_v3.changes.html
+++ b/docs/dyn/drive_v3.changes.html
@@ -447,6 +447,8 @@ 
Method Details

         },
         "quotaBytesUsed": "A String", # The number of storage quota bytes used by the file. This includes the head revision as well as previous revisions with keepForever enabled.
         "resourceKey": "A String", # A key needed to access the item via a shared link.
+        "sha1Checksum": "A String", # The SHA1 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
+        "sha256Checksum": "A String", # The SHA256 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
         "shared": True or False, # Whether the file has been shared. Not populated for items in shared drives.
         "sharedWithMeTime": "A String", # The time at which the file was shared with the user, if applicable (RFC 3339 date-time).
         "sharingUser": { # Information about a Drive user. # The user who shared the file with the requesting user, if applicable.
diff --git a/docs/dyn/drive_v3.files.html b/docs/dyn/drive_v3.files.html
index cafe0af0419..8772e69cbb2 100644
--- a/docs/dyn/drive_v3.files.html
+++ b/docs/dyn/drive_v3.files.html
@@ -404,6 +404,8 @@ 
Method Details

   },
   "quotaBytesUsed": "A String", # The number of storage quota bytes used by the file. This includes the head revision as well as previous revisions with keepForever enabled.
   "resourceKey": "A String", # A key needed to access the item via a shared link.
+  "sha1Checksum": "A String", # The SHA1 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
+  "sha256Checksum": "A String", # The SHA256 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
   "shared": True or False, # Whether the file has been shared. Not populated for items in shared drives.
   "sharedWithMeTime": "A String", # The time at which the file was shared with the user, if applicable (RFC 3339 date-time).
   "sharingUser": { # Information about a Drive user. # The user who shared the file with the requesting user, if applicable.
@@ -724,6 +726,8 @@ 
Method Details

   },
   "quotaBytesUsed": "A String", # The number of storage quota bytes used by the file. This includes the head revision as well as previous revisions with keepForever enabled.
   "resourceKey": "A String", # A key needed to access the item via a shared link.
+  "sha1Checksum": "A String", # The SHA1 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
+  "sha256Checksum": "A String", # The SHA256 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
   "shared": True or False, # Whether the file has been shared. Not populated for items in shared drives.
   "sharedWithMeTime": "A String", # The time at which the file was shared with the user, if applicable (RFC 3339 date-time).
   "sharingUser": { # Information about a Drive user. # The user who shared the file with the requesting user, if applicable.
@@ -1041,6 +1045,8 @@ 
Method Details

   },
   "quotaBytesUsed": "A String", # The number of storage quota bytes used by the file. This includes the head revision as well as previous revisions with keepForever enabled.
   "resourceKey": "A String", # A key needed to access the item via a shared link.
+  "sha1Checksum": "A String", # The SHA1 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
+  "sha256Checksum": "A String", # The SHA256 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
   "shared": True or False, # Whether the file has been shared. Not populated for items in shared drives.
   "sharedWithMeTime": "A String", # The time at which the file was shared with the user, if applicable (RFC 3339 date-time).
   "sharingUser": { # Information about a Drive user. # The user who shared the file with the requesting user, if applicable.
@@ -1364,6 +1370,8 @@ 
Method Details

   },
   "quotaBytesUsed": "A String", # The number of storage quota bytes used by the file. This includes the head revision as well as previous revisions with keepForever enabled.
   "resourceKey": "A String", # A key needed to access the item via a shared link.
+  "sha1Checksum": "A String", # The SHA1 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
+  "sha256Checksum": "A String", # The SHA256 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
   "shared": True or False, # Whether the file has been shared. Not populated for items in shared drives.
   "sharedWithMeTime": "A String", # The time at which the file was shared with the user, if applicable (RFC 3339 date-time).
   "sharingUser": { # Information about a Drive user. # The user who shared the file with the requesting user, if applicable.
@@ -1750,6 +1758,8 @@ 
Method Details

   },
   "quotaBytesUsed": "A String", # The number of storage quota bytes used by the file. This includes the head revision as well as previous revisions with keepForever enabled.
   "resourceKey": "A String", # A key needed to access the item via a shared link.
+  "sha1Checksum": "A String", # The SHA1 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
+  "sha256Checksum": "A String", # The SHA256 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
   "shared": True or False, # Whether the file has been shared. Not populated for items in shared drives.
   "sharedWithMeTime": "A String", # The time at which the file was shared with the user, if applicable (RFC 3339 date-time).
   "sharingUser": { # Information about a Drive user. # The user who shared the file with the requesting user, if applicable.
@@ -2106,6 +2116,8 @@ 
Method Details

       },
       "quotaBytesUsed": "A String", # The number of storage quota bytes used by the file. This includes the head revision as well as previous revisions with keepForever enabled.
       "resourceKey": "A String", # A key needed to access the item via a shared link.
+      "sha1Checksum": "A String", # The SHA1 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
+      "sha256Checksum": "A String", # The SHA256 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
       "shared": True or False, # Whether the file has been shared. Not populated for items in shared drives.
       "sharedWithMeTime": "A String", # The time at which the file was shared with the user, if applicable (RFC 3339 date-time).
       "sharingUser": { # Information about a Drive user. # The user who shared the file with the requesting user, if applicable.
@@ -2608,6 +2620,8 @@ 
Method Details

   },
   "quotaBytesUsed": "A String", # The number of storage quota bytes used by the file. This includes the head revision as well as previous revisions with keepForever enabled.
   "resourceKey": "A String", # A key needed to access the item via a shared link.
+  "sha1Checksum": "A String", # The SHA1 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
+  "sha256Checksum": "A String", # The SHA256 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
   "shared": True or False, # Whether the file has been shared. Not populated for items in shared drives.
   "sharedWithMeTime": "A String", # The time at which the file was shared with the user, if applicable (RFC 3339 date-time).
   "sharingUser": { # Information about a Drive user. # The user who shared the file with the requesting user, if applicable.
@@ -2932,6 +2946,8 @@ 
Method Details

   },
   "quotaBytesUsed": "A String", # The number of storage quota bytes used by the file. This includes the head revision as well as previous revisions with keepForever enabled.
   "resourceKey": "A String", # A key needed to access the item via a shared link.
+  "sha1Checksum": "A String", # The SHA1 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
+  "sha256Checksum": "A String", # The SHA256 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.
   "shared": True or False, # Whether the file has been shared. Not populated for items in shared drives.
   "sharedWithMeTime": "A String", # The time at which the file was shared with the user, if applicable (RFC 3339 date-time).
   "sharingUser": { # Information about a Drive user. # The user who shared the file with the requesting user, if applicable.
diff --git a/docs/dyn/eventarc_v1.projects.locations.channelConnections.html b/docs/dyn/eventarc_v1.projects.locations.channelConnections.html
index 9055d9bf5ec..3021eb4806b 100644
--- a/docs/dyn/eventarc_v1.projects.locations.channelConnections.html
+++ b/docs/dyn/eventarc_v1.projects.locations.channelConnections.html
@@ -251,7 +251,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -342,7 +342,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -384,7 +384,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/eventarc_v1.projects.locations.channels.html b/docs/dyn/eventarc_v1.projects.locations.channels.html
index f8a6ab8893f..763f07b9ce1 100644
--- a/docs/dyn/eventarc_v1.projects.locations.channels.html
+++ b/docs/dyn/eventarc_v1.projects.locations.channels.html
@@ -262,7 +262,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -409,7 +409,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -451,7 +451,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/eventarc_v1.projects.locations.triggers.html b/docs/dyn/eventarc_v1.projects.locations.triggers.html
index 83b0e2213b2..1f7b9e613a8 100644
--- a/docs/dyn/eventarc_v1.projects.locations.triggers.html
+++ b/docs/dyn/eventarc_v1.projects.locations.triggers.html
@@ -336,7 +336,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -557,7 +557,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -599,7 +599,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/eventarc_v1beta1.projects.locations.triggers.html b/docs/dyn/eventarc_v1beta1.projects.locations.triggers.html
index c37e4b0cade..6407c1d08c7 100644
--- a/docs/dyn/eventarc_v1beta1.projects.locations.triggers.html
+++ b/docs/dyn/eventarc_v1beta1.projects.locations.triggers.html
@@ -300,7 +300,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -484,7 +484,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -526,7 +526,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/firebase_v1beta1.projects.androidApps.html b/docs/dyn/firebase_v1beta1.projects.androidApps.html
index 20cf4807283..19aae75af66 100644
--- a/docs/dyn/firebase_v1beta1.projects.androidApps.html
+++ b/docs/dyn/firebase_v1beta1.projects.androidApps.html
@@ -103,6 +103,9 @@ 
Instance Methods

 

   remove(name, body=None, x__xgafv=None)

 
Removes the specified AndroidApp from the project.

+

+  undelete(name, body=None, x__xgafv=None)

+
Restores the specified AndroidApp to the project.

 
Method Details

 

     close()
@@ -125,12 +128,6 @@ 
Method Details

   "name": "A String", # The resource name of the AndroidApp, in the format: projects/ PROJECT_IDENTIFIER/androidApps/APP_ID * PROJECT_IDENTIFIER: the parent Project's [`ProjectNumber`](../projects#FirebaseProject.FIELDS.project_number) ***(recommended)*** or its [`ProjectId`](../projects#FirebaseProject.FIELDS.project_id). Learn more about using project identifiers in Google's [AIP 2510 standard](https://google.aip.dev/cloud/2510). Note that the value for PROJECT_IDENTIFIER in any response body will be the `ProjectId`. * APP_ID: the globally unique, Firebase-assigned identifier for the App (see [`appId`](../projects.androidApps#AndroidApp.FIELDS.app_id)).
   "packageName": "A String", # Immutable. The canonical package name of the Android app as would appear in the Google Play Developer Console.
   "projectId": "A String", # Output only. Immutable. A user-assigned unique identifier of the parent FirebaseProject for the `AndroidApp`.
-  "sha1Hashes": [ # The SHA1 certificate hashes for the AndroidApp.
-    "A String",
-  ],
-  "sha256Hashes": [ # The SHA256 certificate hashes for the AndroidApp.
-    "A String",
-  ],
   "state": "A String", # Output only. The lifecycle state of the App.
 }
 
@@ -184,12 +181,6 @@ 
Method Details

   "name": "A String", # The resource name of the AndroidApp, in the format: projects/ PROJECT_IDENTIFIER/androidApps/APP_ID * PROJECT_IDENTIFIER: the parent Project's [`ProjectNumber`](../projects#FirebaseProject.FIELDS.project_number) ***(recommended)*** or its [`ProjectId`](../projects#FirebaseProject.FIELDS.project_id). Learn more about using project identifiers in Google's [AIP 2510 standard](https://google.aip.dev/cloud/2510). Note that the value for PROJECT_IDENTIFIER in any response body will be the `ProjectId`. * APP_ID: the globally unique, Firebase-assigned identifier for the App (see [`appId`](../projects.androidApps#AndroidApp.FIELDS.app_id)).
   "packageName": "A String", # Immutable. The canonical package name of the Android app as would appear in the Google Play Developer Console.
   "projectId": "A String", # Output only. Immutable. A user-assigned unique identifier of the parent FirebaseProject for the `AndroidApp`.
-  "sha1Hashes": [ # The SHA1 certificate hashes for the AndroidApp.
-    "A String",
-  ],
-  "sha256Hashes": [ # The SHA256 certificate hashes for the AndroidApp.
-    "A String",
-  ],
   "state": "A String", # Output only. The lifecycle state of the App.
 }

 

@@ -240,12 +231,6 @@ 
Method Details

       "name": "A String", # The resource name of the AndroidApp, in the format: projects/ PROJECT_IDENTIFIER/androidApps/APP_ID * PROJECT_IDENTIFIER: the parent Project's [`ProjectNumber`](../projects#FirebaseProject.FIELDS.project_number) ***(recommended)*** or its [`ProjectId`](../projects#FirebaseProject.FIELDS.project_id). Learn more about using project identifiers in Google's [AIP 2510 standard](https://google.aip.dev/cloud/2510). Note that the value for PROJECT_IDENTIFIER in any response body will be the `ProjectId`. * APP_ID: the globally unique, Firebase-assigned identifier for the App (see [`appId`](../projects.androidApps#AndroidApp.FIELDS.app_id)).
       "packageName": "A String", # Immutable. The canonical package name of the Android app as would appear in the Google Play Developer Console.
       "projectId": "A String", # Output only. Immutable. A user-assigned unique identifier of the parent FirebaseProject for the `AndroidApp`.
-      "sha1Hashes": [ # The SHA1 certificate hashes for the AndroidApp.
-        "A String",
-      ],
-      "sha256Hashes": [ # The SHA256 certificate hashes for the AndroidApp.
-        "A String",
-      ],
       "state": "A String", # Output only. The lifecycle state of the App.
     },
   ],
@@ -283,12 +268,6 @@ 
Method Details

   "name": "A String", # The resource name of the AndroidApp, in the format: projects/ PROJECT_IDENTIFIER/androidApps/APP_ID * PROJECT_IDENTIFIER: the parent Project's [`ProjectNumber`](../projects#FirebaseProject.FIELDS.project_number) ***(recommended)*** or its [`ProjectId`](../projects#FirebaseProject.FIELDS.project_id). Learn more about using project identifiers in Google's [AIP 2510 standard](https://google.aip.dev/cloud/2510). Note that the value for PROJECT_IDENTIFIER in any response body will be the `ProjectId`. * APP_ID: the globally unique, Firebase-assigned identifier for the App (see [`appId`](../projects.androidApps#AndroidApp.FIELDS.app_id)).
   "packageName": "A String", # Immutable. The canonical package name of the Android app as would appear in the Google Play Developer Console.
   "projectId": "A String", # Output only. Immutable. A user-assigned unique identifier of the parent FirebaseProject for the `AndroidApp`.
-  "sha1Hashes": [ # The SHA1 certificate hashes for the AndroidApp.
-    "A String",
-  ],
-  "sha256Hashes": [ # The SHA256 certificate hashes for the AndroidApp.
-    "A String",
-  ],
   "state": "A String", # Output only. The lifecycle state of the App.
 }
 
@@ -308,12 +287,6 @@ 
Method Details

   "name": "A String", # The resource name of the AndroidApp, in the format: projects/ PROJECT_IDENTIFIER/androidApps/APP_ID * PROJECT_IDENTIFIER: the parent Project's [`ProjectNumber`](../projects#FirebaseProject.FIELDS.project_number) ***(recommended)*** or its [`ProjectId`](../projects#FirebaseProject.FIELDS.project_id). Learn more about using project identifiers in Google's [AIP 2510 standard](https://google.aip.dev/cloud/2510). Note that the value for PROJECT_IDENTIFIER in any response body will be the `ProjectId`. * APP_ID: the globally unique, Firebase-assigned identifier for the App (see [`appId`](../projects.androidApps#AndroidApp.FIELDS.app_id)).
   "packageName": "A String", # Immutable. The canonical package name of the Android app as would appear in the Google Play Developer Console.
   "projectId": "A String", # Output only. Immutable. A user-assigned unique identifier of the parent FirebaseProject for the `AndroidApp`.
-  "sha1Hashes": [ # The SHA1 certificate hashes for the AndroidApp.
-    "A String",
-  ],
-  "sha256Hashes": [ # The SHA256 certificate hashes for the AndroidApp.
-    "A String",
-  ],
   "state": "A String", # Output only. The lifecycle state of the App.
 }

 

@@ -362,4 +335,47 @@ 
Method Details

 }

 

 
+

+    undelete(name, body=None, x__xgafv=None)
+  
Restores the specified AndroidApp to the project.
+
+Args:
+  name: string, Required. The resource name of the AndroidApp, in the format: projects/ PROJECT_IDENTIFIER/androidApps/APP_ID Since an APP_ID is a unique identifier, the Unique Resource from Sub-Collection access pattern may be used here, in the format: projects/-/androidApps/APP_ID Refer to the AndroidApp [name](../projects.androidApps#AndroidApp.FIELDS.name) field for details about PROJECT_IDENTIFIER and APP_ID values. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{
+  "etag": "A String", # Checksum provided in the AndroidApp entity, which if provided ensures the client has an up-to-date value before proceeding.
+  "validateOnly": True or False, # If set to true, only validate the request and do not undelete the app.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # This resource represents a long-running operation that is the result of a network API call.
+  "done": True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
+  "error": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
+    "code": 42, # The status code, which should be an enum value of google.rpc.Code.
+    "details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
+      {
+        "a_key": "", # Properties of the object. Contains field @type with type URL.
+      },
+    ],
+    "message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
+  },
+  "metadata": { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
+    "a_key": "", # Properties of the object. Contains field @type with type URL.
+  },
+  "name": "A String", # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
+  "response": { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
+    "a_key": "", # Properties of the object. Contains field @type with type URL.
+  },
+}

+

+
 
\ No newline at end of file
diff --git a/docs/dyn/firebase_v1beta1.projects.html b/docs/dyn/firebase_v1beta1.projects.html
index d34f3b47a5f..6a1d5e1b848 100644
--- a/docs/dyn/firebase_v1beta1.projects.html
+++ b/docs/dyn/firebase_v1beta1.projects.html
@@ -118,7 +118,7 @@ 
Instance Methods

   getAnalyticsDetails(name, x__xgafv=None)

 
Gets the Google Analytics details currently associated with the specified FirebaseProject. If the `FirebaseProject` is not yet linked to Google Analytics, then the response to `GetAnalyticsDetails` is `NOT_FOUND`.

 

-  list(pageSize=None, pageToken=None, x__xgafv=None)

+  list(pageSize=None, pageToken=None, showDeleted=None, x__xgafv=None)

 
Lists each FirebaseProject accessible to the caller. The elements are returned in no particular order, but they will be a consistent view of the Projects when additional requests are made with a `pageToken`. This method is eventually consistent with Project mutations, which means newly provisioned Projects and recent modifications to existing Projects might not be reflected in the set of Projects. The list will include only ACTIVE Projects. Use GetFirebaseProject for consistent reads as well as for additional Project details.

 

   list_next()

@@ -312,12 +312,13 @@ 
Method Details

 
 
 

-    list(pageSize=None, pageToken=None, x__xgafv=None)
+    list(pageSize=None, pageToken=None, showDeleted=None, x__xgafv=None)
   
Lists each FirebaseProject accessible to the caller. The elements are returned in no particular order, but they will be a consistent view of the Projects when additional requests are made with a `pageToken`. This method is eventually consistent with Project mutations, which means newly provisioned Projects and recent modifications to existing Projects might not be reflected in the set of Projects. The list will include only ACTIVE Projects. Use GetFirebaseProject for consistent reads as well as for additional Project details.
 
 Args:
   pageSize: integer, The maximum number of Projects to return in the response. The server may return fewer than this at its discretion. If no value is specified (or too large a value is specified), the server will impose its own limit. This value cannot be negative.
   pageToken: string, Token returned from a previous call to `ListFirebaseProjects` indicating where in the set of Projects to resume listing.
+  showDeleted: boolean, Optional. Controls whether Projects in the DELETING state should be returned. Defaults to false.
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
diff --git a/docs/dyn/firebase_v1beta1.projects.iosApps.html b/docs/dyn/firebase_v1beta1.projects.iosApps.html
index 312ffb7dbff..eb75c36b9ff 100644
--- a/docs/dyn/firebase_v1beta1.projects.iosApps.html
+++ b/docs/dyn/firebase_v1beta1.projects.iosApps.html
@@ -98,6 +98,9 @@ 
Instance Methods

 

   remove(name, body=None, x__xgafv=None)

 
Removes the specified IosApp from the project.

+

+  undelete(name, body=None, x__xgafv=None)

+
Restores the specified IosApp to the project.

 
Method Details

 

     close()
@@ -337,4 +340,47 @@ 
Method Details

 }

 

 
+

+    undelete(name, body=None, x__xgafv=None)
+  
Restores the specified IosApp to the project.
+
+Args:
+  name: string, Required. The resource name of the IosApp, in the format: projects/ PROJECT_IDENTIFIER/iosApps/APP_ID Since an APP_ID is a unique identifier, the Unique Resource from Sub-Collection access pattern may be used here, in the format: projects/-/iosApps/APP_ID Refer to the IosApp [name](../projects.iosApps#IosApp.FIELDS.name) field for details about PROJECT_IDENTIFIER and APP_ID values. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{
+  "etag": "A String", # Checksum provided in the IosApp entity, which if provided ensures the client has an up-to-date value before proceeding.
+  "validateOnly": True or False, # If set to true, only validate the request and do not undelete the app.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # This resource represents a long-running operation that is the result of a network API call.
+  "done": True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
+  "error": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
+    "code": 42, # The status code, which should be an enum value of google.rpc.Code.
+    "details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
+      {
+        "a_key": "", # Properties of the object. Contains field @type with type URL.
+      },
+    ],
+    "message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
+  },
+  "metadata": { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
+    "a_key": "", # Properties of the object. Contains field @type with type URL.
+  },
+  "name": "A String", # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
+  "response": { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
+    "a_key": "", # Properties of the object. Contains field @type with type URL.
+  },
+}

+

+
 
\ No newline at end of file
diff --git a/docs/dyn/firebase_v1beta1.projects.webApps.html b/docs/dyn/firebase_v1beta1.projects.webApps.html
index 2a7a10442bc..ab9649a4f03 100644
--- a/docs/dyn/firebase_v1beta1.projects.webApps.html
+++ b/docs/dyn/firebase_v1beta1.projects.webApps.html
@@ -98,6 +98,9 @@ 
Instance Methods

 

   remove(name, body=None, x__xgafv=None)

 
Removes the specified WebApp from the project.

+

+  undelete(name, body=None, x__xgafv=None)

+
Restores the specified WebApp to the project.

 
Method Details

 

     close()
@@ -349,4 +352,47 @@ 
Method Details

 }

 
 
+

+    undelete(name, body=None, x__xgafv=None)
+  
Restores the specified WebApp to the project.
+
+Args:
+  name: string, Required. The resource name of the WebApp, in the format: projects/ PROJECT_IDENTIFIER/webApps/APP_ID Since an APP_ID is a unique identifier, the Unique Resource from Sub-Collection access pattern may be used here, in the format: projects/-/webApps/APP_ID Refer to the WebApp [name](../projects.webApps#WebApp.FIELDS.name) field for details about PROJECT_IDENTIFIER and APP_ID values. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{
+  "etag": "A String", # Checksum provided in the WebApp entity, which if provided ensures the client has an up-to-date value before proceeding.
+  "validateOnly": True or False, # If set to true, only validate the request and do not undelete the app.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # This resource represents a long-running operation that is the result of a network API call.
+  "done": True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
+  "error": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
+    "code": 42, # The status code, which should be an enum value of google.rpc.Code.
+    "details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
+      {
+        "a_key": "", # Properties of the object. Contains field @type with type URL.
+      },
+    ],
+    "message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
+  },
+  "metadata": { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
+    "a_key": "", # Properties of the object. Contains field @type with type URL.
+  },
+  "name": "A String", # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
+  "response": { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
+    "a_key": "", # Properties of the object. Contains field @type with type URL.
+  },
+}

+

+
 
\ No newline at end of file
diff --git a/docs/dyn/gkebackup_v1.projects.locations.backupPlans.backups.html b/docs/dyn/gkebackup_v1.projects.locations.backupPlans.backups.html
index 01af3bad223..df615836521 100644
--- a/docs/dyn/gkebackup_v1.projects.locations.backupPlans.backups.html
+++ b/docs/dyn/gkebackup_v1.projects.locations.backupPlans.backups.html
@@ -349,7 +349,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -575,7 +575,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -617,7 +617,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/gkebackup_v1.projects.locations.backupPlans.backups.volumeBackups.html b/docs/dyn/gkebackup_v1.projects.locations.backupPlans.backups.volumeBackups.html
index 2abaf3329bf..cfec5521498 100644
--- a/docs/dyn/gkebackup_v1.projects.locations.backupPlans.backups.volumeBackups.html
+++ b/docs/dyn/gkebackup_v1.projects.locations.backupPlans.backups.volumeBackups.html
@@ -172,7 +172,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -272,7 +272,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -314,7 +314,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/gkebackup_v1.projects.locations.backupPlans.html b/docs/dyn/gkebackup_v1.projects.locations.backupPlans.html
index 276dbf31552..f27d09d756f 100644
--- a/docs/dyn/gkebackup_v1.projects.locations.backupPlans.html
+++ b/docs/dyn/gkebackup_v1.projects.locations.backupPlans.html
@@ -332,7 +332,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -545,7 +545,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -587,7 +587,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/gkebackup_v1.projects.locations.restorePlans.html b/docs/dyn/gkebackup_v1.projects.locations.restorePlans.html
index 8a9d694d0f6..37a2f455b53 100644
--- a/docs/dyn/gkebackup_v1.projects.locations.restorePlans.html
+++ b/docs/dyn/gkebackup_v1.projects.locations.restorePlans.html
@@ -357,7 +357,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -594,7 +594,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -636,7 +636,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/gkebackup_v1.projects.locations.restorePlans.restores.html b/docs/dyn/gkebackup_v1.projects.locations.restorePlans.restores.html
index fd783bba19e..355cd326549 100644
--- a/docs/dyn/gkebackup_v1.projects.locations.restorePlans.restores.html
+++ b/docs/dyn/gkebackup_v1.projects.locations.restorePlans.restores.html
@@ -371,7 +371,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -622,7 +622,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -664,7 +664,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/gkebackup_v1.projects.locations.restorePlans.restores.volumeRestores.html b/docs/dyn/gkebackup_v1.projects.locations.restorePlans.restores.volumeRestores.html
index c3d64fc08c0..8234c0bac68 100644
--- a/docs/dyn/gkebackup_v1.projects.locations.restorePlans.restores.volumeRestores.html
+++ b/docs/dyn/gkebackup_v1.projects.locations.restorePlans.restores.volumeRestores.html
@@ -171,7 +171,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -270,7 +270,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -312,7 +312,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/gkehub_v1alpha.projects.locations.features.html b/docs/dyn/gkehub_v1alpha.projects.locations.features.html
index 82b7c975e27..9d2768d4998 100644
--- a/docs/dyn/gkehub_v1alpha.projects.locations.features.html
+++ b/docs/dyn/gkehub_v1alpha.projects.locations.features.html
@@ -199,16 +199,6 @@ 
Method Details

       "identityservice": { # **Anthos Identity Service**: Configuration for a single Membership. # Identity Service-specific spec.
         "authMethods": [ # A member may support multiple auth methods.
           { # Configuration of an auth method for a member/cluster. Only one authentication method (e.g., OIDC and LDAP) can be set per AuthMethod.
-            "azureadConfig": { # Configuration for the AzureAD Auth flow. # AzureAD specific Configuration.
-              "clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
-              "clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
-              "encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
-              "kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
-              "tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
-            },
-            "googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration
-              "disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
-            },
             "name": "A String", # Identifier for auth config.
             "oidcConfig": { # Configuration for OIDC Auth flow. # OIDC specific configuration.
               "certificateAuthorityData": "A String", # PEM-encoded CA for OIDC provider.
@@ -423,16 +413,6 @@ 
Method Details

         "memberConfig": { # **Anthos Identity Service**: Configuration for a single Membership. # Last reconciled membership configuration
           "authMethods": [ # A member may support multiple auth methods.
             { # Configuration of an auth method for a member/cluster. Only one authentication method (e.g., OIDC and LDAP) can be set per AuthMethod.
-              "azureadConfig": { # Configuration for the AzureAD Auth flow. # AzureAD specific Configuration.
-                "clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
-                "clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
-                "encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
-                "kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
-                "tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
-              },
-              "googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration
-                "disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
-              },
               "name": "A String", # Identifier for auth config.
               "oidcConfig": { # Configuration for OIDC Auth flow. # OIDC specific configuration.
                 "certificateAuthorityData": "A String", # PEM-encoded CA for OIDC provider.
@@ -746,16 +726,6 @@ 
Method Details

       "identityservice": { # **Anthos Identity Service**: Configuration for a single Membership. # Identity Service-specific spec.
         "authMethods": [ # A member may support multiple auth methods.
           { # Configuration of an auth method for a member/cluster. Only one authentication method (e.g., OIDC and LDAP) can be set per AuthMethod.
-            "azureadConfig": { # Configuration for the AzureAD Auth flow. # AzureAD specific Configuration.
-              "clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
-              "clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
-              "encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
-              "kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
-              "tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
-            },
-            "googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration
-              "disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
-            },
             "name": "A String", # Identifier for auth config.
             "oidcConfig": { # Configuration for OIDC Auth flow. # OIDC specific configuration.
               "certificateAuthorityData": "A String", # PEM-encoded CA for OIDC provider.
@@ -970,16 +940,6 @@ 
Method Details

         "memberConfig": { # **Anthos Identity Service**: Configuration for a single Membership. # Last reconciled membership configuration
           "authMethods": [ # A member may support multiple auth methods.
             { # Configuration of an auth method for a member/cluster. Only one authentication method (e.g., OIDC and LDAP) can be set per AuthMethod.
-              "azureadConfig": { # Configuration for the AzureAD Auth flow. # AzureAD specific Configuration.
-                "clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
-                "clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
-                "encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
-                "kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
-                "tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
-              },
-              "googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration
-                "disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
-              },
               "name": "A String", # Identifier for auth config.
               "oidcConfig": { # Configuration for OIDC Auth flow. # OIDC specific configuration.
                 "certificateAuthorityData": "A String", # PEM-encoded CA for OIDC provider.
@@ -1281,16 +1241,6 @@ 
Method Details

           "identityservice": { # **Anthos Identity Service**: Configuration for a single Membership. # Identity Service-specific spec.
             "authMethods": [ # A member may support multiple auth methods.
               { # Configuration of an auth method for a member/cluster. Only one authentication method (e.g., OIDC and LDAP) can be set per AuthMethod.
-                "azureadConfig": { # Configuration for the AzureAD Auth flow. # AzureAD specific Configuration.
-                  "clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
-                  "clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
-                  "encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
-                  "kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
-                  "tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
-                },
-                "googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration
-                  "disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
-                },
                 "name": "A String", # Identifier for auth config.
                 "oidcConfig": { # Configuration for OIDC Auth flow. # OIDC specific configuration.
                   "certificateAuthorityData": "A String", # PEM-encoded CA for OIDC provider.
@@ -1505,16 +1455,6 @@ 
Method Details

             "memberConfig": { # **Anthos Identity Service**: Configuration for a single Membership. # Last reconciled membership configuration
               "authMethods": [ # A member may support multiple auth methods.
                 { # Configuration of an auth method for a member/cluster. Only one authentication method (e.g., OIDC and LDAP) can be set per AuthMethod.
-                  "azureadConfig": { # Configuration for the AzureAD Auth flow. # AzureAD specific Configuration.
-                    "clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
-                    "clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
-                    "encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
-                    "kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
-                    "tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
-                  },
-                  "googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration
-                    "disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
-                  },
                   "name": "A String", # Identifier for auth config.
                   "oidcConfig": { # Configuration for OIDC Auth flow. # OIDC specific configuration.
                     "certificateAuthorityData": "A String", # PEM-encoded CA for OIDC provider.
@@ -1772,16 +1712,6 @@ 
Method Details

       "identityservice": { # **Anthos Identity Service**: Configuration for a single Membership. # Identity Service-specific spec.
         "authMethods": [ # A member may support multiple auth methods.
           { # Configuration of an auth method for a member/cluster. Only one authentication method (e.g., OIDC and LDAP) can be set per AuthMethod.
-            "azureadConfig": { # Configuration for the AzureAD Auth flow. # AzureAD specific Configuration.
-              "clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
-              "clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
-              "encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
-              "kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
-              "tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
-            },
-            "googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration
-              "disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
-            },
             "name": "A String", # Identifier for auth config.
             "oidcConfig": { # Configuration for OIDC Auth flow. # OIDC specific configuration.
               "certificateAuthorityData": "A String", # PEM-encoded CA for OIDC provider.
@@ -1996,16 +1926,6 @@ 
Method Details

         "memberConfig": { # **Anthos Identity Service**: Configuration for a single Membership. # Last reconciled membership configuration
           "authMethods": [ # A member may support multiple auth methods.
             { # Configuration of an auth method for a member/cluster. Only one authentication method (e.g., OIDC and LDAP) can be set per AuthMethod.
-              "azureadConfig": { # Configuration for the AzureAD Auth flow. # AzureAD specific Configuration.
-                "clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
-                "clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
-                "encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
-                "kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
-                "tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
-              },
-              "googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration
-                "disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
-              },
               "name": "A String", # Identifier for auth config.
               "oidcConfig": { # Configuration for OIDC Auth flow. # OIDC specific configuration.
                 "certificateAuthorityData": "A String", # PEM-encoded CA for OIDC provider.
diff --git a/docs/dyn/healthcare_v1.projects.locations.datasets.consentStores.html b/docs/dyn/healthcare_v1.projects.locations.datasets.consentStores.html
index 54a4eaffe27..6ac767809fe 100644
--- a/docs/dyn/healthcare_v1.projects.locations.datasets.consentStores.html
+++ b/docs/dyn/healthcare_v1.projects.locations.datasets.consentStores.html
@@ -363,7 +363,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -539,7 +539,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -581,7 +581,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/healthcare_v1.projects.locations.datasets.dicomStores.html b/docs/dyn/healthcare_v1.projects.locations.datasets.dicomStores.html
index 6d0ddbc78be..a68233bf5de 100644
--- a/docs/dyn/healthcare_v1.projects.locations.datasets.dicomStores.html
+++ b/docs/dyn/healthcare_v1.projects.locations.datasets.dicomStores.html
@@ -403,7 +403,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -654,7 +654,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -696,7 +696,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/healthcare_v1.projects.locations.datasets.fhirStores.fhir.html b/docs/dyn/healthcare_v1.projects.locations.datasets.fhirStores.fhir.html
index fb074d3b1e3..5d665e182a3 100644
--- a/docs/dyn/healthcare_v1.projects.locations.datasets.fhirStores.fhir.html
+++ b/docs/dyn/healthcare_v1.projects.locations.datasets.fhirStores.fhir.html
@@ -97,7 +97,7 @@ 
Instance Methods

 
Deletes a FHIR resource. Implements the FHIR standard delete interaction ([DSTU2](http://hl7.org/implement/standards/fhir/DSTU2/http.html#delete), [STU3](http://hl7.org/implement/standards/fhir/STU3/http.html#delete), [R4](http://hl7.org/implement/standards/fhir/R4/http.html#delete)). Note: Unless resource versioning is disabled by setting the disable_resource_versioning flag on the FHIR store, the deleted resources will be moved to a history repository that can still be retrieved through vread and related methods, unless they are removed by the purge method. For samples that show how to call `delete`, see [Deleting a FHIR resource](/healthcare/docs/how-tos/fhir-resources#deleting_a_fhir_resource).

 

   executeBundle(parent, body=None, x__xgafv=None)

-
Executes all the requests in the given Bundle. Implements the FHIR standard batch/transaction interaction ([DSTU2](http://hl7.org/implement/standards/fhir/DSTU2/http.html#transaction), [STU3](http://hl7.org/implement/standards/fhir/STU3/http.html#transaction), [R4](http://hl7.org/implement/standards/fhir/R4/http.html#transaction)). Supports all interactions within a bundle, except search. This method accepts Bundles of type `batch` and `transaction`, processing them according to the batch processing rules ([DSTU2](http://hl7.org/implement/standards/fhir/DSTU2/http.html#2.1.0.16.1), [STU3](http://hl7.org/implement/standards/fhir/STU3/http.html#2.21.0.17.1), [R4](http://hl7.org/implement/standards/fhir/R4/http.html#brules)) and transaction processing rules ([DSTU2](http://hl7.org/implement/standards/fhir/DSTU2/http.html#2.1.0.16.2), [STU3](http://hl7.org/implement/standards/fhir/STU3/http.html#2.21.0.17.2), [R4](http://hl7.org/implement/standards/fhir/R4/http.html#trules)). The request body must contain a JSON-encoded FHIR `Bundle` resource, and the request headers must contain `Content-Type: application/fhir+json`. For a batch bundle or a successful transaction the response body will contain a JSON-encoded representation of a `Bundle` resource of type `batch-response` or `transaction-response` containing one entry for each entry in the request, with the outcome of processing the entry. In the case of an error for a transaction bundle, the response body will contain a JSON-encoded `OperationOutcome` resource describing the reason for the error. If the request cannot be mapped to a valid API method on a FHIR store, a generic GCP error might be returned instead. For samples that show how to call `executeBundle`, see [Managing FHIR resources using FHIR bundles](/healthcare/docs/how-tos/fhir-bundles).

+
Executes all the requests in the given Bundle. Implements the FHIR standard batch/transaction interaction ([DSTU2](https://hl7.org/implement/standards/fhir/DSTU2/http.html#transaction), [STU3](https://hl7.org/implement/standards/fhir/STU3/http.html#transaction), [R4](https://hl7.org/implement/standards/fhir/R4/http.html#transaction)). Supports all interactions within a bundle, except search. This method accepts Bundles of type `batch` and `transaction`, processing them according to the batch processing rules ([DSTU2](https://hl7.org/implement/standards/fhir/DSTU2/http.html#2.1.0.16.1), [STU3](https://hl7.org/implement/standards/fhir/STU3/http.html#2.21.0.17.1), [R4](https://hl7.org/implement/standards/fhir/R4/http.html#brules)) and transaction processing rules ([DSTU2](https://hl7.org/implement/standards/fhir/DSTU2/http.html#2.1.0.16.2), [STU3](https://hl7.org/implement/standards/fhir/STU3/http.html#2.21.0.17.2), [R4](https://hl7.org/implement/standards/fhir/R4/http.html#trules)). The request body must contain a JSON-encoded FHIR `Bundle` resource, and the request headers must contain `Content-Type: application/fhir+json`. For a batch bundle or a successful transaction, the response body contains a JSON-encoded representation of a `Bundle` resource of type `batch-response` or `transaction-response` containing one entry for each entry in the request, with the outcome of processing the entry. In the case of an error for a transaction bundle, the response body contains a JSON-encoded `OperationOutcome` resource describing the reason for the error. If the request cannot be mapped to a valid API method on a FHIR store, a generic GCP error might be returned instead. This method checks permissions for each request in the bundle. The `executeBundle` permission is required to call this method, but you must also grant sufficient permissions to execute the individual requests in the bundle. For example, if the bundle contains a request to create a FHIR resource, the caller must also have been granted the `healthcare.fhirResources.create` permission. You can use audit logs to view the permissions for `executeBundle` and each request in the bundle. For more information, see [Viewing Cloud Audit logs](https://cloud.google.com/healthcare-api/docs/how-tos/audit-logging). For samples that show how to call `executeBundle`, see [Managing FHIR resources using FHIR bundles](/healthcare/docs/how-tos/fhir-bundles).

 

   history(name, x__xgafv=None, x_at=None, x_count=None, x_page_token=None, x_since=None)

 
Lists all the versions of a resource (including the current version and deleted versions) from the FHIR store. Implements the per-resource form of the FHIR standard history interaction ([DSTU2](http://hl7.org/implement/standards/fhir/DSTU2/http.html#history), [STU3](http://hl7.org/implement/standards/fhir/STU3/http.html#history), [R4](http://hl7.org/implement/standards/fhir/R4/http.html#history)). On success, the response body contains a JSON-encoded representation of a `Bundle` resource of type `history`, containing the version history sorted from most recent to oldest versions. Errors generated by the FHIR store contain a JSON-encoded `OperationOutcome` resource describing the reason for the error. If the request cannot be mapped to a valid API method on a FHIR store, a generic GCP error might be returned instead. For samples that show how to call `history`, see [Listing FHIR resource versions](/healthcare/docs/how-tos/fhir-resources#listing_fhir_resource_versions).

@@ -305,7 +305,7 @@ 
Method Details

 
 

     executeBundle(parent, body=None, x__xgafv=None)
-  
Executes all the requests in the given Bundle. Implements the FHIR standard batch/transaction interaction ([DSTU2](http://hl7.org/implement/standards/fhir/DSTU2/http.html#transaction), [STU3](http://hl7.org/implement/standards/fhir/STU3/http.html#transaction), [R4](http://hl7.org/implement/standards/fhir/R4/http.html#transaction)). Supports all interactions within a bundle, except search. This method accepts Bundles of type `batch` and `transaction`, processing them according to the batch processing rules ([DSTU2](http://hl7.org/implement/standards/fhir/DSTU2/http.html#2.1.0.16.1), [STU3](http://hl7.org/implement/standards/fhir/STU3/http.html#2.21.0.17.1), [R4](http://hl7.org/implement/standards/fhir/R4/http.html#brules)) and transaction processing rules ([DSTU2](http://hl7.org/implement/standards/fhir/DSTU2/http.html#2.1.0.16.2), [STU3](http://hl7.org/implement/standards/fhir/STU3/http.html#2.21.0.17.2), [R4](http://hl7.org/implement/standards/fhir/R4/http.html#trules)). The request body must contain a JSON-encoded FHIR `Bundle` resource, and the request headers must contain `Content-Type: application/fhir+json`. For a batch bundle or a successful transaction the response body will contain a JSON-encoded representation of a `Bundle` resource of type `batch-response` or `transaction-response` containing one entry for each entry in the request, with the outcome of processing the entry. In the case of an error for a transaction bundle, the response body will contain a JSON-encoded `OperationOutcome` resource describing the reason for the error. If the request cannot be mapped to a valid API method on a FHIR store, a generic GCP error might be returned instead. For samples that show how to call `executeBundle`, see [Managing FHIR resources using FHIR bundles](/healthcare/docs/how-tos/fhir-bundles).
+  
Executes all the requests in the given Bundle. Implements the FHIR standard batch/transaction interaction ([DSTU2](https://hl7.org/implement/standards/fhir/DSTU2/http.html#transaction), [STU3](https://hl7.org/implement/standards/fhir/STU3/http.html#transaction), [R4](https://hl7.org/implement/standards/fhir/R4/http.html#transaction)). Supports all interactions within a bundle, except search. This method accepts Bundles of type `batch` and `transaction`, processing them according to the batch processing rules ([DSTU2](https://hl7.org/implement/standards/fhir/DSTU2/http.html#2.1.0.16.1), [STU3](https://hl7.org/implement/standards/fhir/STU3/http.html#2.21.0.17.1), [R4](https://hl7.org/implement/standards/fhir/R4/http.html#brules)) and transaction processing rules ([DSTU2](https://hl7.org/implement/standards/fhir/DSTU2/http.html#2.1.0.16.2), [STU3](https://hl7.org/implement/standards/fhir/STU3/http.html#2.21.0.17.2), [R4](https://hl7.org/implement/standards/fhir/R4/http.html#trules)). The request body must contain a JSON-encoded FHIR `Bundle` resource, and the request headers must contain `Content-Type: application/fhir+json`. For a batch bundle or a successful transaction, the response body contains a JSON-encoded representation of a `Bundle` resource of type `batch-response` or `transaction-response` containing one entry for each entry in the request, with the outcome of processing the entry. In the case of an error for a transaction bundle, the response body contains a JSON-encoded `OperationOutcome` resource describing the reason for the error. If the request cannot be mapped to a valid API method on a FHIR store, a generic GCP error might be returned instead. This method checks permissions for each request in the bundle. The `executeBundle` permission is required to call this method, but you must also grant sufficient permissions to execute the individual requests in the bundle. For example, if the bundle contains a request to create a FHIR resource, the caller must also have been granted the `healthcare.fhirResources.create` permission. You can use audit logs to view the permissions for `executeBundle` and each request in the bundle. For more information, see [Viewing Cloud Audit logs](https://cloud.google.com/healthcare-api/docs/how-tos/audit-logging). For samples that show how to call `executeBundle`, see [Managing FHIR resources using FHIR bundles](/healthcare/docs/how-tos/fhir-bundles).
 
 Args:
   parent: string, Name of the FHIR store in which this bundle will be executed. (required)
diff --git a/docs/dyn/healthcare_v1.projects.locations.datasets.fhirStores.html b/docs/dyn/healthcare_v1.projects.locations.datasets.fhirStores.html
index 9011197ac9f..8ed5a1bdd18 100644
--- a/docs/dyn/healthcare_v1.projects.locations.datasets.fhirStores.html
+++ b/docs/dyn/healthcare_v1.projects.locations.datasets.fhirStores.html
@@ -493,7 +493,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -760,7 +760,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -802,7 +802,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/healthcare_v1.projects.locations.datasets.hl7V2Stores.html b/docs/dyn/healthcare_v1.projects.locations.datasets.hl7V2Stores.html
index 461912442b9..0f6943c035f 100644
--- a/docs/dyn/healthcare_v1.projects.locations.datasets.hl7V2Stores.html
+++ b/docs/dyn/healthcare_v1.projects.locations.datasets.hl7V2Stores.html
@@ -489,7 +489,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -863,7 +863,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -905,7 +905,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/healthcare_v1.projects.locations.datasets.html b/docs/dyn/healthcare_v1.projects.locations.datasets.html
index d193b7dd963..dc1c48d45c1 100644
--- a/docs/dyn/healthcare_v1.projects.locations.datasets.html
+++ b/docs/dyn/healthcare_v1.projects.locations.datasets.html
@@ -352,7 +352,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -465,7 +465,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -507,7 +507,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/healthcare_v1beta1.projects.locations.datasets.annotationStores.html b/docs/dyn/healthcare_v1beta1.projects.locations.datasets.annotationStores.html
index bcbdd0bfbb8..766433f7cc2 100644
--- a/docs/dyn/healthcare_v1beta1.projects.locations.datasets.annotationStores.html
+++ b/docs/dyn/healthcare_v1beta1.projects.locations.datasets.annotationStores.html
@@ -351,7 +351,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -515,7 +515,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -557,7 +557,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/healthcare_v1beta1.projects.locations.datasets.consentStores.html b/docs/dyn/healthcare_v1beta1.projects.locations.datasets.consentStores.html
index de80edbb11e..e1ce5404dbf 100644
--- a/docs/dyn/healthcare_v1beta1.projects.locations.datasets.consentStores.html
+++ b/docs/dyn/healthcare_v1beta1.projects.locations.datasets.consentStores.html
@@ -363,7 +363,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -539,7 +539,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -581,7 +581,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/healthcare_v1beta1.projects.locations.datasets.dicomStores.html b/docs/dyn/healthcare_v1beta1.projects.locations.datasets.dicomStores.html
index 4be6b217a16..1a708d46181 100644
--- a/docs/dyn/healthcare_v1beta1.projects.locations.datasets.dicomStores.html
+++ b/docs/dyn/healthcare_v1beta1.projects.locations.datasets.dicomStores.html
@@ -453,7 +453,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -734,7 +734,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -776,7 +776,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/healthcare_v1beta1.projects.locations.datasets.fhirStores.fhir.html b/docs/dyn/healthcare_v1beta1.projects.locations.datasets.fhirStores.fhir.html
index dabd2f8adc3..95dfdcd0849 100644
--- a/docs/dyn/healthcare_v1beta1.projects.locations.datasets.fhirStores.fhir.html
+++ b/docs/dyn/healthcare_v1beta1.projects.locations.datasets.fhirStores.fhir.html
@@ -115,7 +115,7 @@ 
Instance Methods

 
Deletes a FHIR resource. Implements the FHIR standard delete interaction ([DSTU2](https://hl7.org/implement/standards/fhir/DSTU2/http.html#delete), [STU3](https://hl7.org/implement/standards/fhir/STU3/http.html#delete), [R4](https://hl7.org/implement/standards/fhir/R4/http.html#delete)). Note: Unless resource versioning is disabled by setting the disable_resource_versioning flag on the FHIR store, the deleted resources are moved to a history repository that can still be retrieved through vread and related methods, unless they are removed by the purge method. For samples that show how to call `delete`, see [Deleting a FHIR resource](/healthcare/docs/how-tos/fhir-resources#deleting_a_fhir_resource).

 

   executeBundle(parent, body=None, x__xgafv=None)

-
Executes all the requests in the given Bundle. Implements the FHIR standard batch/transaction interaction ([DSTU2](https://hl7.org/implement/standards/fhir/DSTU2/http.html#transaction), [STU3](https://hl7.org/implement/standards/fhir/STU3/http.html#transaction), [R4](https://hl7.org/implement/standards/fhir/R4/http.html#transaction)). Supports all interactions within a bundle, except search. This method accepts Bundles of type `batch` and `transaction`, processing them according to the batch processing rules ([DSTU2](https://hl7.org/implement/standards/fhir/DSTU2/http.html#2.1.0.16.1), [STU3](https://hl7.org/implement/standards/fhir/STU3/http.html#2.21.0.17.1), [R4](https://hl7.org/implement/standards/fhir/R4/http.html#brules)) and transaction processing rules ([DSTU2](https://hl7.org/implement/standards/fhir/DSTU2/http.html#2.1.0.16.2), [STU3](https://hl7.org/implement/standards/fhir/STU3/http.html#2.21.0.17.2), [R4](https://hl7.org/implement/standards/fhir/R4/http.html#trules)). The request body must contain a JSON-encoded FHIR `Bundle` resource, and the request headers must contain `Content-Type: application/fhir+json`. For a batch bundle or a successful transaction the response body contains a JSON-encoded representation of a `Bundle` resource of type `batch-response` or `transaction-response` containing one entry for each entry in the request, with the outcome of processing the entry. In the case of an error for a transaction bundle, the response body contains a JSON-encoded `OperationOutcome` resource describing the reason for the error. If the request cannot be mapped to a valid API method on a FHIR store, a generic GCP error might be returned instead. This method requires permission for executing the requests in the bundle. The `executeBundle` permission grants permission to execute the request in the bundle but you must grant sufficient permissions to execute the individual requests in the bundle. For example, if the bundle contains a `create` request, you must have permission to execute the `create` request. Logging is available for the `executeBundle` permission. For samples that show how to call `executeBundle`, see [Managing FHIR resources using FHIR bundles](/healthcare/docs/how-tos/fhir-bundles).

+
Executes all the requests in the given Bundle. Implements the FHIR standard batch/transaction interaction ([DSTU2](https://hl7.org/implement/standards/fhir/DSTU2/http.html#transaction), [STU3](https://hl7.org/implement/standards/fhir/STU3/http.html#transaction), [R4](https://hl7.org/implement/standards/fhir/R4/http.html#transaction)). Supports all interactions within a bundle, except search. This method accepts Bundles of type `batch` and `transaction`, processing them according to the batch processing rules ([DSTU2](https://hl7.org/implement/standards/fhir/DSTU2/http.html#2.1.0.16.1), [STU3](https://hl7.org/implement/standards/fhir/STU3/http.html#2.21.0.17.1), [R4](https://hl7.org/implement/standards/fhir/R4/http.html#brules)) and transaction processing rules ([DSTU2](https://hl7.org/implement/standards/fhir/DSTU2/http.html#2.1.0.16.2), [STU3](https://hl7.org/implement/standards/fhir/STU3/http.html#2.21.0.17.2), [R4](https://hl7.org/implement/standards/fhir/R4/http.html#trules)). The request body must contain a JSON-encoded FHIR `Bundle` resource, and the request headers must contain `Content-Type: application/fhir+json`. For a batch bundle or a successful transaction, the response body contains a JSON-encoded representation of a `Bundle` resource of type `batch-response` or `transaction-response` containing one entry for each entry in the request, with the outcome of processing the entry. In the case of an error for a transaction bundle, the response body contains a JSON-encoded `OperationOutcome` resource describing the reason for the error. If the request cannot be mapped to a valid API method on a FHIR store, a generic GCP error might be returned instead. This method checks permissions for each request in the bundle. The `executeBundle` permission is required to call this method, but you must also grant sufficient permissions to execute the individual requests in the bundle. For example, if the bundle contains a request to create a FHIR resource, the caller must also have been granted the `healthcare.fhirResources.create` permission. You can use audit logs to view the permissions for `executeBundle` and each request in the bundle. For more information, see [Viewing Cloud Audit logs](https://cloud.google.com/healthcare-api/docs/how-tos/audit-logging). For samples that show how to call `executeBundle`, see [Managing FHIR resources using FHIR bundles](/healthcare/docs/how-tos/fhir-bundles).

 

   history(name, x__xgafv=None, x_at=None, x_count=None, x_page_token=None, x_since=None)

 
Lists all the versions of a resource (including the current version and deleted versions) from the FHIR store. Implements the per-resource form of the FHIR standard history interaction ([DSTU2](https://hl7.org/implement/standards/fhir/DSTU2/http.html#history), [STU3](https://hl7.org/implement/standards/fhir/STU3/http.html#history), [R4](https://hl7.org/implement/standards/fhir/R4/http.html#history)). On success, the response body contains a JSON-encoded representation of a `Bundle` resource of type `history`, containing the version history sorted from most recent to oldest versions. Errors generated by the FHIR store contain a JSON-encoded `OperationOutcome` resource describing the reason for the error. If the request cannot be mapped to a valid API method on a FHIR store, a generic GCP error might be returned instead. For samples that show how to call `history`, see [Listing FHIR resource versions](/healthcare/docs/how-tos/fhir-resources#listing_fhir_resource_versions).

@@ -504,7 +504,7 @@ 
Method Details

 
 

     executeBundle(parent, body=None, x__xgafv=None)
-  
Executes all the requests in the given Bundle. Implements the FHIR standard batch/transaction interaction ([DSTU2](https://hl7.org/implement/standards/fhir/DSTU2/http.html#transaction), [STU3](https://hl7.org/implement/standards/fhir/STU3/http.html#transaction), [R4](https://hl7.org/implement/standards/fhir/R4/http.html#transaction)). Supports all interactions within a bundle, except search. This method accepts Bundles of type `batch` and `transaction`, processing them according to the batch processing rules ([DSTU2](https://hl7.org/implement/standards/fhir/DSTU2/http.html#2.1.0.16.1), [STU3](https://hl7.org/implement/standards/fhir/STU3/http.html#2.21.0.17.1), [R4](https://hl7.org/implement/standards/fhir/R4/http.html#brules)) and transaction processing rules ([DSTU2](https://hl7.org/implement/standards/fhir/DSTU2/http.html#2.1.0.16.2), [STU3](https://hl7.org/implement/standards/fhir/STU3/http.html#2.21.0.17.2), [R4](https://hl7.org/implement/standards/fhir/R4/http.html#trules)). The request body must contain a JSON-encoded FHIR `Bundle` resource, and the request headers must contain `Content-Type: application/fhir+json`. For a batch bundle or a successful transaction the response body contains a JSON-encoded representation of a `Bundle` resource of type `batch-response` or `transaction-response` containing one entry for each entry in the request, with the outcome of processing the entry. In the case of an error for a transaction bundle, the response body contains a JSON-encoded `OperationOutcome` resource describing the reason for the error. If the request cannot be mapped to a valid API method on a FHIR store, a generic GCP error might be returned instead. This method requires permission for executing the requests in the bundle. The `executeBundle` permission grants permission to execute the request in the bundle but you must grant sufficient permissions to execute the individual requests in the bundle. For example, if the bundle contains a `create` request, you must have permission to execute the `create` request. Logging is available for the `executeBundle` permission. For samples that show how to call `executeBundle`, see [Managing FHIR resources using FHIR bundles](/healthcare/docs/how-tos/fhir-bundles).
+  
Executes all the requests in the given Bundle. Implements the FHIR standard batch/transaction interaction ([DSTU2](https://hl7.org/implement/standards/fhir/DSTU2/http.html#transaction), [STU3](https://hl7.org/implement/standards/fhir/STU3/http.html#transaction), [R4](https://hl7.org/implement/standards/fhir/R4/http.html#transaction)). Supports all interactions within a bundle, except search. This method accepts Bundles of type `batch` and `transaction`, processing them according to the batch processing rules ([DSTU2](https://hl7.org/implement/standards/fhir/DSTU2/http.html#2.1.0.16.1), [STU3](https://hl7.org/implement/standards/fhir/STU3/http.html#2.21.0.17.1), [R4](https://hl7.org/implement/standards/fhir/R4/http.html#brules)) and transaction processing rules ([DSTU2](https://hl7.org/implement/standards/fhir/DSTU2/http.html#2.1.0.16.2), [STU3](https://hl7.org/implement/standards/fhir/STU3/http.html#2.21.0.17.2), [R4](https://hl7.org/implement/standards/fhir/R4/http.html#trules)). The request body must contain a JSON-encoded FHIR `Bundle` resource, and the request headers must contain `Content-Type: application/fhir+json`. For a batch bundle or a successful transaction, the response body contains a JSON-encoded representation of a `Bundle` resource of type `batch-response` or `transaction-response` containing one entry for each entry in the request, with the outcome of processing the entry. In the case of an error for a transaction bundle, the response body contains a JSON-encoded `OperationOutcome` resource describing the reason for the error. If the request cannot be mapped to a valid API method on a FHIR store, a generic GCP error might be returned instead. This method checks permissions for each request in the bundle. The `executeBundle` permission is required to call this method, but you must also grant sufficient permissions to execute the individual requests in the bundle. For example, if the bundle contains a request to create a FHIR resource, the caller must also have been granted the `healthcare.fhirResources.create` permission. You can use audit logs to view the permissions for `executeBundle` and each request in the bundle. For more information, see [Viewing Cloud Audit logs](https://cloud.google.com/healthcare-api/docs/how-tos/audit-logging). For samples that show how to call `executeBundle`, see [Managing FHIR resources using FHIR bundles](/healthcare/docs/how-tos/fhir-bundles).
 
 Args:
   parent: string, Name of the FHIR store in which this bundle will be executed. (required)
diff --git a/docs/dyn/healthcare_v1beta1.projects.locations.datasets.fhirStores.html b/docs/dyn/healthcare_v1beta1.projects.locations.datasets.fhirStores.html
index 4263c00a8ce..04725bc603d 100644
--- a/docs/dyn/healthcare_v1beta1.projects.locations.datasets.fhirStores.html
+++ b/docs/dyn/healthcare_v1beta1.projects.locations.datasets.fhirStores.html
@@ -820,7 +820,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1348,7 +1348,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1390,7 +1390,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/healthcare_v1beta1.projects.locations.datasets.hl7V2Stores.html b/docs/dyn/healthcare_v1beta1.projects.locations.datasets.hl7V2Stores.html
index 73d0b68e287..f2469f3a144 100644
--- a/docs/dyn/healthcare_v1beta1.projects.locations.datasets.hl7V2Stores.html
+++ b/docs/dyn/healthcare_v1beta1.projects.locations.datasets.hl7V2Stores.html
@@ -501,7 +501,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -887,7 +887,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -929,7 +929,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/healthcare_v1beta1.projects.locations.datasets.html b/docs/dyn/healthcare_v1beta1.projects.locations.datasets.html
index 92c00d94dbf..ea360768698 100644
--- a/docs/dyn/healthcare_v1beta1.projects.locations.datasets.html
+++ b/docs/dyn/healthcare_v1beta1.projects.locations.datasets.html
@@ -374,7 +374,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -487,7 +487,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -529,7 +529,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/identitytoolkit_v1.accounts.html b/docs/dyn/identitytoolkit_v1.accounts.html
new file mode 100644
index 00000000000..26402ad0d3b
--- /dev/null
+++ b/docs/dyn/identitytoolkit_v1.accounts.html
@@ -0,0 +1,931 @@
+
+
+
+
Identity Toolkit API . accounts

+
Instance Methods

+

+  close()

+
Close httplib2 connections.

+

+  createAuthUri(body=None, x__xgafv=None)

+
If an email identifier is specified, checks and returns if any user account is registered with the email. If there is a registered account, fetches all providers associated with the account's email. If the provider ID of an Identity Provider (IdP) is specified, creates an authorization URI for the IdP. The user can be directed to this URI to sign in with the IdP. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.

+

+  delete(body=None, x__xgafv=None)

+
Deletes a user's account.

+

+  issueSamlResponse(body=None, x__xgafv=None)

+
Experimental

+

+  lookup(body=None, x__xgafv=None)

+
Gets account information for all matched accounts. For an end user request, retrieves the account of the end user. For an admin request with Google OAuth 2.0 credential, retrieves one or multiple account(s) with matching criteria.

+

+  resetPassword(body=None, x__xgafv=None)

+
Resets the password of an account either using an out-of-band code generated by sendOobCode or by specifying the email and password of the account to be modified. Can also check the purpose of an out-of-band code without consuming it.

+

+  sendOobCode(body=None, x__xgafv=None)

+
Sends an out-of-band confirmation code for an account. Requests from a authenticated request can optionally return a link including the OOB code instead of sending it.

+

+  sendVerificationCode(body=None, x__xgafv=None)

+
Sends a SMS verification code for phone number sign-in. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.

+

+  signInWithCustomToken(body=None, x__xgafv=None)

+
Signs in or signs up a user by exchanging a custom Auth token. Upon a successful sign-in or sign-up, a new Identity Platform ID token and refresh token are issued for the user. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.

+

+  signInWithEmailLink(body=None, x__xgafv=None)

+
Signs in or signs up a user with a out-of-band code from an email link. If a user does not exist with the given email address, a user record will be created. If the sign-in succeeds, an Identity Platform ID and refresh token are issued for the authenticated user. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.

+

+  signInWithGameCenter(body=None, x__xgafv=None)

+
Signs in or signs up a user with iOS Game Center credentials. If the sign-in succeeds, a new Identity Platform ID token and refresh token are issued for the authenticated user. The bundle ID is required in the request header as `x-ios-bundle-identifier`. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.

+

+  signInWithIdp(body=None, x__xgafv=None)

+
Signs in or signs up a user using credentials from an Identity Provider (IdP). This is done by manually providing an IdP credential, or by providing the authorization response obtained via the authorization request from CreateAuthUri. If the sign-in succeeds, a new Identity Platform ID token and refresh token are issued for the authenticated user. A new Identity Platform user account will be created if the user has not previously signed in to the IdP with the same account. In addition, when the "One account per email address" setting is enabled, there should not be an existing Identity Platform user account with the same email address for a new user account to be created. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.

+

+  signInWithPassword(body=None, x__xgafv=None)

+
Signs in a user with email and password. If the sign-in succeeds, a new Identity Platform ID token and refresh token are issued for the authenticated user. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.

+

+  signInWithPhoneNumber(body=None, x__xgafv=None)

+
Completes a phone number authentication attempt. If a user already exists with the given phone number, an ID token is minted for that user. Otherwise, a new user is created and associated with the phone number. This method may also be used to link a phone number to an existing user. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.

+

+  signUp(body=None, x__xgafv=None)

+
Signs up a new email and password user or anonymous user, or upgrades an anonymous user to email and password. For an admin request with a Google OAuth 2.0 credential with the proper [permissions](https://cloud.google.com/identity-platform/docs/access-control), creates a new anonymous, email and password, or phone number user. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.

+

+  update(body=None, x__xgafv=None)

+
Updates account-related information for the specified user by setting specific fields or applying action codes. Requests from administrators and end users are supported.

+

+  verifyIosClient(body=None, x__xgafv=None)

+
Verifies an iOS client is a real iOS device. If the request is valid, a reciept will be sent in the response and a secret will be sent via Apple Push Notification Service. The client should send both of them back to certain Identity Platform APIs in a later call (for example, /accounts:sendVerificationCode), in order to verify the client. The bundle ID is required in the request header as `x-ios-bundle-identifier`. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.

+
Method Details

+

+    close()
+  
Close httplib2 connections.

+

+
+

+    createAuthUri(body=None, x__xgafv=None)
+  
If an email identifier is specified, checks and returns if any user account is registered with the email. If there is a registered account, fetches all providers associated with the account's email. If the provider ID of an Identity Provider (IdP) is specified, creates an authorization URI for the IdP. The user can be directed to this URI to sign in with the IdP. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.
+
+Args:
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for CreateAuthUri.
+  "appId": "A String",
+  "authFlowType": "A String", # Used for the Google provider. The type of the authentication flow to be used. If present, this should be `CODE_FLOW` to specify the authorization code flow. Otherwise, the default ID Token flow will be used.
+  "context": "A String", # An opaque string used to maintain contextual information between the authentication request and the callback from the IdP.
+  "continueUri": "A String", # A valid URL for the IdP to redirect the user back to. The URL cannot contain fragments or the reserved `state` query parameter.
+  "customParameter": { # Additional customized query parameters to be added to the authorization URI. The following parameters are reserved and cannot be added: `client_id`, `response_type`, `scope`, `redirect_uri`, `state`. For the Microsoft provider, the Azure AD tenant to sign-in to can be specified in the `tenant` custom parameter.
+    "a_key": "A String",
+  },
+  "hostedDomain": "A String", # Used for the Google provider. The G Suite hosted domain of the user in order to restrict sign-in to users at that domain.
+  "identifier": "A String", # The email identifier of the user account to fetch associated providers for. At least one of the fields `identifier` and `provider_id` must be set. The length of the email address should be less than 256 characters and in the format of `name@domain.tld`. The email address should also match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec production.
+  "oauthConsumerKey": "A String",
+  "oauthScope": "A String", # Additional space-delimited OAuth 2.0 scopes specifying the scope of the authentication request with the IdP. Used for OAuth 2.0 IdPs. For the Google provider, the authorization code flow will be used if this field is set.
+  "openidRealm": "A String",
+  "otaApp": "A String",
+  "providerId": "A String", # The provider ID of the IdP for the user to sign in with. This should be a provider ID enabled for sign-in, which is either from the list of [default supported IdPs](https://cloud.google.com/identity-platform/docs/reference/rest/v2/defaultSupportedIdps/list), or of the format `oidc.*` or `saml.*`. Some examples are `google.com`, `facebook.com`, `oidc.testapp`, and `saml.testapp`. At least one of the fields `identifier` and `provider_id` must be set.
+  "sessionId": "A String", # A session ID that can be verified against in SignInWithIdp to prevent session fixation attacks. If absent, a random string will be generated and returned as the session ID.
+  "tenantId": "A String", # The ID of the Identity Platform tenant to create an authorization URI or lookup an email identifier for. If not set, the operation will be performed in the default Identity Platform instance in the project.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for CreateAuthUri.
+  "allProviders": [
+    "A String",
+  ],
+  "authUri": "A String", # The authorization URI for the requested provider. Present only when a provider ID is set in the request.
+  "captchaRequired": True or False, # Whether a CAPTCHA is needed because there have been too many failed login attempts by the user. Present only when a registered email identifier is set in the request.
+  "forExistingProvider": True or False, # Whether the user has previously signed in with the provider ID in the request. Present only when a registered email identifier is set in the request.
+  "kind": "A String",
+  "providerId": "A String", # The provider ID from the request, if provided.
+  "registered": True or False, # Whether the email identifier represents an existing account. Present only when an email identifier is set in the request.
+  "sessionId": "A String", # The session ID from the request, or a random string generated by CreateAuthUri if absent. It is used to prevent session fixation attacks.
+  "signinMethods": [ # The list of sign-in methods that the user has previously used. Each element is one of `password`, `emailLink`, or the provider ID of an IdP. Present only when a registered email identifier is set in the request.
+    "A String",
+  ],
+}

+

+
+

+    delete(body=None, x__xgafv=None)
+  
Deletes a user's account.
+
+Args:
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for DeleteAccount.
+  "delegatedProjectNumber": "A String",
+  "idToken": "A String", # The Identity Platform ID token of the account to delete. Require to be specified for requests from end users that lack Google OAuth 2.0 credential. Authenticated requests bearing a Google OAuth2 credential with proper permissions may pass local_id to specify the account to delete alternatively.
+  "localId": "A String", # The ID of user account to delete. Specifying this field requires a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control). Requests from users lacking the credential should pass an ID token instead.
+  "targetProjectId": "A String", # The ID of the project which the account belongs to. Should only be specified in authenticated requests that specify local_id of an account.
+  "tenantId": "A String", # The ID of the tenant that the account belongs to, if applicable. Only require to be specified for authenticated requests bearing a Google OAuth 2.0 credential that specify local_id of an account that belongs to an Identity Platform tenant.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for DeleteAccount.
+  "kind": "A String",
+}

+

+
+

+    issueSamlResponse(body=None, x__xgafv=None)
+  
Experimental
+
+Args:
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for IssueSamlResponse.
+  "idToken": "A String", # The Identity Platform ID token. It will be verified and then converted to a new SAMLResponse.
+  "rpId": "A String", # Relying Party identifier, which is the audience of issued SAMLResponse.
+  "samlAppEntityId": "A String", # SAML app entity id specified in Google Admin Console for each app. If developers want to redirect to a third-party app rather than a G Suite app, they'll probably they need this. When it's used, we'll return a RelayState. This includes a SAMLRequest, which can be used to trigger a SP-initiated SAML flow to redirect to the real app.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response for IssueSamlResponse request.
+  "acsEndpoint": "A String", # The ACS endpoint which consumes the returned SAMLResponse.
+  "email": "A String", # Email of the user.
+  "firstName": "A String", # First name of the user.
+  "isNewUser": True or False, # Whether the logged in user was created by this request.
+  "lastName": "A String", # Last name of the user.
+  "relayState": "A String", # Generated RelayState.
+  "samlResponse": "A String", # Signed SAMLResponse created for the Relying Party.
+}

+

+
+

+    lookup(body=None, x__xgafv=None)
+  
Gets account information for all matched accounts. For an end user request, retrieves the account of the end user. For an admin request with Google OAuth 2.0 credential, retrieves one or multiple account(s) with matching criteria.
+
+Args:
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for GetAccountInfo.
+  "delegatedProjectNumber": "A String",
+  "email": [ # The email address of one or more accounts to fetch. The length of email should be less than 256 characters and in the format of `name@domain.tld`. The email should also match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec production. Should only be specified by authenticated requests from a developer.
+    "A String",
+  ],
+  "federatedUserId": [ # The federated user identifier of one or more accounts to fetch. Should only be specified by authenticated requests bearing a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).
+    { # Federated user identifier at an Identity Provider.
+      "providerId": "A String", # The ID of supported identity providers. This should be a provider ID enabled for sign-in, which is either from the list of [default supported IdPs](https://cloud.google.com/identity-platform/docs/reference/rest/v2/defaultSupportedIdps/list), or of the format `oidc.*` or `saml.*`. Some examples are `google.com`, `facebook.com`, `oidc.testapp`, and `saml.testapp`.
+      "rawId": "A String", # The user ID of the account at the third-party Identity Provider specified by `provider_id`.
+    },
+  ],
+  "idToken": "A String", # The Identity Platform ID token of the account to fetch. Require to be specified for requests from end users.
+  "initialEmail": [ # The initial email of one or more accounts to fetch. The length of email should be less than 256 characters and in the format of `name@domain.tld`. The email should also match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec production. Should only be specified by authenticated requests from a developer.
+    "A String",
+  ],
+  "localId": [ # The ID of one or more accounts to fetch. Should only be specified by authenticated requests bearing a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).
+    "A String",
+  ],
+  "phoneNumber": [ # The phone number of one or more accounts to fetch. Should only be specified by authenticated requests from a developer and should be in E.164 format, for example, +15555555555.
+    "A String",
+  ],
+  "targetProjectId": "A String", # The ID of the Google Cloud project that the account or the Identity Platform tenant specified by `tenant_id` belongs to. Should only be specified by authenticated requests bearing a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).
+  "tenantId": "A String", # The ID of the tenant that the account belongs to. Should only be specified by authenticated requests from a developer.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for GetAccountInfo.
+  "kind": "A String",
+  "users": [ # The information of specific user account(s) matching the parameters in the request.
+    { # An Identity Platform account's information.
+      "createdAt": "A String", # The time, in milliseconds from epoch, when the account was created.
+      "customAttributes": "A String", # Custom claims to be added to any ID tokens minted for the account. Should be at most 1,000 characters in length and in valid JSON format.
+      "customAuth": True or False, # Output only. Whether this account has been authenticated using SignInWithCustomToken.
+      "dateOfBirth": "A String", # Output only. The date of birth set for the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "disabled": True or False, # Whether the account is disabled. Disabled accounts are inaccessible except for requests bearing a Google OAuth2 credential with proper permissions.
+      "displayName": "A String", # The display name of the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "email": "A String", # The account's email address. The length of the email should be less than 256 characters and in the format of `name@domain.tld`. The email should also match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec.
+      "emailLinkSignin": True or False, # Output only. Whether the account can authenticate with email link.
+      "emailVerified": True or False, # Whether the account's email address has been verified.
+      "initialEmail": "A String", # The first email address associated with this account. The account's initial email cannot be changed once set and is used to recover access to this account if lost via the RECOVER_EMAIL flow in GetOobCode. Should match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec.
+      "language": "A String", # Output only. The language preference of the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "lastLoginAt": "A String", # The last time, in milliseconds from epoch, this account was logged into.
+      "lastRefreshAt": "A String", # Timestamp when an ID token was last minted for this account.
+      "localId": "A String", # Immutable. The unique ID of the account.
+      "mfaInfo": [ # Information on which multi-factor authentication providers are enabled for this account.
+        { # Information on which multi-factor authentication (MFA) providers are enabled for an account.
+          "displayName": "A String", # Display name for this mfa option e.g. "corp cell phone".
+          "enrolledAt": "A String", # Timestamp when the account enrolled this second factor.
+          "mfaEnrollmentId": "A String", # ID of this MFA option.
+          "phoneInfo": "A String", # Normally this will show the phone number associated with this enrollment. In some situations, such as after a first factor sign in, it will only show the obfuscated version of the associated phone number.
+          "unobfuscatedPhoneInfo": "A String", # Output only. Unobfuscated phone_info.
+        },
+      ],
+      "passwordHash": "A String", # The account's hashed password. Only accessible by requests bearing a Google OAuth2 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).
+      "passwordUpdatedAt": 3.14, # The timestamp, in milliseconds from the epoch of 1970-01-01T00:00:00Z, when the account's password was last updated.
+      "phoneNumber": "A String", # The account's phone number.
+      "photoUrl": "A String", # The URL of the account's profile photo. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "providerUserInfo": [ # Information about the user as provided by various Identity Providers.
+        { # Information about the user as provided by various Identity Providers.
+          "displayName": "A String", # The user's display name at the Identity Provider.
+          "email": "A String", # The user's email address at the Identity Provider.
+          "federatedId": "A String", # The user's identifier at the Identity Provider.
+          "phoneNumber": "A String", # The user's phone number at the Identity Provider.
+          "photoUrl": "A String", # The user's profile photo URL at the Identity Provider.
+          "providerId": "A String", # The ID of the Identity Provider.
+          "rawId": "A String", # The user's raw identifier directly returned from Identity Provider.
+          "screenName": "A String", # The user's screen_name at Twitter or login name at GitHub.
+        },
+      ],
+      "rawPassword": "A String", # Input only. Plain text password used to update a account's password. This field is only ever used as input in a request. Identity Platform uses cryptographically secure hashing when managing passwords and will never store or transmit a user's password in plain text.
+      "salt": "A String", # The account's password salt. Only accessible by requests bearing a Google OAuth2 credential with proper permissions.
+      "screenName": "A String", # Output only. This account's screen name at Twitter or login name at GitHub.
+      "tenantId": "A String", # ID of the tenant this account belongs to. Only set if this account belongs to a tenant.
+      "timeZone": "A String", # Output only. The time zone preference of the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "validSince": "A String", # Oldest timestamp, in seconds since epoch, that an ID token should be considered valid. All ID tokens issued before this time are considered invalid.
+      "version": 42, # The version of the account's password. Only accessible by requests bearing a Google OAuth2 credential with proper permissions.
+    },
+  ],
+}

+

+
+

+    resetPassword(body=None, x__xgafv=None)
+  
Resets the password of an account either using an out-of-band code generated by sendOobCode or by specifying the email and password of the account to be modified. Can also check the purpose of an out-of-band code without consuming it.
+
+Args:
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for ResetPassword.
+  "email": "A String", # The email of the account to be modified. Specify this and the old password in order to change an account's password without using an out-of-band code.
+  "newPassword": "A String", # The new password to be set for this account. Specifying this field will result in a change to the account and consume the out-of-band code if one was specified and it was of type PASSWORD_RESET.
+  "oldPassword": "A String", # The current password of the account to be modified. Specify this and email to change an account's password without using an out-of-band code.
+  "oobCode": "A String", # An out-of-band (OOB) code generated by GetOobCode request. Specify only this parameter (or only this parameter and a tenant ID) to get the out-of-band code's type in the response without mutating the account's state. Only a PASSWORD_RESET out-of-band code can be consumed via this method.
+  "tenantId": "A String", # The tenant ID of the Identity Platform tenant the account belongs to.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for ResetPassword.
+  "email": "A String", # The email associated with the out-of-band code that was used.
+  "kind": "A String",
+  "mfaInfo": { # Information on which multi-factor authentication (MFA) providers are enabled for an account.
+    "displayName": "A String", # Display name for this mfa option e.g. "corp cell phone".
+    "enrolledAt": "A String", # Timestamp when the account enrolled this second factor.
+    "mfaEnrollmentId": "A String", # ID of this MFA option.
+    "phoneInfo": "A String", # Normally this will show the phone number associated with this enrollment. In some situations, such as after a first factor sign in, it will only show the obfuscated version of the associated phone number.
+    "unobfuscatedPhoneInfo": "A String", # Output only. Unobfuscated phone_info.
+  },
+  "newEmail": "A String",
+  "requestType": "A String",
+}

+

+
+

+    sendOobCode(body=None, x__xgafv=None)
+  
Sends an out-of-band confirmation code for an account. Requests from a authenticated request can optionally return a link including the OOB code instead of sending it.
+
+Args:
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for GetOobCode.
+  "androidInstallApp": True or False, # If an associated android app can handle the OOB code, whether or not to install the android app on the device where the link is opened if the app is not already installed.
+  "androidMinimumVersion": "A String", # If an associated android app can handle the OOB code, the minimum version of the app. If the version on the device is lower than this version then the user is taken to Google Play Store to upgrade the app.
+  "androidPackageName": "A String", # If an associated android app can handle the OOB code, the Android package name of the android app that will handle the callback when this OOB code is used. This will allow the correct app to open if it is already installed, or allow Google Play Store to open to the correct app if it is not yet installed.
+  "canHandleCodeInApp": True or False, # When set to true, the OOB code link will be be sent as a Universal Link or an Android App Link and will be opened by the corresponding app if installed. If not set, or set to false, the OOB code will be sent to the web widget first and then on continue will redirect to the app if installed.
+  "captchaResp": "A String", # For a PASSWORD_RESET request, a reCaptcha response is required when the system detects possible abuse activity. In those cases, this is the response from the reCaptcha challenge used to verify the caller.
+  "challenge": "A String",
+  "continueUrl": "A String", # The Url to continue after user clicks the link sent in email. This is the url that will allow the web widget to handle the OOB code.
+  "dynamicLinkDomain": "A String", # In order to ensure that the url used can be easily opened up in iOS or android, we create a [Firebase Dynamic Link](https://firebase.google.com/docs/dynamic-links). Most Identity Platform projects will only have one Dynamic Link domain enabled, and can leave this field blank. This field contains a specified Dynamic Link domain for projects that have multiple enabled.
+  "email": "A String", # The account's email address to send the OOB code to, and generally the email address of the account that needs to be updated. Required for PASSWORD_RESET, EMAIL_SIGNIN, and VERIFY_EMAIL. Only required for VERIFY_AND_CHANGE_EMAIL requests when return_oob_link is set to true. In this case, it is the original email of the user.
+  "iOSAppStoreId": "A String", # If an associated iOS app can handle the OOB code, the App Store id of this app. This will allow App Store to open to the correct app if the app is not yet installed.
+  "iOSBundleId": "A String", # If an associated iOS app can handle the OOB code, the iOS bundle id of this app. This will allow the correct app to open if it is already installed.
+  "idToken": "A String", # An ID token for the account. It is required for VERIFY_AND_CHANGE_EMAIL and VERIFY_EMAIL requests unless return_oob_link is set to true.
+  "newEmail": "A String", # The email address the account is being updated to. Required only for VERIFY_AND_CHANGE_EMAIL requests.
+  "requestType": "A String", # Required. The type of out-of-band (OOB) code to send. Depending on this value, other fields in this request will be required and/or have different meanings. There are 4 different OOB codes that can be sent: * PASSWORD_RESET * EMAIL_SIGNIN * VERIFY_EMAIL * VERIFY_AND_CHANGE_EMAIL
+  "returnOobLink": True or False, # Whether the confirmation link containing the OOB code should be returned in the response (no email is sent). Used when a developer wants to construct the email template and send it on their own. By default this is false; to specify this field, and to set it to true, it requires a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control)
+  "targetProjectId": "A String", # The Project ID of the Identity Platform project which the account belongs to. To specify this field, it requires a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).
+  "tenantId": "A String", # The tenant ID of the Identity Platform tenant the account belongs to.
+  "userIp": "A String", # The IP address of the caller. Required only for PASSWORD_RESET requests.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for GetOobCode.
+  "email": "A String", # If return_oob_link is false in the request, the email address the verification was sent to.
+  "kind": "A String",
+  "oobCode": "A String", # If return_oob_link is true in the request, the OOB code to send.
+  "oobLink": "A String", # If return_oob_link is true in the request, the OOB link to be sent to the user. This returns the constructed link including [Firebase Dynamic Link](https://firebase.google.com/docs/dynamic-links) related parameters.
+}

+

+
+

+    sendVerificationCode(body=None, x__xgafv=None)
+  
Sends a SMS verification code for phone number sign-in. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.
+
+Args:
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for SendVerificationCode. At least one of (`ios_receipt` and `ios_secret`), `recaptcha_token`, or `safety_net_token` must be specified to verify the verification code is being sent on behalf of a real app and not an emulator.
+  "autoRetrievalInfo": { # The information required to auto-retrieve an SMS. # Android only. Used by Google Play Services to identify the app for auto-retrieval.
+    "appSignatureHash": "A String", # The Android app's signature hash for Google Play Service's SMS Retriever API.
+  },
+  "iosReceipt": "A String", # Receipt of successful iOS app token validation. At least one of (`ios_receipt` and `ios_secret`), `recaptcha_token`, or `safety_net_token` must be specified to verify the verification code is being sent on behalf of a real app and not an emulator. This should come from the response of verifyIosClient. If present, the caller should also provide the `ios_secret`, as well as a bundle ID in the `x-ios-bundle-identifier` header, which must match the bundle ID from the verifyIosClient request.
+  "iosSecret": "A String", # Secret delivered to iOS app as a push notification. Should be passed with an `ios_receipt` as well as the `x-ios-bundle-identifier` header.
+  "phoneNumber": "A String", # The phone number to send the verification code to in E.164 format.
+  "recaptchaToken": "A String", # Recaptcha token for app verification. At least one of (`ios_receipt` and `ios_secret`), `recaptcha_token`, or `safety_net_token` must be specified to verify the verification code is being sent on behalf of a real app and not an emulator. The recaptcha should be generated by calling getRecaptchaParams and the recaptcha token will be generated on user completion of the recaptcha challenge.
+  "safetyNetToken": "A String", # Android only. Used to assert application identity in place of a recaptcha token. At least one of (`ios_receipt` and `ios_secret`), `recaptcha_token`, or `safety_net_token` must be specified to verify the verification code is being sent on behalf of a real app and not an emulator. A SafetyNet Token can be generated via the [SafetyNet Android Attestation API](https://developer.android.com/training/safetynet/attestation.html), with the Base64 encoding of the `phone_number` field as the nonce.
+  "tenantId": "A String", # Tenant ID of the Identity Platform tenant the user is signing in to.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for SendVerificationCode.
+  "sessionInfo": "A String", # Encrypted session information. This can be used in signInWithPhoneNumber to authenticate the phone number.
+}

+

+
+

+    signInWithCustomToken(body=None, x__xgafv=None)
+  
Signs in or signs up a user by exchanging a custom Auth token. Upon a successful sign-in or sign-up, a new Identity Platform ID token and refresh token are issued for the user. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.
+
+Args:
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for SignInWithCustomToken.
+  "delegatedProjectNumber": "A String",
+  "instanceId": "A String",
+  "returnSecureToken": True or False, # Should always be true.
+  "tenantId": "A String", # The ID of the Identity Platform tenant the user is signing in to. If present, the ID should match the tenant_id in the token.
+  "token": "A String", # Required. The custom Auth token asserted by the developer. The token should be a [JSON Web Token (JWT)](https://tools.ietf.org/html/rfc7519) that includes the claims listed in the [API reference](https://cloud.google.com/identity-platform/docs/reference/rest/client/) under the "Custom Token Claims" section.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for SignInWithCustomToken.
+  "expiresIn": "A String", # The number of seconds until the ID token expires.
+  "idToken": "A String", # An Identity Platform ID token for the authenticated user.
+  "isNewUser": True or False, # Whether the authenticated user was created by this request.
+  "kind": "A String",
+  "refreshToken": "A String", # An Identity Platform refresh token for the authenticated user.
+}

+

+
+

+    signInWithEmailLink(body=None, x__xgafv=None)
+  
Signs in or signs up a user with a out-of-band code from an email link. If a user does not exist with the given email address, a user record will be created. If the sign-in succeeds, an Identity Platform ID and refresh token are issued for the authenticated user. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.
+
+Args:
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for SignInWithEmailLink
+  "email": "A String", # Required. The email address the sign-in link was sent to. The length of email should be less than 256 characters and in the format of `name@domain.tld`. The email should also match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec production.
+  "idToken": "A String", # A valid ID token for an Identity Platform account. If passed, this request will link the email address to the user represented by this ID token and enable sign-in with email link on the account for the future.
+  "oobCode": "A String", # Required. The out-of-band code from the email link.
+  "tenantId": "A String", # The ID of the Identity Platform tenant the user is signing in to. If not set, the user will sign in to the default Identity Platform project.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for SignInWithEmailLink.
+  "email": "A String", # The email the user signed in with. Always present in the response.
+  "expiresIn": "A String", # The number of seconds until the ID token expires.
+  "idToken": "A String", # An Identity Platform ID token for the authenticated user.
+  "isNewUser": True or False, # Whether the authenticated user was created by this request.
+  "kind": "A String",
+  "localId": "A String", # The ID of the authenticated user. Always present in the response.
+  "mfaInfo": [ # Info on which multi-factor authentication providers are enabled. Present if the user needs to complete the sign-in using multi-factor authentication.
+    { # Information on which multi-factor authentication (MFA) providers are enabled for an account.
+      "displayName": "A String", # Display name for this mfa option e.g. "corp cell phone".
+      "enrolledAt": "A String", # Timestamp when the account enrolled this second factor.
+      "mfaEnrollmentId": "A String", # ID of this MFA option.
+      "phoneInfo": "A String", # Normally this will show the phone number associated with this enrollment. In some situations, such as after a first factor sign in, it will only show the obfuscated version of the associated phone number.
+      "unobfuscatedPhoneInfo": "A String", # Output only. Unobfuscated phone_info.
+    },
+  ],
+  "mfaPendingCredential": "A String", # An opaque string that functions as proof that the user has successfully passed the first factor check.
+  "refreshToken": "A String", # Refresh token for the authenticated user.
+}

+

+
+

+    signInWithGameCenter(body=None, x__xgafv=None)
+  
Signs in or signs up a user with iOS Game Center credentials. If the sign-in succeeds, a new Identity Platform ID token and refresh token are issued for the authenticated user. The bundle ID is required in the request header as `x-ios-bundle-identifier`. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.
+
+Args:
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for SignInWithGameCenter
+  "displayName": "A String", # The user's Game Center display name.
+  "idToken": "A String", # A valid ID token for an Identity Platform account. If present, this request will link the Game Center player ID to the account represented by this ID token.
+  "playerId": "A String", # Required. The user's Game Center player ID.
+  "publicKeyUrl": "A String", # Required. The URL to fetch the Apple public key in order to verify the given signature is signed by Apple.
+  "salt": "A String", # Required. A random string used to generate the given signature.
+  "signature": "A String", # Required. The verification signature data generated by Apple.
+  "tenantId": "A String", # The ID of the Identity Platform tenant the user is signing in to.
+  "timestamp": "A String", # Required. The time when the signature was created by Apple, in milliseconds since the epoch.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for SignInWithGameCenter
+  "displayName": "A String", # Display name of the authenticated user.
+  "expiresIn": "A String", # The number of seconds until the ID token expires.
+  "idToken": "A String", # An Identity Platform ID token for the authenticated user.
+  "isNewUser": True or False, # Whether the logged in user was created by this request.
+  "localId": "A String", # The ID of the authenticated user. Always present in the response.
+  "playerId": "A String", # The user's Game Center player ID.
+  "refreshToken": "A String", # An Identity Platform refresh token for the authenticated user.
+}

+

+
+

+    signInWithIdp(body=None, x__xgafv=None)
+  
Signs in or signs up a user using credentials from an Identity Provider (IdP). This is done by manually providing an IdP credential, or by providing the authorization response obtained via the authorization request from CreateAuthUri. If the sign-in succeeds, a new Identity Platform ID token and refresh token are issued for the authenticated user. A new Identity Platform user account will be created if the user has not previously signed in to the IdP with the same account. In addition, when the "One account per email address" setting is enabled, there should not be an existing Identity Platform user account with the same email address for a new user account to be created. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.
+
+Args:
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for SignInWithIdp.
+  "autoCreate": True or False,
+  "delegatedProjectNumber": "A String",
+  "idToken": "A String", # A valid Identity Platform ID token. If passed, the user's account at the IdP will be linked to the account represented by this ID token.
+  "pendingIdToken": "A String",
+  "pendingToken": "A String", # An opaque string from a previous SignInWithIdp response. If set, it can be used to repeat the sign-in operation from the previous SignInWithIdp operation.
+  "postBody": "A String", # If the user is signing in with an authorization response obtained via a previous CreateAuthUri authorization request, this is the body of the HTTP POST callback from the IdP, if present. Otherwise, if the user is signing in with a manually provided IdP credential, this should be a URL-encoded form that contains the credential (e.g. an ID token or access token for OAuth 2.0 IdPs) and the provider ID of the IdP that issued the credential. For example, if the user is signing in to the Google provider using a Google ID token, this should be set to `id_token=[GOOGLE_ID_TOKEN]&providerId=google.com`, where `[GOOGLE_ID_TOKEN]` should be replaced with the Google ID token. If the user is signing in to the Facebook provider using a Facebook authentication token, this should be set to `id_token=[FACEBOOK_AUTHENTICATION_TOKEN]&providerId=facebook.com&nonce= [NONCE]`, where `[FACEBOOK_AUTHENTICATION_TOKEN]` should be replaced with the Facebook authentication token. Nonce is required for validating the token. The request will fail if no nonce is provided. If the user is signing in to the Facebook provider using a Facebook access token, this should be set to `access_token=[FACEBOOK_ACCESS_TOKEN]&providerId=facebook.com`, where `[FACEBOOK_ACCESS_TOKEN]` should be replaced with the Facebook access token. If the user is signing in to the Twitter provider using a Twitter OAuth 1.0 credential, this should be set to `access_token=[TWITTER_ACCESS_TOKEN]&oauth_token_secret=[TWITTER_TOKEN_SECRET]&providerId=twitter.com`, where `[TWITTER_ACCESS_TOKEN]` and `[TWITTER_TOKEN_SECRET]` should be replaced with the Twitter OAuth access token and Twitter OAuth token secret respectively.
+  "requestUri": "A String", # Required. The URL to which the IdP redirects the user back. This can be set to `http://localhost` if the user is signing in with a manually provided IdP credential.
+  "returnIdpCredential": True or False, # Whether or not to return OAuth credentials from the IdP on the following errors: `FEDERATED_USER_ID_ALREADY_LINKED` and `EMAIL_EXISTS`.
+  "returnRefreshToken": True or False, # Whether or not to return the OAuth refresh token from the IdP, if available.
+  "returnSecureToken": True or False, # Should always be true.
+  "sessionId": "A String", # The session ID returned from a previous CreateAuthUri call. This field is verified against that session ID to prevent session fixation attacks. Required if the user is signing in with an authorization response from a previous CreateAuthUri authorization request.
+  "tenantId": "A String", # The ID of the Identity Platform tenant the user is signing in to. If not set, the user will sign in to the default Identity Platform project.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for SignInWithIdp.
+  "context": "A String", # The opaque string set in CreateAuthUri that is used to maintain contextual information between the authentication request and the callback from the IdP.
+  "dateOfBirth": "A String", # The date of birth for the user's account at the IdP.
+  "displayName": "A String", # The display name for the user's account at the IdP.
+  "email": "A String", # The email address of the user's account at the IdP.
+  "emailRecycled": True or False, # Whether or not there is an existing Identity Platform user account with the same email address but linked to a different account at the same IdP. Only present if the "One account per email address" setting is enabled and the email address at the IdP is verified.
+  "emailVerified": True or False, # Whether the user account's email address is verified.
+  "errorMessage": "A String", # The error message returned if `return_idp_credential` is set to `true` and either the `FEDERATED_USER_ID_ALREADY_LINKED` or `EMAIL_EXISTS` error is encountered. This field's value is either `FEDERATED_USER_ID_ALREADY_LINKED` or `EMAIL_EXISTS`.
+  "expiresIn": "A String", # The number of seconds until the Identity Platform ID token expires.
+  "federatedId": "A String", # The user's account ID at the IdP. Always present in the response.
+  "firstName": "A String", # The first name for the user's account at the IdP.
+  "fullName": "A String", # The full name for the user's account at the IdP.
+  "idToken": "A String", # An Identity Platform ID token for the authenticated user.
+  "inputEmail": "A String",
+  "isNewUser": True or False, # Whether or not a new Identity Platform account was created for the authenticated user.
+  "kind": "A String",
+  "language": "A String", # The language preference for the user's account at the IdP.
+  "lastName": "A String", # The last name for the user's account at the IdP.
+  "localId": "A String", # The ID of the authenticated Identity Platform user. Always present in the response.
+  "mfaInfo": [ # Info on which multi-factor authentication providers are enabled for the account. Present if the user needs to complete the sign-in using multi-factor authentication.
+    { # Information on which multi-factor authentication (MFA) providers are enabled for an account.
+      "displayName": "A String", # Display name for this mfa option e.g. "corp cell phone".
+      "enrolledAt": "A String", # Timestamp when the account enrolled this second factor.
+      "mfaEnrollmentId": "A String", # ID of this MFA option.
+      "phoneInfo": "A String", # Normally this will show the phone number associated with this enrollment. In some situations, such as after a first factor sign in, it will only show the obfuscated version of the associated phone number.
+      "unobfuscatedPhoneInfo": "A String", # Output only. Unobfuscated phone_info.
+    },
+  ],
+  "mfaPendingCredential": "A String", # An opaque string that functions as proof that the user has successfully passed the first factor authentication.
+  "needConfirmation": True or False, # Whether or not there is an existing Identity Platform user account with the same email address as the current account signed in at the IdP, and the account's email addresss is not verified at the IdP. The user will need to sign in to the existing Identity Platform account and then link the current credential from the IdP to it. Only present if the "One account per email address" setting is enabled.
+  "needEmail": True or False,
+  "nickName": "A String", # The nickname for the user's account at the IdP.
+  "oauthAccessToken": "A String", # The OAuth access token from the IdP, if available.
+  "oauthAuthorizationCode": "A String", # The OAuth 2.0 authorization code, if available. Only present for the Google provider.
+  "oauthExpireIn": 42, # The number of seconds until the OAuth access token from the IdP expires.
+  "oauthIdToken": "A String", # The OpenID Connect ID token from the IdP, if available.
+  "oauthRefreshToken": "A String", # The OAuth 2.0 refresh token from the IdP, if available and `return_refresh_token` is set to `true`.
+  "oauthTokenSecret": "A String", # The OAuth 1.0 token secret from the IdP, if available. Only present for the Twitter provider.
+  "originalEmail": "A String", # The main (top-level) email address of the user's Identity Platform account, if different from the email address at the IdP. Only present if the "One account per email address" setting is enabled.
+  "pendingToken": "A String", # An opaque string that can be used as a credential from the IdP the user is signing into. The pending token obtained here can be set in a future SignInWithIdp request to sign the same user in with the IdP again.
+  "photoUrl": "A String", # The URL of the user's profile picture at the IdP.
+  "providerId": "A String", # The provider ID of the IdP that the user is signing in to. Always present in the response.
+  "rawUserInfo": "A String", # The stringified JSON response containing all the data corresponding to the user's account at the IdP.
+  "refreshToken": "A String", # An Identity Platform refresh token for the authenticated user.
+  "screenName": "A String", # The screen name for the user's account at the Twitter IdP or the login name for the user's account at the GitHub IdP.
+  "tenantId": "A String", # The value of the `tenant_id` field in the request.
+  "timeZone": "A String", # The time zone for the user's account at the IdP.
+  "verifiedProvider": [ # A list of provider IDs that the user can sign in to in order to resolve a `need_confirmation` error. Only present if `need_confirmation` is set to `true`.
+    "A String",
+  ],
+}

+

+
+

+    signInWithPassword(body=None, x__xgafv=None)
+  
Signs in a user with email and password. If the sign-in succeeds, a new Identity Platform ID token and refresh token are issued for the authenticated user. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.
+
+Args:
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for SignInWithPassword.
+  "captchaChallenge": "A String",
+  "captchaResponse": "A String", # The reCAPTCHA token provided by the reCAPTCHA client-side integration. reCAPTCHA Enterprise uses it for risk assessment. Required when reCAPTCHA Enterprise is enabled.
+  "delegatedProjectNumber": "A String",
+  "email": "A String", # Required. The email the user is signing in with. The length of email should be less than 256 characters and in the format of `name@domain.tld`. The email should also match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec production.
+  "idToken": "A String",
+  "instanceId": "A String",
+  "password": "A String", # Required. The password the user provides to sign in to the account.
+  "pendingIdToken": "A String",
+  "returnSecureToken": True or False, # Should always be true.
+  "tenantId": "A String", # The ID of the Identity Platform tenant the user is signing in to. If not set, the user will sign in to the default Identity Platform instance in the project.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for SignInWithPassword.
+  "displayName": "A String", # The user's display name stored in the account's attributes.
+  "email": "A String", # The email of the authenticated user. Always present in the response.
+  "expiresIn": "A String", # The number of seconds until the Identity Platform ID token expires.
+  "idToken": "A String", # An Identity Platform ID token for the authenticated user.
+  "kind": "A String",
+  "localId": "A String", # The ID of the authenticated user. Always present in the response.
+  "mfaInfo": [ # Info on which multi-factor authentication providers are enabled for the account. Present if the user needs to complete the sign-in using multi-factor authentication.
+    { # Information on which multi-factor authentication (MFA) providers are enabled for an account.
+      "displayName": "A String", # Display name for this mfa option e.g. "corp cell phone".
+      "enrolledAt": "A String", # Timestamp when the account enrolled this second factor.
+      "mfaEnrollmentId": "A String", # ID of this MFA option.
+      "phoneInfo": "A String", # Normally this will show the phone number associated with this enrollment. In some situations, such as after a first factor sign in, it will only show the obfuscated version of the associated phone number.
+      "unobfuscatedPhoneInfo": "A String", # Output only. Unobfuscated phone_info.
+    },
+  ],
+  "mfaPendingCredential": "A String", # An opaque string that functions as proof that the user has successfully passed the first factor authentication.
+  "oauthAccessToken": "A String", # The OAuth2 access token.
+  "oauthAuthorizationCode": "A String",
+  "oauthExpireIn": 42, # The access token expiration time in seconds.
+  "profilePicture": "A String", # The user's profile picture stored in the account's attributes.
+  "refreshToken": "A String", # An Identity Platform refresh token for the authenticated user.
+  "registered": True or False, # Whether the email is for an existing account. Always true.
+}

+

+
+

+    signInWithPhoneNumber(body=None, x__xgafv=None)
+  
Completes a phone number authentication attempt. If a user already exists with the given phone number, an ID token is minted for that user. Otherwise, a new user is created and associated with the phone number. This method may also be used to link a phone number to an existing user. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.
+
+Args:
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for SignInWithPhoneNumber.
+  "code": "A String", # User-entered verification code from an SMS sent to the user's phone.
+  "idToken": "A String", # A valid ID token for an Identity Platform account. If passed, this request will link the phone number to the user represented by this ID token if the phone number is not in use, or will reauthenticate the user if the phone number is already linked to the user.
+  "operation": "A String",
+  "phoneNumber": "A String", # The user's phone number to sign in with. This is necessary in the case of uing a temporary proof, in which case it must match the phone number that was authenticated in the request that generated the temporary proof. This field is ignored if a session info is passed.
+  "sessionInfo": "A String", # Encrypted session information from the response of sendVerificationCode. In the case of authenticating with an SMS code this must be specified, but in the case of using a temporary proof it can be unspecified.
+  "temporaryProof": "A String", # A proof of the phone number verification, provided from a previous signInWithPhoneNumber request. If this is passed, the caller must also pass in the phone_number field the phone number that was verified in the previous request.
+  "tenantId": "A String", # The ID of the Identity Platform tenant the user is signing in to. If not set, the user will sign in to the default Identity Platform project.
+  "verificationProof": "A String", # Do not use.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for SignInWithPhoneNumber.
+  "expiresIn": "A String", # The number of seconds until the ID token expires.
+  "idToken": "A String", # Identity Platform ID token for the authenticated user.
+  "isNewUser": True or False, # Whether the authenticated user was created by this request.
+  "localId": "A String", # The id of the authenticated user. Present in the case of a successful authentication. In the case when the phone could be verified but the account operation could not be performed, a temporary proof will be returned instead.
+  "phoneNumber": "A String", # Phone number of the authenticated user. Always present in the response.
+  "refreshToken": "A String", # Refresh token for the authenticated user.
+  "temporaryProof": "A String", # A proof of the phone number verification, provided if a phone authentication is successful but the user operation fails. This happens when the request tries to link a phone number to a user with an ID token or reauthenticate with an ID token but the phone number is linked to a different user.
+  "temporaryProofExpiresIn": "A String", # The number of seconds until the temporary proof expires.
+  "verificationProof": "A String", # Do not use.
+  "verificationProofExpiresIn": "A String", # Do not use.
+}

+

+
+

+    signUp(body=None, x__xgafv=None)
+  
Signs up a new email and password user or anonymous user, or upgrades an anonymous user to email and password. For an admin request with a Google OAuth 2.0 credential with the proper [permissions](https://cloud.google.com/identity-platform/docs/access-control), creates a new anonymous, email and password, or phone number user. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.
+
+Args:
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for SignUp.
+  "captchaChallenge": "A String",
+  "captchaResponse": "A String", # The reCAPTCHA token provided by the reCAPTCHA client-side integration. reCAPTCHA Enterprise uses it for assessment. Required when reCAPTCHA enterprise is enabled.
+  "disabled": True or False, # Whether the user will be disabled upon creation. Disabled accounts are inaccessible except for requests bearing a Google OAuth2 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).
+  "displayName": "A String", # The display name of the user to be created.
+  "email": "A String", # The email to assign to the created user. The length of the email should be less than 256 characters and in the format of `name@domain.tld`. The email should also match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec production. An anonymous user will be created if not provided.
+  "emailVerified": True or False, # Whether the user's email is verified. Specifying this field requires a Google OAuth 2.0 credential with the proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).
+  "idToken": "A String", # A valid ID token for an Identity Platform user. If set, this request will link the authentication credential to the user represented by this ID token. For a non-admin request, both the `email` and `password` fields must be set. For an admin request, `local_id` must not be set.
+  "instanceId": "A String",
+  "localId": "A String", # The ID of the user to create. The ID must be unique within the project that the user is being created under. Specifying this field requires a Google OAuth 2.0 credential with the proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).
+  "mfaInfo": [ # The multi-factor authentication providers for the user to create.
+    {
+      "displayName": "A String", # Display name for this mfa option e.g. "corp cell phone".
+      "phoneInfo": "A String", # Phone number to receive OTP for MFA.
+    },
+  ],
+  "password": "A String", # The password to assign to the created user. The password must be be at least 6 characters long. If set, the `email` field must also be set.
+  "phoneNumber": "A String", # The phone number of the user to create. Specifying this field requires a Google OAuth 2.0 credential with the proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).
+  "photoUrl": "A String", # The profile photo url of the user to create.
+  "targetProjectId": "A String", # The project ID of the project which the user should belong to. Specifying this field requires a Google OAuth 2.0 credential with the proper [permissions](https://cloud.google.com/identity-platform/docs/access-control). If this is not set, the target project is inferred from the scope associated to the Bearer access token.
+  "tenantId": "A String", # The ID of the Identity Platform tenant to create a user under. If not set, the user will be created under the default Identity Platform project.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for SignUp.
+  "displayName": "A String", # The created user's display name.
+  "email": "A String", # The created user's email.
+  "expiresIn": "A String", # The number of seconds until the ID token expires.
+  "idToken": "A String", # An Identity Platform ID token for the created user. This field is only set for non-admin requests.
+  "kind": "A String",
+  "localId": "A String", # The ID of the created user. Always present in the response.
+  "refreshToken": "A String", # An Identity Platform refresh token for the created user. This field is only set for non-admin requests.
+}

+

+
+

+    update(body=None, x__xgafv=None)
+  
Updates account-related information for the specified user by setting specific fields or applying action codes. Requests from administrators and end users are supported.
+
+Args:
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for SetAccountInfo.
+  "captchaChallenge": "A String",
+  "captchaResponse": "A String", # The response from reCaptcha challenge. This is required when the system detects possible abuse activities.
+  "createdAt": "A String", # The timestamp in milliseconds when the account was created.
+  "customAttributes": "A String", # JSON formatted custom attributes to be stored in the Identity Platform ID token. Specifying this field requires a Google OAuth 2.0 credential with proper permissions (https://cloud.google.com/identity-platform/docs/access-control).
+  "delegatedProjectNumber": "A String",
+  "deleteAttribute": [ # The account's attributes to be deleted.
+    "A String",
+  ],
+  "deleteProvider": [ # The Identity Providers to unlink from the user's account.
+    "A String",
+  ],
+  "disableUser": True or False, # If true, marks the account as disabled, meaning the user will no longer be able to sign-in.
+  "displayName": "A String", # The user's new display name to be updated in the account's attributes. The length of the display name must be less than or equal to 256 characters.
+  "email": "A String", # The user's new email to be updated in the account's attributes. The length of email should be less than 256 characters and in the format of `name@domain.tld`. The email should also match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec production.
+  "emailVerified": True or False, # Whether the user's email has been verified. Specifying this field requires a Google OAuth 2.0 credential with proper permissions (https://cloud.google.com/identity-platform/docs/access-control).
+  "idToken": "A String", # A valid Identity Platform ID token. Required when attempting to change user-related information.
+  "instanceId": "A String",
+  "lastLoginAt": "A String", # The timestamp in milliseconds when the account last logged in.
+  "linkProviderUserInfo": { # Information about the user as provided by various Identity Providers. # The provider to be linked to the user's account. Specifying this field requires a Google OAuth 2.0 credential with proper permissions (https://cloud.google.com/identity-platform/docs/access-control).
+    "displayName": "A String", # The user's display name at the Identity Provider.
+    "email": "A String", # The user's email address at the Identity Provider.
+    "federatedId": "A String", # The user's identifier at the Identity Provider.
+    "phoneNumber": "A String", # The user's phone number at the Identity Provider.
+    "photoUrl": "A String", # The user's profile photo URL at the Identity Provider.
+    "providerId": "A String", # The ID of the Identity Provider.
+    "rawId": "A String", # The user's raw identifier directly returned from Identity Provider.
+    "screenName": "A String", # The user's screen_name at Twitter or login name at GitHub.
+  },
+  "localId": "A String", # The ID of the user. Specifying this field requires a Google OAuth 2.0 credential with proper permissions (https://cloud.google.com/identity-platform/docs/access-control). For requests from end-users, an ID token should be passed instead.
+  "mfa": { # Multi-factor authentication related information. # The multi-factor authentication related information to be set on the user's account. This will overwrite any previous multi-factor related information on the account. Specifying this field requires a Google OAuth 2.0 credential with proper permissions (https://cloud.google.com/identity-platform/docs/access-control).
+    "enrollments": [ # The second factors the user has enrolled.
+      { # Information on which multi-factor authentication (MFA) providers are enabled for an account.
+        "displayName": "A String", # Display name for this mfa option e.g. "corp cell phone".
+        "enrolledAt": "A String", # Timestamp when the account enrolled this second factor.
+        "mfaEnrollmentId": "A String", # ID of this MFA option.
+        "phoneInfo": "A String", # Normally this will show the phone number associated with this enrollment. In some situations, such as after a first factor sign in, it will only show the obfuscated version of the associated phone number.
+        "unobfuscatedPhoneInfo": "A String", # Output only. Unobfuscated phone_info.
+      },
+    ],
+  },
+  "oobCode": "A String", # The out-of-band code to be applied on the user's account. The following out-of-band code types are supported: * VERIFY_EMAIL * RECOVER_EMAIL * REVERT_SECOND_FACTOR_ADDITION * VERIFY_AND_CHANGE_EMAIL
+  "password": "A String", # The user's new password to be updated in the account's attributes. The password must be at least 6 characters long.
+  "phoneNumber": "A String", # The phone number to be updated in the account's attributes.
+  "photoUrl": "A String", # The user's new photo URL for the account's profile photo to be updated in the account's attributes. The length of the URL must be less than or equal to 2048 characters.
+  "provider": [ # The Identity Providers that the account should be associated with.
+    "A String",
+  ],
+  "returnSecureToken": True or False, # Whether or not to return an ID and refresh token. Should always be true.
+  "targetProjectId": "A String", # The project ID for the project that the account belongs to. Specifying this field requires Google OAuth 2.0 credential with proper permissions (https://cloud.google.com/identity-platform/docs/access-control). Requests from end users should pass an Identity Platform ID token instead.
+  "tenantId": "A String", # The tenant ID of the Identity Platform tenant that the account belongs to. Requests from end users should pass an Identity Platform ID token rather than setting this field.
+  "upgradeToFederatedLogin": True or False, # Whether the account should be restricted to only using federated login.
+  "validSince": "A String", # Specifies the minimum timestamp in seconds for an Identity Platform ID token to be considered valid.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for SetAccountInfo
+  "displayName": "A String", # The account's display name.
+  "email": "A String", # The account's email address.
+  "emailVerified": True or False, # Whether the account's email has been verified.
+  "expiresIn": "A String", # The number of seconds until the Identity Platform ID token expires.
+  "idToken": "A String", # An Identity Platform ID token for the account. This is used for legacy user sign up.
+  "kind": "A String",
+  "localId": "A String", # The ID of the authenticated user.
+  "newEmail": "A String", # The new email that has been set on the user's account attributes.
+  "passwordHash": "A String", # Deprecated. No actual password hash is currently returned.
+  "photoUrl": "A String", # The user's photo URL for the account's profile photo.
+  "providerUserInfo": [ # The linked Identity Providers on the account.
+    { # Information about the user as provided by various Identity Providers.
+      "displayName": "A String", # The user's display name at the Identity Provider.
+      "email": "A String", # The user's email address at the Identity Provider.
+      "federatedId": "A String", # The user's identifier at the Identity Provider.
+      "phoneNumber": "A String", # The user's phone number at the Identity Provider.
+      "photoUrl": "A String", # The user's profile photo URL at the Identity Provider.
+      "providerId": "A String", # The ID of the Identity Provider.
+      "rawId": "A String", # The user's raw identifier directly returned from Identity Provider.
+      "screenName": "A String", # The user's screen_name at Twitter or login name at GitHub.
+    },
+  ],
+  "refreshToken": "A String", # A refresh token for the account. This is used for legacy user sign up.
+}

+

+
+

+    verifyIosClient(body=None, x__xgafv=None)
+  
Verifies an iOS client is a real iOS device. If the request is valid, a reciept will be sent in the response and a secret will be sent via Apple Push Notification Service. The client should send both of them back to certain Identity Platform APIs in a later call (for example, /accounts:sendVerificationCode), in order to verify the client. The bundle ID is required in the request header as `x-ios-bundle-identifier`. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.
+
+Args:
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for VerifyIosClient
+  "appToken": "A String", # A device token that the iOS client gets after registering to APNs (Apple Push Notification service).
+  "isSandbox": True or False, # Whether the app token is in the iOS sandbox. If false, the app token is in the production environment.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for VerifyIosClient.
+  "receipt": "A String", # Receipt of successful app token validation.
+  "suggestedTimeout": "A String", # Suggested time that the client should wait in seconds for delivery of the push notification.
+}

+

+
+
\ No newline at end of file
diff --git a/docs/dyn/identitytoolkit_v1.html b/docs/dyn/identitytoolkit_v1.html
new file mode 100644
index 00000000000..776277bb097
--- /dev/null
+++ b/docs/dyn/identitytoolkit_v1.html
@@ -0,0 +1,121 @@
+
+
+
+
Identity Toolkit API

+
Instance Methods

+

+  accounts()
+

+
Returns the accounts Resource.

+
+

+  projects()
+

+
Returns the projects Resource.

+
+

+  v1()
+

+
Returns the v1 Resource.

+
+

+  close()

+
Close httplib2 connections.

+

+  new_batch_http_request()

+
Create a BatchHttpRequest object based on the discovery document.

+
Method Details

+

+    close()
+  
Close httplib2 connections.

+

+
+

+    new_batch_http_request()
+  
Create a BatchHttpRequest object based on the discovery document.
+
+                Args:
+                  callback: callable, A callback to be called for each response, of the
+                    form callback(id, response, exception). The first parameter is the
+                    request id, and the second is the deserialized response object. The
+                    third is an apiclient.errors.HttpError exception object if an HTTP
+                    error occurred while processing the request, or None if no error
+                    occurred.
+
+                Returns:
+                  A BatchHttpRequest object based on the discovery document.
+                

+

+
+
\ No newline at end of file
diff --git a/docs/dyn/identitytoolkit_v1.projects.accounts.html b/docs/dyn/identitytoolkit_v1.projects.accounts.html
new file mode 100644
index 00000000000..616c44418a2
--- /dev/null
+++ b/docs/dyn/identitytoolkit_v1.projects.accounts.html
@@ -0,0 +1,701 @@
+
+
+
+
Identity Toolkit API . projects . accounts

+
Instance Methods

+

+  batchCreate(targetProjectId, body=None, x__xgafv=None)

+
Uploads multiple accounts into the Google Cloud project. If there is a problem uploading one or more of the accounts, the rest will be uploaded, and a list of the errors will be returned. To use this method requires a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).

+

+  batchDelete(targetProjectId, body=None, x__xgafv=None)

+
Batch deletes multiple accounts. For accounts that fail to be deleted, error info is contained in the response. The method ignores accounts that do not exist or are duplicated in the request. This method requires a Google OAuth 2.0 credential with proper permissions. (https://cloud.google.com/identity-platform/docs/access-control)

+

+  batchGet(targetProjectId, delegatedProjectNumber=None, maxResults=None, nextPageToken=None, tenantId=None, x__xgafv=None)

+
Download account information for all accounts on the project in a paginated manner. To use this method requires a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).. Furthermore, additional permissions are needed to get password hash, password salt, and password version from accounts; otherwise these fields are redacted.

+

+  batchGet_next()

+
Retrieves the next page of results.

+

+  close()

+
Close httplib2 connections.

+

+  delete(targetProjectId, body=None, x__xgafv=None)

+
Deletes a user's account.

+

+  lookup(targetProjectId, body=None, x__xgafv=None)

+
Gets account information for all matched accounts. For an end user request, retrieves the account of the end user. For an admin request with Google OAuth 2.0 credential, retrieves one or multiple account(s) with matching criteria.

+

+  query(targetProjectId, body=None, x__xgafv=None)

+
Looks up user accounts within a project or a tenant based on conditions in the request.

+

+  sendOobCode(targetProjectId, body=None, x__xgafv=None)

+
Sends an out-of-band confirmation code for an account. Requests from a authenticated request can optionally return a link including the OOB code instead of sending it.

+

+  update(targetProjectId, body=None, x__xgafv=None)

+
Updates account-related information for the specified user by setting specific fields or applying action codes. Requests from administrators and end users are supported.

+
Method Details

+

+    batchCreate(targetProjectId, body=None, x__xgafv=None)
+  
Uploads multiple accounts into the Google Cloud project. If there is a problem uploading one or more of the accounts, the rest will be uploaded, and a list of the errors will be returned. To use this method requires a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).
+
+Args:
+  targetProjectId: string, The Project ID of the Identity Platform project which the account belongs to. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for UploadAccount.
+  "allowOverwrite": True or False, # Whether to overwrite an existing account in Identity Platform with a matching `local_id` in the request. If true, the existing account will be overwritten. If false, an error will be returned.
+  "argon2Parameters": { # The parameters for Argon2 hashing algorithm. # The parameters for Argon2 hashing algorithm.
+    "associatedData": "A String", # The additional associated data, if provided, is appended to the hash value to provide an additional layer of security. A base64-encoded string if specified via JSON.
+    "hashLengthBytes": 42, # Required. The desired hash length in bytes. Minimum is 4 and maximum is 1024.
+    "hashType": "A String", # Required. Must not be HASH_TYPE_UNSPECIFIED.
+    "iterations": 42, # Required. The number of iterations to perform. Minimum is 1, maximum is 16.
+    "memoryCostKib": 42, # Required. The memory cost in kibibytes. Maximum is 32768.
+    "parallelism": 42, # Required. The degree of parallelism, also called threads or lanes. Minimum is 1, maximum is 16.
+    "version": "A String", # The version of the Argon2 algorithm. This defaults to VERSION_13 if not specified.
+  },
+  "blockSize": 42, # The block size parameter used by the STANDARD_SCRYPT hashing function. This parameter, along with parallelization and cpu_mem_cost help tune the resources needed to hash a password, and should be tuned as processor speeds and memory technologies advance.
+  "cpuMemCost": 42, # The CPU memory cost parameter to be used by the STANDARD_SCRYPT hashing function. This parameter, along with block_size and cpu_mem_cost help tune the resources needed to hash a password, and should be tuned as processor speeds and memory technologies advance.
+  "delegatedProjectNumber": "A String",
+  "dkLen": 42, # The desired key length for the STANDARD_SCRYPT hashing function. Must be at least 1.
+  "hashAlgorithm": "A String", # Required. The hashing function used to hash the account passwords. Must be one of the following: * HMAC_SHA256 * HMAC_SHA1 * HMAC_MD5 * SCRYPT * PBKDF_SHA1 * MD5 * HMAC_SHA512 * SHA1 * BCRYPT * PBKDF2_SHA256 * SHA256 * SHA512 * STANDARD_SCRYPT * ARGON2
+  "memoryCost": 42, # Memory cost for hash calculation. Only required when the hashing function is SCRYPT.
+  "parallelization": 42, # The parallelization cost parameter to be used by the STANDARD_SCRYPT hashing function. This parameter, along with block_size and cpu_mem_cost help tune the resources needed to hash a password, and should be tuned as processor speeds and memory technologies advance.
+  "passwordHashOrder": "A String", # Password and salt order when verify password.
+  "rounds": 42, # The number of rounds used for hash calculation. Only required for the following hashing functions: * MD5 * SHA1 * SHA256 * SHA512 * PBKDF_SHA1 * PBKDF2_SHA256 * SCRYPT
+  "saltSeparator": "A String", # One or more bytes to be inserted between the salt and plain text password. For stronger security, this should be a single non-printable character.
+  "sanityCheck": True or False, # If true, the service will do the following list of checks before an account is uploaded: * Duplicate emails * Duplicate federated IDs * Federated ID provider validation If the duplication exists within the list of accounts to be uploaded, it will prevent the entire list from being uploaded. If the email or federated ID is a duplicate of a user already within the project/tenant, the account will not be uploaded, but the rest of the accounts will be unaffected. If false, these checks will be skipped.
+  "signerKey": "A String", # The signer key used to hash the password. Required for the following hashing functions: * SCRYPT, * HMAC_MD5, * HMAC_SHA1, * HMAC_SHA256, * HMAC_SHA512
+  "tenantId": "A String", # The ID of the Identity Platform tenant the account belongs to.
+  "users": [ # A list of accounts to upload. `local_id` is required for each user; everything else is optional.
+    { # An Identity Platform account's information.
+      "createdAt": "A String", # The time, in milliseconds from epoch, when the account was created.
+      "customAttributes": "A String", # Custom claims to be added to any ID tokens minted for the account. Should be at most 1,000 characters in length and in valid JSON format.
+      "customAuth": True or False, # Output only. Whether this account has been authenticated using SignInWithCustomToken.
+      "dateOfBirth": "A String", # Output only. The date of birth set for the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "disabled": True or False, # Whether the account is disabled. Disabled accounts are inaccessible except for requests bearing a Google OAuth2 credential with proper permissions.
+      "displayName": "A String", # The display name of the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "email": "A String", # The account's email address. The length of the email should be less than 256 characters and in the format of `name@domain.tld`. The email should also match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec.
+      "emailLinkSignin": True or False, # Output only. Whether the account can authenticate with email link.
+      "emailVerified": True or False, # Whether the account's email address has been verified.
+      "initialEmail": "A String", # The first email address associated with this account. The account's initial email cannot be changed once set and is used to recover access to this account if lost via the RECOVER_EMAIL flow in GetOobCode. Should match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec.
+      "language": "A String", # Output only. The language preference of the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "lastLoginAt": "A String", # The last time, in milliseconds from epoch, this account was logged into.
+      "lastRefreshAt": "A String", # Timestamp when an ID token was last minted for this account.
+      "localId": "A String", # Immutable. The unique ID of the account.
+      "mfaInfo": [ # Information on which multi-factor authentication providers are enabled for this account.
+        { # Information on which multi-factor authentication (MFA) providers are enabled for an account.
+          "displayName": "A String", # Display name for this mfa option e.g. "corp cell phone".
+          "enrolledAt": "A String", # Timestamp when the account enrolled this second factor.
+          "mfaEnrollmentId": "A String", # ID of this MFA option.
+          "phoneInfo": "A String", # Normally this will show the phone number associated with this enrollment. In some situations, such as after a first factor sign in, it will only show the obfuscated version of the associated phone number.
+          "unobfuscatedPhoneInfo": "A String", # Output only. Unobfuscated phone_info.
+        },
+      ],
+      "passwordHash": "A String", # The account's hashed password. Only accessible by requests bearing a Google OAuth2 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).
+      "passwordUpdatedAt": 3.14, # The timestamp, in milliseconds from the epoch of 1970-01-01T00:00:00Z, when the account's password was last updated.
+      "phoneNumber": "A String", # The account's phone number.
+      "photoUrl": "A String", # The URL of the account's profile photo. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "providerUserInfo": [ # Information about the user as provided by various Identity Providers.
+        { # Information about the user as provided by various Identity Providers.
+          "displayName": "A String", # The user's display name at the Identity Provider.
+          "email": "A String", # The user's email address at the Identity Provider.
+          "federatedId": "A String", # The user's identifier at the Identity Provider.
+          "phoneNumber": "A String", # The user's phone number at the Identity Provider.
+          "photoUrl": "A String", # The user's profile photo URL at the Identity Provider.
+          "providerId": "A String", # The ID of the Identity Provider.
+          "rawId": "A String", # The user's raw identifier directly returned from Identity Provider.
+          "screenName": "A String", # The user's screen_name at Twitter or login name at GitHub.
+        },
+      ],
+      "rawPassword": "A String", # Input only. Plain text password used to update a account's password. This field is only ever used as input in a request. Identity Platform uses cryptographically secure hashing when managing passwords and will never store or transmit a user's password in plain text.
+      "salt": "A String", # The account's password salt. Only accessible by requests bearing a Google OAuth2 credential with proper permissions.
+      "screenName": "A String", # Output only. This account's screen name at Twitter or login name at GitHub.
+      "tenantId": "A String", # ID of the tenant this account belongs to. Only set if this account belongs to a tenant.
+      "timeZone": "A String", # Output only. The time zone preference of the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "validSince": "A String", # Oldest timestamp, in seconds since epoch, that an ID token should be considered valid. All ID tokens issued before this time are considered invalid.
+      "version": 42, # The version of the account's password. Only accessible by requests bearing a Google OAuth2 credential with proper permissions.
+    },
+  ],
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for UploadAccount.
+  "error": [ # Detailed error info for accounts that cannot be uploaded.
+    { # Error information explaining why an account cannot be uploaded. batch upload.
+      "index": 42, # The index of the item, range is [0, request.size - 1]
+      "message": "A String", # Detailed error message
+    },
+  ],
+  "kind": "A String",
+}

+

+
+

+    batchDelete(targetProjectId, body=None, x__xgafv=None)
+  
Batch deletes multiple accounts. For accounts that fail to be deleted, error info is contained in the response. The method ignores accounts that do not exist or are duplicated in the request. This method requires a Google OAuth 2.0 credential with proper permissions. (https://cloud.google.com/identity-platform/docs/access-control)
+
+Args:
+  targetProjectId: string, If `tenant_id` is specified, the ID of the Google Cloud project that the Identity Platform tenant belongs to. Otherwise, the ID of the Google Cloud project that accounts belong to. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for BatchDeleteAccounts.
+  "force": True or False, # Whether to force deleting accounts that are not in disabled state. If false, only disabled accounts will be deleted, and accounts that are not disabled will be added to the `errors`.
+  "localIds": [ # Required. List of user IDs to be deleted.
+    "A String",
+  ],
+  "tenantId": "A String", # If the accounts belong to an Identity Platform tenant, the ID of the tenant. If the accounts belong to an default Identity Platform project, the field is not needed.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message to BatchDeleteAccounts.
+  "errors": [ # Detailed error info for accounts that cannot be deleted.
+    { # Error info for account failed to be deleted.
+      "index": 42, # The index of the errored item in the original local_ids field.
+      "localId": "A String", # The corresponding user ID.
+      "message": "A String", # Detailed error message.
+    },
+  ],
+}

+

+
+

+    batchGet(targetProjectId, delegatedProjectNumber=None, maxResults=None, nextPageToken=None, tenantId=None, x__xgafv=None)
+  
Download account information for all accounts on the project in a paginated manner. To use this method requires a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).. Furthermore, additional permissions are needed to get password hash, password salt, and password version from accounts; otherwise these fields are redacted.
+
+Args:
+  targetProjectId: string, If `tenant_id` is specified, the ID of the Google Cloud project that the Identity Platform tenant belongs to. Otherwise, the ID of the Google Cloud project that the accounts belong to. (required)
+  delegatedProjectNumber: string, A parameter
+  maxResults: integer, The maximum number of results to return. Must be at least 1 and no greater than 1000. By default, it is 20.
+  nextPageToken: string, The pagination token from the response of a previous request.
+  tenantId: string, The ID of the Identity Platform tenant the accounts belongs to. If not specified, accounts on the Identity Platform project are returned.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for DownloadAccount.
+  "kind": "A String",
+  "nextPageToken": "A String", # If there are more accounts to be downloaded, a token that can be passed back to DownloadAccount to get more accounts. Otherwise, this is blank.
+  "users": [ # All accounts belonging to the project/tenant limited by max_results in the request.
+    { # An Identity Platform account's information.
+      "createdAt": "A String", # The time, in milliseconds from epoch, when the account was created.
+      "customAttributes": "A String", # Custom claims to be added to any ID tokens minted for the account. Should be at most 1,000 characters in length and in valid JSON format.
+      "customAuth": True or False, # Output only. Whether this account has been authenticated using SignInWithCustomToken.
+      "dateOfBirth": "A String", # Output only. The date of birth set for the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "disabled": True or False, # Whether the account is disabled. Disabled accounts are inaccessible except for requests bearing a Google OAuth2 credential with proper permissions.
+      "displayName": "A String", # The display name of the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "email": "A String", # The account's email address. The length of the email should be less than 256 characters and in the format of `name@domain.tld`. The email should also match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec.
+      "emailLinkSignin": True or False, # Output only. Whether the account can authenticate with email link.
+      "emailVerified": True or False, # Whether the account's email address has been verified.
+      "initialEmail": "A String", # The first email address associated with this account. The account's initial email cannot be changed once set and is used to recover access to this account if lost via the RECOVER_EMAIL flow in GetOobCode. Should match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec.
+      "language": "A String", # Output only. The language preference of the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "lastLoginAt": "A String", # The last time, in milliseconds from epoch, this account was logged into.
+      "lastRefreshAt": "A String", # Timestamp when an ID token was last minted for this account.
+      "localId": "A String", # Immutable. The unique ID of the account.
+      "mfaInfo": [ # Information on which multi-factor authentication providers are enabled for this account.
+        { # Information on which multi-factor authentication (MFA) providers are enabled for an account.
+          "displayName": "A String", # Display name for this mfa option e.g. "corp cell phone".
+          "enrolledAt": "A String", # Timestamp when the account enrolled this second factor.
+          "mfaEnrollmentId": "A String", # ID of this MFA option.
+          "phoneInfo": "A String", # Normally this will show the phone number associated with this enrollment. In some situations, such as after a first factor sign in, it will only show the obfuscated version of the associated phone number.
+          "unobfuscatedPhoneInfo": "A String", # Output only. Unobfuscated phone_info.
+        },
+      ],
+      "passwordHash": "A String", # The account's hashed password. Only accessible by requests bearing a Google OAuth2 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).
+      "passwordUpdatedAt": 3.14, # The timestamp, in milliseconds from the epoch of 1970-01-01T00:00:00Z, when the account's password was last updated.
+      "phoneNumber": "A String", # The account's phone number.
+      "photoUrl": "A String", # The URL of the account's profile photo. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "providerUserInfo": [ # Information about the user as provided by various Identity Providers.
+        { # Information about the user as provided by various Identity Providers.
+          "displayName": "A String", # The user's display name at the Identity Provider.
+          "email": "A String", # The user's email address at the Identity Provider.
+          "federatedId": "A String", # The user's identifier at the Identity Provider.
+          "phoneNumber": "A String", # The user's phone number at the Identity Provider.
+          "photoUrl": "A String", # The user's profile photo URL at the Identity Provider.
+          "providerId": "A String", # The ID of the Identity Provider.
+          "rawId": "A String", # The user's raw identifier directly returned from Identity Provider.
+          "screenName": "A String", # The user's screen_name at Twitter or login name at GitHub.
+        },
+      ],
+      "rawPassword": "A String", # Input only. Plain text password used to update a account's password. This field is only ever used as input in a request. Identity Platform uses cryptographically secure hashing when managing passwords and will never store or transmit a user's password in plain text.
+      "salt": "A String", # The account's password salt. Only accessible by requests bearing a Google OAuth2 credential with proper permissions.
+      "screenName": "A String", # Output only. This account's screen name at Twitter or login name at GitHub.
+      "tenantId": "A String", # ID of the tenant this account belongs to. Only set if this account belongs to a tenant.
+      "timeZone": "A String", # Output only. The time zone preference of the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "validSince": "A String", # Oldest timestamp, in seconds since epoch, that an ID token should be considered valid. All ID tokens issued before this time are considered invalid.
+      "version": 42, # The version of the account's password. Only accessible by requests bearing a Google OAuth2 credential with proper permissions.
+    },
+  ],
+}

+

+
+

+    batchGet_next()
+  
Retrieves the next page of results.
+
+        Args:
+          previous_request: The request for the previous page. (required)
+          previous_response: The response from the request for the previous page. (required)
+
+        Returns:
+          A request object that you can call 'execute()' on to request the next
+          page. Returns None if there are no more items in the collection.
+        

+

+
+

+    close()
+  
Close httplib2 connections.

+

+
+

+    delete(targetProjectId, body=None, x__xgafv=None)
+  
Deletes a user's account.
+
+Args:
+  targetProjectId: string, The ID of the project which the account belongs to. Should only be specified in authenticated requests that specify local_id of an account. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for DeleteAccount.
+  "delegatedProjectNumber": "A String",
+  "idToken": "A String", # The Identity Platform ID token of the account to delete. Require to be specified for requests from end users that lack Google OAuth 2.0 credential. Authenticated requests bearing a Google OAuth2 credential with proper permissions may pass local_id to specify the account to delete alternatively.
+  "localId": "A String", # The ID of user account to delete. Specifying this field requires a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control). Requests from users lacking the credential should pass an ID token instead.
+  "targetProjectId": "A String", # The ID of the project which the account belongs to. Should only be specified in authenticated requests that specify local_id of an account.
+  "tenantId": "A String", # The ID of the tenant that the account belongs to, if applicable. Only require to be specified for authenticated requests bearing a Google OAuth 2.0 credential that specify local_id of an account that belongs to an Identity Platform tenant.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for DeleteAccount.
+  "kind": "A String",
+}

+

+
+

+    lookup(targetProjectId, body=None, x__xgafv=None)
+  
Gets account information for all matched accounts. For an end user request, retrieves the account of the end user. For an admin request with Google OAuth 2.0 credential, retrieves one or multiple account(s) with matching criteria.
+
+Args:
+  targetProjectId: string, The ID of the Google Cloud project that the account or the Identity Platform tenant specified by `tenant_id` belongs to. Should only be specified by authenticated requests bearing a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control). (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for GetAccountInfo.
+  "delegatedProjectNumber": "A String",
+  "email": [ # The email address of one or more accounts to fetch. The length of email should be less than 256 characters and in the format of `name@domain.tld`. The email should also match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec production. Should only be specified by authenticated requests from a developer.
+    "A String",
+  ],
+  "federatedUserId": [ # The federated user identifier of one or more accounts to fetch. Should only be specified by authenticated requests bearing a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).
+    { # Federated user identifier at an Identity Provider.
+      "providerId": "A String", # The ID of supported identity providers. This should be a provider ID enabled for sign-in, which is either from the list of [default supported IdPs](https://cloud.google.com/identity-platform/docs/reference/rest/v2/defaultSupportedIdps/list), or of the format `oidc.*` or `saml.*`. Some examples are `google.com`, `facebook.com`, `oidc.testapp`, and `saml.testapp`.
+      "rawId": "A String", # The user ID of the account at the third-party Identity Provider specified by `provider_id`.
+    },
+  ],
+  "idToken": "A String", # The Identity Platform ID token of the account to fetch. Require to be specified for requests from end users.
+  "initialEmail": [ # The initial email of one or more accounts to fetch. The length of email should be less than 256 characters and in the format of `name@domain.tld`. The email should also match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec production. Should only be specified by authenticated requests from a developer.
+    "A String",
+  ],
+  "localId": [ # The ID of one or more accounts to fetch. Should only be specified by authenticated requests bearing a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).
+    "A String",
+  ],
+  "phoneNumber": [ # The phone number of one or more accounts to fetch. Should only be specified by authenticated requests from a developer and should be in E.164 format, for example, +15555555555.
+    "A String",
+  ],
+  "targetProjectId": "A String", # The ID of the Google Cloud project that the account or the Identity Platform tenant specified by `tenant_id` belongs to. Should only be specified by authenticated requests bearing a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).
+  "tenantId": "A String", # The ID of the tenant that the account belongs to. Should only be specified by authenticated requests from a developer.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for GetAccountInfo.
+  "kind": "A String",
+  "users": [ # The information of specific user account(s) matching the parameters in the request.
+    { # An Identity Platform account's information.
+      "createdAt": "A String", # The time, in milliseconds from epoch, when the account was created.
+      "customAttributes": "A String", # Custom claims to be added to any ID tokens minted for the account. Should be at most 1,000 characters in length and in valid JSON format.
+      "customAuth": True or False, # Output only. Whether this account has been authenticated using SignInWithCustomToken.
+      "dateOfBirth": "A String", # Output only. The date of birth set for the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "disabled": True or False, # Whether the account is disabled. Disabled accounts are inaccessible except for requests bearing a Google OAuth2 credential with proper permissions.
+      "displayName": "A String", # The display name of the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "email": "A String", # The account's email address. The length of the email should be less than 256 characters and in the format of `name@domain.tld`. The email should also match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec.
+      "emailLinkSignin": True or False, # Output only. Whether the account can authenticate with email link.
+      "emailVerified": True or False, # Whether the account's email address has been verified.
+      "initialEmail": "A String", # The first email address associated with this account. The account's initial email cannot be changed once set and is used to recover access to this account if lost via the RECOVER_EMAIL flow in GetOobCode. Should match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec.
+      "language": "A String", # Output only. The language preference of the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "lastLoginAt": "A String", # The last time, in milliseconds from epoch, this account was logged into.
+      "lastRefreshAt": "A String", # Timestamp when an ID token was last minted for this account.
+      "localId": "A String", # Immutable. The unique ID of the account.
+      "mfaInfo": [ # Information on which multi-factor authentication providers are enabled for this account.
+        { # Information on which multi-factor authentication (MFA) providers are enabled for an account.
+          "displayName": "A String", # Display name for this mfa option e.g. "corp cell phone".
+          "enrolledAt": "A String", # Timestamp when the account enrolled this second factor.
+          "mfaEnrollmentId": "A String", # ID of this MFA option.
+          "phoneInfo": "A String", # Normally this will show the phone number associated with this enrollment. In some situations, such as after a first factor sign in, it will only show the obfuscated version of the associated phone number.
+          "unobfuscatedPhoneInfo": "A String", # Output only. Unobfuscated phone_info.
+        },
+      ],
+      "passwordHash": "A String", # The account's hashed password. Only accessible by requests bearing a Google OAuth2 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).
+      "passwordUpdatedAt": 3.14, # The timestamp, in milliseconds from the epoch of 1970-01-01T00:00:00Z, when the account's password was last updated.
+      "phoneNumber": "A String", # The account's phone number.
+      "photoUrl": "A String", # The URL of the account's profile photo. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "providerUserInfo": [ # Information about the user as provided by various Identity Providers.
+        { # Information about the user as provided by various Identity Providers.
+          "displayName": "A String", # The user's display name at the Identity Provider.
+          "email": "A String", # The user's email address at the Identity Provider.
+          "federatedId": "A String", # The user's identifier at the Identity Provider.
+          "phoneNumber": "A String", # The user's phone number at the Identity Provider.
+          "photoUrl": "A String", # The user's profile photo URL at the Identity Provider.
+          "providerId": "A String", # The ID of the Identity Provider.
+          "rawId": "A String", # The user's raw identifier directly returned from Identity Provider.
+          "screenName": "A String", # The user's screen_name at Twitter or login name at GitHub.
+        },
+      ],
+      "rawPassword": "A String", # Input only. Plain text password used to update a account's password. This field is only ever used as input in a request. Identity Platform uses cryptographically secure hashing when managing passwords and will never store or transmit a user's password in plain text.
+      "salt": "A String", # The account's password salt. Only accessible by requests bearing a Google OAuth2 credential with proper permissions.
+      "screenName": "A String", # Output only. This account's screen name at Twitter or login name at GitHub.
+      "tenantId": "A String", # ID of the tenant this account belongs to. Only set if this account belongs to a tenant.
+      "timeZone": "A String", # Output only. The time zone preference of the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "validSince": "A String", # Oldest timestamp, in seconds since epoch, that an ID token should be considered valid. All ID tokens issued before this time are considered invalid.
+      "version": 42, # The version of the account's password. Only accessible by requests bearing a Google OAuth2 credential with proper permissions.
+    },
+  ],
+}

+

+
+

+    query(targetProjectId, body=None, x__xgafv=None)
+  
Looks up user accounts within a project or a tenant based on conditions in the request.
+
+Args:
+  targetProjectId: string, The ID of the project to which the result is scoped. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for QueryUserInfo.
+  "expression": [ # Query conditions used to filter results. If more than one is passed, only the first SqlExpression is evaluated.
+    { # Query conditions used to filter results.
+      "email": "A String", # A case insensitive string that the account's email should match. Only one of `email`, `phone_number`, or `user_id` should be specified in a SqlExpression. If more than one is specified, only the first (in that order) will be applied.
+      "phoneNumber": "A String", # A string that the account's phone number should match. Only one of `email`, `phone_number`, or `user_id` should be specified in a SqlExpression. If more than one is specified, only the first (in that order) will be applied.
+      "userId": "A String", # A string that the account's local ID should match. Only one of `email`, `phone_number`, or `user_id` should be specified in a SqlExpression If more than one is specified, only the first (in that order) will be applied.
+    },
+  ],
+  "limit": "A String", # The maximum number of accounts to return with an upper limit of __500__. Defaults to _500_. Only valid when `return_user_info` is set to `true`.
+  "offset": "A String", # The number of accounts to skip from the beginning of matching records. Only valid when `return_user_info` is set to `true`.
+  "order": "A String", # The order for sorting query result. Defaults to __ascending__ order. Only valid when `return_user_info` is set to `true`.
+  "returnUserInfo": True or False, # If `true`, this request will return the accounts matching the query. If `false`, only the __count__ of accounts matching the query will be returned. Defaults to `true`.
+  "sortBy": "A String", # The field to use for sorting user accounts. Defaults to `USER_ID`. Note: when `phone_number` is specified in `expression`, the result ignores the sorting. Only valid when `return_user_info` is set to `true`.
+  "tenantId": "A String", # The ID of the tenant to which the result is scoped.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for QueryUserInfo.
+  "recordsCount": "A String", # If `return_user_info` in the request is true, this is the number of returned accounts in this message. Otherwise, this is the total number of accounts matching the query.
+  "userInfo": [ # If `return_user_info` in the request is true, this is the accounts matching the query.
+    { # An Identity Platform account's information.
+      "createdAt": "A String", # The time, in milliseconds from epoch, when the account was created.
+      "customAttributes": "A String", # Custom claims to be added to any ID tokens minted for the account. Should be at most 1,000 characters in length and in valid JSON format.
+      "customAuth": True or False, # Output only. Whether this account has been authenticated using SignInWithCustomToken.
+      "dateOfBirth": "A String", # Output only. The date of birth set for the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "disabled": True or False, # Whether the account is disabled. Disabled accounts are inaccessible except for requests bearing a Google OAuth2 credential with proper permissions.
+      "displayName": "A String", # The display name of the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "email": "A String", # The account's email address. The length of the email should be less than 256 characters and in the format of `name@domain.tld`. The email should also match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec.
+      "emailLinkSignin": True or False, # Output only. Whether the account can authenticate with email link.
+      "emailVerified": True or False, # Whether the account's email address has been verified.
+      "initialEmail": "A String", # The first email address associated with this account. The account's initial email cannot be changed once set and is used to recover access to this account if lost via the RECOVER_EMAIL flow in GetOobCode. Should match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec.
+      "language": "A String", # Output only. The language preference of the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "lastLoginAt": "A String", # The last time, in milliseconds from epoch, this account was logged into.
+      "lastRefreshAt": "A String", # Timestamp when an ID token was last minted for this account.
+      "localId": "A String", # Immutable. The unique ID of the account.
+      "mfaInfo": [ # Information on which multi-factor authentication providers are enabled for this account.
+        { # Information on which multi-factor authentication (MFA) providers are enabled for an account.
+          "displayName": "A String", # Display name for this mfa option e.g. "corp cell phone".
+          "enrolledAt": "A String", # Timestamp when the account enrolled this second factor.
+          "mfaEnrollmentId": "A String", # ID of this MFA option.
+          "phoneInfo": "A String", # Normally this will show the phone number associated with this enrollment. In some situations, such as after a first factor sign in, it will only show the obfuscated version of the associated phone number.
+          "unobfuscatedPhoneInfo": "A String", # Output only. Unobfuscated phone_info.
+        },
+      ],
+      "passwordHash": "A String", # The account's hashed password. Only accessible by requests bearing a Google OAuth2 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).
+      "passwordUpdatedAt": 3.14, # The timestamp, in milliseconds from the epoch of 1970-01-01T00:00:00Z, when the account's password was last updated.
+      "phoneNumber": "A String", # The account's phone number.
+      "photoUrl": "A String", # The URL of the account's profile photo. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "providerUserInfo": [ # Information about the user as provided by various Identity Providers.
+        { # Information about the user as provided by various Identity Providers.
+          "displayName": "A String", # The user's display name at the Identity Provider.
+          "email": "A String", # The user's email address at the Identity Provider.
+          "federatedId": "A String", # The user's identifier at the Identity Provider.
+          "phoneNumber": "A String", # The user's phone number at the Identity Provider.
+          "photoUrl": "A String", # The user's profile photo URL at the Identity Provider.
+          "providerId": "A String", # The ID of the Identity Provider.
+          "rawId": "A String", # The user's raw identifier directly returned from Identity Provider.
+          "screenName": "A String", # The user's screen_name at Twitter or login name at GitHub.
+        },
+      ],
+      "rawPassword": "A String", # Input only. Plain text password used to update a account's password. This field is only ever used as input in a request. Identity Platform uses cryptographically secure hashing when managing passwords and will never store or transmit a user's password in plain text.
+      "salt": "A String", # The account's password salt. Only accessible by requests bearing a Google OAuth2 credential with proper permissions.
+      "screenName": "A String", # Output only. This account's screen name at Twitter or login name at GitHub.
+      "tenantId": "A String", # ID of the tenant this account belongs to. Only set if this account belongs to a tenant.
+      "timeZone": "A String", # Output only. The time zone preference of the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "validSince": "A String", # Oldest timestamp, in seconds since epoch, that an ID token should be considered valid. All ID tokens issued before this time are considered invalid.
+      "version": 42, # The version of the account's password. Only accessible by requests bearing a Google OAuth2 credential with proper permissions.
+    },
+  ],
+}

+

+
+

+    sendOobCode(targetProjectId, body=None, x__xgafv=None)
+  
Sends an out-of-band confirmation code for an account. Requests from a authenticated request can optionally return a link including the OOB code instead of sending it.
+
+Args:
+  targetProjectId: string, The Project ID of the Identity Platform project which the account belongs to. To specify this field, it requires a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control). (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for GetOobCode.
+  "androidInstallApp": True or False, # If an associated android app can handle the OOB code, whether or not to install the android app on the device where the link is opened if the app is not already installed.
+  "androidMinimumVersion": "A String", # If an associated android app can handle the OOB code, the minimum version of the app. If the version on the device is lower than this version then the user is taken to Google Play Store to upgrade the app.
+  "androidPackageName": "A String", # If an associated android app can handle the OOB code, the Android package name of the android app that will handle the callback when this OOB code is used. This will allow the correct app to open if it is already installed, or allow Google Play Store to open to the correct app if it is not yet installed.
+  "canHandleCodeInApp": True or False, # When set to true, the OOB code link will be be sent as a Universal Link or an Android App Link and will be opened by the corresponding app if installed. If not set, or set to false, the OOB code will be sent to the web widget first and then on continue will redirect to the app if installed.
+  "captchaResp": "A String", # For a PASSWORD_RESET request, a reCaptcha response is required when the system detects possible abuse activity. In those cases, this is the response from the reCaptcha challenge used to verify the caller.
+  "challenge": "A String",
+  "continueUrl": "A String", # The Url to continue after user clicks the link sent in email. This is the url that will allow the web widget to handle the OOB code.
+  "dynamicLinkDomain": "A String", # In order to ensure that the url used can be easily opened up in iOS or android, we create a [Firebase Dynamic Link](https://firebase.google.com/docs/dynamic-links). Most Identity Platform projects will only have one Dynamic Link domain enabled, and can leave this field blank. This field contains a specified Dynamic Link domain for projects that have multiple enabled.
+  "email": "A String", # The account's email address to send the OOB code to, and generally the email address of the account that needs to be updated. Required for PASSWORD_RESET, EMAIL_SIGNIN, and VERIFY_EMAIL. Only required for VERIFY_AND_CHANGE_EMAIL requests when return_oob_link is set to true. In this case, it is the original email of the user.
+  "iOSAppStoreId": "A String", # If an associated iOS app can handle the OOB code, the App Store id of this app. This will allow App Store to open to the correct app if the app is not yet installed.
+  "iOSBundleId": "A String", # If an associated iOS app can handle the OOB code, the iOS bundle id of this app. This will allow the correct app to open if it is already installed.
+  "idToken": "A String", # An ID token for the account. It is required for VERIFY_AND_CHANGE_EMAIL and VERIFY_EMAIL requests unless return_oob_link is set to true.
+  "newEmail": "A String", # The email address the account is being updated to. Required only for VERIFY_AND_CHANGE_EMAIL requests.
+  "requestType": "A String", # Required. The type of out-of-band (OOB) code to send. Depending on this value, other fields in this request will be required and/or have different meanings. There are 4 different OOB codes that can be sent: * PASSWORD_RESET * EMAIL_SIGNIN * VERIFY_EMAIL * VERIFY_AND_CHANGE_EMAIL
+  "returnOobLink": True or False, # Whether the confirmation link containing the OOB code should be returned in the response (no email is sent). Used when a developer wants to construct the email template and send it on their own. By default this is false; to specify this field, and to set it to true, it requires a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control)
+  "targetProjectId": "A String", # The Project ID of the Identity Platform project which the account belongs to. To specify this field, it requires a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).
+  "tenantId": "A String", # The tenant ID of the Identity Platform tenant the account belongs to.
+  "userIp": "A String", # The IP address of the caller. Required only for PASSWORD_RESET requests.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for GetOobCode.
+  "email": "A String", # If return_oob_link is false in the request, the email address the verification was sent to.
+  "kind": "A String",
+  "oobCode": "A String", # If return_oob_link is true in the request, the OOB code to send.
+  "oobLink": "A String", # If return_oob_link is true in the request, the OOB link to be sent to the user. This returns the constructed link including [Firebase Dynamic Link](https://firebase.google.com/docs/dynamic-links) related parameters.
+}

+

+
+

+    update(targetProjectId, body=None, x__xgafv=None)
+  
Updates account-related information for the specified user by setting specific fields or applying action codes. Requests from administrators and end users are supported.
+
+Args:
+  targetProjectId: string, The project ID for the project that the account belongs to. Specifying this field requires Google OAuth 2.0 credential with proper permissions (https://cloud.google.com/identity-platform/docs/access-control). Requests from end users should pass an Identity Platform ID token instead. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for SetAccountInfo.
+  "captchaChallenge": "A String",
+  "captchaResponse": "A String", # The response from reCaptcha challenge. This is required when the system detects possible abuse activities.
+  "createdAt": "A String", # The timestamp in milliseconds when the account was created.
+  "customAttributes": "A String", # JSON formatted custom attributes to be stored in the Identity Platform ID token. Specifying this field requires a Google OAuth 2.0 credential with proper permissions (https://cloud.google.com/identity-platform/docs/access-control).
+  "delegatedProjectNumber": "A String",
+  "deleteAttribute": [ # The account's attributes to be deleted.
+    "A String",
+  ],
+  "deleteProvider": [ # The Identity Providers to unlink from the user's account.
+    "A String",
+  ],
+  "disableUser": True or False, # If true, marks the account as disabled, meaning the user will no longer be able to sign-in.
+  "displayName": "A String", # The user's new display name to be updated in the account's attributes. The length of the display name must be less than or equal to 256 characters.
+  "email": "A String", # The user's new email to be updated in the account's attributes. The length of email should be less than 256 characters and in the format of `name@domain.tld`. The email should also match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec production.
+  "emailVerified": True or False, # Whether the user's email has been verified. Specifying this field requires a Google OAuth 2.0 credential with proper permissions (https://cloud.google.com/identity-platform/docs/access-control).
+  "idToken": "A String", # A valid Identity Platform ID token. Required when attempting to change user-related information.
+  "instanceId": "A String",
+  "lastLoginAt": "A String", # The timestamp in milliseconds when the account last logged in.
+  "linkProviderUserInfo": { # Information about the user as provided by various Identity Providers. # The provider to be linked to the user's account. Specifying this field requires a Google OAuth 2.0 credential with proper permissions (https://cloud.google.com/identity-platform/docs/access-control).
+    "displayName": "A String", # The user's display name at the Identity Provider.
+    "email": "A String", # The user's email address at the Identity Provider.
+    "federatedId": "A String", # The user's identifier at the Identity Provider.
+    "phoneNumber": "A String", # The user's phone number at the Identity Provider.
+    "photoUrl": "A String", # The user's profile photo URL at the Identity Provider.
+    "providerId": "A String", # The ID of the Identity Provider.
+    "rawId": "A String", # The user's raw identifier directly returned from Identity Provider.
+    "screenName": "A String", # The user's screen_name at Twitter or login name at GitHub.
+  },
+  "localId": "A String", # The ID of the user. Specifying this field requires a Google OAuth 2.0 credential with proper permissions (https://cloud.google.com/identity-platform/docs/access-control). For requests from end-users, an ID token should be passed instead.
+  "mfa": { # Multi-factor authentication related information. # The multi-factor authentication related information to be set on the user's account. This will overwrite any previous multi-factor related information on the account. Specifying this field requires a Google OAuth 2.0 credential with proper permissions (https://cloud.google.com/identity-platform/docs/access-control).
+    "enrollments": [ # The second factors the user has enrolled.
+      { # Information on which multi-factor authentication (MFA) providers are enabled for an account.
+        "displayName": "A String", # Display name for this mfa option e.g. "corp cell phone".
+        "enrolledAt": "A String", # Timestamp when the account enrolled this second factor.
+        "mfaEnrollmentId": "A String", # ID of this MFA option.
+        "phoneInfo": "A String", # Normally this will show the phone number associated with this enrollment. In some situations, such as after a first factor sign in, it will only show the obfuscated version of the associated phone number.
+        "unobfuscatedPhoneInfo": "A String", # Output only. Unobfuscated phone_info.
+      },
+    ],
+  },
+  "oobCode": "A String", # The out-of-band code to be applied on the user's account. The following out-of-band code types are supported: * VERIFY_EMAIL * RECOVER_EMAIL * REVERT_SECOND_FACTOR_ADDITION * VERIFY_AND_CHANGE_EMAIL
+  "password": "A String", # The user's new password to be updated in the account's attributes. The password must be at least 6 characters long.
+  "phoneNumber": "A String", # The phone number to be updated in the account's attributes.
+  "photoUrl": "A String", # The user's new photo URL for the account's profile photo to be updated in the account's attributes. The length of the URL must be less than or equal to 2048 characters.
+  "provider": [ # The Identity Providers that the account should be associated with.
+    "A String",
+  ],
+  "returnSecureToken": True or False, # Whether or not to return an ID and refresh token. Should always be true.
+  "targetProjectId": "A String", # The project ID for the project that the account belongs to. Specifying this field requires Google OAuth 2.0 credential with proper permissions (https://cloud.google.com/identity-platform/docs/access-control). Requests from end users should pass an Identity Platform ID token instead.
+  "tenantId": "A String", # The tenant ID of the Identity Platform tenant that the account belongs to. Requests from end users should pass an Identity Platform ID token rather than setting this field.
+  "upgradeToFederatedLogin": True or False, # Whether the account should be restricted to only using federated login.
+  "validSince": "A String", # Specifies the minimum timestamp in seconds for an Identity Platform ID token to be considered valid.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for SetAccountInfo
+  "displayName": "A String", # The account's display name.
+  "email": "A String", # The account's email address.
+  "emailVerified": True or False, # Whether the account's email has been verified.
+  "expiresIn": "A String", # The number of seconds until the Identity Platform ID token expires.
+  "idToken": "A String", # An Identity Platform ID token for the account. This is used for legacy user sign up.
+  "kind": "A String",
+  "localId": "A String", # The ID of the authenticated user.
+  "newEmail": "A String", # The new email that has been set on the user's account attributes.
+  "passwordHash": "A String", # Deprecated. No actual password hash is currently returned.
+  "photoUrl": "A String", # The user's photo URL for the account's profile photo.
+  "providerUserInfo": [ # The linked Identity Providers on the account.
+    { # Information about the user as provided by various Identity Providers.
+      "displayName": "A String", # The user's display name at the Identity Provider.
+      "email": "A String", # The user's email address at the Identity Provider.
+      "federatedId": "A String", # The user's identifier at the Identity Provider.
+      "phoneNumber": "A String", # The user's phone number at the Identity Provider.
+      "photoUrl": "A String", # The user's profile photo URL at the Identity Provider.
+      "providerId": "A String", # The ID of the Identity Provider.
+      "rawId": "A String", # The user's raw identifier directly returned from Identity Provider.
+      "screenName": "A String", # The user's screen_name at Twitter or login name at GitHub.
+    },
+  ],
+  "refreshToken": "A String", # A refresh token for the account. This is used for legacy user sign up.
+}

+

+
+
\ No newline at end of file
diff --git a/docs/dyn/identitytoolkit_v1.projects.html b/docs/dyn/identitytoolkit_v1.projects.html
new file mode 100644
index 00000000000..d8b81825ad9
--- /dev/null
+++ b/docs/dyn/identitytoolkit_v1.projects.html
@@ -0,0 +1,218 @@
+
+
+
+
Identity Toolkit API . projects

+
Instance Methods

+

+  accounts()
+

+
Returns the accounts Resource.

+
+

+  tenants()
+

+
Returns the tenants Resource.

+
+

+  close()

+
Close httplib2 connections.

+

+  createSessionCookie(targetProjectId, body=None, x__xgafv=None)

+
Creates a session cookie for the given Identity Platform ID token. The session cookie is used by the client to preserve the user's login state.

+

+  queryAccounts(targetProjectId, body=None, x__xgafv=None)

+
Looks up user accounts within a project or a tenant based on conditions in the request.

+
Method Details

+

+    close()
+  
Close httplib2 connections.

+

+
+

+    createSessionCookie(targetProjectId, body=None, x__xgafv=None)
+  
Creates a session cookie for the given Identity Platform ID token. The session cookie is used by the client to preserve the user's login state.
+
+Args:
+  targetProjectId: string, The ID of the project that the account belongs to. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for CreateSessionCookie.
+  "idToken": "A String", # Required. A valid Identity Platform ID token.
+  "tenantId": "A String", # The tenant ID of the Identity Platform tenant the account belongs to.
+  "validDuration": "A String", # The number of seconds until the session cookie expires. Specify a duration in seconds, between five minutes and fourteen days, inclusively.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for CreateSessionCookie.
+  "sessionCookie": "A String", # The session cookie that has been created from the Identity Platform ID token specified in the request. It is in the form of a JSON Web Token (JWT). Always present.
+}

+

+
+

+    queryAccounts(targetProjectId, body=None, x__xgafv=None)
+  
Looks up user accounts within a project or a tenant based on conditions in the request.
+
+Args:
+  targetProjectId: string, The ID of the project to which the result is scoped. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for QueryUserInfo.
+  "expression": [ # Query conditions used to filter results. If more than one is passed, only the first SqlExpression is evaluated.
+    { # Query conditions used to filter results.
+      "email": "A String", # A case insensitive string that the account's email should match. Only one of `email`, `phone_number`, or `user_id` should be specified in a SqlExpression. If more than one is specified, only the first (in that order) will be applied.
+      "phoneNumber": "A String", # A string that the account's phone number should match. Only one of `email`, `phone_number`, or `user_id` should be specified in a SqlExpression. If more than one is specified, only the first (in that order) will be applied.
+      "userId": "A String", # A string that the account's local ID should match. Only one of `email`, `phone_number`, or `user_id` should be specified in a SqlExpression If more than one is specified, only the first (in that order) will be applied.
+    },
+  ],
+  "limit": "A String", # The maximum number of accounts to return with an upper limit of __500__. Defaults to _500_. Only valid when `return_user_info` is set to `true`.
+  "offset": "A String", # The number of accounts to skip from the beginning of matching records. Only valid when `return_user_info` is set to `true`.
+  "order": "A String", # The order for sorting query result. Defaults to __ascending__ order. Only valid when `return_user_info` is set to `true`.
+  "returnUserInfo": True or False, # If `true`, this request will return the accounts matching the query. If `false`, only the __count__ of accounts matching the query will be returned. Defaults to `true`.
+  "sortBy": "A String", # The field to use for sorting user accounts. Defaults to `USER_ID`. Note: when `phone_number` is specified in `expression`, the result ignores the sorting. Only valid when `return_user_info` is set to `true`.
+  "tenantId": "A String", # The ID of the tenant to which the result is scoped.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for QueryUserInfo.
+  "recordsCount": "A String", # If `return_user_info` in the request is true, this is the number of returned accounts in this message. Otherwise, this is the total number of accounts matching the query.
+  "userInfo": [ # If `return_user_info` in the request is true, this is the accounts matching the query.
+    { # An Identity Platform account's information.
+      "createdAt": "A String", # The time, in milliseconds from epoch, when the account was created.
+      "customAttributes": "A String", # Custom claims to be added to any ID tokens minted for the account. Should be at most 1,000 characters in length and in valid JSON format.
+      "customAuth": True or False, # Output only. Whether this account has been authenticated using SignInWithCustomToken.
+      "dateOfBirth": "A String", # Output only. The date of birth set for the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "disabled": True or False, # Whether the account is disabled. Disabled accounts are inaccessible except for requests bearing a Google OAuth2 credential with proper permissions.
+      "displayName": "A String", # The display name of the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "email": "A String", # The account's email address. The length of the email should be less than 256 characters and in the format of `name@domain.tld`. The email should also match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec.
+      "emailLinkSignin": True or False, # Output only. Whether the account can authenticate with email link.
+      "emailVerified": True or False, # Whether the account's email address has been verified.
+      "initialEmail": "A String", # The first email address associated with this account. The account's initial email cannot be changed once set and is used to recover access to this account if lost via the RECOVER_EMAIL flow in GetOobCode. Should match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec.
+      "language": "A String", # Output only. The language preference of the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "lastLoginAt": "A String", # The last time, in milliseconds from epoch, this account was logged into.
+      "lastRefreshAt": "A String", # Timestamp when an ID token was last minted for this account.
+      "localId": "A String", # Immutable. The unique ID of the account.
+      "mfaInfo": [ # Information on which multi-factor authentication providers are enabled for this account.
+        { # Information on which multi-factor authentication (MFA) providers are enabled for an account.
+          "displayName": "A String", # Display name for this mfa option e.g. "corp cell phone".
+          "enrolledAt": "A String", # Timestamp when the account enrolled this second factor.
+          "mfaEnrollmentId": "A String", # ID of this MFA option.
+          "phoneInfo": "A String", # Normally this will show the phone number associated with this enrollment. In some situations, such as after a first factor sign in, it will only show the obfuscated version of the associated phone number.
+          "unobfuscatedPhoneInfo": "A String", # Output only. Unobfuscated phone_info.
+        },
+      ],
+      "passwordHash": "A String", # The account's hashed password. Only accessible by requests bearing a Google OAuth2 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).
+      "passwordUpdatedAt": 3.14, # The timestamp, in milliseconds from the epoch of 1970-01-01T00:00:00Z, when the account's password was last updated.
+      "phoneNumber": "A String", # The account's phone number.
+      "photoUrl": "A String", # The URL of the account's profile photo. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "providerUserInfo": [ # Information about the user as provided by various Identity Providers.
+        { # Information about the user as provided by various Identity Providers.
+          "displayName": "A String", # The user's display name at the Identity Provider.
+          "email": "A String", # The user's email address at the Identity Provider.
+          "federatedId": "A String", # The user's identifier at the Identity Provider.
+          "phoneNumber": "A String", # The user's phone number at the Identity Provider.
+          "photoUrl": "A String", # The user's profile photo URL at the Identity Provider.
+          "providerId": "A String", # The ID of the Identity Provider.
+          "rawId": "A String", # The user's raw identifier directly returned from Identity Provider.
+          "screenName": "A String", # The user's screen_name at Twitter or login name at GitHub.
+        },
+      ],
+      "rawPassword": "A String", # Input only. Plain text password used to update a account's password. This field is only ever used as input in a request. Identity Platform uses cryptographically secure hashing when managing passwords and will never store or transmit a user's password in plain text.
+      "salt": "A String", # The account's password salt. Only accessible by requests bearing a Google OAuth2 credential with proper permissions.
+      "screenName": "A String", # Output only. This account's screen name at Twitter or login name at GitHub.
+      "tenantId": "A String", # ID of the tenant this account belongs to. Only set if this account belongs to a tenant.
+      "timeZone": "A String", # Output only. The time zone preference of the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "validSince": "A String", # Oldest timestamp, in seconds since epoch, that an ID token should be considered valid. All ID tokens issued before this time are considered invalid.
+      "version": 42, # The version of the account's password. Only accessible by requests bearing a Google OAuth2 credential with proper permissions.
+    },
+  ],
+}

+

+
+
\ No newline at end of file
diff --git a/docs/dyn/identitytoolkit_v1.projects.tenants.accounts.html b/docs/dyn/identitytoolkit_v1.projects.tenants.accounts.html
new file mode 100644
index 00000000000..51fa04d325d
--- /dev/null
+++ b/docs/dyn/identitytoolkit_v1.projects.tenants.accounts.html
@@ -0,0 +1,708 @@
+
+
+
+
Identity Toolkit API . projects . tenants . accounts

+
Instance Methods

+

+  batchCreate(targetProjectId, tenantId, body=None, x__xgafv=None)

+
Uploads multiple accounts into the Google Cloud project. If there is a problem uploading one or more of the accounts, the rest will be uploaded, and a list of the errors will be returned. To use this method requires a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).

+

+  batchDelete(targetProjectId, tenantId, body=None, x__xgafv=None)

+
Batch deletes multiple accounts. For accounts that fail to be deleted, error info is contained in the response. The method ignores accounts that do not exist or are duplicated in the request. This method requires a Google OAuth 2.0 credential with proper permissions. (https://cloud.google.com/identity-platform/docs/access-control)

+

+  batchGet(targetProjectId, tenantId, delegatedProjectNumber=None, maxResults=None, nextPageToken=None, x__xgafv=None)

+
Download account information for all accounts on the project in a paginated manner. To use this method requires a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).. Furthermore, additional permissions are needed to get password hash, password salt, and password version from accounts; otherwise these fields are redacted.

+

+  batchGet_next()

+
Retrieves the next page of results.

+

+  close()

+
Close httplib2 connections.

+

+  delete(targetProjectId, tenantId, body=None, x__xgafv=None)

+
Deletes a user's account.

+

+  lookup(targetProjectId, tenantId, body=None, x__xgafv=None)

+
Gets account information for all matched accounts. For an end user request, retrieves the account of the end user. For an admin request with Google OAuth 2.0 credential, retrieves one or multiple account(s) with matching criteria.

+

+  query(targetProjectId, tenantId, body=None, x__xgafv=None)

+
Looks up user accounts within a project or a tenant based on conditions in the request.

+

+  sendOobCode(targetProjectId, tenantId, body=None, x__xgafv=None)

+
Sends an out-of-band confirmation code for an account. Requests from a authenticated request can optionally return a link including the OOB code instead of sending it.

+

+  update(targetProjectId, tenantId, body=None, x__xgafv=None)

+
Updates account-related information for the specified user by setting specific fields or applying action codes. Requests from administrators and end users are supported.

+
Method Details

+

+    batchCreate(targetProjectId, tenantId, body=None, x__xgafv=None)
+  
Uploads multiple accounts into the Google Cloud project. If there is a problem uploading one or more of the accounts, the rest will be uploaded, and a list of the errors will be returned. To use this method requires a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).
+
+Args:
+  targetProjectId: string, The Project ID of the Identity Platform project which the account belongs to. (required)
+  tenantId: string, The ID of the Identity Platform tenant the account belongs to. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for UploadAccount.
+  "allowOverwrite": True or False, # Whether to overwrite an existing account in Identity Platform with a matching `local_id` in the request. If true, the existing account will be overwritten. If false, an error will be returned.
+  "argon2Parameters": { # The parameters for Argon2 hashing algorithm. # The parameters for Argon2 hashing algorithm.
+    "associatedData": "A String", # The additional associated data, if provided, is appended to the hash value to provide an additional layer of security. A base64-encoded string if specified via JSON.
+    "hashLengthBytes": 42, # Required. The desired hash length in bytes. Minimum is 4 and maximum is 1024.
+    "hashType": "A String", # Required. Must not be HASH_TYPE_UNSPECIFIED.
+    "iterations": 42, # Required. The number of iterations to perform. Minimum is 1, maximum is 16.
+    "memoryCostKib": 42, # Required. The memory cost in kibibytes. Maximum is 32768.
+    "parallelism": 42, # Required. The degree of parallelism, also called threads or lanes. Minimum is 1, maximum is 16.
+    "version": "A String", # The version of the Argon2 algorithm. This defaults to VERSION_13 if not specified.
+  },
+  "blockSize": 42, # The block size parameter used by the STANDARD_SCRYPT hashing function. This parameter, along with parallelization and cpu_mem_cost help tune the resources needed to hash a password, and should be tuned as processor speeds and memory technologies advance.
+  "cpuMemCost": 42, # The CPU memory cost parameter to be used by the STANDARD_SCRYPT hashing function. This parameter, along with block_size and cpu_mem_cost help tune the resources needed to hash a password, and should be tuned as processor speeds and memory technologies advance.
+  "delegatedProjectNumber": "A String",
+  "dkLen": 42, # The desired key length for the STANDARD_SCRYPT hashing function. Must be at least 1.
+  "hashAlgorithm": "A String", # Required. The hashing function used to hash the account passwords. Must be one of the following: * HMAC_SHA256 * HMAC_SHA1 * HMAC_MD5 * SCRYPT * PBKDF_SHA1 * MD5 * HMAC_SHA512 * SHA1 * BCRYPT * PBKDF2_SHA256 * SHA256 * SHA512 * STANDARD_SCRYPT * ARGON2
+  "memoryCost": 42, # Memory cost for hash calculation. Only required when the hashing function is SCRYPT.
+  "parallelization": 42, # The parallelization cost parameter to be used by the STANDARD_SCRYPT hashing function. This parameter, along with block_size and cpu_mem_cost help tune the resources needed to hash a password, and should be tuned as processor speeds and memory technologies advance.
+  "passwordHashOrder": "A String", # Password and salt order when verify password.
+  "rounds": 42, # The number of rounds used for hash calculation. Only required for the following hashing functions: * MD5 * SHA1 * SHA256 * SHA512 * PBKDF_SHA1 * PBKDF2_SHA256 * SCRYPT
+  "saltSeparator": "A String", # One or more bytes to be inserted between the salt and plain text password. For stronger security, this should be a single non-printable character.
+  "sanityCheck": True or False, # If true, the service will do the following list of checks before an account is uploaded: * Duplicate emails * Duplicate federated IDs * Federated ID provider validation If the duplication exists within the list of accounts to be uploaded, it will prevent the entire list from being uploaded. If the email or federated ID is a duplicate of a user already within the project/tenant, the account will not be uploaded, but the rest of the accounts will be unaffected. If false, these checks will be skipped.
+  "signerKey": "A String", # The signer key used to hash the password. Required for the following hashing functions: * SCRYPT, * HMAC_MD5, * HMAC_SHA1, * HMAC_SHA256, * HMAC_SHA512
+  "tenantId": "A String", # The ID of the Identity Platform tenant the account belongs to.
+  "users": [ # A list of accounts to upload. `local_id` is required for each user; everything else is optional.
+    { # An Identity Platform account's information.
+      "createdAt": "A String", # The time, in milliseconds from epoch, when the account was created.
+      "customAttributes": "A String", # Custom claims to be added to any ID tokens minted for the account. Should be at most 1,000 characters in length and in valid JSON format.
+      "customAuth": True or False, # Output only. Whether this account has been authenticated using SignInWithCustomToken.
+      "dateOfBirth": "A String", # Output only. The date of birth set for the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "disabled": True or False, # Whether the account is disabled. Disabled accounts are inaccessible except for requests bearing a Google OAuth2 credential with proper permissions.
+      "displayName": "A String", # The display name of the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "email": "A String", # The account's email address. The length of the email should be less than 256 characters and in the format of `name@domain.tld`. The email should also match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec.
+      "emailLinkSignin": True or False, # Output only. Whether the account can authenticate with email link.
+      "emailVerified": True or False, # Whether the account's email address has been verified.
+      "initialEmail": "A String", # The first email address associated with this account. The account's initial email cannot be changed once set and is used to recover access to this account if lost via the RECOVER_EMAIL flow in GetOobCode. Should match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec.
+      "language": "A String", # Output only. The language preference of the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "lastLoginAt": "A String", # The last time, in milliseconds from epoch, this account was logged into.
+      "lastRefreshAt": "A String", # Timestamp when an ID token was last minted for this account.
+      "localId": "A String", # Immutable. The unique ID of the account.
+      "mfaInfo": [ # Information on which multi-factor authentication providers are enabled for this account.
+        { # Information on which multi-factor authentication (MFA) providers are enabled for an account.
+          "displayName": "A String", # Display name for this mfa option e.g. "corp cell phone".
+          "enrolledAt": "A String", # Timestamp when the account enrolled this second factor.
+          "mfaEnrollmentId": "A String", # ID of this MFA option.
+          "phoneInfo": "A String", # Normally this will show the phone number associated with this enrollment. In some situations, such as after a first factor sign in, it will only show the obfuscated version of the associated phone number.
+          "unobfuscatedPhoneInfo": "A String", # Output only. Unobfuscated phone_info.
+        },
+      ],
+      "passwordHash": "A String", # The account's hashed password. Only accessible by requests bearing a Google OAuth2 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).
+      "passwordUpdatedAt": 3.14, # The timestamp, in milliseconds from the epoch of 1970-01-01T00:00:00Z, when the account's password was last updated.
+      "phoneNumber": "A String", # The account's phone number.
+      "photoUrl": "A String", # The URL of the account's profile photo. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "providerUserInfo": [ # Information about the user as provided by various Identity Providers.
+        { # Information about the user as provided by various Identity Providers.
+          "displayName": "A String", # The user's display name at the Identity Provider.
+          "email": "A String", # The user's email address at the Identity Provider.
+          "federatedId": "A String", # The user's identifier at the Identity Provider.
+          "phoneNumber": "A String", # The user's phone number at the Identity Provider.
+          "photoUrl": "A String", # The user's profile photo URL at the Identity Provider.
+          "providerId": "A String", # The ID of the Identity Provider.
+          "rawId": "A String", # The user's raw identifier directly returned from Identity Provider.
+          "screenName": "A String", # The user's screen_name at Twitter or login name at GitHub.
+        },
+      ],
+      "rawPassword": "A String", # Input only. Plain text password used to update a account's password. This field is only ever used as input in a request. Identity Platform uses cryptographically secure hashing when managing passwords and will never store or transmit a user's password in plain text.
+      "salt": "A String", # The account's password salt. Only accessible by requests bearing a Google OAuth2 credential with proper permissions.
+      "screenName": "A String", # Output only. This account's screen name at Twitter or login name at GitHub.
+      "tenantId": "A String", # ID of the tenant this account belongs to. Only set if this account belongs to a tenant.
+      "timeZone": "A String", # Output only. The time zone preference of the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "validSince": "A String", # Oldest timestamp, in seconds since epoch, that an ID token should be considered valid. All ID tokens issued before this time are considered invalid.
+      "version": 42, # The version of the account's password. Only accessible by requests bearing a Google OAuth2 credential with proper permissions.
+    },
+  ],
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for UploadAccount.
+  "error": [ # Detailed error info for accounts that cannot be uploaded.
+    { # Error information explaining why an account cannot be uploaded. batch upload.
+      "index": 42, # The index of the item, range is [0, request.size - 1]
+      "message": "A String", # Detailed error message
+    },
+  ],
+  "kind": "A String",
+}

+

+
+

+    batchDelete(targetProjectId, tenantId, body=None, x__xgafv=None)
+  
Batch deletes multiple accounts. For accounts that fail to be deleted, error info is contained in the response. The method ignores accounts that do not exist or are duplicated in the request. This method requires a Google OAuth 2.0 credential with proper permissions. (https://cloud.google.com/identity-platform/docs/access-control)
+
+Args:
+  targetProjectId: string, If `tenant_id` is specified, the ID of the Google Cloud project that the Identity Platform tenant belongs to. Otherwise, the ID of the Google Cloud project that accounts belong to. (required)
+  tenantId: string, If the accounts belong to an Identity Platform tenant, the ID of the tenant. If the accounts belong to an default Identity Platform project, the field is not needed. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for BatchDeleteAccounts.
+  "force": True or False, # Whether to force deleting accounts that are not in disabled state. If false, only disabled accounts will be deleted, and accounts that are not disabled will be added to the `errors`.
+  "localIds": [ # Required. List of user IDs to be deleted.
+    "A String",
+  ],
+  "tenantId": "A String", # If the accounts belong to an Identity Platform tenant, the ID of the tenant. If the accounts belong to an default Identity Platform project, the field is not needed.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message to BatchDeleteAccounts.
+  "errors": [ # Detailed error info for accounts that cannot be deleted.
+    { # Error info for account failed to be deleted.
+      "index": 42, # The index of the errored item in the original local_ids field.
+      "localId": "A String", # The corresponding user ID.
+      "message": "A String", # Detailed error message.
+    },
+  ],
+}

+

+
+

+    batchGet(targetProjectId, tenantId, delegatedProjectNumber=None, maxResults=None, nextPageToken=None, x__xgafv=None)
+  
Download account information for all accounts on the project in a paginated manner. To use this method requires a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).. Furthermore, additional permissions are needed to get password hash, password salt, and password version from accounts; otherwise these fields are redacted.
+
+Args:
+  targetProjectId: string, If `tenant_id` is specified, the ID of the Google Cloud project that the Identity Platform tenant belongs to. Otherwise, the ID of the Google Cloud project that the accounts belong to. (required)
+  tenantId: string, The ID of the Identity Platform tenant the accounts belongs to. If not specified, accounts on the Identity Platform project are returned. (required)
+  delegatedProjectNumber: string, A parameter
+  maxResults: integer, The maximum number of results to return. Must be at least 1 and no greater than 1000. By default, it is 20.
+  nextPageToken: string, The pagination token from the response of a previous request.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for DownloadAccount.
+  "kind": "A String",
+  "nextPageToken": "A String", # If there are more accounts to be downloaded, a token that can be passed back to DownloadAccount to get more accounts. Otherwise, this is blank.
+  "users": [ # All accounts belonging to the project/tenant limited by max_results in the request.
+    { # An Identity Platform account's information.
+      "createdAt": "A String", # The time, in milliseconds from epoch, when the account was created.
+      "customAttributes": "A String", # Custom claims to be added to any ID tokens minted for the account. Should be at most 1,000 characters in length and in valid JSON format.
+      "customAuth": True or False, # Output only. Whether this account has been authenticated using SignInWithCustomToken.
+      "dateOfBirth": "A String", # Output only. The date of birth set for the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "disabled": True or False, # Whether the account is disabled. Disabled accounts are inaccessible except for requests bearing a Google OAuth2 credential with proper permissions.
+      "displayName": "A String", # The display name of the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "email": "A String", # The account's email address. The length of the email should be less than 256 characters and in the format of `name@domain.tld`. The email should also match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec.
+      "emailLinkSignin": True or False, # Output only. Whether the account can authenticate with email link.
+      "emailVerified": True or False, # Whether the account's email address has been verified.
+      "initialEmail": "A String", # The first email address associated with this account. The account's initial email cannot be changed once set and is used to recover access to this account if lost via the RECOVER_EMAIL flow in GetOobCode. Should match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec.
+      "language": "A String", # Output only. The language preference of the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "lastLoginAt": "A String", # The last time, in milliseconds from epoch, this account was logged into.
+      "lastRefreshAt": "A String", # Timestamp when an ID token was last minted for this account.
+      "localId": "A String", # Immutable. The unique ID of the account.
+      "mfaInfo": [ # Information on which multi-factor authentication providers are enabled for this account.
+        { # Information on which multi-factor authentication (MFA) providers are enabled for an account.
+          "displayName": "A String", # Display name for this mfa option e.g. "corp cell phone".
+          "enrolledAt": "A String", # Timestamp when the account enrolled this second factor.
+          "mfaEnrollmentId": "A String", # ID of this MFA option.
+          "phoneInfo": "A String", # Normally this will show the phone number associated with this enrollment. In some situations, such as after a first factor sign in, it will only show the obfuscated version of the associated phone number.
+          "unobfuscatedPhoneInfo": "A String", # Output only. Unobfuscated phone_info.
+        },
+      ],
+      "passwordHash": "A String", # The account's hashed password. Only accessible by requests bearing a Google OAuth2 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).
+      "passwordUpdatedAt": 3.14, # The timestamp, in milliseconds from the epoch of 1970-01-01T00:00:00Z, when the account's password was last updated.
+      "phoneNumber": "A String", # The account's phone number.
+      "photoUrl": "A String", # The URL of the account's profile photo. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "providerUserInfo": [ # Information about the user as provided by various Identity Providers.
+        { # Information about the user as provided by various Identity Providers.
+          "displayName": "A String", # The user's display name at the Identity Provider.
+          "email": "A String", # The user's email address at the Identity Provider.
+          "federatedId": "A String", # The user's identifier at the Identity Provider.
+          "phoneNumber": "A String", # The user's phone number at the Identity Provider.
+          "photoUrl": "A String", # The user's profile photo URL at the Identity Provider.
+          "providerId": "A String", # The ID of the Identity Provider.
+          "rawId": "A String", # The user's raw identifier directly returned from Identity Provider.
+          "screenName": "A String", # The user's screen_name at Twitter or login name at GitHub.
+        },
+      ],
+      "rawPassword": "A String", # Input only. Plain text password used to update a account's password. This field is only ever used as input in a request. Identity Platform uses cryptographically secure hashing when managing passwords and will never store or transmit a user's password in plain text.
+      "salt": "A String", # The account's password salt. Only accessible by requests bearing a Google OAuth2 credential with proper permissions.
+      "screenName": "A String", # Output only. This account's screen name at Twitter or login name at GitHub.
+      "tenantId": "A String", # ID of the tenant this account belongs to. Only set if this account belongs to a tenant.
+      "timeZone": "A String", # Output only. The time zone preference of the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "validSince": "A String", # Oldest timestamp, in seconds since epoch, that an ID token should be considered valid. All ID tokens issued before this time are considered invalid.
+      "version": 42, # The version of the account's password. Only accessible by requests bearing a Google OAuth2 credential with proper permissions.
+    },
+  ],
+}

+

+
+

+    batchGet_next()
+  
Retrieves the next page of results.
+
+        Args:
+          previous_request: The request for the previous page. (required)
+          previous_response: The response from the request for the previous page. (required)
+
+        Returns:
+          A request object that you can call 'execute()' on to request the next
+          page. Returns None if there are no more items in the collection.
+        

+

+
+

+    close()
+  
Close httplib2 connections.

+

+
+

+    delete(targetProjectId, tenantId, body=None, x__xgafv=None)
+  
Deletes a user's account.
+
+Args:
+  targetProjectId: string, The ID of the project which the account belongs to. Should only be specified in authenticated requests that specify local_id of an account. (required)
+  tenantId: string, The ID of the tenant that the account belongs to, if applicable. Only require to be specified for authenticated requests bearing a Google OAuth 2.0 credential that specify local_id of an account that belongs to an Identity Platform tenant. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for DeleteAccount.
+  "delegatedProjectNumber": "A String",
+  "idToken": "A String", # The Identity Platform ID token of the account to delete. Require to be specified for requests from end users that lack Google OAuth 2.0 credential. Authenticated requests bearing a Google OAuth2 credential with proper permissions may pass local_id to specify the account to delete alternatively.
+  "localId": "A String", # The ID of user account to delete. Specifying this field requires a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control). Requests from users lacking the credential should pass an ID token instead.
+  "targetProjectId": "A String", # The ID of the project which the account belongs to. Should only be specified in authenticated requests that specify local_id of an account.
+  "tenantId": "A String", # The ID of the tenant that the account belongs to, if applicable. Only require to be specified for authenticated requests bearing a Google OAuth 2.0 credential that specify local_id of an account that belongs to an Identity Platform tenant.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for DeleteAccount.
+  "kind": "A String",
+}

+

+
+

+    lookup(targetProjectId, tenantId, body=None, x__xgafv=None)
+  
Gets account information for all matched accounts. For an end user request, retrieves the account of the end user. For an admin request with Google OAuth 2.0 credential, retrieves one or multiple account(s) with matching criteria.
+
+Args:
+  targetProjectId: string, The ID of the Google Cloud project that the account or the Identity Platform tenant specified by `tenant_id` belongs to. Should only be specified by authenticated requests bearing a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control). (required)
+  tenantId: string, The ID of the tenant that the account belongs to. Should only be specified by authenticated requests from a developer. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for GetAccountInfo.
+  "delegatedProjectNumber": "A String",
+  "email": [ # The email address of one or more accounts to fetch. The length of email should be less than 256 characters and in the format of `name@domain.tld`. The email should also match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec production. Should only be specified by authenticated requests from a developer.
+    "A String",
+  ],
+  "federatedUserId": [ # The federated user identifier of one or more accounts to fetch. Should only be specified by authenticated requests bearing a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).
+    { # Federated user identifier at an Identity Provider.
+      "providerId": "A String", # The ID of supported identity providers. This should be a provider ID enabled for sign-in, which is either from the list of [default supported IdPs](https://cloud.google.com/identity-platform/docs/reference/rest/v2/defaultSupportedIdps/list), or of the format `oidc.*` or `saml.*`. Some examples are `google.com`, `facebook.com`, `oidc.testapp`, and `saml.testapp`.
+      "rawId": "A String", # The user ID of the account at the third-party Identity Provider specified by `provider_id`.
+    },
+  ],
+  "idToken": "A String", # The Identity Platform ID token of the account to fetch. Require to be specified for requests from end users.
+  "initialEmail": [ # The initial email of one or more accounts to fetch. The length of email should be less than 256 characters and in the format of `name@domain.tld`. The email should also match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec production. Should only be specified by authenticated requests from a developer.
+    "A String",
+  ],
+  "localId": [ # The ID of one or more accounts to fetch. Should only be specified by authenticated requests bearing a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).
+    "A String",
+  ],
+  "phoneNumber": [ # The phone number of one or more accounts to fetch. Should only be specified by authenticated requests from a developer and should be in E.164 format, for example, +15555555555.
+    "A String",
+  ],
+  "targetProjectId": "A String", # The ID of the Google Cloud project that the account or the Identity Platform tenant specified by `tenant_id` belongs to. Should only be specified by authenticated requests bearing a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).
+  "tenantId": "A String", # The ID of the tenant that the account belongs to. Should only be specified by authenticated requests from a developer.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for GetAccountInfo.
+  "kind": "A String",
+  "users": [ # The information of specific user account(s) matching the parameters in the request.
+    { # An Identity Platform account's information.
+      "createdAt": "A String", # The time, in milliseconds from epoch, when the account was created.
+      "customAttributes": "A String", # Custom claims to be added to any ID tokens minted for the account. Should be at most 1,000 characters in length and in valid JSON format.
+      "customAuth": True or False, # Output only. Whether this account has been authenticated using SignInWithCustomToken.
+      "dateOfBirth": "A String", # Output only. The date of birth set for the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "disabled": True or False, # Whether the account is disabled. Disabled accounts are inaccessible except for requests bearing a Google OAuth2 credential with proper permissions.
+      "displayName": "A String", # The display name of the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "email": "A String", # The account's email address. The length of the email should be less than 256 characters and in the format of `name@domain.tld`. The email should also match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec.
+      "emailLinkSignin": True or False, # Output only. Whether the account can authenticate with email link.
+      "emailVerified": True or False, # Whether the account's email address has been verified.
+      "initialEmail": "A String", # The first email address associated with this account. The account's initial email cannot be changed once set and is used to recover access to this account if lost via the RECOVER_EMAIL flow in GetOobCode. Should match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec.
+      "language": "A String", # Output only. The language preference of the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "lastLoginAt": "A String", # The last time, in milliseconds from epoch, this account was logged into.
+      "lastRefreshAt": "A String", # Timestamp when an ID token was last minted for this account.
+      "localId": "A String", # Immutable. The unique ID of the account.
+      "mfaInfo": [ # Information on which multi-factor authentication providers are enabled for this account.
+        { # Information on which multi-factor authentication (MFA) providers are enabled for an account.
+          "displayName": "A String", # Display name for this mfa option e.g. "corp cell phone".
+          "enrolledAt": "A String", # Timestamp when the account enrolled this second factor.
+          "mfaEnrollmentId": "A String", # ID of this MFA option.
+          "phoneInfo": "A String", # Normally this will show the phone number associated with this enrollment. In some situations, such as after a first factor sign in, it will only show the obfuscated version of the associated phone number.
+          "unobfuscatedPhoneInfo": "A String", # Output only. Unobfuscated phone_info.
+        },
+      ],
+      "passwordHash": "A String", # The account's hashed password. Only accessible by requests bearing a Google OAuth2 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).
+      "passwordUpdatedAt": 3.14, # The timestamp, in milliseconds from the epoch of 1970-01-01T00:00:00Z, when the account's password was last updated.
+      "phoneNumber": "A String", # The account's phone number.
+      "photoUrl": "A String", # The URL of the account's profile photo. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "providerUserInfo": [ # Information about the user as provided by various Identity Providers.
+        { # Information about the user as provided by various Identity Providers.
+          "displayName": "A String", # The user's display name at the Identity Provider.
+          "email": "A String", # The user's email address at the Identity Provider.
+          "federatedId": "A String", # The user's identifier at the Identity Provider.
+          "phoneNumber": "A String", # The user's phone number at the Identity Provider.
+          "photoUrl": "A String", # The user's profile photo URL at the Identity Provider.
+          "providerId": "A String", # The ID of the Identity Provider.
+          "rawId": "A String", # The user's raw identifier directly returned from Identity Provider.
+          "screenName": "A String", # The user's screen_name at Twitter or login name at GitHub.
+        },
+      ],
+      "rawPassword": "A String", # Input only. Plain text password used to update a account's password. This field is only ever used as input in a request. Identity Platform uses cryptographically secure hashing when managing passwords and will never store or transmit a user's password in plain text.
+      "salt": "A String", # The account's password salt. Only accessible by requests bearing a Google OAuth2 credential with proper permissions.
+      "screenName": "A String", # Output only. This account's screen name at Twitter or login name at GitHub.
+      "tenantId": "A String", # ID of the tenant this account belongs to. Only set if this account belongs to a tenant.
+      "timeZone": "A String", # Output only. The time zone preference of the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "validSince": "A String", # Oldest timestamp, in seconds since epoch, that an ID token should be considered valid. All ID tokens issued before this time are considered invalid.
+      "version": 42, # The version of the account's password. Only accessible by requests bearing a Google OAuth2 credential with proper permissions.
+    },
+  ],
+}

+

+
+

+    query(targetProjectId, tenantId, body=None, x__xgafv=None)
+  
Looks up user accounts within a project or a tenant based on conditions in the request.
+
+Args:
+  targetProjectId: string, The ID of the project to which the result is scoped. (required)
+  tenantId: string, The ID of the tenant to which the result is scoped. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for QueryUserInfo.
+  "expression": [ # Query conditions used to filter results. If more than one is passed, only the first SqlExpression is evaluated.
+    { # Query conditions used to filter results.
+      "email": "A String", # A case insensitive string that the account's email should match. Only one of `email`, `phone_number`, or `user_id` should be specified in a SqlExpression. If more than one is specified, only the first (in that order) will be applied.
+      "phoneNumber": "A String", # A string that the account's phone number should match. Only one of `email`, `phone_number`, or `user_id` should be specified in a SqlExpression. If more than one is specified, only the first (in that order) will be applied.
+      "userId": "A String", # A string that the account's local ID should match. Only one of `email`, `phone_number`, or `user_id` should be specified in a SqlExpression If more than one is specified, only the first (in that order) will be applied.
+    },
+  ],
+  "limit": "A String", # The maximum number of accounts to return with an upper limit of __500__. Defaults to _500_. Only valid when `return_user_info` is set to `true`.
+  "offset": "A String", # The number of accounts to skip from the beginning of matching records. Only valid when `return_user_info` is set to `true`.
+  "order": "A String", # The order for sorting query result. Defaults to __ascending__ order. Only valid when `return_user_info` is set to `true`.
+  "returnUserInfo": True or False, # If `true`, this request will return the accounts matching the query. If `false`, only the __count__ of accounts matching the query will be returned. Defaults to `true`.
+  "sortBy": "A String", # The field to use for sorting user accounts. Defaults to `USER_ID`. Note: when `phone_number` is specified in `expression`, the result ignores the sorting. Only valid when `return_user_info` is set to `true`.
+  "tenantId": "A String", # The ID of the tenant to which the result is scoped.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for QueryUserInfo.
+  "recordsCount": "A String", # If `return_user_info` in the request is true, this is the number of returned accounts in this message. Otherwise, this is the total number of accounts matching the query.
+  "userInfo": [ # If `return_user_info` in the request is true, this is the accounts matching the query.
+    { # An Identity Platform account's information.
+      "createdAt": "A String", # The time, in milliseconds from epoch, when the account was created.
+      "customAttributes": "A String", # Custom claims to be added to any ID tokens minted for the account. Should be at most 1,000 characters in length and in valid JSON format.
+      "customAuth": True or False, # Output only. Whether this account has been authenticated using SignInWithCustomToken.
+      "dateOfBirth": "A String", # Output only. The date of birth set for the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "disabled": True or False, # Whether the account is disabled. Disabled accounts are inaccessible except for requests bearing a Google OAuth2 credential with proper permissions.
+      "displayName": "A String", # The display name of the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "email": "A String", # The account's email address. The length of the email should be less than 256 characters and in the format of `name@domain.tld`. The email should also match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec.
+      "emailLinkSignin": True or False, # Output only. Whether the account can authenticate with email link.
+      "emailVerified": True or False, # Whether the account's email address has been verified.
+      "initialEmail": "A String", # The first email address associated with this account. The account's initial email cannot be changed once set and is used to recover access to this account if lost via the RECOVER_EMAIL flow in GetOobCode. Should match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec.
+      "language": "A String", # Output only. The language preference of the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "lastLoginAt": "A String", # The last time, in milliseconds from epoch, this account was logged into.
+      "lastRefreshAt": "A String", # Timestamp when an ID token was last minted for this account.
+      "localId": "A String", # Immutable. The unique ID of the account.
+      "mfaInfo": [ # Information on which multi-factor authentication providers are enabled for this account.
+        { # Information on which multi-factor authentication (MFA) providers are enabled for an account.
+          "displayName": "A String", # Display name for this mfa option e.g. "corp cell phone".
+          "enrolledAt": "A String", # Timestamp when the account enrolled this second factor.
+          "mfaEnrollmentId": "A String", # ID of this MFA option.
+          "phoneInfo": "A String", # Normally this will show the phone number associated with this enrollment. In some situations, such as after a first factor sign in, it will only show the obfuscated version of the associated phone number.
+          "unobfuscatedPhoneInfo": "A String", # Output only. Unobfuscated phone_info.
+        },
+      ],
+      "passwordHash": "A String", # The account's hashed password. Only accessible by requests bearing a Google OAuth2 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).
+      "passwordUpdatedAt": 3.14, # The timestamp, in milliseconds from the epoch of 1970-01-01T00:00:00Z, when the account's password was last updated.
+      "phoneNumber": "A String", # The account's phone number.
+      "photoUrl": "A String", # The URL of the account's profile photo. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "providerUserInfo": [ # Information about the user as provided by various Identity Providers.
+        { # Information about the user as provided by various Identity Providers.
+          "displayName": "A String", # The user's display name at the Identity Provider.
+          "email": "A String", # The user's email address at the Identity Provider.
+          "federatedId": "A String", # The user's identifier at the Identity Provider.
+          "phoneNumber": "A String", # The user's phone number at the Identity Provider.
+          "photoUrl": "A String", # The user's profile photo URL at the Identity Provider.
+          "providerId": "A String", # The ID of the Identity Provider.
+          "rawId": "A String", # The user's raw identifier directly returned from Identity Provider.
+          "screenName": "A String", # The user's screen_name at Twitter or login name at GitHub.
+        },
+      ],
+      "rawPassword": "A String", # Input only. Plain text password used to update a account's password. This field is only ever used as input in a request. Identity Platform uses cryptographically secure hashing when managing passwords and will never store or transmit a user's password in plain text.
+      "salt": "A String", # The account's password salt. Only accessible by requests bearing a Google OAuth2 credential with proper permissions.
+      "screenName": "A String", # Output only. This account's screen name at Twitter or login name at GitHub.
+      "tenantId": "A String", # ID of the tenant this account belongs to. Only set if this account belongs to a tenant.
+      "timeZone": "A String", # Output only. The time zone preference of the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
+      "validSince": "A String", # Oldest timestamp, in seconds since epoch, that an ID token should be considered valid. All ID tokens issued before this time are considered invalid.
+      "version": 42, # The version of the account's password. Only accessible by requests bearing a Google OAuth2 credential with proper permissions.
+    },
+  ],
+}

+

+
+

+    sendOobCode(targetProjectId, tenantId, body=None, x__xgafv=None)
+  
Sends an out-of-band confirmation code for an account. Requests from a authenticated request can optionally return a link including the OOB code instead of sending it.
+
+Args:
+  targetProjectId: string, The Project ID of the Identity Platform project which the account belongs to. To specify this field, it requires a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control). (required)
+  tenantId: string, The tenant ID of the Identity Platform tenant the account belongs to. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for GetOobCode.
+  "androidInstallApp": True or False, # If an associated android app can handle the OOB code, whether or not to install the android app on the device where the link is opened if the app is not already installed.
+  "androidMinimumVersion": "A String", # If an associated android app can handle the OOB code, the minimum version of the app. If the version on the device is lower than this version then the user is taken to Google Play Store to upgrade the app.
+  "androidPackageName": "A String", # If an associated android app can handle the OOB code, the Android package name of the android app that will handle the callback when this OOB code is used. This will allow the correct app to open if it is already installed, or allow Google Play Store to open to the correct app if it is not yet installed.
+  "canHandleCodeInApp": True or False, # When set to true, the OOB code link will be be sent as a Universal Link or an Android App Link and will be opened by the corresponding app if installed. If not set, or set to false, the OOB code will be sent to the web widget first and then on continue will redirect to the app if installed.
+  "captchaResp": "A String", # For a PASSWORD_RESET request, a reCaptcha response is required when the system detects possible abuse activity. In those cases, this is the response from the reCaptcha challenge used to verify the caller.
+  "challenge": "A String",
+  "continueUrl": "A String", # The Url to continue after user clicks the link sent in email. This is the url that will allow the web widget to handle the OOB code.
+  "dynamicLinkDomain": "A String", # In order to ensure that the url used can be easily opened up in iOS or android, we create a [Firebase Dynamic Link](https://firebase.google.com/docs/dynamic-links). Most Identity Platform projects will only have one Dynamic Link domain enabled, and can leave this field blank. This field contains a specified Dynamic Link domain for projects that have multiple enabled.
+  "email": "A String", # The account's email address to send the OOB code to, and generally the email address of the account that needs to be updated. Required for PASSWORD_RESET, EMAIL_SIGNIN, and VERIFY_EMAIL. Only required for VERIFY_AND_CHANGE_EMAIL requests when return_oob_link is set to true. In this case, it is the original email of the user.
+  "iOSAppStoreId": "A String", # If an associated iOS app can handle the OOB code, the App Store id of this app. This will allow App Store to open to the correct app if the app is not yet installed.
+  "iOSBundleId": "A String", # If an associated iOS app can handle the OOB code, the iOS bundle id of this app. This will allow the correct app to open if it is already installed.
+  "idToken": "A String", # An ID token for the account. It is required for VERIFY_AND_CHANGE_EMAIL and VERIFY_EMAIL requests unless return_oob_link is set to true.
+  "newEmail": "A String", # The email address the account is being updated to. Required only for VERIFY_AND_CHANGE_EMAIL requests.
+  "requestType": "A String", # Required. The type of out-of-band (OOB) code to send. Depending on this value, other fields in this request will be required and/or have different meanings. There are 4 different OOB codes that can be sent: * PASSWORD_RESET * EMAIL_SIGNIN * VERIFY_EMAIL * VERIFY_AND_CHANGE_EMAIL
+  "returnOobLink": True or False, # Whether the confirmation link containing the OOB code should be returned in the response (no email is sent). Used when a developer wants to construct the email template and send it on their own. By default this is false; to specify this field, and to set it to true, it requires a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control)
+  "targetProjectId": "A String", # The Project ID of the Identity Platform project which the account belongs to. To specify this field, it requires a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).
+  "tenantId": "A String", # The tenant ID of the Identity Platform tenant the account belongs to.
+  "userIp": "A String", # The IP address of the caller. Required only for PASSWORD_RESET requests.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for GetOobCode.
+  "email": "A String", # If return_oob_link is false in the request, the email address the verification was sent to.
+  "kind": "A String",
+  "oobCode": "A String", # If return_oob_link is true in the request, the OOB code to send.
+  "oobLink": "A String", # If return_oob_link is true in the request, the OOB link to be sent to the user. This returns the constructed link including [Firebase Dynamic Link](https://firebase.google.com/docs/dynamic-links) related parameters.
+}

+

+
+

+    update(targetProjectId, tenantId, body=None, x__xgafv=None)
+  
Updates account-related information for the specified user by setting specific fields or applying action codes. Requests from administrators and end users are supported.
+
+Args:
+  targetProjectId: string, The project ID for the project that the account belongs to. Specifying this field requires Google OAuth 2.0 credential with proper permissions (https://cloud.google.com/identity-platform/docs/access-control). Requests from end users should pass an Identity Platform ID token instead. (required)
+  tenantId: string, The tenant ID of the Identity Platform tenant that the account belongs to. Requests from end users should pass an Identity Platform ID token rather than setting this field. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for SetAccountInfo.
+  "captchaChallenge": "A String",
+  "captchaResponse": "A String", # The response from reCaptcha challenge. This is required when the system detects possible abuse activities.
+  "createdAt": "A String", # The timestamp in milliseconds when the account was created.
+  "customAttributes": "A String", # JSON formatted custom attributes to be stored in the Identity Platform ID token. Specifying this field requires a Google OAuth 2.0 credential with proper permissions (https://cloud.google.com/identity-platform/docs/access-control).
+  "delegatedProjectNumber": "A String",
+  "deleteAttribute": [ # The account's attributes to be deleted.
+    "A String",
+  ],
+  "deleteProvider": [ # The Identity Providers to unlink from the user's account.
+    "A String",
+  ],
+  "disableUser": True or False, # If true, marks the account as disabled, meaning the user will no longer be able to sign-in.
+  "displayName": "A String", # The user's new display name to be updated in the account's attributes. The length of the display name must be less than or equal to 256 characters.
+  "email": "A String", # The user's new email to be updated in the account's attributes. The length of email should be less than 256 characters and in the format of `name@domain.tld`. The email should also match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec production.
+  "emailVerified": True or False, # Whether the user's email has been verified. Specifying this field requires a Google OAuth 2.0 credential with proper permissions (https://cloud.google.com/identity-platform/docs/access-control).
+  "idToken": "A String", # A valid Identity Platform ID token. Required when attempting to change user-related information.
+  "instanceId": "A String",
+  "lastLoginAt": "A String", # The timestamp in milliseconds when the account last logged in.
+  "linkProviderUserInfo": { # Information about the user as provided by various Identity Providers. # The provider to be linked to the user's account. Specifying this field requires a Google OAuth 2.0 credential with proper permissions (https://cloud.google.com/identity-platform/docs/access-control).
+    "displayName": "A String", # The user's display name at the Identity Provider.
+    "email": "A String", # The user's email address at the Identity Provider.
+    "federatedId": "A String", # The user's identifier at the Identity Provider.
+    "phoneNumber": "A String", # The user's phone number at the Identity Provider.
+    "photoUrl": "A String", # The user's profile photo URL at the Identity Provider.
+    "providerId": "A String", # The ID of the Identity Provider.
+    "rawId": "A String", # The user's raw identifier directly returned from Identity Provider.
+    "screenName": "A String", # The user's screen_name at Twitter or login name at GitHub.
+  },
+  "localId": "A String", # The ID of the user. Specifying this field requires a Google OAuth 2.0 credential with proper permissions (https://cloud.google.com/identity-platform/docs/access-control). For requests from end-users, an ID token should be passed instead.
+  "mfa": { # Multi-factor authentication related information. # The multi-factor authentication related information to be set on the user's account. This will overwrite any previous multi-factor related information on the account. Specifying this field requires a Google OAuth 2.0 credential with proper permissions (https://cloud.google.com/identity-platform/docs/access-control).
+    "enrollments": [ # The second factors the user has enrolled.
+      { # Information on which multi-factor authentication (MFA) providers are enabled for an account.
+        "displayName": "A String", # Display name for this mfa option e.g. "corp cell phone".
+        "enrolledAt": "A String", # Timestamp when the account enrolled this second factor.
+        "mfaEnrollmentId": "A String", # ID of this MFA option.
+        "phoneInfo": "A String", # Normally this will show the phone number associated with this enrollment. In some situations, such as after a first factor sign in, it will only show the obfuscated version of the associated phone number.
+        "unobfuscatedPhoneInfo": "A String", # Output only. Unobfuscated phone_info.
+      },
+    ],
+  },
+  "oobCode": "A String", # The out-of-band code to be applied on the user's account. The following out-of-band code types are supported: * VERIFY_EMAIL * RECOVER_EMAIL * REVERT_SECOND_FACTOR_ADDITION * VERIFY_AND_CHANGE_EMAIL
+  "password": "A String", # The user's new password to be updated in the account's attributes. The password must be at least 6 characters long.
+  "phoneNumber": "A String", # The phone number to be updated in the account's attributes.
+  "photoUrl": "A String", # The user's new photo URL for the account's profile photo to be updated in the account's attributes. The length of the URL must be less than or equal to 2048 characters.
+  "provider": [ # The Identity Providers that the account should be associated with.
+    "A String",
+  ],
+  "returnSecureToken": True or False, # Whether or not to return an ID and refresh token. Should always be true.
+  "targetProjectId": "A String", # The project ID for the project that the account belongs to. Specifying this field requires Google OAuth 2.0 credential with proper permissions (https://cloud.google.com/identity-platform/docs/access-control). Requests from end users should pass an Identity Platform ID token instead.
+  "tenantId": "A String", # The tenant ID of the Identity Platform tenant that the account belongs to. Requests from end users should pass an Identity Platform ID token rather than setting this field.
+  "upgradeToFederatedLogin": True or False, # Whether the account should be restricted to only using federated login.
+  "validSince": "A String", # Specifies the minimum timestamp in seconds for an Identity Platform ID token to be considered valid.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for SetAccountInfo
+  "displayName": "A String", # The account's display name.
+  "email": "A String", # The account's email address.
+  "emailVerified": True or False, # Whether the account's email has been verified.
+  "expiresIn": "A String", # The number of seconds until the Identity Platform ID token expires.
+  "idToken": "A String", # An Identity Platform ID token for the account. This is used for legacy user sign up.
+  "kind": "A String",
+  "localId": "A String", # The ID of the authenticated user.
+  "newEmail": "A String", # The new email that has been set on the user's account attributes.
+  "passwordHash": "A String", # Deprecated. No actual password hash is currently returned.
+  "photoUrl": "A String", # The user's photo URL for the account's profile photo.
+  "providerUserInfo": [ # The linked Identity Providers on the account.
+    { # Information about the user as provided by various Identity Providers.
+      "displayName": "A String", # The user's display name at the Identity Provider.
+      "email": "A String", # The user's email address at the Identity Provider.
+      "federatedId": "A String", # The user's identifier at the Identity Provider.
+      "phoneNumber": "A String", # The user's phone number at the Identity Provider.
+      "photoUrl": "A String", # The user's profile photo URL at the Identity Provider.
+      "providerId": "A String", # The ID of the Identity Provider.
+      "rawId": "A String", # The user's raw identifier directly returned from Identity Provider.
+      "screenName": "A String", # The user's screen_name at Twitter or login name at GitHub.
+    },
+  ],
+  "refreshToken": "A String", # A refresh token for the account. This is used for legacy user sign up.
+}

+

+
+
\ No newline at end of file
diff --git a/docs/dyn/identitytoolkit_v1.projects.tenants.html b/docs/dyn/identitytoolkit_v1.projects.tenants.html
new file mode 100644
index 00000000000..3e7d182da90
--- /dev/null
+++ b/docs/dyn/identitytoolkit_v1.projects.tenants.html
@@ -0,0 +1,123 @@
+
+
+
+
Identity Toolkit API . projects . tenants

+
Instance Methods

+

+  accounts()
+

+
Returns the accounts Resource.

+
+

+  close()

+
Close httplib2 connections.

+

+  createSessionCookie(targetProjectId, tenantId, body=None, x__xgafv=None)

+
Creates a session cookie for the given Identity Platform ID token. The session cookie is used by the client to preserve the user's login state.

+
Method Details

+

+    close()
+  
Close httplib2 connections.

+

+
+

+    createSessionCookie(targetProjectId, tenantId, body=None, x__xgafv=None)
+  
Creates a session cookie for the given Identity Platform ID token. The session cookie is used by the client to preserve the user's login state.
+
+Args:
+  targetProjectId: string, The ID of the project that the account belongs to. (required)
+  tenantId: string, The tenant ID of the Identity Platform tenant the account belongs to. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for CreateSessionCookie.
+  "idToken": "A String", # Required. A valid Identity Platform ID token.
+  "tenantId": "A String", # The tenant ID of the Identity Platform tenant the account belongs to.
+  "validDuration": "A String", # The number of seconds until the session cookie expires. Specify a duration in seconds, between five minutes and fourteen days, inclusively.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for CreateSessionCookie.
+  "sessionCookie": "A String", # The session cookie that has been created from the Identity Platform ID token specified in the request. It is in the form of a JSON Web Token (JWT). Always present.
+}

+

+
+
\ No newline at end of file
diff --git a/docs/dyn/identitytoolkit_v1.v1.html b/docs/dyn/identitytoolkit_v1.v1.html
new file mode 100644
index 00000000000..4c9be2deb6b
--- /dev/null
+++ b/docs/dyn/identitytoolkit_v1.v1.html
@@ -0,0 +1,269 @@
+
+
+
+
Identity Toolkit API . v1

+
Instance Methods

+

+  close()

+
Close httplib2 connections.

+

+  getProjects(androidPackageName=None, clientId=None, delegatedProjectNumber=None, firebaseAppId=None, iosBundleId=None, projectNumber=None, returnDynamicLink=None, sha1Cert=None, x__xgafv=None)

+
Gets a project's public Identity Toolkit configuration. (Legacy) This method also supports authenticated calls from a developer to retrieve non-public configuration.

+

+  getPublicKeys(x__xgafv=None)

+
Retrieves public keys of the legacy Identity Toolkit token signer to enable third parties to verify the legacy ID token. For now the X509 pem cert is the only format supported.

+

+  getRecaptchaParams(x__xgafv=None)

+
Gets parameters needed for generating a reCAPTCHA challenge.

+

+  getSessionCookiePublicKeys(x__xgafv=None)

+
Retrieves the set of public keys of the session cookie JSON Web Token (JWT) signer that can be used to validate the session cookie created through createSessionCookie.

+
Method Details

+

+    close()
+  
Close httplib2 connections.

+

+
+

+    getProjects(androidPackageName=None, clientId=None, delegatedProjectNumber=None, firebaseAppId=None, iosBundleId=None, projectNumber=None, returnDynamicLink=None, sha1Cert=None, x__xgafv=None)
+  
Gets a project's public Identity Toolkit configuration. (Legacy) This method also supports authenticated calls from a developer to retrieve non-public configuration.
+
+Args:
+  androidPackageName: string, Android package name to check against the real android package name. If this field is provided, and sha1_cert_hash is not provided, the action will throw an error if this does not match the real android package name.
+  clientId: string, The RP OAuth client ID. If set, a check will be performed to ensure that the OAuth client is valid for the retrieved project and the request rejected with a client error if not valid.
+  delegatedProjectNumber: string, Project Number of the delegated project request. This field should only be used as part of the Firebase V1 migration.
+  firebaseAppId: string, The Firebase app ID, for applications that use Firebase. This can be found in the Firebase console for your project. If set, a check will be performed to ensure that the app ID is valid for the retrieved project. If not valid, the request will be rejected with a client error.
+  iosBundleId: string, iOS bundle id to check against the real ios bundle id. If this field is provided, the action will throw an error if this does not match the real iOS bundle id.
+  projectNumber: string, Project number of the configuration to retrieve. This field is deprecated and should not be used by new integrations.
+  returnDynamicLink: boolean, Whether dynamic link should be returned.
+  sha1Cert: string, SHA-1 Android application cert hash. If set, a check will be performed to ensure that the cert hash is valid for the retrieved project and android_package_name.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for GetProjectConfig.
+  "allowPasswordUser": True or False, # Whether to allow password account sign up. This field is only returned for authenticated calls from a developer.
+  "apiKey": "A String", # Google Cloud API key. This field is only returned for authenticated calls from a developer.
+  "authorizedDomains": [ # Authorized domains for widget redirect.
+    "A String",
+  ],
+  "changeEmailTemplate": { # Email template # Email template for change email. This field is only returned for authenticated calls from a developer.
+    "body": "A String", # Email body
+    "customized": True or False, # Whether the body or subject of the email is customized.
+    "disabled": True or False, # Whether the template is disabled. If true, a default template will be used.
+    "format": "A String", # Email body format
+    "from": "A String", # From address of the email
+    "fromDisplayName": "A String", # From display name
+    "fromLocalPart": "A String", # Local part of From address
+    "locale": "A String", # Value is in III language code format (e.g. "zh-CN", "es"). Both '-' and '_' separators are accepted.
+    "replyTo": "A String", # Reply-to address
+    "subject": "A String", # Subject of the email
+  },
+  "dynamicLinksDomain": "A String", # The Firebase Dynamic Links domain used to construct links for redirects to native apps.
+  "enableAnonymousUser": True or False, # Whether anonymous user is enabled. This field is only returned for authenticated calls from a developer.
+  "idpConfig": [ # OAuth2 provider config. This field is only returned for authenticated calls from a developer.
+    { # Config of an identity provider.
+      "clientId": "A String", # OAuth2 client ID.
+      "enabled": True or False, # True if allows the user to sign in with the provider.
+      "experimentPercent": 42, # Percent of users who will be prompted/redirected federated login for this IdP
+      "provider": "A String", # Name of the identity provider.
+      "secret": "A String", # OAuth2 client secret.
+      "whitelistedAudiences": [ # Whitelisted client IDs for audience check.
+        "A String",
+      ],
+    },
+  ],
+  "legacyResetPasswordTemplate": { # Email template # Reset password email template for legacy Firebase V1 app. This field is only returned for authenticated calls from a developer.
+    "body": "A String", # Email body
+    "customized": True or False, # Whether the body or subject of the email is customized.
+    "disabled": True or False, # Whether the template is disabled. If true, a default template will be used.
+    "format": "A String", # Email body format
+    "from": "A String", # From address of the email
+    "fromDisplayName": "A String", # From display name
+    "fromLocalPart": "A String", # Local part of From address
+    "locale": "A String", # Value is in III language code format (e.g. "zh-CN", "es"). Both '-' and '_' separators are accepted.
+    "replyTo": "A String", # Reply-to address
+    "subject": "A String", # Subject of the email
+  },
+  "projectId": "A String", # The project id of the retrieved configuration.
+  "resetPasswordTemplate": { # Email template # Email template for reset password. This field is only returned for authenticated calls from a developer.
+    "body": "A String", # Email body
+    "customized": True or False, # Whether the body or subject of the email is customized.
+    "disabled": True or False, # Whether the template is disabled. If true, a default template will be used.
+    "format": "A String", # Email body format
+    "from": "A String", # From address of the email
+    "fromDisplayName": "A String", # From display name
+    "fromLocalPart": "A String", # Local part of From address
+    "locale": "A String", # Value is in III language code format (e.g. "zh-CN", "es"). Both '-' and '_' separators are accepted.
+    "replyTo": "A String", # Reply-to address
+    "subject": "A String", # Subject of the email
+  },
+  "revertSecondFactorAdditionTemplate": { # Email template # Email template for reverting second factor additions. This field is only returned for authenticated calls from a developer.
+    "body": "A String", # Email body
+    "customized": True or False, # Whether the body or subject of the email is customized.
+    "disabled": True or False, # Whether the template is disabled. If true, a default template will be used.
+    "format": "A String", # Email body format
+    "from": "A String", # From address of the email
+    "fromDisplayName": "A String", # From display name
+    "fromLocalPart": "A String", # Local part of From address
+    "locale": "A String", # Value is in III language code format (e.g. "zh-CN", "es"). Both '-' and '_' separators are accepted.
+    "replyTo": "A String", # Reply-to address
+    "subject": "A String", # Subject of the email
+  },
+  "useEmailSending": True or False, # Whether to use email sending. This field is only returned for authenticated calls from a developer.
+  "verifyEmailTemplate": { # Email template # Email template for verify email. This field is only returned for authenticated calls from a developer.
+    "body": "A String", # Email body
+    "customized": True or False, # Whether the body or subject of the email is customized.
+    "disabled": True or False, # Whether the template is disabled. If true, a default template will be used.
+    "format": "A String", # Email body format
+    "from": "A String", # From address of the email
+    "fromDisplayName": "A String", # From display name
+    "fromLocalPart": "A String", # Local part of From address
+    "locale": "A String", # Value is in III language code format (e.g. "zh-CN", "es"). Both '-' and '_' separators are accepted.
+    "replyTo": "A String", # Reply-to address
+    "subject": "A String", # Subject of the email
+  },
+}

+

+
+

+    getPublicKeys(x__xgafv=None)
+  
Retrieves public keys of the legacy Identity Toolkit token signer to enable third parties to verify the legacy ID token. For now the X509 pem cert is the only format supported.
+
+Args:
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    {
+  "a_key": "", # Properties of the object.
+}

+

+
+

+    getRecaptchaParams(x__xgafv=None)
+  
Gets parameters needed for generating a reCAPTCHA challenge.
+
+Args:
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for GetRecaptchaParam.
+  "kind": "A String",
+  "recaptchaSiteKey": "A String", # The reCAPTCHA v2 site key used to invoke the reCAPTCHA service. Always present.
+  "recaptchaStoken": "A String",
+}

+

+
+

+    getSessionCookiePublicKeys(x__xgafv=None)
+  
Retrieves the set of public keys of the session cookie JSON Web Token (JWT) signer that can be used to validate the session cookie created through createSessionCookie.
+
+Args:
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for GetSessionCookiePublicKeys.
+  "keys": [ # Public keys of the session cookie signer, formatted as [JSON Web Keys (JWK)](https://tools.ietf.org/html/rfc7517).
+    { # Represents a public key of the session cookie signer, formatted as a [JSON Web Key (JWK)](https://tools.ietf.org/html/rfc7517).
+      "alg": "A String", # Signature algorithm.
+      "e": "A String", # Exponent for the RSA public key, it is represented as the base64url encoding of the value's big endian representation.
+      "kid": "A String", # Unique string to identify this key.
+      "kty": "A String", # Key type.
+      "n": "A String", # Modulus for the RSA public key, it is represented as the base64url encoding of the value's big endian representation.
+      "use": "A String", # Key use.
+    },
+  ],
+}

+

+
+
\ No newline at end of file
diff --git a/docs/dyn/identitytoolkit_v2.accounts.html b/docs/dyn/identitytoolkit_v2.accounts.html
new file mode 100644
index 00000000000..3240605cc04
--- /dev/null
+++ b/docs/dyn/identitytoolkit_v2.accounts.html
@@ -0,0 +1,96 @@
+
+
+
+
Identity Toolkit API . accounts

+
Instance Methods

+

+  mfaEnrollment()
+

+
Returns the mfaEnrollment Resource.

+
+

+  mfaSignIn()
+

+
Returns the mfaSignIn Resource.

+
+

+  close()

+
Close httplib2 connections.

+
Method Details

+

+    close()
+  
Close httplib2 connections.

+

+
+
\ No newline at end of file
diff --git a/docs/dyn/identitytoolkit_v2.accounts.mfaEnrollment.html b/docs/dyn/identitytoolkit_v2.accounts.mfaEnrollment.html
new file mode 100644
index 00000000000..bce80730d16
--- /dev/null
+++ b/docs/dyn/identitytoolkit_v2.accounts.mfaEnrollment.html
@@ -0,0 +1,200 @@
+
+
+
+
Identity Toolkit API . accounts . mfaEnrollment

+
Instance Methods

+

+  close()

+
Close httplib2 connections.

+

+  finalize(body=None, x__xgafv=None)

+
Finishes enrolling a second factor for the user.

+

+  start(body=None, x__xgafv=None)

+
Step one of the MFA enrollment process. In SMS case, this sends an SMS verification code to the user.

+

+  withdraw(body=None, x__xgafv=None)

+
Revokes one second factor from the enrolled second factors for an account.

+
Method Details

+

+    close()
+  
Close httplib2 connections.

+

+
+

+    finalize(body=None, x__xgafv=None)
+  
Finishes enrolling a second factor for the user.
+
+Args:
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Finishes enrolling a second factor for the user.
+  "displayName": "A String", # Display name which is entered by users to distinguish between different second factors with same type or different type.
+  "idToken": "A String", # Required. ID token.
+  "phoneVerificationInfo": { # Phone Verification info for a FinalizeMfa request. # Verification info to authorize sending an SMS for phone verification.
+    "androidVerificationProof": "A String", # Android only. Uses for "instant" phone number verification though GmsCore.
+    "code": "A String", # User-entered verification code.
+    "phoneNumber": "A String", # Required if Android verification proof is presented.
+    "sessionInfo": "A String", # An opaque string that represents the enrollment session.
+  },
+  "tenantId": "A String", # The ID of the Identity Platform tenant that the user enrolling MFA belongs to. If not set, the user belongs to the default Identity Platform project.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # FinalizeMfaEnrollment response.
+  "idToken": "A String", # ID token updated to reflect MFA enrollment.
+  "phoneAuthInfo": { # Phone Verification info for a FinalizeMfa response. # Auxiliary auth info specific to phone auth.
+    "androidVerificationProof": "A String", # Android only. Long-lived replacement for valid code tied to android device.
+    "androidVerificationProofExpireTime": "A String", # Android only. Expiration time of verification proof in seconds.
+    "phoneNumber": "A String", # For Android verification proof.
+  },
+  "refreshToken": "A String", # Refresh token updated to reflect MFA enrollment.
+}

+

+
+

+    start(body=None, x__xgafv=None)
+  
Step one of the MFA enrollment process. In SMS case, this sends an SMS verification code to the user.
+
+Args:
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Sends MFA enrollment verification SMS for a user.
+  "idToken": "A String", # Required. User's ID token.
+  "phoneEnrollmentInfo": { # App Verification info for a StartMfa request. # Verification info to authorize sending an SMS for phone verification.
+    "autoRetrievalInfo": { # The information required to auto-retrieve an SMS. # Android only. Used by Google Play Services to identify the app for auto-retrieval.
+      "appSignatureHash": "A String", # The Android app's signature hash for Google Play Service's SMS Retriever API.
+    },
+    "iosReceipt": "A String", # iOS only. Receipt of successful app token validation with APNS.
+    "iosSecret": "A String", # iOS only. Secret delivered to iOS app via APNS.
+    "phoneNumber": "A String", # Required for enrollment. Phone number to be enrolled as MFA.
+    "recaptchaToken": "A String", # Web only. Recaptcha solution.
+    "safetyNetToken": "A String", # Android only. Used to assert application identity in place of a recaptcha token. A SafetyNet Token can be generated via the [SafetyNet Android Attestation API](https://developer.android.com/training/safetynet/attestation.html), with the Base64 encoding of the `phone_number` field as the nonce.
+  },
+  "tenantId": "A String", # The ID of the Identity Platform tenant that the user enrolling MFA belongs to. If not set, the user belongs to the default Identity Platform project.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # StartMfaEnrollment response.
+  "phoneSessionInfo": { # Phone Verification info for a StartMfa response. # Verification info to authorize sending an SMS for phone verification.
+    "sessionInfo": "A String", # An opaque string that represents the enrollment session.
+  },
+}

+

+
+

+    withdraw(body=None, x__xgafv=None)
+  
Revokes one second factor from the enrolled second factors for an account.
+
+Args:
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Withdraws MFA.
+  "idToken": "A String", # Required. User's ID token.
+  "mfaEnrollmentId": "A String", # Required. MFA enrollment id from a current MFA enrollment.
+  "tenantId": "A String", # The ID of the Identity Platform tenant that the user unenrolling MFA belongs to. If not set, the user belongs to the default Identity Platform project.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Withdraws MultiFactorAuth response.
+  "idToken": "A String", # ID token updated to reflect removal of the second factor.
+  "refreshToken": "A String", # Refresh token updated to reflect removal of the second factor.
+}

+

+
+
\ No newline at end of file
diff --git a/docs/dyn/identitytoolkit_v2.accounts.mfaSignIn.html b/docs/dyn/identitytoolkit_v2.accounts.mfaSignIn.html
new file mode 100644
index 00000000000..7454ed9501d
--- /dev/null
+++ b/docs/dyn/identitytoolkit_v2.accounts.mfaSignIn.html
@@ -0,0 +1,169 @@
+
+
+
+
Identity Toolkit API . accounts . mfaSignIn

+
Instance Methods

+

+  close()

+
Close httplib2 connections.

+

+  finalize(body=None, x__xgafv=None)

+
Verifies the MFA challenge and performs sign-in

+

+  start(body=None, x__xgafv=None)

+
Sends the MFA challenge

+
Method Details

+

+    close()
+  
Close httplib2 connections.

+

+
+

+    finalize(body=None, x__xgafv=None)
+  
Verifies the MFA challenge and performs sign-in
+
+Args:
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Finalizes sign-in by verifying MFA challenge.
+  "mfaPendingCredential": "A String", # Required. Pending credential from first factor sign-in.
+  "phoneVerificationInfo": { # Phone Verification info for a FinalizeMfa request. # Proof of completion of the SMS based MFA challenge.
+    "androidVerificationProof": "A String", # Android only. Uses for "instant" phone number verification though GmsCore.
+    "code": "A String", # User-entered verification code.
+    "phoneNumber": "A String", # Required if Android verification proof is presented.
+    "sessionInfo": "A String", # An opaque string that represents the enrollment session.
+  },
+  "tenantId": "A String", # The ID of the Identity Platform tenant the user is signing in to. If not set, the user will sign in to the default Identity Platform project.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # FinalizeMfaSignIn response.
+  "idToken": "A String", # ID token for the authenticated user.
+  "phoneAuthInfo": { # Phone Verification info for a FinalizeMfa response. # Extra phone auth info, including android verification proof.
+    "androidVerificationProof": "A String", # Android only. Long-lived replacement for valid code tied to android device.
+    "androidVerificationProofExpireTime": "A String", # Android only. Expiration time of verification proof in seconds.
+    "phoneNumber": "A String", # For Android verification proof.
+  },
+  "refreshToken": "A String", # Refresh token for the authenticated user.
+}

+

+
+

+    start(body=None, x__xgafv=None)
+  
Sends the MFA challenge
+
+Args:
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Starts multi-factor sign-in by sending the multi-factor auth challenge.
+  "mfaEnrollmentId": "A String", # Required. MFA enrollment id from the user's list of current MFA enrollments.
+  "mfaPendingCredential": "A String", # Required. Pending credential from first factor sign-in.
+  "phoneSignInInfo": { # App Verification info for a StartMfa request. # Verification info to authorize sending an SMS for phone verification.
+    "autoRetrievalInfo": { # The information required to auto-retrieve an SMS. # Android only. Used by Google Play Services to identify the app for auto-retrieval.
+      "appSignatureHash": "A String", # The Android app's signature hash for Google Play Service's SMS Retriever API.
+    },
+    "iosReceipt": "A String", # iOS only. Receipt of successful app token validation with APNS.
+    "iosSecret": "A String", # iOS only. Secret delivered to iOS app via APNS.
+    "phoneNumber": "A String", # Required for enrollment. Phone number to be enrolled as MFA.
+    "recaptchaToken": "A String", # Web only. Recaptcha solution.
+    "safetyNetToken": "A String", # Android only. Used to assert application identity in place of a recaptcha token. A SafetyNet Token can be generated via the [SafetyNet Android Attestation API](https://developer.android.com/training/safetynet/attestation.html), with the Base64 encoding of the `phone_number` field as the nonce.
+  },
+  "tenantId": "A String", # The ID of the Identity Platform tenant the user is signing in to. If not set, the user will sign in to the default Identity Platform project.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # StartMfaSignIn response.
+  "phoneResponseInfo": { # Phone Verification info for a StartMfa response. # MultiFactor sign-in session information specific to SMS-type second factors. Along with the one-time code retrieved from the sent SMS, the contents of this session information should be passed to FinalizeMfaSignIn to complete the sign in.
+    "sessionInfo": "A String", # An opaque string that represents the enrollment session.
+  },
+}

+

+
+
\ No newline at end of file
diff --git a/docs/dyn/identitytoolkit_v2.defaultSupportedIdps.html b/docs/dyn/identitytoolkit_v2.defaultSupportedIdps.html
new file mode 100644
index 00000000000..6694c80dbf0
--- /dev/null
+++ b/docs/dyn/identitytoolkit_v2.defaultSupportedIdps.html
@@ -0,0 +1,132 @@
+
+
+
+
Identity Toolkit API . defaultSupportedIdps

+
Instance Methods

+

+  close()

+
Close httplib2 connections.

+

+  list(pageSize=None, pageToken=None, x__xgafv=None)

+
List all default supported Idps.

+

+  list_next()

+
Retrieves the next page of results.

+
Method Details

+

+    close()
+  
Close httplib2 connections.

+

+
+

+    list(pageSize=None, pageToken=None, x__xgafv=None)
+  
List all default supported Idps.
+
+Args:
+  pageSize: integer, The maximum number of items to return.
+  pageToken: string, The next_page_token value returned from a previous List request, if any.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response for ListDefaultSupportedIdps
+  "defaultSupportedIdps": [ # The set of configs.
+    { # Standard Identity Toolkit-trusted IDPs.
+      "description": "A String", # Description of the Idp
+      "idpId": "A String", # Id the of Idp
+    },
+  ],
+  "nextPageToken": "A String", # Token to retrieve the next page of results, or empty if there are no more results in the list.
+}

+

+
+

+    list_next()
+  
Retrieves the next page of results.
+
+        Args:
+          previous_request: The request for the previous page. (required)
+          previous_response: The response from the request for the previous page. (required)
+
+        Returns:
+          A request object that you can call 'execute()' on to request the next
+          page. Returns None if there are no more items in the collection.
+        

+

+
+
\ No newline at end of file
diff --git a/docs/dyn/identitytoolkit_v2.html b/docs/dyn/identitytoolkit_v2.html
new file mode 100644
index 00000000000..2f47a9d2739
--- /dev/null
+++ b/docs/dyn/identitytoolkit_v2.html
@@ -0,0 +1,121 @@
+
+
+
+
Identity Toolkit API

+
Instance Methods

+

+  accounts()
+

+
Returns the accounts Resource.

+
+

+  defaultSupportedIdps()
+

+
Returns the defaultSupportedIdps Resource.

+
+

+  projects()
+

+
Returns the projects Resource.

+
+

+  close()

+
Close httplib2 connections.

+

+  new_batch_http_request()

+
Create a BatchHttpRequest object based on the discovery document.

+
Method Details

+

+    close()
+  
Close httplib2 connections.

+

+
+

+    new_batch_http_request()
+  
Create a BatchHttpRequest object based on the discovery document.
+
+                Args:
+                  callback: callable, A callback to be called for each response, of the
+                    form callback(id, response, exception). The first parameter is the
+                    request id, and the second is the deserialized response object. The
+                    third is an apiclient.errors.HttpError exception object if an HTTP
+                    error occurred while processing the request, or None if no error
+                    occurred.
+
+                Returns:
+                  A BatchHttpRequest object based on the discovery document.
+                

+

+
+
\ No newline at end of file
diff --git a/docs/dyn/identitytoolkit_v2.projects.defaultSupportedIdpConfigs.html b/docs/dyn/identitytoolkit_v2.projects.defaultSupportedIdpConfigs.html
new file mode 100644
index 00000000000..99488688ce6
--- /dev/null
+++ b/docs/dyn/identitytoolkit_v2.projects.defaultSupportedIdpConfigs.html
@@ -0,0 +1,313 @@
+
+
+
+
Identity Toolkit API . projects . defaultSupportedIdpConfigs

+
Instance Methods

+

+  close()

+
Close httplib2 connections.

+

+  create(parent, body=None, idpId=None, x__xgafv=None)

+
Create a default supported Idp configuration for an Identity Toolkit project.

+

+  delete(name, x__xgafv=None)

+
Delete a default supported Idp configuration for an Identity Toolkit project.

+

+  get(name, x__xgafv=None)

+
Retrieve a default supported Idp configuration for an Identity Toolkit project.

+

+  list(parent, pageSize=None, pageToken=None, x__xgafv=None)

+
List all default supported Idp configurations for an Identity Toolkit project.

+

+  list_next()

+
Retrieves the next page of results.

+

+  patch(name, body=None, updateMask=None, x__xgafv=None)

+
Update a default supported Idp configuration for an Identity Toolkit project.

+
Method Details

+

+    close()
+  
Close httplib2 connections.

+

+
+

+    create(parent, body=None, idpId=None, x__xgafv=None)
+  
Create a default supported Idp configuration for an Identity Toolkit project.
+
+Args:
+  parent: string, The parent resource name where the config to be created, for example: "projects/my-awesome-project" (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Configurations options for authenticating with a the standard set of Identity Toolkit-trusted IDPs.
+  "appleSignInConfig": { # Additional config for SignInWithApple. # Additional config for Apple-based projects.
+    "bundleIds": [ # A list of Bundle ID's usable by this project
+      "A String",
+    ],
+    "codeFlowConfig": { # Additional config for Apple for code flow.
+      "keyId": "A String", # Key ID for the private key.
+      "privateKey": "A String", # Private key used for signing the client secret JWT.
+      "teamId": "A String", # Apple Developer Team ID.
+    },
+  },
+  "clientId": "A String", # OAuth client ID.
+  "clientSecret": "A String", # OAuth client secret.
+  "enabled": True or False, # True if allows the user to sign in with the provider.
+  "name": "A String", # The name of the DefaultSupportedIdpConfig resource, for example: "projects/my-awesome-project/defaultSupportedIdpConfigs/google.com"
+}
+
+  idpId: string, The id of the Idp to create a config for. Call ListDefaultSupportedIdps for list of all default supported Idps.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Configurations options for authenticating with a the standard set of Identity Toolkit-trusted IDPs.
+  "appleSignInConfig": { # Additional config for SignInWithApple. # Additional config for Apple-based projects.
+    "bundleIds": [ # A list of Bundle ID's usable by this project
+      "A String",
+    ],
+    "codeFlowConfig": { # Additional config for Apple for code flow.
+      "keyId": "A String", # Key ID for the private key.
+      "privateKey": "A String", # Private key used for signing the client secret JWT.
+      "teamId": "A String", # Apple Developer Team ID.
+    },
+  },
+  "clientId": "A String", # OAuth client ID.
+  "clientSecret": "A String", # OAuth client secret.
+  "enabled": True or False, # True if allows the user to sign in with the provider.
+  "name": "A String", # The name of the DefaultSupportedIdpConfig resource, for example: "projects/my-awesome-project/defaultSupportedIdpConfigs/google.com"
+}

+

+
+

+    delete(name, x__xgafv=None)
+  
Delete a default supported Idp configuration for an Identity Toolkit project.
+
+Args:
+  name: string, The resource name of the config, for example: "projects/my-awesome-project/defaultSupportedIdpConfigs/google.com" (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }
+}

+

+
+

+    get(name, x__xgafv=None)
+  
Retrieve a default supported Idp configuration for an Identity Toolkit project.
+
+Args:
+  name: string, The resource name of the config, for example: "projects/my-awesome-project/defaultSupportedIdpConfigs/google.com" (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Configurations options for authenticating with a the standard set of Identity Toolkit-trusted IDPs.
+  "appleSignInConfig": { # Additional config for SignInWithApple. # Additional config for Apple-based projects.
+    "bundleIds": [ # A list of Bundle ID's usable by this project
+      "A String",
+    ],
+    "codeFlowConfig": { # Additional config for Apple for code flow.
+      "keyId": "A String", # Key ID for the private key.
+      "privateKey": "A String", # Private key used for signing the client secret JWT.
+      "teamId": "A String", # Apple Developer Team ID.
+    },
+  },
+  "clientId": "A String", # OAuth client ID.
+  "clientSecret": "A String", # OAuth client secret.
+  "enabled": True or False, # True if allows the user to sign in with the provider.
+  "name": "A String", # The name of the DefaultSupportedIdpConfig resource, for example: "projects/my-awesome-project/defaultSupportedIdpConfigs/google.com"
+}

+

+
+

+    list(parent, pageSize=None, pageToken=None, x__xgafv=None)
+  
List all default supported Idp configurations for an Identity Toolkit project.
+
+Args:
+  parent: string, The parent resource name, for example, "projects/my-awesome-project". (required)
+  pageSize: integer, The maximum number of items to return.
+  pageToken: string, The next_page_token value returned from a previous List request, if any.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response for DefaultSupportedIdpConfigs
+  "defaultSupportedIdpConfigs": [ # The set of configs.
+    { # Configurations options for authenticating with a the standard set of Identity Toolkit-trusted IDPs.
+      "appleSignInConfig": { # Additional config for SignInWithApple. # Additional config for Apple-based projects.
+        "bundleIds": [ # A list of Bundle ID's usable by this project
+          "A String",
+        ],
+        "codeFlowConfig": { # Additional config for Apple for code flow.
+          "keyId": "A String", # Key ID for the private key.
+          "privateKey": "A String", # Private key used for signing the client secret JWT.
+          "teamId": "A String", # Apple Developer Team ID.
+        },
+      },
+      "clientId": "A String", # OAuth client ID.
+      "clientSecret": "A String", # OAuth client secret.
+      "enabled": True or False, # True if allows the user to sign in with the provider.
+      "name": "A String", # The name of the DefaultSupportedIdpConfig resource, for example: "projects/my-awesome-project/defaultSupportedIdpConfigs/google.com"
+    },
+  ],
+  "nextPageToken": "A String", # Token to retrieve the next page of results, or empty if there are no more results in the list.
+}

+

+
+

+    list_next()
+  
Retrieves the next page of results.
+
+        Args:
+          previous_request: The request for the previous page. (required)
+          previous_response: The response from the request for the previous page. (required)
+
+        Returns:
+          A request object that you can call 'execute()' on to request the next
+          page. Returns None if there are no more items in the collection.
+        

+

+
+

+    patch(name, body=None, updateMask=None, x__xgafv=None)
+  
Update a default supported Idp configuration for an Identity Toolkit project.
+
+Args:
+  name: string, The name of the DefaultSupportedIdpConfig resource, for example: "projects/my-awesome-project/defaultSupportedIdpConfigs/google.com" (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Configurations options for authenticating with a the standard set of Identity Toolkit-trusted IDPs.
+  "appleSignInConfig": { # Additional config for SignInWithApple. # Additional config for Apple-based projects.
+    "bundleIds": [ # A list of Bundle ID's usable by this project
+      "A String",
+    ],
+    "codeFlowConfig": { # Additional config for Apple for code flow.
+      "keyId": "A String", # Key ID for the private key.
+      "privateKey": "A String", # Private key used for signing the client secret JWT.
+      "teamId": "A String", # Apple Developer Team ID.
+    },
+  },
+  "clientId": "A String", # OAuth client ID.
+  "clientSecret": "A String", # OAuth client secret.
+  "enabled": True or False, # True if allows the user to sign in with the provider.
+  "name": "A String", # The name of the DefaultSupportedIdpConfig resource, for example: "projects/my-awesome-project/defaultSupportedIdpConfigs/google.com"
+}
+
+  updateMask: string, The update mask applies to the resource. For the `FieldMask` definition, see https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Configurations options for authenticating with a the standard set of Identity Toolkit-trusted IDPs.
+  "appleSignInConfig": { # Additional config for SignInWithApple. # Additional config for Apple-based projects.
+    "bundleIds": [ # A list of Bundle ID's usable by this project
+      "A String",
+    ],
+    "codeFlowConfig": { # Additional config for Apple for code flow.
+      "keyId": "A String", # Key ID for the private key.
+      "privateKey": "A String", # Private key used for signing the client secret JWT.
+      "teamId": "A String", # Apple Developer Team ID.
+    },
+  },
+  "clientId": "A String", # OAuth client ID.
+  "clientSecret": "A String", # OAuth client secret.
+  "enabled": True or False, # True if allows the user to sign in with the provider.
+  "name": "A String", # The name of the DefaultSupportedIdpConfig resource, for example: "projects/my-awesome-project/defaultSupportedIdpConfigs/google.com"
+}

+

+
+
\ No newline at end of file
diff --git a/docs/dyn/identitytoolkit_v2.projects.html b/docs/dyn/identitytoolkit_v2.projects.html
new file mode 100644
index 00000000000..4be3b186888
--- /dev/null
+++ b/docs/dyn/identitytoolkit_v2.projects.html
@@ -0,0 +1,590 @@
+
+
+
+
Identity Toolkit API . projects

+
Instance Methods

+

+  defaultSupportedIdpConfigs()
+

+
Returns the defaultSupportedIdpConfigs Resource.

+
+

+  inboundSamlConfigs()
+

+
Returns the inboundSamlConfigs Resource.

+
+

+  oauthIdpConfigs()
+

+
Returns the oauthIdpConfigs Resource.

+
+

+  tenants()
+

+
Returns the tenants Resource.

+
+

+  close()

+
Close httplib2 connections.

+

+  getConfig(name, x__xgafv=None)

+
Retrieve an Identity Toolkit project configuration.

+

+  updateConfig(name, body=None, updateMask=None, x__xgafv=None)

+
Update an Identity Toolkit project configuration.

+
Method Details

+

+    close()
+  
Close httplib2 connections.

+

+
+

+    getConfig(name, x__xgafv=None)
+  
Retrieve an Identity Toolkit project configuration.
+
+Args:
+  name: string, The resource name of the config, for example: "projects/my-awesome-project/config" (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Represents an Identity Toolkit project.
+  "authorizedDomains": [ # List of domains authorized for OAuth redirects
+    "A String",
+  ],
+  "autodeleteAnonymousUsers": True or False, # Whether anonymous users will be auto-deleted after a period of 30 days.
+  "blockingFunctions": { # Configuration related to Blocking Functions. # Configuration related to blocking functions.
+    "forwardInboundCredentials": { # Indicates which credentials to pass to the registered Blocking Functions. # The user credentials to include in the JWT payload that is sent to the registered Blocking Functions.
+      "accessToken": True or False, # Whether to pass the user's OAuth identity provider's access token.
+      "idToken": True or False, # Whether to pass the user's OIDC identity provider's ID token.
+      "refreshToken": True or False, # Whether to pass the user's OAuth identity provider's refresh token.
+    },
+    "triggers": { # Map of Trigger to event type. Key should be one of the supported event types: "beforeCreate", "beforeSignIn"
+      "a_key": { # Synchronous Cloud Function with HTTP Trigger
+        "functionUri": "A String", # HTTP URI trigger for the Cloud Function.
+        "updateTime": "A String", # When the trigger was changed.
+      },
+    },
+  },
+  "client": { # Options related to how clients making requests on behalf of a project should be configured. # Options related to how clients making requests on behalf of a project should be configured.
+    "apiKey": "A String", # Output only. API key that can be used when making requests for this project.
+    "firebaseSubdomain": "A String", # Output only. Firebase subdomain.
+    "permissions": { # Configuration related to restricting a user's ability to affect their account. # Configuration related to restricting a user's ability to affect their account.
+      "disabledUserDeletion": True or False, # When true, end users cannot delete their account on the associated project through any of our API methods
+      "disabledUserSignup": True or False, # When true, end users cannot sign up for a new account on the associated project through any of our API methods
+    },
+  },
+  "mfa": { # Options related to MultiFactor Authentication for the project. # Configuration for this project's multi-factor authentication, including whether it is active and what factors can be used for the second factor
+    "enabledProviders": [ # A list of usable second factors for this project.
+      "A String",
+    ],
+    "state": "A String", # Whether MultiFactor Authentication has been enabled for this project.
+  },
+  "monitoring": { # Configuration related to monitoring project activity. # Configuration related to monitoring project activity.
+    "requestLogging": { # Configuration for logging requests made to this project to Stackdriver Logging # Configuration for logging requests made to this project to Stackdriver Logging
+      "enabled": True or False, # Whether logging is enabled for this project or not.
+    },
+  },
+  "multiTenant": { # Configuration related to multi-tenant functionality. # Configuration related to multi-tenant functionality.
+    "allowTenants": True or False, # Whether this project can have tenants or not.
+    "defaultTenantLocation": "A String", # The default cloud parent org or folder that the tenant project should be created under. The parent resource name should be in the format of "/", such as "folders/123" or "organizations/456". If the value is not set, the tenant will be created under the same organization or folder as the agent project.
+  },
+  "name": "A String", # Output only. The name of the Config resource. Example: "projects/my-awesome-project/config"
+  "notification": { # Configuration related to sending notifications to users. # Configuration related to sending notifications to users.
+    "defaultLocale": "A String", # Default locale used for email and SMS in IETF BCP 47 format.
+    "sendEmail": { # Options for email sending. # Options for email sending.
+      "callbackUri": "A String", # action url in email template.
+      "changeEmailTemplate": { # Email template. The subject and body fields can contain the following placeholders which will be replaced with the appropriate values: %LINK% - The link to use to redeem the send OOB code. %EMAIL% - The email where the email is being sent. %NEW_EMAIL% - The new email being set for the account (when applicable). %APP_NAME% - The GCP project's display name. %DISPLAY_NAME% - The user's display name. # Email template for change email
+        "body": "A String", # Email body
+        "bodyFormat": "A String", # Email body format
+        "customized": True or False, # Output only. Whether the body or subject of the email is customized.
+        "replyTo": "A String", # Reply-to address
+        "senderDisplayName": "A String", # Sender display name
+        "senderLocalPart": "A String", # Local part of From address
+        "subject": "A String", # Subject of the email
+      },
+      "dnsInfo": { # Information of custom domain DNS verification. By default, default_domain will be used. A custom domain can be configured using VerifyCustomDomain. # Information of custom domain DNS verification.
+        "customDomain": "A String", # Output only. The applied verified custom domain.
+        "customDomainState": "A String", # Output only. The current verification state of the custom domain. The custom domain will only be used once the domain verification is successful.
+        "domainVerificationRequestTime": "A String", # Output only. The timestamp of initial request for the current domain verification.
+        "pendingCustomDomain": "A String", # Output only. The custom domain that's to be verified.
+        "useCustomDomain": True or False, # Whether to use custom domain.
+      },
+      "legacyResetPasswordTemplate": { # Email template. The subject and body fields can contain the following placeholders which will be replaced with the appropriate values: %LINK% - The link to use to redeem the send OOB code. %EMAIL% - The email where the email is being sent. %NEW_EMAIL% - The new email being set for the account (when applicable). %APP_NAME% - The GCP project's display name. %DISPLAY_NAME% - The user's display name. # Reset password email template for legacy Firebase V1 app.
+        "body": "A String", # Email body
+        "bodyFormat": "A String", # Email body format
+        "customized": True or False, # Output only. Whether the body or subject of the email is customized.
+        "replyTo": "A String", # Reply-to address
+        "senderDisplayName": "A String", # Sender display name
+        "senderLocalPart": "A String", # Local part of From address
+        "subject": "A String", # Subject of the email
+      },
+      "method": "A String", # The method used for sending an email.
+      "resetPasswordTemplate": { # Email template. The subject and body fields can contain the following placeholders which will be replaced with the appropriate values: %LINK% - The link to use to redeem the send OOB code. %EMAIL% - The email where the email is being sent. %NEW_EMAIL% - The new email being set for the account (when applicable). %APP_NAME% - The GCP project's display name. %DISPLAY_NAME% - The user's display name. # Email template for reset password
+        "body": "A String", # Email body
+        "bodyFormat": "A String", # Email body format
+        "customized": True or False, # Output only. Whether the body or subject of the email is customized.
+        "replyTo": "A String", # Reply-to address
+        "senderDisplayName": "A String", # Sender display name
+        "senderLocalPart": "A String", # Local part of From address
+        "subject": "A String", # Subject of the email
+      },
+      "revertSecondFactorAdditionTemplate": { # Email template. The subject and body fields can contain the following placeholders which will be replaced with the appropriate values: %LINK% - The link to use to redeem the send OOB code. %EMAIL% - The email where the email is being sent. %NEW_EMAIL% - The new email being set for the account (when applicable). %APP_NAME% - The GCP project's display name. %DISPLAY_NAME% - The user's display name. # Email template for reverting second factor addition emails
+        "body": "A String", # Email body
+        "bodyFormat": "A String", # Email body format
+        "customized": True or False, # Output only. Whether the body or subject of the email is customized.
+        "replyTo": "A String", # Reply-to address
+        "senderDisplayName": "A String", # Sender display name
+        "senderLocalPart": "A String", # Local part of From address
+        "subject": "A String", # Subject of the email
+      },
+      "smtp": { # Configuration for SMTP relay # Use a custom SMTP relay
+        "host": "A String", # SMTP relay host
+        "password": "A String", # SMTP relay password
+        "port": 42, # SMTP relay port
+        "securityMode": "A String", # SMTP security mode.
+        "senderEmail": "A String", # Sender email for the SMTP relay
+        "username": "A String", # SMTP relay username
+      },
+      "verifyEmailTemplate": { # Email template. The subject and body fields can contain the following placeholders which will be replaced with the appropriate values: %LINK% - The link to use to redeem the send OOB code. %EMAIL% - The email where the email is being sent. %NEW_EMAIL% - The new email being set for the account (when applicable). %APP_NAME% - The GCP project's display name. %DISPLAY_NAME% - The user's display name. # Email template for verify email
+        "body": "A String", # Email body
+        "bodyFormat": "A String", # Email body format
+        "customized": True or False, # Output only. Whether the body or subject of the email is customized.
+        "replyTo": "A String", # Reply-to address
+        "senderDisplayName": "A String", # Sender display name
+        "senderLocalPart": "A String", # Local part of From address
+        "subject": "A String", # Subject of the email
+      },
+    },
+    "sendSms": { # Options for SMS sending. # Options for SMS sending.
+      "smsTemplate": { # The template to use when sending an SMS. # Output only. The template to use when sending an SMS.
+        "content": "A String", # Output only. The SMS's content. Can contain the following placeholders which will be replaced with the appropriate values: %APP_NAME% - For Android or iOS apps, the app's display name. For web apps, the domain hosting the application. %LOGIN_CODE% - The OOB code being sent in the SMS.
+      },
+      "useDeviceLocale": True or False, # Whether to use the accept_language header for SMS.
+    },
+  },
+  "quota": { # Configuration related to quotas. # Configuration related to quotas.
+    "signUpQuotaConfig": { # Temporary quota increase / decrease # Quota for the Signup endpoint, if overwritten. Signup quota is measured in sign ups per project per hour per IP.
+      "quota": "A String", # Corresponds to the 'refill_token_count' field in QuotaServer config
+      "quotaDuration": "A String", # How long this quota will be active for
+      "startTime": "A String", # When this quota will take affect
+    },
+  },
+  "signIn": { # Configuration related to local sign in methods. # Configuration related to local sign in methods.
+    "allowDuplicateEmails": True or False, # Whether to allow more than one account to have the same email.
+    "anonymous": { # Configuration options related to authenticating an anonymous user. # Configuration options related to authenticating an anonymous user.
+      "enabled": True or False, # Whether anonymous user auth is enabled for the project or not.
+    },
+    "email": { # Configuration options related to authenticating a user by their email address. # Configuration options related to authenticating a user by their email address.
+      "enabled": True or False, # Whether email auth is enabled for the project or not.
+      "passwordRequired": True or False, # Whether a password is required for email auth or not. If true, both an email and password must be provided to sign in. If false, a user may sign in via either email/password or email link.
+    },
+    "hashConfig": { # History information of the hash algorithm and key. Different accounts' passwords may be generated by different version. # Output only. Hash config information.
+      "algorithm": "A String", # Output only. Different password hash algorithms used in Identity Toolkit.
+      "memoryCost": 42, # Output only. Memory cost for hash calculation. Used by scrypt and other similar password derivation algorithms. See https://tools.ietf.org/html/rfc7914 for explanation of field.
+      "rounds": 42, # Output only. How many rounds for hash calculation. Used by scrypt and other similar password derivation algorithms.
+      "saltSeparator": "A String", # Output only. Non-printable character to be inserted between the salt and plain text password in base64.
+      "signerKey": "A String", # Output only. Signer key in base64.
+    },
+    "phoneNumber": { # Configuration options related to authenticated a user by their phone number. # Configuration options related to authenticated a user by their phone number.
+      "enabled": True or False, # Whether phone number auth is enabled for the project or not.
+      "testPhoneNumbers": { # A map of that can be used for phone auth testing.
+        "a_key": "A String",
+      },
+    },
+  },
+  "subtype": "A String", # Output only. The subtype of this config.
+}

+

+
+

+    updateConfig(name, body=None, updateMask=None, x__xgafv=None)
+  
Update an Identity Toolkit project configuration.
+
+Args:
+  name: string, Output only. The name of the Config resource. Example: "projects/my-awesome-project/config" (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Represents an Identity Toolkit project.
+  "authorizedDomains": [ # List of domains authorized for OAuth redirects
+    "A String",
+  ],
+  "autodeleteAnonymousUsers": True or False, # Whether anonymous users will be auto-deleted after a period of 30 days.
+  "blockingFunctions": { # Configuration related to Blocking Functions. # Configuration related to blocking functions.
+    "forwardInboundCredentials": { # Indicates which credentials to pass to the registered Blocking Functions. # The user credentials to include in the JWT payload that is sent to the registered Blocking Functions.
+      "accessToken": True or False, # Whether to pass the user's OAuth identity provider's access token.
+      "idToken": True or False, # Whether to pass the user's OIDC identity provider's ID token.
+      "refreshToken": True or False, # Whether to pass the user's OAuth identity provider's refresh token.
+    },
+    "triggers": { # Map of Trigger to event type. Key should be one of the supported event types: "beforeCreate", "beforeSignIn"
+      "a_key": { # Synchronous Cloud Function with HTTP Trigger
+        "functionUri": "A String", # HTTP URI trigger for the Cloud Function.
+        "updateTime": "A String", # When the trigger was changed.
+      },
+    },
+  },
+  "client": { # Options related to how clients making requests on behalf of a project should be configured. # Options related to how clients making requests on behalf of a project should be configured.
+    "apiKey": "A String", # Output only. API key that can be used when making requests for this project.
+    "firebaseSubdomain": "A String", # Output only. Firebase subdomain.
+    "permissions": { # Configuration related to restricting a user's ability to affect their account. # Configuration related to restricting a user's ability to affect their account.
+      "disabledUserDeletion": True or False, # When true, end users cannot delete their account on the associated project through any of our API methods
+      "disabledUserSignup": True or False, # When true, end users cannot sign up for a new account on the associated project through any of our API methods
+    },
+  },
+  "mfa": { # Options related to MultiFactor Authentication for the project. # Configuration for this project's multi-factor authentication, including whether it is active and what factors can be used for the second factor
+    "enabledProviders": [ # A list of usable second factors for this project.
+      "A String",
+    ],
+    "state": "A String", # Whether MultiFactor Authentication has been enabled for this project.
+  },
+  "monitoring": { # Configuration related to monitoring project activity. # Configuration related to monitoring project activity.
+    "requestLogging": { # Configuration for logging requests made to this project to Stackdriver Logging # Configuration for logging requests made to this project to Stackdriver Logging
+      "enabled": True or False, # Whether logging is enabled for this project or not.
+    },
+  },
+  "multiTenant": { # Configuration related to multi-tenant functionality. # Configuration related to multi-tenant functionality.
+    "allowTenants": True or False, # Whether this project can have tenants or not.
+    "defaultTenantLocation": "A String", # The default cloud parent org or folder that the tenant project should be created under. The parent resource name should be in the format of "/", such as "folders/123" or "organizations/456". If the value is not set, the tenant will be created under the same organization or folder as the agent project.
+  },
+  "name": "A String", # Output only. The name of the Config resource. Example: "projects/my-awesome-project/config"
+  "notification": { # Configuration related to sending notifications to users. # Configuration related to sending notifications to users.
+    "defaultLocale": "A String", # Default locale used for email and SMS in IETF BCP 47 format.
+    "sendEmail": { # Options for email sending. # Options for email sending.
+      "callbackUri": "A String", # action url in email template.
+      "changeEmailTemplate": { # Email template. The subject and body fields can contain the following placeholders which will be replaced with the appropriate values: %LINK% - The link to use to redeem the send OOB code. %EMAIL% - The email where the email is being sent. %NEW_EMAIL% - The new email being set for the account (when applicable). %APP_NAME% - The GCP project's display name. %DISPLAY_NAME% - The user's display name. # Email template for change email
+        "body": "A String", # Email body
+        "bodyFormat": "A String", # Email body format
+        "customized": True or False, # Output only. Whether the body or subject of the email is customized.
+        "replyTo": "A String", # Reply-to address
+        "senderDisplayName": "A String", # Sender display name
+        "senderLocalPart": "A String", # Local part of From address
+        "subject": "A String", # Subject of the email
+      },
+      "dnsInfo": { # Information of custom domain DNS verification. By default, default_domain will be used. A custom domain can be configured using VerifyCustomDomain. # Information of custom domain DNS verification.
+        "customDomain": "A String", # Output only. The applied verified custom domain.
+        "customDomainState": "A String", # Output only. The current verification state of the custom domain. The custom domain will only be used once the domain verification is successful.
+        "domainVerificationRequestTime": "A String", # Output only. The timestamp of initial request for the current domain verification.
+        "pendingCustomDomain": "A String", # Output only. The custom domain that's to be verified.
+        "useCustomDomain": True or False, # Whether to use custom domain.
+      },
+      "legacyResetPasswordTemplate": { # Email template. The subject and body fields can contain the following placeholders which will be replaced with the appropriate values: %LINK% - The link to use to redeem the send OOB code. %EMAIL% - The email where the email is being sent. %NEW_EMAIL% - The new email being set for the account (when applicable). %APP_NAME% - The GCP project's display name. %DISPLAY_NAME% - The user's display name. # Reset password email template for legacy Firebase V1 app.
+        "body": "A String", # Email body
+        "bodyFormat": "A String", # Email body format
+        "customized": True or False, # Output only. Whether the body or subject of the email is customized.
+        "replyTo": "A String", # Reply-to address
+        "senderDisplayName": "A String", # Sender display name
+        "senderLocalPart": "A String", # Local part of From address
+        "subject": "A String", # Subject of the email
+      },
+      "method": "A String", # The method used for sending an email.
+      "resetPasswordTemplate": { # Email template. The subject and body fields can contain the following placeholders which will be replaced with the appropriate values: %LINK% - The link to use to redeem the send OOB code. %EMAIL% - The email where the email is being sent. %NEW_EMAIL% - The new email being set for the account (when applicable). %APP_NAME% - The GCP project's display name. %DISPLAY_NAME% - The user's display name. # Email template for reset password
+        "body": "A String", # Email body
+        "bodyFormat": "A String", # Email body format
+        "customized": True or False, # Output only. Whether the body or subject of the email is customized.
+        "replyTo": "A String", # Reply-to address
+        "senderDisplayName": "A String", # Sender display name
+        "senderLocalPart": "A String", # Local part of From address
+        "subject": "A String", # Subject of the email
+      },
+      "revertSecondFactorAdditionTemplate": { # Email template. The subject and body fields can contain the following placeholders which will be replaced with the appropriate values: %LINK% - The link to use to redeem the send OOB code. %EMAIL% - The email where the email is being sent. %NEW_EMAIL% - The new email being set for the account (when applicable). %APP_NAME% - The GCP project's display name. %DISPLAY_NAME% - The user's display name. # Email template for reverting second factor addition emails
+        "body": "A String", # Email body
+        "bodyFormat": "A String", # Email body format
+        "customized": True or False, # Output only. Whether the body or subject of the email is customized.
+        "replyTo": "A String", # Reply-to address
+        "senderDisplayName": "A String", # Sender display name
+        "senderLocalPart": "A String", # Local part of From address
+        "subject": "A String", # Subject of the email
+      },
+      "smtp": { # Configuration for SMTP relay # Use a custom SMTP relay
+        "host": "A String", # SMTP relay host
+        "password": "A String", # SMTP relay password
+        "port": 42, # SMTP relay port
+        "securityMode": "A String", # SMTP security mode.
+        "senderEmail": "A String", # Sender email for the SMTP relay
+        "username": "A String", # SMTP relay username
+      },
+      "verifyEmailTemplate": { # Email template. The subject and body fields can contain the following placeholders which will be replaced with the appropriate values: %LINK% - The link to use to redeem the send OOB code. %EMAIL% - The email where the email is being sent. %NEW_EMAIL% - The new email being set for the account (when applicable). %APP_NAME% - The GCP project's display name. %DISPLAY_NAME% - The user's display name. # Email template for verify email
+        "body": "A String", # Email body
+        "bodyFormat": "A String", # Email body format
+        "customized": True or False, # Output only. Whether the body or subject of the email is customized.
+        "replyTo": "A String", # Reply-to address
+        "senderDisplayName": "A String", # Sender display name
+        "senderLocalPart": "A String", # Local part of From address
+        "subject": "A String", # Subject of the email
+      },
+    },
+    "sendSms": { # Options for SMS sending. # Options for SMS sending.
+      "smsTemplate": { # The template to use when sending an SMS. # Output only. The template to use when sending an SMS.
+        "content": "A String", # Output only. The SMS's content. Can contain the following placeholders which will be replaced with the appropriate values: %APP_NAME% - For Android or iOS apps, the app's display name. For web apps, the domain hosting the application. %LOGIN_CODE% - The OOB code being sent in the SMS.
+      },
+      "useDeviceLocale": True or False, # Whether to use the accept_language header for SMS.
+    },
+  },
+  "quota": { # Configuration related to quotas. # Configuration related to quotas.
+    "signUpQuotaConfig": { # Temporary quota increase / decrease # Quota for the Signup endpoint, if overwritten. Signup quota is measured in sign ups per project per hour per IP.
+      "quota": "A String", # Corresponds to the 'refill_token_count' field in QuotaServer config
+      "quotaDuration": "A String", # How long this quota will be active for
+      "startTime": "A String", # When this quota will take affect
+    },
+  },
+  "signIn": { # Configuration related to local sign in methods. # Configuration related to local sign in methods.
+    "allowDuplicateEmails": True or False, # Whether to allow more than one account to have the same email.
+    "anonymous": { # Configuration options related to authenticating an anonymous user. # Configuration options related to authenticating an anonymous user.
+      "enabled": True or False, # Whether anonymous user auth is enabled for the project or not.
+    },
+    "email": { # Configuration options related to authenticating a user by their email address. # Configuration options related to authenticating a user by their email address.
+      "enabled": True or False, # Whether email auth is enabled for the project or not.
+      "passwordRequired": True or False, # Whether a password is required for email auth or not. If true, both an email and password must be provided to sign in. If false, a user may sign in via either email/password or email link.
+    },
+    "hashConfig": { # History information of the hash algorithm and key. Different accounts' passwords may be generated by different version. # Output only. Hash config information.
+      "algorithm": "A String", # Output only. Different password hash algorithms used in Identity Toolkit.
+      "memoryCost": 42, # Output only. Memory cost for hash calculation. Used by scrypt and other similar password derivation algorithms. See https://tools.ietf.org/html/rfc7914 for explanation of field.
+      "rounds": 42, # Output only. How many rounds for hash calculation. Used by scrypt and other similar password derivation algorithms.
+      "saltSeparator": "A String", # Output only. Non-printable character to be inserted between the salt and plain text password in base64.
+      "signerKey": "A String", # Output only. Signer key in base64.
+    },
+    "phoneNumber": { # Configuration options related to authenticated a user by their phone number. # Configuration options related to authenticated a user by their phone number.
+      "enabled": True or False, # Whether phone number auth is enabled for the project or not.
+      "testPhoneNumbers": { # A map of that can be used for phone auth testing.
+        "a_key": "A String",
+      },
+    },
+  },
+  "subtype": "A String", # Output only. The subtype of this config.
+}
+
+  updateMask: string, The update mask applies to the resource. Fields set in the config but not included in this update mask will be ignored. For the `FieldMask` definition, see https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Represents an Identity Toolkit project.
+  "authorizedDomains": [ # List of domains authorized for OAuth redirects
+    "A String",
+  ],
+  "autodeleteAnonymousUsers": True or False, # Whether anonymous users will be auto-deleted after a period of 30 days.
+  "blockingFunctions": { # Configuration related to Blocking Functions. # Configuration related to blocking functions.
+    "forwardInboundCredentials": { # Indicates which credentials to pass to the registered Blocking Functions. # The user credentials to include in the JWT payload that is sent to the registered Blocking Functions.
+      "accessToken": True or False, # Whether to pass the user's OAuth identity provider's access token.
+      "idToken": True or False, # Whether to pass the user's OIDC identity provider's ID token.
+      "refreshToken": True or False, # Whether to pass the user's OAuth identity provider's refresh token.
+    },
+    "triggers": { # Map of Trigger to event type. Key should be one of the supported event types: "beforeCreate", "beforeSignIn"
+      "a_key": { # Synchronous Cloud Function with HTTP Trigger
+        "functionUri": "A String", # HTTP URI trigger for the Cloud Function.
+        "updateTime": "A String", # When the trigger was changed.
+      },
+    },
+  },
+  "client": { # Options related to how clients making requests on behalf of a project should be configured. # Options related to how clients making requests on behalf of a project should be configured.
+    "apiKey": "A String", # Output only. API key that can be used when making requests for this project.
+    "firebaseSubdomain": "A String", # Output only. Firebase subdomain.
+    "permissions": { # Configuration related to restricting a user's ability to affect their account. # Configuration related to restricting a user's ability to affect their account.
+      "disabledUserDeletion": True or False, # When true, end users cannot delete their account on the associated project through any of our API methods
+      "disabledUserSignup": True or False, # When true, end users cannot sign up for a new account on the associated project through any of our API methods
+    },
+  },
+  "mfa": { # Options related to MultiFactor Authentication for the project. # Configuration for this project's multi-factor authentication, including whether it is active and what factors can be used for the second factor
+    "enabledProviders": [ # A list of usable second factors for this project.
+      "A String",
+    ],
+    "state": "A String", # Whether MultiFactor Authentication has been enabled for this project.
+  },
+  "monitoring": { # Configuration related to monitoring project activity. # Configuration related to monitoring project activity.
+    "requestLogging": { # Configuration for logging requests made to this project to Stackdriver Logging # Configuration for logging requests made to this project to Stackdriver Logging
+      "enabled": True or False, # Whether logging is enabled for this project or not.
+    },
+  },
+  "multiTenant": { # Configuration related to multi-tenant functionality. # Configuration related to multi-tenant functionality.
+    "allowTenants": True or False, # Whether this project can have tenants or not.
+    "defaultTenantLocation": "A String", # The default cloud parent org or folder that the tenant project should be created under. The parent resource name should be in the format of "/", such as "folders/123" or "organizations/456". If the value is not set, the tenant will be created under the same organization or folder as the agent project.
+  },
+  "name": "A String", # Output only. The name of the Config resource. Example: "projects/my-awesome-project/config"
+  "notification": { # Configuration related to sending notifications to users. # Configuration related to sending notifications to users.
+    "defaultLocale": "A String", # Default locale used for email and SMS in IETF BCP 47 format.
+    "sendEmail": { # Options for email sending. # Options for email sending.
+      "callbackUri": "A String", # action url in email template.
+      "changeEmailTemplate": { # Email template. The subject and body fields can contain the following placeholders which will be replaced with the appropriate values: %LINK% - The link to use to redeem the send OOB code. %EMAIL% - The email where the email is being sent. %NEW_EMAIL% - The new email being set for the account (when applicable). %APP_NAME% - The GCP project's display name. %DISPLAY_NAME% - The user's display name. # Email template for change email
+        "body": "A String", # Email body
+        "bodyFormat": "A String", # Email body format
+        "customized": True or False, # Output only. Whether the body or subject of the email is customized.
+        "replyTo": "A String", # Reply-to address
+        "senderDisplayName": "A String", # Sender display name
+        "senderLocalPart": "A String", # Local part of From address
+        "subject": "A String", # Subject of the email
+      },
+      "dnsInfo": { # Information of custom domain DNS verification. By default, default_domain will be used. A custom domain can be configured using VerifyCustomDomain. # Information of custom domain DNS verification.
+        "customDomain": "A String", # Output only. The applied verified custom domain.
+        "customDomainState": "A String", # Output only. The current verification state of the custom domain. The custom domain will only be used once the domain verification is successful.
+        "domainVerificationRequestTime": "A String", # Output only. The timestamp of initial request for the current domain verification.
+        "pendingCustomDomain": "A String", # Output only. The custom domain that's to be verified.
+        "useCustomDomain": True or False, # Whether to use custom domain.
+      },
+      "legacyResetPasswordTemplate": { # Email template. The subject and body fields can contain the following placeholders which will be replaced with the appropriate values: %LINK% - The link to use to redeem the send OOB code. %EMAIL% - The email where the email is being sent. %NEW_EMAIL% - The new email being set for the account (when applicable). %APP_NAME% - The GCP project's display name. %DISPLAY_NAME% - The user's display name. # Reset password email template for legacy Firebase V1 app.
+        "body": "A String", # Email body
+        "bodyFormat": "A String", # Email body format
+        "customized": True or False, # Output only. Whether the body or subject of the email is customized.
+        "replyTo": "A String", # Reply-to address
+        "senderDisplayName": "A String", # Sender display name
+        "senderLocalPart": "A String", # Local part of From address
+        "subject": "A String", # Subject of the email
+      },
+      "method": "A String", # The method used for sending an email.
+      "resetPasswordTemplate": { # Email template. The subject and body fields can contain the following placeholders which will be replaced with the appropriate values: %LINK% - The link to use to redeem the send OOB code. %EMAIL% - The email where the email is being sent. %NEW_EMAIL% - The new email being set for the account (when applicable). %APP_NAME% - The GCP project's display name. %DISPLAY_NAME% - The user's display name. # Email template for reset password
+        "body": "A String", # Email body
+        "bodyFormat": "A String", # Email body format
+        "customized": True or False, # Output only. Whether the body or subject of the email is customized.
+        "replyTo": "A String", # Reply-to address
+        "senderDisplayName": "A String", # Sender display name
+        "senderLocalPart": "A String", # Local part of From address
+        "subject": "A String", # Subject of the email
+      },
+      "revertSecondFactorAdditionTemplate": { # Email template. The subject and body fields can contain the following placeholders which will be replaced with the appropriate values: %LINK% - The link to use to redeem the send OOB code. %EMAIL% - The email where the email is being sent. %NEW_EMAIL% - The new email being set for the account (when applicable). %APP_NAME% - The GCP project's display name. %DISPLAY_NAME% - The user's display name. # Email template for reverting second factor addition emails
+        "body": "A String", # Email body
+        "bodyFormat": "A String", # Email body format
+        "customized": True or False, # Output only. Whether the body or subject of the email is customized.
+        "replyTo": "A String", # Reply-to address
+        "senderDisplayName": "A String", # Sender display name
+        "senderLocalPart": "A String", # Local part of From address
+        "subject": "A String", # Subject of the email
+      },
+      "smtp": { # Configuration for SMTP relay # Use a custom SMTP relay
+        "host": "A String", # SMTP relay host
+        "password": "A String", # SMTP relay password
+        "port": 42, # SMTP relay port
+        "securityMode": "A String", # SMTP security mode.
+        "senderEmail": "A String", # Sender email for the SMTP relay
+        "username": "A String", # SMTP relay username
+      },
+      "verifyEmailTemplate": { # Email template. The subject and body fields can contain the following placeholders which will be replaced with the appropriate values: %LINK% - The link to use to redeem the send OOB code. %EMAIL% - The email where the email is being sent. %NEW_EMAIL% - The new email being set for the account (when applicable). %APP_NAME% - The GCP project's display name. %DISPLAY_NAME% - The user's display name. # Email template for verify email
+        "body": "A String", # Email body
+        "bodyFormat": "A String", # Email body format
+        "customized": True or False, # Output only. Whether the body or subject of the email is customized.
+        "replyTo": "A String", # Reply-to address
+        "senderDisplayName": "A String", # Sender display name
+        "senderLocalPart": "A String", # Local part of From address
+        "subject": "A String", # Subject of the email
+      },
+    },
+    "sendSms": { # Options for SMS sending. # Options for SMS sending.
+      "smsTemplate": { # The template to use when sending an SMS. # Output only. The template to use when sending an SMS.
+        "content": "A String", # Output only. The SMS's content. Can contain the following placeholders which will be replaced with the appropriate values: %APP_NAME% - For Android or iOS apps, the app's display name. For web apps, the domain hosting the application. %LOGIN_CODE% - The OOB code being sent in the SMS.
+      },
+      "useDeviceLocale": True or False, # Whether to use the accept_language header for SMS.
+    },
+  },
+  "quota": { # Configuration related to quotas. # Configuration related to quotas.
+    "signUpQuotaConfig": { # Temporary quota increase / decrease # Quota for the Signup endpoint, if overwritten. Signup quota is measured in sign ups per project per hour per IP.
+      "quota": "A String", # Corresponds to the 'refill_token_count' field in QuotaServer config
+      "quotaDuration": "A String", # How long this quota will be active for
+      "startTime": "A String", # When this quota will take affect
+    },
+  },
+  "signIn": { # Configuration related to local sign in methods. # Configuration related to local sign in methods.
+    "allowDuplicateEmails": True or False, # Whether to allow more than one account to have the same email.
+    "anonymous": { # Configuration options related to authenticating an anonymous user. # Configuration options related to authenticating an anonymous user.
+      "enabled": True or False, # Whether anonymous user auth is enabled for the project or not.
+    },
+    "email": { # Configuration options related to authenticating a user by their email address. # Configuration options related to authenticating a user by their email address.
+      "enabled": True or False, # Whether email auth is enabled for the project or not.
+      "passwordRequired": True or False, # Whether a password is required for email auth or not. If true, both an email and password must be provided to sign in. If false, a user may sign in via either email/password or email link.
+    },
+    "hashConfig": { # History information of the hash algorithm and key. Different accounts' passwords may be generated by different version. # Output only. Hash config information.
+      "algorithm": "A String", # Output only. Different password hash algorithms used in Identity Toolkit.
+      "memoryCost": 42, # Output only. Memory cost for hash calculation. Used by scrypt and other similar password derivation algorithms. See https://tools.ietf.org/html/rfc7914 for explanation of field.
+      "rounds": 42, # Output only. How many rounds for hash calculation. Used by scrypt and other similar password derivation algorithms.
+      "saltSeparator": "A String", # Output only. Non-printable character to be inserted between the salt and plain text password in base64.
+      "signerKey": "A String", # Output only. Signer key in base64.
+    },
+    "phoneNumber": { # Configuration options related to authenticated a user by their phone number. # Configuration options related to authenticated a user by their phone number.
+      "enabled": True or False, # Whether phone number auth is enabled for the project or not.
+      "testPhoneNumbers": { # A map of that can be used for phone auth testing.
+        "a_key": "A String",
+      },
+    },
+  },
+  "subtype": "A String", # Output only. The subtype of this config.
+}

+

+
+
\ No newline at end of file
diff --git a/docs/dyn/identitytoolkit_v2.projects.inboundSamlConfigs.html b/docs/dyn/identitytoolkit_v2.projects.inboundSamlConfigs.html
new file mode 100644
index 00000000000..96d7ea060cc
--- /dev/null
+++ b/docs/dyn/identitytoolkit_v2.projects.inboundSamlConfigs.html
@@ -0,0 +1,367 @@
+
+
+
+
Identity Toolkit API . projects . inboundSamlConfigs

+
Instance Methods

+

+  close()

+
Close httplib2 connections.

+

+  create(parent, body=None, inboundSamlConfigId=None, x__xgafv=None)

+
Create an inbound SAML configuration for an Identity Toolkit project.

+

+  delete(name, x__xgafv=None)

+
Delete an inbound SAML configuration for an Identity Toolkit project.

+

+  get(name, x__xgafv=None)

+
Retrieve an inbound SAML configuration for an Identity Toolkit project.

+

+  list(parent, pageSize=None, pageToken=None, x__xgafv=None)

+
List all inbound SAML configurations for an Identity Toolkit project.

+

+  list_next()

+
Retrieves the next page of results.

+

+  patch(name, body=None, updateMask=None, x__xgafv=None)

+
Update an inbound SAML configuration for an Identity Toolkit project.

+
Method Details

+

+    close()
+  
Close httplib2 connections.

+

+
+

+    create(parent, body=None, inboundSamlConfigId=None, x__xgafv=None)
+  
Create an inbound SAML configuration for an Identity Toolkit project.
+
+Args:
+  parent: string, The parent resource name where the config to be created, for example: "projects/my-awesome-project" (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # A pair of SAML RP-IDP configurations when the project acts as the relying party.
+  "displayName": "A String", # The config's display name set by developers.
+  "enabled": True or False, # True if allows the user to sign in with the provider.
+  "idpConfig": { # The SAML IdP (Identity Provider) configuration when the project acts as the relying party. # The SAML IdP (Identity Provider) configuration when the project acts as the relying party.
+    "idpCertificates": [ # IDP's public keys for verifying signature in the assertions.
+      { # The IDP's certificate data to verify the signature in the SAMLResponse issued by the IDP.
+        "x509Certificate": "A String", # The x509 certificate
+      },
+    ],
+    "idpEntityId": "A String", # Unique identifier for all SAML entities.
+    "signRequest": True or False, # Indicates if outbounding SAMLRequest should be signed.
+    "ssoUrl": "A String", # URL to send Authentication request to.
+  },
+  "name": "A String", # The name of the InboundSamlConfig resource, for example: 'projects/my-awesome-project/inboundSamlConfigs/my-config-id'. Ignored during create requests.
+  "spConfig": { # The SAML SP (Service Provider) configuration when the project acts as the relying party to receive and accept an authentication assertion issued by a SAML identity provider. # The SAML SP (Service Provider) configuration when the project acts as the relying party to receive and accept an authentication assertion issued by a SAML identity provider.
+    "callbackUri": "A String", # Callback URI where responses from IDP are handled.
+    "spCertificates": [ # Output only. Public certificates generated by the server to verify the signature in SAMLRequest in the SP-initiated flow.
+      { # The SP's certificate data for IDP to verify the SAMLRequest generated by the SP.
+        "expiresAt": "A String", # Timestamp of the cert expiration instance.
+        "x509Certificate": "A String", # Self-signed public certificate.
+      },
+    ],
+    "spEntityId": "A String", # Unique identifier for all SAML entities.
+  },
+}
+
+  inboundSamlConfigId: string, The id to use for this config.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A pair of SAML RP-IDP configurations when the project acts as the relying party.
+  "displayName": "A String", # The config's display name set by developers.
+  "enabled": True or False, # True if allows the user to sign in with the provider.
+  "idpConfig": { # The SAML IdP (Identity Provider) configuration when the project acts as the relying party. # The SAML IdP (Identity Provider) configuration when the project acts as the relying party.
+    "idpCertificates": [ # IDP's public keys for verifying signature in the assertions.
+      { # The IDP's certificate data to verify the signature in the SAMLResponse issued by the IDP.
+        "x509Certificate": "A String", # The x509 certificate
+      },
+    ],
+    "idpEntityId": "A String", # Unique identifier for all SAML entities.
+    "signRequest": True or False, # Indicates if outbounding SAMLRequest should be signed.
+    "ssoUrl": "A String", # URL to send Authentication request to.
+  },
+  "name": "A String", # The name of the InboundSamlConfig resource, for example: 'projects/my-awesome-project/inboundSamlConfigs/my-config-id'. Ignored during create requests.
+  "spConfig": { # The SAML SP (Service Provider) configuration when the project acts as the relying party to receive and accept an authentication assertion issued by a SAML identity provider. # The SAML SP (Service Provider) configuration when the project acts as the relying party to receive and accept an authentication assertion issued by a SAML identity provider.
+    "callbackUri": "A String", # Callback URI where responses from IDP are handled.
+    "spCertificates": [ # Output only. Public certificates generated by the server to verify the signature in SAMLRequest in the SP-initiated flow.
+      { # The SP's certificate data for IDP to verify the SAMLRequest generated by the SP.
+        "expiresAt": "A String", # Timestamp of the cert expiration instance.
+        "x509Certificate": "A String", # Self-signed public certificate.
+      },
+    ],
+    "spEntityId": "A String", # Unique identifier for all SAML entities.
+  },
+}

+

+
+

+    delete(name, x__xgafv=None)
+  
Delete an inbound SAML configuration for an Identity Toolkit project.
+
+Args:
+  name: string, The resource name of the config to be deleted, for example: 'projects/my-awesome-project/inboundSamlConfigs/my-config-id'. (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }
+}

+

+
+

+    get(name, x__xgafv=None)
+  
Retrieve an inbound SAML configuration for an Identity Toolkit project.
+
+Args:
+  name: string, The resource name of the config, for example: 'projects/my-awesome-project/inboundSamlConfigs/my-config-id'. (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A pair of SAML RP-IDP configurations when the project acts as the relying party.
+  "displayName": "A String", # The config's display name set by developers.
+  "enabled": True or False, # True if allows the user to sign in with the provider.
+  "idpConfig": { # The SAML IdP (Identity Provider) configuration when the project acts as the relying party. # The SAML IdP (Identity Provider) configuration when the project acts as the relying party.
+    "idpCertificates": [ # IDP's public keys for verifying signature in the assertions.
+      { # The IDP's certificate data to verify the signature in the SAMLResponse issued by the IDP.
+        "x509Certificate": "A String", # The x509 certificate
+      },
+    ],
+    "idpEntityId": "A String", # Unique identifier for all SAML entities.
+    "signRequest": True or False, # Indicates if outbounding SAMLRequest should be signed.
+    "ssoUrl": "A String", # URL to send Authentication request to.
+  },
+  "name": "A String", # The name of the InboundSamlConfig resource, for example: 'projects/my-awesome-project/inboundSamlConfigs/my-config-id'. Ignored during create requests.
+  "spConfig": { # The SAML SP (Service Provider) configuration when the project acts as the relying party to receive and accept an authentication assertion issued by a SAML identity provider. # The SAML SP (Service Provider) configuration when the project acts as the relying party to receive and accept an authentication assertion issued by a SAML identity provider.
+    "callbackUri": "A String", # Callback URI where responses from IDP are handled.
+    "spCertificates": [ # Output only. Public certificates generated by the server to verify the signature in SAMLRequest in the SP-initiated flow.
+      { # The SP's certificate data for IDP to verify the SAMLRequest generated by the SP.
+        "expiresAt": "A String", # Timestamp of the cert expiration instance.
+        "x509Certificate": "A String", # Self-signed public certificate.
+      },
+    ],
+    "spEntityId": "A String", # Unique identifier for all SAML entities.
+  },
+}

+

+
+

+    list(parent, pageSize=None, pageToken=None, x__xgafv=None)
+  
List all inbound SAML configurations for an Identity Toolkit project.
+
+Args:
+  parent: string, The parent resource name, for example, "projects/my-awesome-project". (required)
+  pageSize: integer, The maximum number of items to return.
+  pageToken: string, The next_page_token value returned from a previous List request, if any.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response for ListInboundSamlConfigs
+  "inboundSamlConfigs": [ # The set of configs.
+    { # A pair of SAML RP-IDP configurations when the project acts as the relying party.
+      "displayName": "A String", # The config's display name set by developers.
+      "enabled": True or False, # True if allows the user to sign in with the provider.
+      "idpConfig": { # The SAML IdP (Identity Provider) configuration when the project acts as the relying party. # The SAML IdP (Identity Provider) configuration when the project acts as the relying party.
+        "idpCertificates": [ # IDP's public keys for verifying signature in the assertions.
+          { # The IDP's certificate data to verify the signature in the SAMLResponse issued by the IDP.
+            "x509Certificate": "A String", # The x509 certificate
+          },
+        ],
+        "idpEntityId": "A String", # Unique identifier for all SAML entities.
+        "signRequest": True or False, # Indicates if outbounding SAMLRequest should be signed.
+        "ssoUrl": "A String", # URL to send Authentication request to.
+      },
+      "name": "A String", # The name of the InboundSamlConfig resource, for example: 'projects/my-awesome-project/inboundSamlConfigs/my-config-id'. Ignored during create requests.
+      "spConfig": { # The SAML SP (Service Provider) configuration when the project acts as the relying party to receive and accept an authentication assertion issued by a SAML identity provider. # The SAML SP (Service Provider) configuration when the project acts as the relying party to receive and accept an authentication assertion issued by a SAML identity provider.
+        "callbackUri": "A String", # Callback URI where responses from IDP are handled.
+        "spCertificates": [ # Output only. Public certificates generated by the server to verify the signature in SAMLRequest in the SP-initiated flow.
+          { # The SP's certificate data for IDP to verify the SAMLRequest generated by the SP.
+            "expiresAt": "A String", # Timestamp of the cert expiration instance.
+            "x509Certificate": "A String", # Self-signed public certificate.
+          },
+        ],
+        "spEntityId": "A String", # Unique identifier for all SAML entities.
+      },
+    },
+  ],
+  "nextPageToken": "A String", # Token to retrieve the next page of results, or empty if there are no more results in the list.
+}

+

+
+

+    list_next()
+  
Retrieves the next page of results.
+
+        Args:
+          previous_request: The request for the previous page. (required)
+          previous_response: The response from the request for the previous page. (required)
+
+        Returns:
+          A request object that you can call 'execute()' on to request the next
+          page. Returns None if there are no more items in the collection.
+        

+

+
+

+    patch(name, body=None, updateMask=None, x__xgafv=None)
+  
Update an inbound SAML configuration for an Identity Toolkit project.
+
+Args:
+  name: string, The name of the InboundSamlConfig resource, for example: 'projects/my-awesome-project/inboundSamlConfigs/my-config-id'. Ignored during create requests. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # A pair of SAML RP-IDP configurations when the project acts as the relying party.
+  "displayName": "A String", # The config's display name set by developers.
+  "enabled": True or False, # True if allows the user to sign in with the provider.
+  "idpConfig": { # The SAML IdP (Identity Provider) configuration when the project acts as the relying party. # The SAML IdP (Identity Provider) configuration when the project acts as the relying party.
+    "idpCertificates": [ # IDP's public keys for verifying signature in the assertions.
+      { # The IDP's certificate data to verify the signature in the SAMLResponse issued by the IDP.
+        "x509Certificate": "A String", # The x509 certificate
+      },
+    ],
+    "idpEntityId": "A String", # Unique identifier for all SAML entities.
+    "signRequest": True or False, # Indicates if outbounding SAMLRequest should be signed.
+    "ssoUrl": "A String", # URL to send Authentication request to.
+  },
+  "name": "A String", # The name of the InboundSamlConfig resource, for example: 'projects/my-awesome-project/inboundSamlConfigs/my-config-id'. Ignored during create requests.
+  "spConfig": { # The SAML SP (Service Provider) configuration when the project acts as the relying party to receive and accept an authentication assertion issued by a SAML identity provider. # The SAML SP (Service Provider) configuration when the project acts as the relying party to receive and accept an authentication assertion issued by a SAML identity provider.
+    "callbackUri": "A String", # Callback URI where responses from IDP are handled.
+    "spCertificates": [ # Output only. Public certificates generated by the server to verify the signature in SAMLRequest in the SP-initiated flow.
+      { # The SP's certificate data for IDP to verify the SAMLRequest generated by the SP.
+        "expiresAt": "A String", # Timestamp of the cert expiration instance.
+        "x509Certificate": "A String", # Self-signed public certificate.
+      },
+    ],
+    "spEntityId": "A String", # Unique identifier for all SAML entities.
+  },
+}
+
+  updateMask: string, The update mask applies to the resource. Empty update mask will result in updating nothing. For the `FieldMask` definition, see https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A pair of SAML RP-IDP configurations when the project acts as the relying party.
+  "displayName": "A String", # The config's display name set by developers.
+  "enabled": True or False, # True if allows the user to sign in with the provider.
+  "idpConfig": { # The SAML IdP (Identity Provider) configuration when the project acts as the relying party. # The SAML IdP (Identity Provider) configuration when the project acts as the relying party.
+    "idpCertificates": [ # IDP's public keys for verifying signature in the assertions.
+      { # The IDP's certificate data to verify the signature in the SAMLResponse issued by the IDP.
+        "x509Certificate": "A String", # The x509 certificate
+      },
+    ],
+    "idpEntityId": "A String", # Unique identifier for all SAML entities.
+    "signRequest": True or False, # Indicates if outbounding SAMLRequest should be signed.
+    "ssoUrl": "A String", # URL to send Authentication request to.
+  },
+  "name": "A String", # The name of the InboundSamlConfig resource, for example: 'projects/my-awesome-project/inboundSamlConfigs/my-config-id'. Ignored during create requests.
+  "spConfig": { # The SAML SP (Service Provider) configuration when the project acts as the relying party to receive and accept an authentication assertion issued by a SAML identity provider. # The SAML SP (Service Provider) configuration when the project acts as the relying party to receive and accept an authentication assertion issued by a SAML identity provider.
+    "callbackUri": "A String", # Callback URI where responses from IDP are handled.
+    "spCertificates": [ # Output only. Public certificates generated by the server to verify the signature in SAMLRequest in the SP-initiated flow.
+      { # The SP's certificate data for IDP to verify the SAMLRequest generated by the SP.
+        "expiresAt": "A String", # Timestamp of the cert expiration instance.
+        "x509Certificate": "A String", # Self-signed public certificate.
+      },
+    ],
+    "spEntityId": "A String", # Unique identifier for all SAML entities.
+  },
+}

+

+
+
\ No newline at end of file
diff --git a/docs/dyn/identitytoolkit_v2.projects.oauthIdpConfigs.html b/docs/dyn/identitytoolkit_v2.projects.oauthIdpConfigs.html
new file mode 100644
index 00000000000..96e09964295
--- /dev/null
+++ b/docs/dyn/identitytoolkit_v2.projects.oauthIdpConfigs.html
@@ -0,0 +1,295 @@
+
+
+
+
Identity Toolkit API . projects . oauthIdpConfigs

+
Instance Methods

+

+  close()

+
Close httplib2 connections.

+

+  create(parent, body=None, oauthIdpConfigId=None, x__xgafv=None)

+
Create an Oidc Idp configuration for an Identity Toolkit project.

+

+  delete(name, x__xgafv=None)

+
Delete an Oidc Idp configuration for an Identity Toolkit project.

+

+  get(name, x__xgafv=None)

+
Retrieve an Oidc Idp configuration for an Identity Toolkit project.

+

+  list(parent, pageSize=None, pageToken=None, x__xgafv=None)

+
List all Oidc Idp configurations for an Identity Toolkit project.

+

+  list_next()

+
Retrieves the next page of results.

+

+  patch(name, body=None, updateMask=None, x__xgafv=None)

+
Update an Oidc Idp configuration for an Identity Toolkit project.

+
Method Details

+

+    close()
+  
Close httplib2 connections.

+

+
+

+    create(parent, body=None, oauthIdpConfigId=None, x__xgafv=None)
+  
Create an Oidc Idp configuration for an Identity Toolkit project.
+
+Args:
+  parent: string, The parent resource name where the config to be created, for example: "projects/my-awesome-project" (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Configuration options for authenticating with an OAuth IDP.
+  "clientId": "A String", # The client id of an OAuth client.
+  "clientSecret": "A String", # The client secret of the OAuth client, to enable OIDC code flow.
+  "displayName": "A String", # The config's display name set by developers.
+  "enabled": True or False, # True if allows the user to sign in with the provider.
+  "issuer": "A String", # For OIDC Idps, the issuer identifier.
+  "name": "A String", # The name of the OAuthIdpConfig resource, for example: 'projects/my-awesome-project/oauthIdpConfigs/oauth-config-id'. Ignored during create requests.
+  "responseType": { # The response type to request for in the OAuth authorization flow. You can set either `id_token` or `code` to true, but not both. Setting both types to be simultaneously true (`{code: true, id_token: true}`) is not yet supported. See https://openid.net/specs/openid-connect-core-1_0.html#Authentication for a mapping of response type to OAuth 2.0 flow. # The response type to request for in the OAuth authorization flow. You can set either `id_token` or `code` to true, but not both. Setting both types to be simultaneously true (`{code: true, id_token: true}`) is not yet supported.
+    "code": True or False, # If true, authorization code is returned from IdP's authorization endpoint.
+    "idToken": True or False, # If true, ID token is returned from IdP's authorization endpoint.
+    "token": True or False, # Do not use. The `token` response type is not supported at the moment.
+  },
+}
+
+  oauthIdpConfigId: string, The id to use for this config.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Configuration options for authenticating with an OAuth IDP.
+  "clientId": "A String", # The client id of an OAuth client.
+  "clientSecret": "A String", # The client secret of the OAuth client, to enable OIDC code flow.
+  "displayName": "A String", # The config's display name set by developers.
+  "enabled": True or False, # True if allows the user to sign in with the provider.
+  "issuer": "A String", # For OIDC Idps, the issuer identifier.
+  "name": "A String", # The name of the OAuthIdpConfig resource, for example: 'projects/my-awesome-project/oauthIdpConfigs/oauth-config-id'. Ignored during create requests.
+  "responseType": { # The response type to request for in the OAuth authorization flow. You can set either `id_token` or `code` to true, but not both. Setting both types to be simultaneously true (`{code: true, id_token: true}`) is not yet supported. See https://openid.net/specs/openid-connect-core-1_0.html#Authentication for a mapping of response type to OAuth 2.0 flow. # The response type to request for in the OAuth authorization flow. You can set either `id_token` or `code` to true, but not both. Setting both types to be simultaneously true (`{code: true, id_token: true}`) is not yet supported.
+    "code": True or False, # If true, authorization code is returned from IdP's authorization endpoint.
+    "idToken": True or False, # If true, ID token is returned from IdP's authorization endpoint.
+    "token": True or False, # Do not use. The `token` response type is not supported at the moment.
+  },
+}

+

+
+

+    delete(name, x__xgafv=None)
+  
Delete an Oidc Idp configuration for an Identity Toolkit project.
+
+Args:
+  name: string, The resource name of the config to be deleted, for example: 'projects/my-awesome-project/oauthIdpConfigs/oauth-config-id'. (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }
+}

+

+
+

+    get(name, x__xgafv=None)
+  
Retrieve an Oidc Idp configuration for an Identity Toolkit project.
+
+Args:
+  name: string, The resource name of the config, for example: 'projects/my-awesome-project/oauthIdpConfigs/oauth-config-id'. (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Configuration options for authenticating with an OAuth IDP.
+  "clientId": "A String", # The client id of an OAuth client.
+  "clientSecret": "A String", # The client secret of the OAuth client, to enable OIDC code flow.
+  "displayName": "A String", # The config's display name set by developers.
+  "enabled": True or False, # True if allows the user to sign in with the provider.
+  "issuer": "A String", # For OIDC Idps, the issuer identifier.
+  "name": "A String", # The name of the OAuthIdpConfig resource, for example: 'projects/my-awesome-project/oauthIdpConfigs/oauth-config-id'. Ignored during create requests.
+  "responseType": { # The response type to request for in the OAuth authorization flow. You can set either `id_token` or `code` to true, but not both. Setting both types to be simultaneously true (`{code: true, id_token: true}`) is not yet supported. See https://openid.net/specs/openid-connect-core-1_0.html#Authentication for a mapping of response type to OAuth 2.0 flow. # The response type to request for in the OAuth authorization flow. You can set either `id_token` or `code` to true, but not both. Setting both types to be simultaneously true (`{code: true, id_token: true}`) is not yet supported.
+    "code": True or False, # If true, authorization code is returned from IdP's authorization endpoint.
+    "idToken": True or False, # If true, ID token is returned from IdP's authorization endpoint.
+    "token": True or False, # Do not use. The `token` response type is not supported at the moment.
+  },
+}

+

+
+

+    list(parent, pageSize=None, pageToken=None, x__xgafv=None)
+  
List all Oidc Idp configurations for an Identity Toolkit project.
+
+Args:
+  parent: string, The parent resource name, for example, "projects/my-awesome-project". (required)
+  pageSize: integer, The maximum number of items to return.
+  pageToken: string, The next_page_token value returned from a previous List request, if any.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response for ListOAuthIdpConfigs
+  "nextPageToken": "A String", # Token to retrieve the next page of results, or empty if there are no more results in the list.
+  "oauthIdpConfigs": [ # The set of configs.
+    { # Configuration options for authenticating with an OAuth IDP.
+      "clientId": "A String", # The client id of an OAuth client.
+      "clientSecret": "A String", # The client secret of the OAuth client, to enable OIDC code flow.
+      "displayName": "A String", # The config's display name set by developers.
+      "enabled": True or False, # True if allows the user to sign in with the provider.
+      "issuer": "A String", # For OIDC Idps, the issuer identifier.
+      "name": "A String", # The name of the OAuthIdpConfig resource, for example: 'projects/my-awesome-project/oauthIdpConfigs/oauth-config-id'. Ignored during create requests.
+      "responseType": { # The response type to request for in the OAuth authorization flow. You can set either `id_token` or `code` to true, but not both. Setting both types to be simultaneously true (`{code: true, id_token: true}`) is not yet supported. See https://openid.net/specs/openid-connect-core-1_0.html#Authentication for a mapping of response type to OAuth 2.0 flow. # The response type to request for in the OAuth authorization flow. You can set either `id_token` or `code` to true, but not both. Setting both types to be simultaneously true (`{code: true, id_token: true}`) is not yet supported.
+        "code": True or False, # If true, authorization code is returned from IdP's authorization endpoint.
+        "idToken": True or False, # If true, ID token is returned from IdP's authorization endpoint.
+        "token": True or False, # Do not use. The `token` response type is not supported at the moment.
+      },
+    },
+  ],
+}

+

+
+

+    list_next()
+  
Retrieves the next page of results.
+
+        Args:
+          previous_request: The request for the previous page. (required)
+          previous_response: The response from the request for the previous page. (required)
+
+        Returns:
+          A request object that you can call 'execute()' on to request the next
+          page. Returns None if there are no more items in the collection.
+        

+

+
+

+    patch(name, body=None, updateMask=None, x__xgafv=None)
+  
Update an Oidc Idp configuration for an Identity Toolkit project.
+
+Args:
+  name: string, The name of the OAuthIdpConfig resource, for example: 'projects/my-awesome-project/oauthIdpConfigs/oauth-config-id'. Ignored during create requests. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Configuration options for authenticating with an OAuth IDP.
+  "clientId": "A String", # The client id of an OAuth client.
+  "clientSecret": "A String", # The client secret of the OAuth client, to enable OIDC code flow.
+  "displayName": "A String", # The config's display name set by developers.
+  "enabled": True or False, # True if allows the user to sign in with the provider.
+  "issuer": "A String", # For OIDC Idps, the issuer identifier.
+  "name": "A String", # The name of the OAuthIdpConfig resource, for example: 'projects/my-awesome-project/oauthIdpConfigs/oauth-config-id'. Ignored during create requests.
+  "responseType": { # The response type to request for in the OAuth authorization flow. You can set either `id_token` or `code` to true, but not both. Setting both types to be simultaneously true (`{code: true, id_token: true}`) is not yet supported. See https://openid.net/specs/openid-connect-core-1_0.html#Authentication for a mapping of response type to OAuth 2.0 flow. # The response type to request for in the OAuth authorization flow. You can set either `id_token` or `code` to true, but not both. Setting both types to be simultaneously true (`{code: true, id_token: true}`) is not yet supported.
+    "code": True or False, # If true, authorization code is returned from IdP's authorization endpoint.
+    "idToken": True or False, # If true, ID token is returned from IdP's authorization endpoint.
+    "token": True or False, # Do not use. The `token` response type is not supported at the moment.
+  },
+}
+
+  updateMask: string, The update mask applies to the resource. Empty update mask will result in updating nothing. For the `FieldMask` definition, see https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Configuration options for authenticating with an OAuth IDP.
+  "clientId": "A String", # The client id of an OAuth client.
+  "clientSecret": "A String", # The client secret of the OAuth client, to enable OIDC code flow.
+  "displayName": "A String", # The config's display name set by developers.
+  "enabled": True or False, # True if allows the user to sign in with the provider.
+  "issuer": "A String", # For OIDC Idps, the issuer identifier.
+  "name": "A String", # The name of the OAuthIdpConfig resource, for example: 'projects/my-awesome-project/oauthIdpConfigs/oauth-config-id'. Ignored during create requests.
+  "responseType": { # The response type to request for in the OAuth authorization flow. You can set either `id_token` or `code` to true, but not both. Setting both types to be simultaneously true (`{code: true, id_token: true}`) is not yet supported. See https://openid.net/specs/openid-connect-core-1_0.html#Authentication for a mapping of response type to OAuth 2.0 flow. # The response type to request for in the OAuth authorization flow. You can set either `id_token` or `code` to true, but not both. Setting both types to be simultaneously true (`{code: true, id_token: true}`) is not yet supported.
+    "code": True or False, # If true, authorization code is returned from IdP's authorization endpoint.
+    "idToken": True or False, # If true, ID token is returned from IdP's authorization endpoint.
+    "token": True or False, # Do not use. The `token` response type is not supported at the moment.
+  },
+}

+

+
+
\ No newline at end of file
diff --git a/docs/dyn/identitytoolkit_v2.projects.tenants.defaultSupportedIdpConfigs.html b/docs/dyn/identitytoolkit_v2.projects.tenants.defaultSupportedIdpConfigs.html
new file mode 100644
index 00000000000..290922268cc
--- /dev/null
+++ b/docs/dyn/identitytoolkit_v2.projects.tenants.defaultSupportedIdpConfigs.html
@@ -0,0 +1,313 @@
+
+
+
+
Identity Toolkit API . projects . tenants . defaultSupportedIdpConfigs

+
Instance Methods

+

+  close()

+
Close httplib2 connections.

+

+  create(parent, body=None, idpId=None, x__xgafv=None)

+
Create a default supported Idp configuration for an Identity Toolkit project.

+

+  delete(name, x__xgafv=None)

+
Delete a default supported Idp configuration for an Identity Toolkit project.

+

+  get(name, x__xgafv=None)

+
Retrieve a default supported Idp configuration for an Identity Toolkit project.

+

+  list(parent, pageSize=None, pageToken=None, x__xgafv=None)

+
List all default supported Idp configurations for an Identity Toolkit project.

+

+  list_next()

+
Retrieves the next page of results.

+

+  patch(name, body=None, updateMask=None, x__xgafv=None)

+
Update a default supported Idp configuration for an Identity Toolkit project.

+
Method Details

+

+    close()
+  
Close httplib2 connections.

+

+
+

+    create(parent, body=None, idpId=None, x__xgafv=None)
+  
Create a default supported Idp configuration for an Identity Toolkit project.
+
+Args:
+  parent: string, The parent resource name where the config to be created, for example: "projects/my-awesome-project" (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Configurations options for authenticating with a the standard set of Identity Toolkit-trusted IDPs.
+  "appleSignInConfig": { # Additional config for SignInWithApple. # Additional config for Apple-based projects.
+    "bundleIds": [ # A list of Bundle ID's usable by this project
+      "A String",
+    ],
+    "codeFlowConfig": { # Additional config for Apple for code flow.
+      "keyId": "A String", # Key ID for the private key.
+      "privateKey": "A String", # Private key used for signing the client secret JWT.
+      "teamId": "A String", # Apple Developer Team ID.
+    },
+  },
+  "clientId": "A String", # OAuth client ID.
+  "clientSecret": "A String", # OAuth client secret.
+  "enabled": True or False, # True if allows the user to sign in with the provider.
+  "name": "A String", # The name of the DefaultSupportedIdpConfig resource, for example: "projects/my-awesome-project/defaultSupportedIdpConfigs/google.com"
+}
+
+  idpId: string, The id of the Idp to create a config for. Call ListDefaultSupportedIdps for list of all default supported Idps.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Configurations options for authenticating with a the standard set of Identity Toolkit-trusted IDPs.
+  "appleSignInConfig": { # Additional config for SignInWithApple. # Additional config for Apple-based projects.
+    "bundleIds": [ # A list of Bundle ID's usable by this project
+      "A String",
+    ],
+    "codeFlowConfig": { # Additional config for Apple for code flow.
+      "keyId": "A String", # Key ID for the private key.
+      "privateKey": "A String", # Private key used for signing the client secret JWT.
+      "teamId": "A String", # Apple Developer Team ID.
+    },
+  },
+  "clientId": "A String", # OAuth client ID.
+  "clientSecret": "A String", # OAuth client secret.
+  "enabled": True or False, # True if allows the user to sign in with the provider.
+  "name": "A String", # The name of the DefaultSupportedIdpConfig resource, for example: "projects/my-awesome-project/defaultSupportedIdpConfigs/google.com"
+}

+

+
+

+    delete(name, x__xgafv=None)
+  
Delete a default supported Idp configuration for an Identity Toolkit project.
+
+Args:
+  name: string, The resource name of the config, for example: "projects/my-awesome-project/defaultSupportedIdpConfigs/google.com" (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }
+}

+

+
+

+    get(name, x__xgafv=None)
+  
Retrieve a default supported Idp configuration for an Identity Toolkit project.
+
+Args:
+  name: string, The resource name of the config, for example: "projects/my-awesome-project/defaultSupportedIdpConfigs/google.com" (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Configurations options for authenticating with a the standard set of Identity Toolkit-trusted IDPs.
+  "appleSignInConfig": { # Additional config for SignInWithApple. # Additional config for Apple-based projects.
+    "bundleIds": [ # A list of Bundle ID's usable by this project
+      "A String",
+    ],
+    "codeFlowConfig": { # Additional config for Apple for code flow.
+      "keyId": "A String", # Key ID for the private key.
+      "privateKey": "A String", # Private key used for signing the client secret JWT.
+      "teamId": "A String", # Apple Developer Team ID.
+    },
+  },
+  "clientId": "A String", # OAuth client ID.
+  "clientSecret": "A String", # OAuth client secret.
+  "enabled": True or False, # True if allows the user to sign in with the provider.
+  "name": "A String", # The name of the DefaultSupportedIdpConfig resource, for example: "projects/my-awesome-project/defaultSupportedIdpConfigs/google.com"
+}

+

+
+

+    list(parent, pageSize=None, pageToken=None, x__xgafv=None)
+  
List all default supported Idp configurations for an Identity Toolkit project.
+
+Args:
+  parent: string, The parent resource name, for example, "projects/my-awesome-project". (required)
+  pageSize: integer, The maximum number of items to return.
+  pageToken: string, The next_page_token value returned from a previous List request, if any.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response for DefaultSupportedIdpConfigs
+  "defaultSupportedIdpConfigs": [ # The set of configs.
+    { # Configurations options for authenticating with a the standard set of Identity Toolkit-trusted IDPs.
+      "appleSignInConfig": { # Additional config for SignInWithApple. # Additional config for Apple-based projects.
+        "bundleIds": [ # A list of Bundle ID's usable by this project
+          "A String",
+        ],
+        "codeFlowConfig": { # Additional config for Apple for code flow.
+          "keyId": "A String", # Key ID for the private key.
+          "privateKey": "A String", # Private key used for signing the client secret JWT.
+          "teamId": "A String", # Apple Developer Team ID.
+        },
+      },
+      "clientId": "A String", # OAuth client ID.
+      "clientSecret": "A String", # OAuth client secret.
+      "enabled": True or False, # True if allows the user to sign in with the provider.
+      "name": "A String", # The name of the DefaultSupportedIdpConfig resource, for example: "projects/my-awesome-project/defaultSupportedIdpConfigs/google.com"
+    },
+  ],
+  "nextPageToken": "A String", # Token to retrieve the next page of results, or empty if there are no more results in the list.
+}

+

+
+

+    list_next()
+  
Retrieves the next page of results.
+
+        Args:
+          previous_request: The request for the previous page. (required)
+          previous_response: The response from the request for the previous page. (required)
+
+        Returns:
+          A request object that you can call 'execute()' on to request the next
+          page. Returns None if there are no more items in the collection.
+        

+

+
+

+    patch(name, body=None, updateMask=None, x__xgafv=None)
+  
Update a default supported Idp configuration for an Identity Toolkit project.
+
+Args:
+  name: string, The name of the DefaultSupportedIdpConfig resource, for example: "projects/my-awesome-project/defaultSupportedIdpConfigs/google.com" (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Configurations options for authenticating with a the standard set of Identity Toolkit-trusted IDPs.
+  "appleSignInConfig": { # Additional config for SignInWithApple. # Additional config for Apple-based projects.
+    "bundleIds": [ # A list of Bundle ID's usable by this project
+      "A String",
+    ],
+    "codeFlowConfig": { # Additional config for Apple for code flow.
+      "keyId": "A String", # Key ID for the private key.
+      "privateKey": "A String", # Private key used for signing the client secret JWT.
+      "teamId": "A String", # Apple Developer Team ID.
+    },
+  },
+  "clientId": "A String", # OAuth client ID.
+  "clientSecret": "A String", # OAuth client secret.
+  "enabled": True or False, # True if allows the user to sign in with the provider.
+  "name": "A String", # The name of the DefaultSupportedIdpConfig resource, for example: "projects/my-awesome-project/defaultSupportedIdpConfigs/google.com"
+}
+
+  updateMask: string, The update mask applies to the resource. For the `FieldMask` definition, see https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Configurations options for authenticating with a the standard set of Identity Toolkit-trusted IDPs.
+  "appleSignInConfig": { # Additional config for SignInWithApple. # Additional config for Apple-based projects.
+    "bundleIds": [ # A list of Bundle ID's usable by this project
+      "A String",
+    ],
+    "codeFlowConfig": { # Additional config for Apple for code flow.
+      "keyId": "A String", # Key ID for the private key.
+      "privateKey": "A String", # Private key used for signing the client secret JWT.
+      "teamId": "A String", # Apple Developer Team ID.
+    },
+  },
+  "clientId": "A String", # OAuth client ID.
+  "clientSecret": "A String", # OAuth client secret.
+  "enabled": True or False, # True if allows the user to sign in with the provider.
+  "name": "A String", # The name of the DefaultSupportedIdpConfig resource, for example: "projects/my-awesome-project/defaultSupportedIdpConfigs/google.com"
+}

+

+
+
\ No newline at end of file
diff --git a/docs/dyn/identitytoolkit_v2.projects.tenants.html b/docs/dyn/identitytoolkit_v2.projects.tenants.html
new file mode 100644
index 00000000000..afb9c029508
--- /dev/null
+++ b/docs/dyn/identitytoolkit_v2.projects.tenants.html
@@ -0,0 +1,615 @@
+
+
+
+
Identity Toolkit API . projects . tenants

+
Instance Methods

+

+  defaultSupportedIdpConfigs()
+

+
Returns the defaultSupportedIdpConfigs Resource.

+
+

+  inboundSamlConfigs()
+

+
Returns the inboundSamlConfigs Resource.

+
+

+  oauthIdpConfigs()
+

+
Returns the oauthIdpConfigs Resource.

+
+

+  close()

+
Close httplib2 connections.

+

+  create(parent, body=None, x__xgafv=None)

+
Create a tenant. Requires write permission on the Agent project.

+

+  delete(name, x__xgafv=None)

+
Delete a tenant. Requires write permission on the Agent project.

+

+  get(name, x__xgafv=None)

+
Get a tenant. Requires read permission on the Tenant resource.

+

+  getIamPolicy(resource, body=None, x__xgafv=None)

+
Gets the access control policy for a resource. An error is returned if the resource does not exist. An empty policy is returned if the resource exists but does not have a policy set on it. Caller must have the right Google IAM permission on the resource.

+

+  list(parent, pageSize=None, pageToken=None, x__xgafv=None)

+
List tenants under the given agent project. Requires read permission on the Agent project.

+

+  list_next()

+
Retrieves the next page of results.

+

+  patch(name, body=None, updateMask=None, x__xgafv=None)

+
Update a tenant. Requires write permission on the Tenant resource.

+

+  setIamPolicy(resource, body=None, x__xgafv=None)

+
Sets the access control policy for a resource. If the policy exists, it is replaced. Caller must have the right Google IAM permission on the resource.

+

+  testIamPermissions(resource, body=None, x__xgafv=None)

+
Returns the caller's permissions on a resource. An error is returned if the resource does not exist. A caller is not required to have Google IAM permission to make this request.

+
Method Details

+

+    close()
+  
Close httplib2 connections.

+

+
+

+    create(parent, body=None, x__xgafv=None)
+  
Create a tenant. Requires write permission on the Agent project.
+
+Args:
+  parent: string, The parent resource name where the tenant will be created. For example, "projects/project1". (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # A Tenant contains configuration for the tenant in a multi-tenant project.
+  "allowPasswordSignup": True or False, # Whether to allow email/password user authentication.
+  "autodeleteAnonymousUsers": True or False, # Whether anonymous users will be auto-deleted after a period of 30 days.
+  "client": { # Options related to how clients making requests on behalf of a tenant should be configured. # Options related to how clients making requests on behalf of a project should be configured.
+    "permissions": { # Configuration related to restricting a user's ability to affect their account. # Configuration related to restricting a user's ability to affect their account.
+      "disabledUserDeletion": True or False, # When true, end users cannot delete their account on the associated project through any of our API methods
+      "disabledUserSignup": True or False, # When true, end users cannot sign up for a new account on the associated project through any of our API methods
+    },
+  },
+  "disableAuth": True or False, # Whether authentication is disabled for the tenant. If true, the users under the disabled tenant are not allowed to sign-in. Admins of the disabled tenant are not able to manage its users.
+  "displayName": "A String", # Display name of the tenant.
+  "enableAnonymousUser": True or False, # Whether to enable anonymous user authentication.
+  "enableEmailLinkSignin": True or False, # Whether to enable email link user authentication.
+  "hashConfig": { # History information of the hash algorithm and key. Different accounts' passwords may be generated by different version. # Output only. Hash config information of a tenant for display on Pantheon. This can only be displayed on Pantheon to avoid the sensitive information to get accidentally leaked. Only returned in GetTenant response to restrict reading of this information. Requires firebaseauth.configs.getHashConfig permission on the agent project for returning this field.
+    "algorithm": "A String", # Output only. Different password hash algorithms used in Identity Toolkit.
+    "memoryCost": 42, # Output only. Memory cost for hash calculation. Used by scrypt and other similar password derivation algorithms. See https://tools.ietf.org/html/rfc7914 for explanation of field.
+    "rounds": 42, # Output only. How many rounds for hash calculation. Used by scrypt and other similar password derivation algorithms.
+    "saltSeparator": "A String", # Output only. Non-printable character to be inserted between the salt and plain text password in base64.
+    "signerKey": "A String", # Output only. Signer key in base64.
+  },
+  "inheritance": { # Settings that the tenants will inherit from project level. # Specify the settings that the tenant could inherit.
+    "emailSendingConfig": True or False, # Whether to allow the tenant to inherit custom domains, email templates, and custom SMTP settings. If true, email sent from tenant will follow the project level email sending configurations. If false (by default), emails will go with the default settings with no customizations.
+  },
+  "mfaConfig": { # Options related to MultiFactor Authentication for the project. # The tenant-level configuration of MFA options.
+    "enabledProviders": [ # A list of usable second factors for this project.
+      "A String",
+    ],
+    "state": "A String", # Whether MultiFactor Authentication has been enabled for this project.
+  },
+  "name": "A String", # Output only. Resource name of a tenant. For example: "projects/{project-id}/tenants/{tenant-id}"
+  "testPhoneNumbers": { # A map of pairs that can be used for MFA. The phone number should be in E.164 format (https://www.itu.int/rec/T-REC-E.164/) and a maximum of 10 pairs can be added (error will be thrown once exceeded).
+    "a_key": "A String",
+  },
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A Tenant contains configuration for the tenant in a multi-tenant project.
+  "allowPasswordSignup": True or False, # Whether to allow email/password user authentication.
+  "autodeleteAnonymousUsers": True or False, # Whether anonymous users will be auto-deleted after a period of 30 days.
+  "client": { # Options related to how clients making requests on behalf of a tenant should be configured. # Options related to how clients making requests on behalf of a project should be configured.
+    "permissions": { # Configuration related to restricting a user's ability to affect their account. # Configuration related to restricting a user's ability to affect their account.
+      "disabledUserDeletion": True or False, # When true, end users cannot delete their account on the associated project through any of our API methods
+      "disabledUserSignup": True or False, # When true, end users cannot sign up for a new account on the associated project through any of our API methods
+    },
+  },
+  "disableAuth": True or False, # Whether authentication is disabled for the tenant. If true, the users under the disabled tenant are not allowed to sign-in. Admins of the disabled tenant are not able to manage its users.
+  "displayName": "A String", # Display name of the tenant.
+  "enableAnonymousUser": True or False, # Whether to enable anonymous user authentication.
+  "enableEmailLinkSignin": True or False, # Whether to enable email link user authentication.
+  "hashConfig": { # History information of the hash algorithm and key. Different accounts' passwords may be generated by different version. # Output only. Hash config information of a tenant for display on Pantheon. This can only be displayed on Pantheon to avoid the sensitive information to get accidentally leaked. Only returned in GetTenant response to restrict reading of this information. Requires firebaseauth.configs.getHashConfig permission on the agent project for returning this field.
+    "algorithm": "A String", # Output only. Different password hash algorithms used in Identity Toolkit.
+    "memoryCost": 42, # Output only. Memory cost for hash calculation. Used by scrypt and other similar password derivation algorithms. See https://tools.ietf.org/html/rfc7914 for explanation of field.
+    "rounds": 42, # Output only. How many rounds for hash calculation. Used by scrypt and other similar password derivation algorithms.
+    "saltSeparator": "A String", # Output only. Non-printable character to be inserted between the salt and plain text password in base64.
+    "signerKey": "A String", # Output only. Signer key in base64.
+  },
+  "inheritance": { # Settings that the tenants will inherit from project level. # Specify the settings that the tenant could inherit.
+    "emailSendingConfig": True or False, # Whether to allow the tenant to inherit custom domains, email templates, and custom SMTP settings. If true, email sent from tenant will follow the project level email sending configurations. If false (by default), emails will go with the default settings with no customizations.
+  },
+  "mfaConfig": { # Options related to MultiFactor Authentication for the project. # The tenant-level configuration of MFA options.
+    "enabledProviders": [ # A list of usable second factors for this project.
+      "A String",
+    ],
+    "state": "A String", # Whether MultiFactor Authentication has been enabled for this project.
+  },
+  "name": "A String", # Output only. Resource name of a tenant. For example: "projects/{project-id}/tenants/{tenant-id}"
+  "testPhoneNumbers": { # A map of pairs that can be used for MFA. The phone number should be in E.164 format (https://www.itu.int/rec/T-REC-E.164/) and a maximum of 10 pairs can be added (error will be thrown once exceeded).
+    "a_key": "A String",
+  },
+}

+

+
+

+    delete(name, x__xgafv=None)
+  
Delete a tenant. Requires write permission on the Agent project.
+
+Args:
+  name: string, Resource name of the tenant to delete. (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }
+}

+

+
+

+    get(name, x__xgafv=None)
+  
Get a tenant. Requires read permission on the Tenant resource.
+
+Args:
+  name: string, Resource name of the tenant to retrieve. (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A Tenant contains configuration for the tenant in a multi-tenant project.
+  "allowPasswordSignup": True or False, # Whether to allow email/password user authentication.
+  "autodeleteAnonymousUsers": True or False, # Whether anonymous users will be auto-deleted after a period of 30 days.
+  "client": { # Options related to how clients making requests on behalf of a tenant should be configured. # Options related to how clients making requests on behalf of a project should be configured.
+    "permissions": { # Configuration related to restricting a user's ability to affect their account. # Configuration related to restricting a user's ability to affect their account.
+      "disabledUserDeletion": True or False, # When true, end users cannot delete their account on the associated project through any of our API methods
+      "disabledUserSignup": True or False, # When true, end users cannot sign up for a new account on the associated project through any of our API methods
+    },
+  },
+  "disableAuth": True or False, # Whether authentication is disabled for the tenant. If true, the users under the disabled tenant are not allowed to sign-in. Admins of the disabled tenant are not able to manage its users.
+  "displayName": "A String", # Display name of the tenant.
+  "enableAnonymousUser": True or False, # Whether to enable anonymous user authentication.
+  "enableEmailLinkSignin": True or False, # Whether to enable email link user authentication.
+  "hashConfig": { # History information of the hash algorithm and key. Different accounts' passwords may be generated by different version. # Output only. Hash config information of a tenant for display on Pantheon. This can only be displayed on Pantheon to avoid the sensitive information to get accidentally leaked. Only returned in GetTenant response to restrict reading of this information. Requires firebaseauth.configs.getHashConfig permission on the agent project for returning this field.
+    "algorithm": "A String", # Output only. Different password hash algorithms used in Identity Toolkit.
+    "memoryCost": 42, # Output only. Memory cost for hash calculation. Used by scrypt and other similar password derivation algorithms. See https://tools.ietf.org/html/rfc7914 for explanation of field.
+    "rounds": 42, # Output only. How many rounds for hash calculation. Used by scrypt and other similar password derivation algorithms.
+    "saltSeparator": "A String", # Output only. Non-printable character to be inserted between the salt and plain text password in base64.
+    "signerKey": "A String", # Output only. Signer key in base64.
+  },
+  "inheritance": { # Settings that the tenants will inherit from project level. # Specify the settings that the tenant could inherit.
+    "emailSendingConfig": True or False, # Whether to allow the tenant to inherit custom domains, email templates, and custom SMTP settings. If true, email sent from tenant will follow the project level email sending configurations. If false (by default), emails will go with the default settings with no customizations.
+  },
+  "mfaConfig": { # Options related to MultiFactor Authentication for the project. # The tenant-level configuration of MFA options.
+    "enabledProviders": [ # A list of usable second factors for this project.
+      "A String",
+    ],
+    "state": "A String", # Whether MultiFactor Authentication has been enabled for this project.
+  },
+  "name": "A String", # Output only. Resource name of a tenant. For example: "projects/{project-id}/tenants/{tenant-id}"
+  "testPhoneNumbers": { # A map of pairs that can be used for MFA. The phone number should be in E.164 format (https://www.itu.int/rec/T-REC-E.164/) and a maximum of 10 pairs can be added (error will be thrown once exceeded).
+    "a_key": "A String",
+  },
+}

+

+
+

+    getIamPolicy(resource, body=None, x__xgafv=None)
+  
Gets the access control policy for a resource. An error is returned if the resource does not exist. An empty policy is returned if the resource exists but does not have a policy set on it. Caller must have the right Google IAM permission on the resource.
+
+Args:
+  resource: string, REQUIRED: The resource for which the policy is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for `GetIamPolicy` method.
+  "options": { # Encapsulates settings provided to GetIamPolicy. # OPTIONAL: A `GetPolicyOptions` object for specifying options to `GetIamPolicy`.
+    "requestedPolicyVersion": 42, # Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  },
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+  "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.
+      "auditLogConfigs": [ # The configuration for logging of each type of permission.
+        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+            "A String",
+          ],
+          "logType": "A String", # The log type that this config enables.
+        },
+      ],
+      "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
+    },
+  ],
+  "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
+    { # Associates `members`, or principals, with a `role`.
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
+        "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
+        "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
+        "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
+      },
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "A String",
+      ],
+      "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+    },
+  ],
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+}

+

+
+

+    list(parent, pageSize=None, pageToken=None, x__xgafv=None)
+  
List tenants under the given agent project. Requires read permission on the Agent project.
+
+Args:
+  parent: string, Required. The parent resource name to list tenants for. (required)
+  pageSize: integer, The maximum number of results to return, capped at 1000. If not specified, the default value is 20.
+  pageToken: string, The pagination token from the response of a previous request.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for ListTenants.
+  "nextPageToken": "A String", # The token to get the next page of results.
+  "tenants": [ # A list of tenants under the given agent project.
+    { # A Tenant contains configuration for the tenant in a multi-tenant project.
+      "allowPasswordSignup": True or False, # Whether to allow email/password user authentication.
+      "autodeleteAnonymousUsers": True or False, # Whether anonymous users will be auto-deleted after a period of 30 days.
+      "client": { # Options related to how clients making requests on behalf of a tenant should be configured. # Options related to how clients making requests on behalf of a project should be configured.
+        "permissions": { # Configuration related to restricting a user's ability to affect their account. # Configuration related to restricting a user's ability to affect their account.
+          "disabledUserDeletion": True or False, # When true, end users cannot delete their account on the associated project through any of our API methods
+          "disabledUserSignup": True or False, # When true, end users cannot sign up for a new account on the associated project through any of our API methods
+        },
+      },
+      "disableAuth": True or False, # Whether authentication is disabled for the tenant. If true, the users under the disabled tenant are not allowed to sign-in. Admins of the disabled tenant are not able to manage its users.
+      "displayName": "A String", # Display name of the tenant.
+      "enableAnonymousUser": True or False, # Whether to enable anonymous user authentication.
+      "enableEmailLinkSignin": True or False, # Whether to enable email link user authentication.
+      "hashConfig": { # History information of the hash algorithm and key. Different accounts' passwords may be generated by different version. # Output only. Hash config information of a tenant for display on Pantheon. This can only be displayed on Pantheon to avoid the sensitive information to get accidentally leaked. Only returned in GetTenant response to restrict reading of this information. Requires firebaseauth.configs.getHashConfig permission on the agent project for returning this field.
+        "algorithm": "A String", # Output only. Different password hash algorithms used in Identity Toolkit.
+        "memoryCost": 42, # Output only. Memory cost for hash calculation. Used by scrypt and other similar password derivation algorithms. See https://tools.ietf.org/html/rfc7914 for explanation of field.
+        "rounds": 42, # Output only. How many rounds for hash calculation. Used by scrypt and other similar password derivation algorithms.
+        "saltSeparator": "A String", # Output only. Non-printable character to be inserted between the salt and plain text password in base64.
+        "signerKey": "A String", # Output only. Signer key in base64.
+      },
+      "inheritance": { # Settings that the tenants will inherit from project level. # Specify the settings that the tenant could inherit.
+        "emailSendingConfig": True or False, # Whether to allow the tenant to inherit custom domains, email templates, and custom SMTP settings. If true, email sent from tenant will follow the project level email sending configurations. If false (by default), emails will go with the default settings with no customizations.
+      },
+      "mfaConfig": { # Options related to MultiFactor Authentication for the project. # The tenant-level configuration of MFA options.
+        "enabledProviders": [ # A list of usable second factors for this project.
+          "A String",
+        ],
+        "state": "A String", # Whether MultiFactor Authentication has been enabled for this project.
+      },
+      "name": "A String", # Output only. Resource name of a tenant. For example: "projects/{project-id}/tenants/{tenant-id}"
+      "testPhoneNumbers": { # A map of pairs that can be used for MFA. The phone number should be in E.164 format (https://www.itu.int/rec/T-REC-E.164/) and a maximum of 10 pairs can be added (error will be thrown once exceeded).
+        "a_key": "A String",
+      },
+    },
+  ],
+}

+

+
+

+    list_next()
+  
Retrieves the next page of results.
+
+        Args:
+          previous_request: The request for the previous page. (required)
+          previous_response: The response from the request for the previous page. (required)
+
+        Returns:
+          A request object that you can call 'execute()' on to request the next
+          page. Returns None if there are no more items in the collection.
+        

+

+
+

+    patch(name, body=None, updateMask=None, x__xgafv=None)
+  
Update a tenant. Requires write permission on the Tenant resource.
+
+Args:
+  name: string, Output only. Resource name of a tenant. For example: "projects/{project-id}/tenants/{tenant-id}" (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # A Tenant contains configuration for the tenant in a multi-tenant project.
+  "allowPasswordSignup": True or False, # Whether to allow email/password user authentication.
+  "autodeleteAnonymousUsers": True or False, # Whether anonymous users will be auto-deleted after a period of 30 days.
+  "client": { # Options related to how clients making requests on behalf of a tenant should be configured. # Options related to how clients making requests on behalf of a project should be configured.
+    "permissions": { # Configuration related to restricting a user's ability to affect their account. # Configuration related to restricting a user's ability to affect their account.
+      "disabledUserDeletion": True or False, # When true, end users cannot delete their account on the associated project through any of our API methods
+      "disabledUserSignup": True or False, # When true, end users cannot sign up for a new account on the associated project through any of our API methods
+    },
+  },
+  "disableAuth": True or False, # Whether authentication is disabled for the tenant. If true, the users under the disabled tenant are not allowed to sign-in. Admins of the disabled tenant are not able to manage its users.
+  "displayName": "A String", # Display name of the tenant.
+  "enableAnonymousUser": True or False, # Whether to enable anonymous user authentication.
+  "enableEmailLinkSignin": True or False, # Whether to enable email link user authentication.
+  "hashConfig": { # History information of the hash algorithm and key. Different accounts' passwords may be generated by different version. # Output only. Hash config information of a tenant for display on Pantheon. This can only be displayed on Pantheon to avoid the sensitive information to get accidentally leaked. Only returned in GetTenant response to restrict reading of this information. Requires firebaseauth.configs.getHashConfig permission on the agent project for returning this field.
+    "algorithm": "A String", # Output only. Different password hash algorithms used in Identity Toolkit.
+    "memoryCost": 42, # Output only. Memory cost for hash calculation. Used by scrypt and other similar password derivation algorithms. See https://tools.ietf.org/html/rfc7914 for explanation of field.
+    "rounds": 42, # Output only. How many rounds for hash calculation. Used by scrypt and other similar password derivation algorithms.
+    "saltSeparator": "A String", # Output only. Non-printable character to be inserted between the salt and plain text password in base64.
+    "signerKey": "A String", # Output only. Signer key in base64.
+  },
+  "inheritance": { # Settings that the tenants will inherit from project level. # Specify the settings that the tenant could inherit.
+    "emailSendingConfig": True or False, # Whether to allow the tenant to inherit custom domains, email templates, and custom SMTP settings. If true, email sent from tenant will follow the project level email sending configurations. If false (by default), emails will go with the default settings with no customizations.
+  },
+  "mfaConfig": { # Options related to MultiFactor Authentication for the project. # The tenant-level configuration of MFA options.
+    "enabledProviders": [ # A list of usable second factors for this project.
+      "A String",
+    ],
+    "state": "A String", # Whether MultiFactor Authentication has been enabled for this project.
+  },
+  "name": "A String", # Output only. Resource name of a tenant. For example: "projects/{project-id}/tenants/{tenant-id}"
+  "testPhoneNumbers": { # A map of pairs that can be used for MFA. The phone number should be in E.164 format (https://www.itu.int/rec/T-REC-E.164/) and a maximum of 10 pairs can be added (error will be thrown once exceeded).
+    "a_key": "A String",
+  },
+}
+
+  updateMask: string, If provided, only update fields set in the update mask. Otherwise, all settable fields will be updated. For the `FieldMask` definition, see https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A Tenant contains configuration for the tenant in a multi-tenant project.
+  "allowPasswordSignup": True or False, # Whether to allow email/password user authentication.
+  "autodeleteAnonymousUsers": True or False, # Whether anonymous users will be auto-deleted after a period of 30 days.
+  "client": { # Options related to how clients making requests on behalf of a tenant should be configured. # Options related to how clients making requests on behalf of a project should be configured.
+    "permissions": { # Configuration related to restricting a user's ability to affect their account. # Configuration related to restricting a user's ability to affect their account.
+      "disabledUserDeletion": True or False, # When true, end users cannot delete their account on the associated project through any of our API methods
+      "disabledUserSignup": True or False, # When true, end users cannot sign up for a new account on the associated project through any of our API methods
+    },
+  },
+  "disableAuth": True or False, # Whether authentication is disabled for the tenant. If true, the users under the disabled tenant are not allowed to sign-in. Admins of the disabled tenant are not able to manage its users.
+  "displayName": "A String", # Display name of the tenant.
+  "enableAnonymousUser": True or False, # Whether to enable anonymous user authentication.
+  "enableEmailLinkSignin": True or False, # Whether to enable email link user authentication.
+  "hashConfig": { # History information of the hash algorithm and key. Different accounts' passwords may be generated by different version. # Output only. Hash config information of a tenant for display on Pantheon. This can only be displayed on Pantheon to avoid the sensitive information to get accidentally leaked. Only returned in GetTenant response to restrict reading of this information. Requires firebaseauth.configs.getHashConfig permission on the agent project for returning this field.
+    "algorithm": "A String", # Output only. Different password hash algorithms used in Identity Toolkit.
+    "memoryCost": 42, # Output only. Memory cost for hash calculation. Used by scrypt and other similar password derivation algorithms. See https://tools.ietf.org/html/rfc7914 for explanation of field.
+    "rounds": 42, # Output only. How many rounds for hash calculation. Used by scrypt and other similar password derivation algorithms.
+    "saltSeparator": "A String", # Output only. Non-printable character to be inserted between the salt and plain text password in base64.
+    "signerKey": "A String", # Output only. Signer key in base64.
+  },
+  "inheritance": { # Settings that the tenants will inherit from project level. # Specify the settings that the tenant could inherit.
+    "emailSendingConfig": True or False, # Whether to allow the tenant to inherit custom domains, email templates, and custom SMTP settings. If true, email sent from tenant will follow the project level email sending configurations. If false (by default), emails will go with the default settings with no customizations.
+  },
+  "mfaConfig": { # Options related to MultiFactor Authentication for the project. # The tenant-level configuration of MFA options.
+    "enabledProviders": [ # A list of usable second factors for this project.
+      "A String",
+    ],
+    "state": "A String", # Whether MultiFactor Authentication has been enabled for this project.
+  },
+  "name": "A String", # Output only. Resource name of a tenant. For example: "projects/{project-id}/tenants/{tenant-id}"
+  "testPhoneNumbers": { # A map of pairs that can be used for MFA. The phone number should be in E.164 format (https://www.itu.int/rec/T-REC-E.164/) and a maximum of 10 pairs can be added (error will be thrown once exceeded).
+    "a_key": "A String",
+  },
+}

+

+
+

+    setIamPolicy(resource, body=None, x__xgafv=None)
+  
Sets the access control policy for a resource. If the policy exists, it is replaced. Caller must have the right Google IAM permission on the resource.
+
+Args:
+  resource: string, REQUIRED: The resource for which the policy is being specified. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for `SetIamPolicy` method.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Google Cloud services (such as Projects) might reject them.
+    "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.
+        "auditLogConfigs": [ # The configuration for logging of each type of permission.
+          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+              "A String",
+            ],
+            "logType": "A String", # The log type that this config enables.
+          },
+        ],
+        "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
+      },
+    ],
+    "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
+      { # Associates `members`, or principals, with a `role`.
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
+          "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
+          "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
+          "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
+        },
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+          "A String",
+        ],
+        "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+      },
+    ],
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  },
+  "updateMask": "A String", # OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only the fields in the mask will be modified. If no mask is provided, the following default mask is used: `paths: "bindings, etag"`
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+  "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.
+      "auditLogConfigs": [ # The configuration for logging of each type of permission.
+        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+            "A String",
+          ],
+          "logType": "A String", # The log type that this config enables.
+        },
+      ],
+      "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
+    },
+  ],
+  "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
+    { # Associates `members`, or principals, with a `role`.
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
+        "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
+        "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
+        "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
+      },
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "A String",
+      ],
+      "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+    },
+  ],
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+}

+

+
+

+    testIamPermissions(resource, body=None, x__xgafv=None)
+  
Returns the caller's permissions on a resource. An error is returned if the resource does not exist. A caller is not required to have Google IAM permission to make this request.
+
+Args:
+  resource: string, REQUIRED: The resource for which the policy detail is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for `TestIamPermissions` method.
+  "permissions": [ # The set of permissions to check for the `resource`. Permissions with wildcards (such as `*` or `storage.*`) are not allowed. For more information see [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).
+    "A String",
+  ],
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for `TestIamPermissions` method.
+  "permissions": [ # A subset of `TestPermissionsRequest.permissions` that the caller is allowed.
+    "A String",
+  ],
+}

+

+
+
\ No newline at end of file
diff --git a/docs/dyn/identitytoolkit_v2.projects.tenants.inboundSamlConfigs.html b/docs/dyn/identitytoolkit_v2.projects.tenants.inboundSamlConfigs.html
new file mode 100644
index 00000000000..db3b17ca27f
--- /dev/null
+++ b/docs/dyn/identitytoolkit_v2.projects.tenants.inboundSamlConfigs.html
@@ -0,0 +1,367 @@
+
+
+
+
Identity Toolkit API . projects . tenants . inboundSamlConfigs

+
Instance Methods

+

+  close()

+
Close httplib2 connections.

+

+  create(parent, body=None, inboundSamlConfigId=None, x__xgafv=None)

+
Create an inbound SAML configuration for an Identity Toolkit project.

+

+  delete(name, x__xgafv=None)

+
Delete an inbound SAML configuration for an Identity Toolkit project.

+

+  get(name, x__xgafv=None)

+
Retrieve an inbound SAML configuration for an Identity Toolkit project.

+

+  list(parent, pageSize=None, pageToken=None, x__xgafv=None)

+
List all inbound SAML configurations for an Identity Toolkit project.

+

+  list_next()

+
Retrieves the next page of results.

+

+  patch(name, body=None, updateMask=None, x__xgafv=None)

+
Update an inbound SAML configuration for an Identity Toolkit project.

+
Method Details

+

+    close()
+  
Close httplib2 connections.

+

+
+

+    create(parent, body=None, inboundSamlConfigId=None, x__xgafv=None)
+  
Create an inbound SAML configuration for an Identity Toolkit project.
+
+Args:
+  parent: string, The parent resource name where the config to be created, for example: "projects/my-awesome-project" (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # A pair of SAML RP-IDP configurations when the project acts as the relying party.
+  "displayName": "A String", # The config's display name set by developers.
+  "enabled": True or False, # True if allows the user to sign in with the provider.
+  "idpConfig": { # The SAML IdP (Identity Provider) configuration when the project acts as the relying party. # The SAML IdP (Identity Provider) configuration when the project acts as the relying party.
+    "idpCertificates": [ # IDP's public keys for verifying signature in the assertions.
+      { # The IDP's certificate data to verify the signature in the SAMLResponse issued by the IDP.
+        "x509Certificate": "A String", # The x509 certificate
+      },
+    ],
+    "idpEntityId": "A String", # Unique identifier for all SAML entities.
+    "signRequest": True or False, # Indicates if outbounding SAMLRequest should be signed.
+    "ssoUrl": "A String", # URL to send Authentication request to.
+  },
+  "name": "A String", # The name of the InboundSamlConfig resource, for example: 'projects/my-awesome-project/inboundSamlConfigs/my-config-id'. Ignored during create requests.
+  "spConfig": { # The SAML SP (Service Provider) configuration when the project acts as the relying party to receive and accept an authentication assertion issued by a SAML identity provider. # The SAML SP (Service Provider) configuration when the project acts as the relying party to receive and accept an authentication assertion issued by a SAML identity provider.
+    "callbackUri": "A String", # Callback URI where responses from IDP are handled.
+    "spCertificates": [ # Output only. Public certificates generated by the server to verify the signature in SAMLRequest in the SP-initiated flow.
+      { # The SP's certificate data for IDP to verify the SAMLRequest generated by the SP.
+        "expiresAt": "A String", # Timestamp of the cert expiration instance.
+        "x509Certificate": "A String", # Self-signed public certificate.
+      },
+    ],
+    "spEntityId": "A String", # Unique identifier for all SAML entities.
+  },
+}
+
+  inboundSamlConfigId: string, The id to use for this config.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A pair of SAML RP-IDP configurations when the project acts as the relying party.
+  "displayName": "A String", # The config's display name set by developers.
+  "enabled": True or False, # True if allows the user to sign in with the provider.
+  "idpConfig": { # The SAML IdP (Identity Provider) configuration when the project acts as the relying party. # The SAML IdP (Identity Provider) configuration when the project acts as the relying party.
+    "idpCertificates": [ # IDP's public keys for verifying signature in the assertions.
+      { # The IDP's certificate data to verify the signature in the SAMLResponse issued by the IDP.
+        "x509Certificate": "A String", # The x509 certificate
+      },
+    ],
+    "idpEntityId": "A String", # Unique identifier for all SAML entities.
+    "signRequest": True or False, # Indicates if outbounding SAMLRequest should be signed.
+    "ssoUrl": "A String", # URL to send Authentication request to.
+  },
+  "name": "A String", # The name of the InboundSamlConfig resource, for example: 'projects/my-awesome-project/inboundSamlConfigs/my-config-id'. Ignored during create requests.
+  "spConfig": { # The SAML SP (Service Provider) configuration when the project acts as the relying party to receive and accept an authentication assertion issued by a SAML identity provider. # The SAML SP (Service Provider) configuration when the project acts as the relying party to receive and accept an authentication assertion issued by a SAML identity provider.
+    "callbackUri": "A String", # Callback URI where responses from IDP are handled.
+    "spCertificates": [ # Output only. Public certificates generated by the server to verify the signature in SAMLRequest in the SP-initiated flow.
+      { # The SP's certificate data for IDP to verify the SAMLRequest generated by the SP.
+        "expiresAt": "A String", # Timestamp of the cert expiration instance.
+        "x509Certificate": "A String", # Self-signed public certificate.
+      },
+    ],
+    "spEntityId": "A String", # Unique identifier for all SAML entities.
+  },
+}

+

+
+

+    delete(name, x__xgafv=None)
+  
Delete an inbound SAML configuration for an Identity Toolkit project.
+
+Args:
+  name: string, The resource name of the config to be deleted, for example: 'projects/my-awesome-project/inboundSamlConfigs/my-config-id'. (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }
+}

+

+
+

+    get(name, x__xgafv=None)
+  
Retrieve an inbound SAML configuration for an Identity Toolkit project.
+
+Args:
+  name: string, The resource name of the config, for example: 'projects/my-awesome-project/inboundSamlConfigs/my-config-id'. (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A pair of SAML RP-IDP configurations when the project acts as the relying party.
+  "displayName": "A String", # The config's display name set by developers.
+  "enabled": True or False, # True if allows the user to sign in with the provider.
+  "idpConfig": { # The SAML IdP (Identity Provider) configuration when the project acts as the relying party. # The SAML IdP (Identity Provider) configuration when the project acts as the relying party.
+    "idpCertificates": [ # IDP's public keys for verifying signature in the assertions.
+      { # The IDP's certificate data to verify the signature in the SAMLResponse issued by the IDP.
+        "x509Certificate": "A String", # The x509 certificate
+      },
+    ],
+    "idpEntityId": "A String", # Unique identifier for all SAML entities.
+    "signRequest": True or False, # Indicates if outbounding SAMLRequest should be signed.
+    "ssoUrl": "A String", # URL to send Authentication request to.
+  },
+  "name": "A String", # The name of the InboundSamlConfig resource, for example: 'projects/my-awesome-project/inboundSamlConfigs/my-config-id'. Ignored during create requests.
+  "spConfig": { # The SAML SP (Service Provider) configuration when the project acts as the relying party to receive and accept an authentication assertion issued by a SAML identity provider. # The SAML SP (Service Provider) configuration when the project acts as the relying party to receive and accept an authentication assertion issued by a SAML identity provider.
+    "callbackUri": "A String", # Callback URI where responses from IDP are handled.
+    "spCertificates": [ # Output only. Public certificates generated by the server to verify the signature in SAMLRequest in the SP-initiated flow.
+      { # The SP's certificate data for IDP to verify the SAMLRequest generated by the SP.
+        "expiresAt": "A String", # Timestamp of the cert expiration instance.
+        "x509Certificate": "A String", # Self-signed public certificate.
+      },
+    ],
+    "spEntityId": "A String", # Unique identifier for all SAML entities.
+  },
+}

+

+
+

+    list(parent, pageSize=None, pageToken=None, x__xgafv=None)
+  
List all inbound SAML configurations for an Identity Toolkit project.
+
+Args:
+  parent: string, The parent resource name, for example, "projects/my-awesome-project". (required)
+  pageSize: integer, The maximum number of items to return.
+  pageToken: string, The next_page_token value returned from a previous List request, if any.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response for ListInboundSamlConfigs
+  "inboundSamlConfigs": [ # The set of configs.
+    { # A pair of SAML RP-IDP configurations when the project acts as the relying party.
+      "displayName": "A String", # The config's display name set by developers.
+      "enabled": True or False, # True if allows the user to sign in with the provider.
+      "idpConfig": { # The SAML IdP (Identity Provider) configuration when the project acts as the relying party. # The SAML IdP (Identity Provider) configuration when the project acts as the relying party.
+        "idpCertificates": [ # IDP's public keys for verifying signature in the assertions.
+          { # The IDP's certificate data to verify the signature in the SAMLResponse issued by the IDP.
+            "x509Certificate": "A String", # The x509 certificate
+          },
+        ],
+        "idpEntityId": "A String", # Unique identifier for all SAML entities.
+        "signRequest": True or False, # Indicates if outbounding SAMLRequest should be signed.
+        "ssoUrl": "A String", # URL to send Authentication request to.
+      },
+      "name": "A String", # The name of the InboundSamlConfig resource, for example: 'projects/my-awesome-project/inboundSamlConfigs/my-config-id'. Ignored during create requests.
+      "spConfig": { # The SAML SP (Service Provider) configuration when the project acts as the relying party to receive and accept an authentication assertion issued by a SAML identity provider. # The SAML SP (Service Provider) configuration when the project acts as the relying party to receive and accept an authentication assertion issued by a SAML identity provider.
+        "callbackUri": "A String", # Callback URI where responses from IDP are handled.
+        "spCertificates": [ # Output only. Public certificates generated by the server to verify the signature in SAMLRequest in the SP-initiated flow.
+          { # The SP's certificate data for IDP to verify the SAMLRequest generated by the SP.
+            "expiresAt": "A String", # Timestamp of the cert expiration instance.
+            "x509Certificate": "A String", # Self-signed public certificate.
+          },
+        ],
+        "spEntityId": "A String", # Unique identifier for all SAML entities.
+      },
+    },
+  ],
+  "nextPageToken": "A String", # Token to retrieve the next page of results, or empty if there are no more results in the list.
+}

+

+
+

+    list_next()
+  
Retrieves the next page of results.
+
+        Args:
+          previous_request: The request for the previous page. (required)
+          previous_response: The response from the request for the previous page. (required)
+
+        Returns:
+          A request object that you can call 'execute()' on to request the next
+          page. Returns None if there are no more items in the collection.
+        

+

+
+

+    patch(name, body=None, updateMask=None, x__xgafv=None)
+  
Update an inbound SAML configuration for an Identity Toolkit project.
+
+Args:
+  name: string, The name of the InboundSamlConfig resource, for example: 'projects/my-awesome-project/inboundSamlConfigs/my-config-id'. Ignored during create requests. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # A pair of SAML RP-IDP configurations when the project acts as the relying party.
+  "displayName": "A String", # The config's display name set by developers.
+  "enabled": True or False, # True if allows the user to sign in with the provider.
+  "idpConfig": { # The SAML IdP (Identity Provider) configuration when the project acts as the relying party. # The SAML IdP (Identity Provider) configuration when the project acts as the relying party.
+    "idpCertificates": [ # IDP's public keys for verifying signature in the assertions.
+      { # The IDP's certificate data to verify the signature in the SAMLResponse issued by the IDP.
+        "x509Certificate": "A String", # The x509 certificate
+      },
+    ],
+    "idpEntityId": "A String", # Unique identifier for all SAML entities.
+    "signRequest": True or False, # Indicates if outbounding SAMLRequest should be signed.
+    "ssoUrl": "A String", # URL to send Authentication request to.
+  },
+  "name": "A String", # The name of the InboundSamlConfig resource, for example: 'projects/my-awesome-project/inboundSamlConfigs/my-config-id'. Ignored during create requests.
+  "spConfig": { # The SAML SP (Service Provider) configuration when the project acts as the relying party to receive and accept an authentication assertion issued by a SAML identity provider. # The SAML SP (Service Provider) configuration when the project acts as the relying party to receive and accept an authentication assertion issued by a SAML identity provider.
+    "callbackUri": "A String", # Callback URI where responses from IDP are handled.
+    "spCertificates": [ # Output only. Public certificates generated by the server to verify the signature in SAMLRequest in the SP-initiated flow.
+      { # The SP's certificate data for IDP to verify the SAMLRequest generated by the SP.
+        "expiresAt": "A String", # Timestamp of the cert expiration instance.
+        "x509Certificate": "A String", # Self-signed public certificate.
+      },
+    ],
+    "spEntityId": "A String", # Unique identifier for all SAML entities.
+  },
+}
+
+  updateMask: string, The update mask applies to the resource. Empty update mask will result in updating nothing. For the `FieldMask` definition, see https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A pair of SAML RP-IDP configurations when the project acts as the relying party.
+  "displayName": "A String", # The config's display name set by developers.
+  "enabled": True or False, # True if allows the user to sign in with the provider.
+  "idpConfig": { # The SAML IdP (Identity Provider) configuration when the project acts as the relying party. # The SAML IdP (Identity Provider) configuration when the project acts as the relying party.
+    "idpCertificates": [ # IDP's public keys for verifying signature in the assertions.
+      { # The IDP's certificate data to verify the signature in the SAMLResponse issued by the IDP.
+        "x509Certificate": "A String", # The x509 certificate
+      },
+    ],
+    "idpEntityId": "A String", # Unique identifier for all SAML entities.
+    "signRequest": True or False, # Indicates if outbounding SAMLRequest should be signed.
+    "ssoUrl": "A String", # URL to send Authentication request to.
+  },
+  "name": "A String", # The name of the InboundSamlConfig resource, for example: 'projects/my-awesome-project/inboundSamlConfigs/my-config-id'. Ignored during create requests.
+  "spConfig": { # The SAML SP (Service Provider) configuration when the project acts as the relying party to receive and accept an authentication assertion issued by a SAML identity provider. # The SAML SP (Service Provider) configuration when the project acts as the relying party to receive and accept an authentication assertion issued by a SAML identity provider.
+    "callbackUri": "A String", # Callback URI where responses from IDP are handled.
+    "spCertificates": [ # Output only. Public certificates generated by the server to verify the signature in SAMLRequest in the SP-initiated flow.
+      { # The SP's certificate data for IDP to verify the SAMLRequest generated by the SP.
+        "expiresAt": "A String", # Timestamp of the cert expiration instance.
+        "x509Certificate": "A String", # Self-signed public certificate.
+      },
+    ],
+    "spEntityId": "A String", # Unique identifier for all SAML entities.
+  },
+}

+

+
+
\ No newline at end of file
diff --git a/docs/dyn/identitytoolkit_v2.projects.tenants.oauthIdpConfigs.html b/docs/dyn/identitytoolkit_v2.projects.tenants.oauthIdpConfigs.html
new file mode 100644
index 00000000000..dd8eacbcc77
--- /dev/null
+++ b/docs/dyn/identitytoolkit_v2.projects.tenants.oauthIdpConfigs.html
@@ -0,0 +1,295 @@
+
+
+
+
Identity Toolkit API . projects . tenants . oauthIdpConfigs

+
Instance Methods

+

+  close()

+
Close httplib2 connections.

+

+  create(parent, body=None, oauthIdpConfigId=None, x__xgafv=None)

+
Create an Oidc Idp configuration for an Identity Toolkit project.

+

+  delete(name, x__xgafv=None)

+
Delete an Oidc Idp configuration for an Identity Toolkit project.

+

+  get(name, x__xgafv=None)

+
Retrieve an Oidc Idp configuration for an Identity Toolkit project.

+

+  list(parent, pageSize=None, pageToken=None, x__xgafv=None)

+
List all Oidc Idp configurations for an Identity Toolkit project.

+

+  list_next()

+
Retrieves the next page of results.

+

+  patch(name, body=None, updateMask=None, x__xgafv=None)

+
Update an Oidc Idp configuration for an Identity Toolkit project.

+
Method Details

+

+    close()
+  
Close httplib2 connections.

+

+
+

+    create(parent, body=None, oauthIdpConfigId=None, x__xgafv=None)
+  
Create an Oidc Idp configuration for an Identity Toolkit project.
+
+Args:
+  parent: string, The parent resource name where the config to be created, for example: "projects/my-awesome-project" (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Configuration options for authenticating with an OAuth IDP.
+  "clientId": "A String", # The client id of an OAuth client.
+  "clientSecret": "A String", # The client secret of the OAuth client, to enable OIDC code flow.
+  "displayName": "A String", # The config's display name set by developers.
+  "enabled": True or False, # True if allows the user to sign in with the provider.
+  "issuer": "A String", # For OIDC Idps, the issuer identifier.
+  "name": "A String", # The name of the OAuthIdpConfig resource, for example: 'projects/my-awesome-project/oauthIdpConfigs/oauth-config-id'. Ignored during create requests.
+  "responseType": { # The response type to request for in the OAuth authorization flow. You can set either `id_token` or `code` to true, but not both. Setting both types to be simultaneously true (`{code: true, id_token: true}`) is not yet supported. See https://openid.net/specs/openid-connect-core-1_0.html#Authentication for a mapping of response type to OAuth 2.0 flow. # The response type to request for in the OAuth authorization flow. You can set either `id_token` or `code` to true, but not both. Setting both types to be simultaneously true (`{code: true, id_token: true}`) is not yet supported.
+    "code": True or False, # If true, authorization code is returned from IdP's authorization endpoint.
+    "idToken": True or False, # If true, ID token is returned from IdP's authorization endpoint.
+    "token": True or False, # Do not use. The `token` response type is not supported at the moment.
+  },
+}
+
+  oauthIdpConfigId: string, The id to use for this config.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Configuration options for authenticating with an OAuth IDP.
+  "clientId": "A String", # The client id of an OAuth client.
+  "clientSecret": "A String", # The client secret of the OAuth client, to enable OIDC code flow.
+  "displayName": "A String", # The config's display name set by developers.
+  "enabled": True or False, # True if allows the user to sign in with the provider.
+  "issuer": "A String", # For OIDC Idps, the issuer identifier.
+  "name": "A String", # The name of the OAuthIdpConfig resource, for example: 'projects/my-awesome-project/oauthIdpConfigs/oauth-config-id'. Ignored during create requests.
+  "responseType": { # The response type to request for in the OAuth authorization flow. You can set either `id_token` or `code` to true, but not both. Setting both types to be simultaneously true (`{code: true, id_token: true}`) is not yet supported. See https://openid.net/specs/openid-connect-core-1_0.html#Authentication for a mapping of response type to OAuth 2.0 flow. # The response type to request for in the OAuth authorization flow. You can set either `id_token` or `code` to true, but not both. Setting both types to be simultaneously true (`{code: true, id_token: true}`) is not yet supported.
+    "code": True or False, # If true, authorization code is returned from IdP's authorization endpoint.
+    "idToken": True or False, # If true, ID token is returned from IdP's authorization endpoint.
+    "token": True or False, # Do not use. The `token` response type is not supported at the moment.
+  },
+}

+

+
+

+    delete(name, x__xgafv=None)
+  
Delete an Oidc Idp configuration for an Identity Toolkit project.
+
+Args:
+  name: string, The resource name of the config to be deleted, for example: 'projects/my-awesome-project/oauthIdpConfigs/oauth-config-id'. (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }
+}

+

+
+

+    get(name, x__xgafv=None)
+  
Retrieve an Oidc Idp configuration for an Identity Toolkit project.
+
+Args:
+  name: string, The resource name of the config, for example: 'projects/my-awesome-project/oauthIdpConfigs/oauth-config-id'. (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Configuration options for authenticating with an OAuth IDP.
+  "clientId": "A String", # The client id of an OAuth client.
+  "clientSecret": "A String", # The client secret of the OAuth client, to enable OIDC code flow.
+  "displayName": "A String", # The config's display name set by developers.
+  "enabled": True or False, # True if allows the user to sign in with the provider.
+  "issuer": "A String", # For OIDC Idps, the issuer identifier.
+  "name": "A String", # The name of the OAuthIdpConfig resource, for example: 'projects/my-awesome-project/oauthIdpConfigs/oauth-config-id'. Ignored during create requests.
+  "responseType": { # The response type to request for in the OAuth authorization flow. You can set either `id_token` or `code` to true, but not both. Setting both types to be simultaneously true (`{code: true, id_token: true}`) is not yet supported. See https://openid.net/specs/openid-connect-core-1_0.html#Authentication for a mapping of response type to OAuth 2.0 flow. # The response type to request for in the OAuth authorization flow. You can set either `id_token` or `code` to true, but not both. Setting both types to be simultaneously true (`{code: true, id_token: true}`) is not yet supported.
+    "code": True or False, # If true, authorization code is returned from IdP's authorization endpoint.
+    "idToken": True or False, # If true, ID token is returned from IdP's authorization endpoint.
+    "token": True or False, # Do not use. The `token` response type is not supported at the moment.
+  },
+}

+

+
+

+    list(parent, pageSize=None, pageToken=None, x__xgafv=None)
+  
List all Oidc Idp configurations for an Identity Toolkit project.
+
+Args:
+  parent: string, The parent resource name, for example, "projects/my-awesome-project". (required)
+  pageSize: integer, The maximum number of items to return.
+  pageToken: string, The next_page_token value returned from a previous List request, if any.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response for ListOAuthIdpConfigs
+  "nextPageToken": "A String", # Token to retrieve the next page of results, or empty if there are no more results in the list.
+  "oauthIdpConfigs": [ # The set of configs.
+    { # Configuration options for authenticating with an OAuth IDP.
+      "clientId": "A String", # The client id of an OAuth client.
+      "clientSecret": "A String", # The client secret of the OAuth client, to enable OIDC code flow.
+      "displayName": "A String", # The config's display name set by developers.
+      "enabled": True or False, # True if allows the user to sign in with the provider.
+      "issuer": "A String", # For OIDC Idps, the issuer identifier.
+      "name": "A String", # The name of the OAuthIdpConfig resource, for example: 'projects/my-awesome-project/oauthIdpConfigs/oauth-config-id'. Ignored during create requests.
+      "responseType": { # The response type to request for in the OAuth authorization flow. You can set either `id_token` or `code` to true, but not both. Setting both types to be simultaneously true (`{code: true, id_token: true}`) is not yet supported. See https://openid.net/specs/openid-connect-core-1_0.html#Authentication for a mapping of response type to OAuth 2.0 flow. # The response type to request for in the OAuth authorization flow. You can set either `id_token` or `code` to true, but not both. Setting both types to be simultaneously true (`{code: true, id_token: true}`) is not yet supported.
+        "code": True or False, # If true, authorization code is returned from IdP's authorization endpoint.
+        "idToken": True or False, # If true, ID token is returned from IdP's authorization endpoint.
+        "token": True or False, # Do not use. The `token` response type is not supported at the moment.
+      },
+    },
+  ],
+}

+

+
+

+    list_next()
+  
Retrieves the next page of results.
+
+        Args:
+          previous_request: The request for the previous page. (required)
+          previous_response: The response from the request for the previous page. (required)
+
+        Returns:
+          A request object that you can call 'execute()' on to request the next
+          page. Returns None if there are no more items in the collection.
+        

+

+
+

+    patch(name, body=None, updateMask=None, x__xgafv=None)
+  
Update an Oidc Idp configuration for an Identity Toolkit project.
+
+Args:
+  name: string, The name of the OAuthIdpConfig resource, for example: 'projects/my-awesome-project/oauthIdpConfigs/oauth-config-id'. Ignored during create requests. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Configuration options for authenticating with an OAuth IDP.
+  "clientId": "A String", # The client id of an OAuth client.
+  "clientSecret": "A String", # The client secret of the OAuth client, to enable OIDC code flow.
+  "displayName": "A String", # The config's display name set by developers.
+  "enabled": True or False, # True if allows the user to sign in with the provider.
+  "issuer": "A String", # For OIDC Idps, the issuer identifier.
+  "name": "A String", # The name of the OAuthIdpConfig resource, for example: 'projects/my-awesome-project/oauthIdpConfigs/oauth-config-id'. Ignored during create requests.
+  "responseType": { # The response type to request for in the OAuth authorization flow. You can set either `id_token` or `code` to true, but not both. Setting both types to be simultaneously true (`{code: true, id_token: true}`) is not yet supported. See https://openid.net/specs/openid-connect-core-1_0.html#Authentication for a mapping of response type to OAuth 2.0 flow. # The response type to request for in the OAuth authorization flow. You can set either `id_token` or `code` to true, but not both. Setting both types to be simultaneously true (`{code: true, id_token: true}`) is not yet supported.
+    "code": True or False, # If true, authorization code is returned from IdP's authorization endpoint.
+    "idToken": True or False, # If true, ID token is returned from IdP's authorization endpoint.
+    "token": True or False, # Do not use. The `token` response type is not supported at the moment.
+  },
+}
+
+  updateMask: string, The update mask applies to the resource. Empty update mask will result in updating nothing. For the `FieldMask` definition, see https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Configuration options for authenticating with an OAuth IDP.
+  "clientId": "A String", # The client id of an OAuth client.
+  "clientSecret": "A String", # The client secret of the OAuth client, to enable OIDC code flow.
+  "displayName": "A String", # The config's display name set by developers.
+  "enabled": True or False, # True if allows the user to sign in with the provider.
+  "issuer": "A String", # For OIDC Idps, the issuer identifier.
+  "name": "A String", # The name of the OAuthIdpConfig resource, for example: 'projects/my-awesome-project/oauthIdpConfigs/oauth-config-id'. Ignored during create requests.
+  "responseType": { # The response type to request for in the OAuth authorization flow. You can set either `id_token` or `code` to true, but not both. Setting both types to be simultaneously true (`{code: true, id_token: true}`) is not yet supported. See https://openid.net/specs/openid-connect-core-1_0.html#Authentication for a mapping of response type to OAuth 2.0 flow. # The response type to request for in the OAuth authorization flow. You can set either `id_token` or `code` to true, but not both. Setting both types to be simultaneously true (`{code: true, id_token: true}`) is not yet supported.
+    "code": True or False, # If true, authorization code is returned from IdP's authorization endpoint.
+    "idToken": True or False, # If true, ID token is returned from IdP's authorization endpoint.
+    "token": True or False, # Do not use. The `token` response type is not supported at the moment.
+  },
+}

+

+
+
\ No newline at end of file
diff --git a/docs/dyn/ids_v1.projects.locations.endpoints.html b/docs/dyn/ids_v1.projects.locations.endpoints.html
index d584a10227d..66e9743e178 100644
--- a/docs/dyn/ids_v1.projects.locations.endpoints.html
+++ b/docs/dyn/ids_v1.projects.locations.endpoints.html
@@ -267,7 +267,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -367,7 +367,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -409,7 +409,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/index.md b/docs/dyn/index.md
index 38f6c8f574d..d4153fec2c6 100644
--- a/docs/dyn/index.md
+++ b/docs/dyn/index.md
@@ -257,10 +257,6 @@
 * [v1beta1](http://googleapis.github.io/google-api-python-client/docs/dyn/cloudidentity_v1beta1.html)
 
 
-## cloudiot
-* [v1](http://googleapis.github.io/google-api-python-client/docs/dyn/cloudiot_v1.html)
-
-
 ## cloudkms
 * [v1](http://googleapis.github.io/google-api-python-client/docs/dyn/cloudkms_v1.html)
 
@@ -628,6 +624,8 @@
 
 
 ## identitytoolkit
+* [v1](http://googleapis.github.io/google-api-python-client/docs/dyn/identitytoolkit_v1.html)
+* [v2](http://googleapis.github.io/google-api-python-client/docs/dyn/identitytoolkit_v2.html)
 * [v3](http://googleapis.github.io/google-api-python-client/docs/dyn/identitytoolkit_v3.html)
 
 
diff --git a/docs/dyn/managedidentities_v1.projects.locations.global_.domains.backups.html b/docs/dyn/managedidentities_v1.projects.locations.global_.domains.backups.html
index 052ff25005e..8a4931089fd 100644
--- a/docs/dyn/managedidentities_v1.projects.locations.global_.domains.backups.html
+++ b/docs/dyn/managedidentities_v1.projects.locations.global_.domains.backups.html
@@ -247,7 +247,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -381,7 +381,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -409,7 +409,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/managedidentities_v1.projects.locations.global_.domains.html b/docs/dyn/managedidentities_v1.projects.locations.global_.domains.html
index 9840bfa3d03..deca6eb4f78 100644
--- a/docs/dyn/managedidentities_v1.projects.locations.global_.domains.html
+++ b/docs/dyn/managedidentities_v1.projects.locations.global_.domains.html
@@ -99,6 +99,9 @@ 
Instance Methods

 

   detachTrust(name, body=None, x__xgafv=None)

 
Removes an AD trust.

+

+  extendSchema(domain, body=None, x__xgafv=None)

+
Extend Schema for Domain

 

   get(name, x__xgafv=None)

 
Gets information about a domain.

@@ -368,6 +371,50 @@ 
Method Details

 }

 

 
+

+    extendSchema(domain, body=None, x__xgafv=None)
+  
Extend Schema for Domain
+
+Args:
+  domain: string, Required. The domain resource name using the form: `projects/{project_id}/locations/global/domains/{domain_name}` (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # ExtendSchemaRequest is the request message for ExtendSchema method.
+  "description": "A String", # Required. Description for Schema Change.
+  "fileContents": "A String", # File uploaded as a byte stream input.
+  "gcsPath": "A String", # File stored in Cloud Storage bucket and represented in the form projects/{project_id}/buckets/{bucket_name}/objects/{object_name} File should be in the same project as the domain.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # This resource represents a long-running operation that is the result of a network API call.
+  "done": True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
+  "error": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
+    "code": 42, # The status code, which should be an enum value of google.rpc.Code.
+    "details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
+      {
+        "a_key": "", # Properties of the object. Contains field @type with type URL.
+      },
+    ],
+    "message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
+  },
+  "metadata": { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
+    "a_key": "", # Properties of the object. Contains field @type with type URL.
+  },
+  "name": "A String", # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
+  "response": { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
+    "a_key": "", # Properties of the object. Contains field @type with type URL.
+  },
+}

+

+
 

     get(name, x__xgafv=None)
   
Gets information about a domain.
@@ -445,7 +492,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -775,7 +822,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -803,7 +850,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/managedidentities_v1.projects.locations.global_.peerings.html b/docs/dyn/managedidentities_v1.projects.locations.global_.peerings.html
index 518c257a5ab..23dc4fa7514 100644
--- a/docs/dyn/managedidentities_v1.projects.locations.global_.peerings.html
+++ b/docs/dyn/managedidentities_v1.projects.locations.global_.peerings.html
@@ -249,7 +249,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -385,7 +385,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -413,7 +413,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/managedidentities_v1alpha1.projects.locations.global_.domains.backups.html b/docs/dyn/managedidentities_v1alpha1.projects.locations.global_.domains.backups.html
index e49895c9a16..fb8ed3f10b9 100644
--- a/docs/dyn/managedidentities_v1alpha1.projects.locations.global_.domains.backups.html
+++ b/docs/dyn/managedidentities_v1alpha1.projects.locations.global_.domains.backups.html
@@ -249,7 +249,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -385,7 +385,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -413,7 +413,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/managedidentities_v1alpha1.projects.locations.global_.domains.html b/docs/dyn/managedidentities_v1alpha1.projects.locations.global_.domains.html
index f83197cabf1..0033ba74a9c 100644
--- a/docs/dyn/managedidentities_v1alpha1.projects.locations.global_.domains.html
+++ b/docs/dyn/managedidentities_v1alpha1.projects.locations.global_.domains.html
@@ -492,7 +492,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -833,7 +833,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -861,7 +861,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/managedidentities_v1alpha1.projects.locations.global_.peerings.html b/docs/dyn/managedidentities_v1alpha1.projects.locations.global_.peerings.html
index 52e250c010c..4dc213cb00a 100644
--- a/docs/dyn/managedidentities_v1alpha1.projects.locations.global_.peerings.html
+++ b/docs/dyn/managedidentities_v1alpha1.projects.locations.global_.peerings.html
@@ -249,7 +249,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -385,7 +385,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -413,7 +413,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/managedidentities_v1beta1.projects.locations.global_.domains.backups.html b/docs/dyn/managedidentities_v1beta1.projects.locations.global_.domains.backups.html
index 773bb1236b4..3e713d9c00a 100644
--- a/docs/dyn/managedidentities_v1beta1.projects.locations.global_.domains.backups.html
+++ b/docs/dyn/managedidentities_v1beta1.projects.locations.global_.domains.backups.html
@@ -249,7 +249,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -385,7 +385,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -413,7 +413,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/managedidentities_v1beta1.projects.locations.global_.domains.html b/docs/dyn/managedidentities_v1beta1.projects.locations.global_.domains.html
index a7b3d52a94f..89f046e722e 100644
--- a/docs/dyn/managedidentities_v1beta1.projects.locations.global_.domains.html
+++ b/docs/dyn/managedidentities_v1beta1.projects.locations.global_.domains.html
@@ -492,7 +492,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -822,7 +822,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -850,7 +850,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/managedidentities_v1beta1.projects.locations.global_.peerings.html b/docs/dyn/managedidentities_v1beta1.projects.locations.global_.peerings.html
index 0d48fd35586..579c0a34cc3 100644
--- a/docs/dyn/managedidentities_v1beta1.projects.locations.global_.peerings.html
+++ b/docs/dyn/managedidentities_v1beta1.projects.locations.global_.peerings.html
@@ -249,7 +249,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -385,7 +385,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -413,7 +413,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/ml_v1.projects.jobs.html b/docs/dyn/ml_v1.projects.jobs.html
index cd2e29c5691..c9dc31eedab 100644
--- a/docs/dyn/ml_v1.projects.jobs.html
+++ b/docs/dyn/ml_v1.projects.jobs.html
@@ -843,7 +843,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1581,7 +1581,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1623,7 +1623,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/ml_v1.projects.models.html b/docs/dyn/ml_v1.projects.models.html
index cbbce4b000b..b3968633868 100644
--- a/docs/dyn/ml_v1.projects.models.html
+++ b/docs/dyn/ml_v1.projects.models.html
@@ -505,7 +505,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -814,7 +814,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -856,7 +856,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/mybusinessverifications_v1.verificationTokens.html b/docs/dyn/mybusinessverifications_v1.verificationTokens.html
index 0e21c62787b..c4cf2a0ac72 100644
--- a/docs/dyn/mybusinessverifications_v1.verificationTokens.html
+++ b/docs/dyn/mybusinessverifications_v1.verificationTokens.html
@@ -95,7 +95,7 @@ 
Method Details

     The object takes the form of:
 
 { # Request message for Verifications.GenerateVerificationToken.
-  "location": { # A subset of location info. See the [help center article] (https://support.google.com/business/answer/3038177) for a detailed description of these fields, or the [category endpoint](/my-business/reference/rest/v4/categories) for a list of valid business categories. # Required. The target location.
+  "location": { # A subset of location info. See the [help center article] (https://support.google.com/business/answer/3038177) for a detailed description of these fields, or the [category endpoint](/my-business/reference/rest/v4/categories) for a list of valid business categories. # Required. The target location. Note: The location information should exactly match the target Location, otherwise the generated verification token won't be able to verify the target Location.
     "address": { # Represents a postal address, e.g. for postal delivery or payments addresses. Given a postal address, a postal service can deliver items to a premise, P.O. Box or similar. It is not intended to model geographical locations (roads, towns, mountains). In typical usage an address would be created via user input or from importing existing data, depending on the type of process. Advice on address input / editing: - Use an internationalization-ready address widget such as https://github.com/google/libaddressinput) - Users should not be presented with UI elements for input or editing of fields outside countries where that field is used. For more guidance on how to use this schema, please see: https://support.google.com/business/answer/6397478 # Required. A precise, accurate address to describe your business location. PO boxes or mailboxes located at remote locations are not acceptable. At this time, you can specify a maximum of five `address_lines` values in the address.
       "addressLines": [ # Unstructured address lines describing the lower levels of an address. Because values in address_lines do not have type information and may sometimes contain multiple values in a single field (e.g. "Austin, TX"), it is important that the line order is clear. The order of address lines should be "envelope order" for the country/region of the address. In places where this can vary (e.g. Japan), address_language is used to make it explicit (e.g. "ja" for large-to-small ordering and "ja-Latn" or "en" for small-to-large). This way, the most specific line of an address can be selected based on the language. The minimum permitted structural representation of an address consists of a region_code with all remaining information placed in the address_lines. It would be possible to format such an address very approximately without geocoding, but no semantic reasoning could be made about any of the address components until it was at least partially resolved. Creating an address only containing a region_code and address_lines, and then geocoding is the recommended way to handle completely unstructured addresses (as opposed to guessing which parts of the address should be localities or administrative areas).
         "A String",
diff --git a/docs/dyn/networkmanagement_v1.projects.locations.global_.connectivityTests.html b/docs/dyn/networkmanagement_v1.projects.locations.global_.connectivityTests.html
index d569c484f4a..e5b983d8003 100644
--- a/docs/dyn/networkmanagement_v1.projects.locations.global_.connectivityTests.html
+++ b/docs/dyn/networkmanagement_v1.projects.locations.global_.connectivityTests.html
@@ -126,6 +126,9 @@ 
Method Details

   "createTime": "A String", # Output only. The time the test was created.
   "description": "A String", # The user-supplied description of the Connectivity Test. Maximum of 512 characters.
   "destination": { # Source or destination of the Connectivity Test. # Required. Destination specification of the Connectivity Test. You can use a combination of destination IP address, Compute Engine VM instance, or VPC network to uniquely identify the destination location. Even if the destination IP address is not unique, the source IP location is unique. Usually, the analysis can infer the destination endpoint from route information. If the destination you specify is a VM instance and the instance has multiple network interfaces, then you must also specify either a destination IP address or VPC network to identify the destination interface. A reachability analysis proceeds even if the destination location is ambiguous. However, the result can include endpoints that you don't intend to test.
+    "cloudFunction": { # Wrapper for cloud function attributes. # A [Cloud function](https://cloud.google.com/functions).
+      "uri": "A String", # A [Cloud function](https://cloud.google.com/functions) name.
+    },
     "cloudSqlInstance": "A String", # A [Cloud SQL](https://cloud.google.com/sql) instance URI.
     "gkeMasterCluster": "A String", # A cluster URI for [Google Kubernetes Engine master](https://cloud.google.com/kubernetes-engine/docs/concepts/cluster-architecture).
     "instance": "A String", # A Compute Engine instance URI.
@@ -167,9 +170,18 @@ 
Method Details

           { # A simulated forwarding path is composed of multiple steps. Each step has a well-defined state and an associated configuration.
             "abort": { # Details of the final state "abort" and associated resource. # Display information of the final state "abort" and reason.
               "cause": "A String", # Causes that the analysis is aborted.
+              "projectsMissingPermission": [ # List of project IDs that the user has specified in the request but does not have permission to access network configs. Analysis is aborted in this case with the PERMISSION_DENIED cause.
+                "A String",
+              ],
               "resourceUri": "A String", # URI of the resource that caused the abort.
             },
             "causesDrop": True or False, # This is a step that leads to the final state Drop.
+            "cloudFunction": { # For display only. Metadata associated with a Cloud function. # Display information of a Cloud function.
+              "displayName": "A String", # Name of a Cloud function.
+              "location": "A String", # Location in which the Cloud function is deployed.
+              "uri": "A String", # URI of a Cloud function.
+              "versionId": "A String", # Latest successfully deployed version id of the Cloud function.
+            },
             "cloudSqlInstance": { # For display only. Metadata associated with a Cloud SQL instance. # Display information of a Cloud SQL instance.
               "displayName": "A String", # Name of a Cloud SQL instance.
               "externalIp": "A String", # External IP address of a Cloud SQL instance.
@@ -282,6 +294,11 @@ 
Method Details

               "uri": "A String", # URI of a Compute Engine route. Dynamic route from cloud router does not have a URI. Advertised route from Google Cloud VPC to on-premises network also does not have a URI.
             },
             "state": "A String", # Each step is in one of the pre-defined states.
+            "vpcConnector": { # For display only. Metadata associated with a VPC connector. # Display information of a VPC connector.
+              "displayName": "A String", # Name of a VPC connector.
+              "location": "A String", # Location in which the VPC connector is deployed.
+              "uri": "A String", # URI of a VPC connector.
+            },
             "vpnGateway": { # For display only. Metadata associated with a Compute Engine VPN gateway. # Display information of a Compute Engine VPN gateway.
               "displayName": "A String", # Name of a VPN gateway.
               "ipAddress": "A String", # IP address of the VPN gateway.
@@ -311,6 +328,9 @@ 
Method Details

     "A String",
   ],
   "source": { # Source or destination of the Connectivity Test. # Required. Source specification of the Connectivity Test. You can use a combination of source IP address, virtual machine (VM) instance, or Compute Engine network to uniquely identify the source location. Examples: If the source IP address is an internal IP address within a Google Cloud Virtual Private Cloud (VPC) network, then you must also specify the VPC network. Otherwise, specify the VM instance, which already contains its internal IP address and VPC network information. If the source of the test is within an on-premises network, then you must provide the destination VPC network. If the source endpoint is a Compute Engine VM instance with multiple network interfaces, the instance itself is not sufficient to identify the endpoint. So, you must also specify the source IP address or VPC network. A reachability analysis proceeds even if the source location is ambiguous. However, the test result may include endpoints that you don't intend to test.
+    "cloudFunction": { # Wrapper for cloud function attributes. # A [Cloud function](https://cloud.google.com/functions).
+      "uri": "A String", # A [Cloud function](https://cloud.google.com/functions) name.
+    },
     "cloudSqlInstance": "A String", # A [Cloud SQL](https://cloud.google.com/sql) instance URI.
     "gkeMasterCluster": "A String", # A cluster URI for [Google Kubernetes Engine master](https://cloud.google.com/kubernetes-engine/docs/concepts/cluster-architecture).
     "instance": "A String", # A Compute Engine instance URI.
@@ -406,6 +426,9 @@ 
Method Details

   "createTime": "A String", # Output only. The time the test was created.
   "description": "A String", # The user-supplied description of the Connectivity Test. Maximum of 512 characters.
   "destination": { # Source or destination of the Connectivity Test. # Required. Destination specification of the Connectivity Test. You can use a combination of destination IP address, Compute Engine VM instance, or VPC network to uniquely identify the destination location. Even if the destination IP address is not unique, the source IP location is unique. Usually, the analysis can infer the destination endpoint from route information. If the destination you specify is a VM instance and the instance has multiple network interfaces, then you must also specify either a destination IP address or VPC network to identify the destination interface. A reachability analysis proceeds even if the destination location is ambiguous. However, the result can include endpoints that you don't intend to test.
+    "cloudFunction": { # Wrapper for cloud function attributes. # A [Cloud function](https://cloud.google.com/functions).
+      "uri": "A String", # A [Cloud function](https://cloud.google.com/functions) name.
+    },
     "cloudSqlInstance": "A String", # A [Cloud SQL](https://cloud.google.com/sql) instance URI.
     "gkeMasterCluster": "A String", # A cluster URI for [Google Kubernetes Engine master](https://cloud.google.com/kubernetes-engine/docs/concepts/cluster-architecture).
     "instance": "A String", # A Compute Engine instance URI.
@@ -447,9 +470,18 @@ 
Method Details

           { # A simulated forwarding path is composed of multiple steps. Each step has a well-defined state and an associated configuration.
             "abort": { # Details of the final state "abort" and associated resource. # Display information of the final state "abort" and reason.
               "cause": "A String", # Causes that the analysis is aborted.
+              "projectsMissingPermission": [ # List of project IDs that the user has specified in the request but does not have permission to access network configs. Analysis is aborted in this case with the PERMISSION_DENIED cause.
+                "A String",
+              ],
               "resourceUri": "A String", # URI of the resource that caused the abort.
             },
             "causesDrop": True or False, # This is a step that leads to the final state Drop.
+            "cloudFunction": { # For display only. Metadata associated with a Cloud function. # Display information of a Cloud function.
+              "displayName": "A String", # Name of a Cloud function.
+              "location": "A String", # Location in which the Cloud function is deployed.
+              "uri": "A String", # URI of a Cloud function.
+              "versionId": "A String", # Latest successfully deployed version id of the Cloud function.
+            },
             "cloudSqlInstance": { # For display only. Metadata associated with a Cloud SQL instance. # Display information of a Cloud SQL instance.
               "displayName": "A String", # Name of a Cloud SQL instance.
               "externalIp": "A String", # External IP address of a Cloud SQL instance.
@@ -562,6 +594,11 @@ 
Method Details

               "uri": "A String", # URI of a Compute Engine route. Dynamic route from cloud router does not have a URI. Advertised route from Google Cloud VPC to on-premises network also does not have a URI.
             },
             "state": "A String", # Each step is in one of the pre-defined states.
+            "vpcConnector": { # For display only. Metadata associated with a VPC connector. # Display information of a VPC connector.
+              "displayName": "A String", # Name of a VPC connector.
+              "location": "A String", # Location in which the VPC connector is deployed.
+              "uri": "A String", # URI of a VPC connector.
+            },
             "vpnGateway": { # For display only. Metadata associated with a Compute Engine VPN gateway. # Display information of a Compute Engine VPN gateway.
               "displayName": "A String", # Name of a VPN gateway.
               "ipAddress": "A String", # IP address of the VPN gateway.
@@ -591,6 +628,9 @@ 
Method Details

     "A String",
   ],
   "source": { # Source or destination of the Connectivity Test. # Required. Source specification of the Connectivity Test. You can use a combination of source IP address, virtual machine (VM) instance, or Compute Engine network to uniquely identify the source location. Examples: If the source IP address is an internal IP address within a Google Cloud Virtual Private Cloud (VPC) network, then you must also specify the VPC network. Otherwise, specify the VM instance, which already contains its internal IP address and VPC network information. If the source of the test is within an on-premises network, then you must provide the destination VPC network. If the source endpoint is a Compute Engine VM instance with multiple network interfaces, the instance itself is not sufficient to identify the endpoint. So, you must also specify the source IP address or VPC network. A reachability analysis proceeds even if the source location is ambiguous. However, the test result may include endpoints that you don't intend to test.
+    "cloudFunction": { # Wrapper for cloud function attributes. # A [Cloud function](https://cloud.google.com/functions).
+      "uri": "A String", # A [Cloud function](https://cloud.google.com/functions) name.
+    },
     "cloudSqlInstance": "A String", # A [Cloud SQL](https://cloud.google.com/sql) instance URI.
     "gkeMasterCluster": "A String", # A cluster URI for [Google Kubernetes Engine master](https://cloud.google.com/kubernetes-engine/docs/concepts/cluster-architecture).
     "instance": "A String", # A Compute Engine instance URI.
@@ -641,7 +681,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -677,6 +717,9 @@ 
Method Details

       "createTime": "A String", # Output only. The time the test was created.
       "description": "A String", # The user-supplied description of the Connectivity Test. Maximum of 512 characters.
       "destination": { # Source or destination of the Connectivity Test. # Required. Destination specification of the Connectivity Test. You can use a combination of destination IP address, Compute Engine VM instance, or VPC network to uniquely identify the destination location. Even if the destination IP address is not unique, the source IP location is unique. Usually, the analysis can infer the destination endpoint from route information. If the destination you specify is a VM instance and the instance has multiple network interfaces, then you must also specify either a destination IP address or VPC network to identify the destination interface. A reachability analysis proceeds even if the destination location is ambiguous. However, the result can include endpoints that you don't intend to test.
+        "cloudFunction": { # Wrapper for cloud function attributes. # A [Cloud function](https://cloud.google.com/functions).
+          "uri": "A String", # A [Cloud function](https://cloud.google.com/functions) name.
+        },
         "cloudSqlInstance": "A String", # A [Cloud SQL](https://cloud.google.com/sql) instance URI.
         "gkeMasterCluster": "A String", # A cluster URI for [Google Kubernetes Engine master](https://cloud.google.com/kubernetes-engine/docs/concepts/cluster-architecture).
         "instance": "A String", # A Compute Engine instance URI.
@@ -718,9 +761,18 @@ 
Method Details

               { # A simulated forwarding path is composed of multiple steps. Each step has a well-defined state and an associated configuration.
                 "abort": { # Details of the final state "abort" and associated resource. # Display information of the final state "abort" and reason.
                   "cause": "A String", # Causes that the analysis is aborted.
+                  "projectsMissingPermission": [ # List of project IDs that the user has specified in the request but does not have permission to access network configs. Analysis is aborted in this case with the PERMISSION_DENIED cause.
+                    "A String",
+                  ],
                   "resourceUri": "A String", # URI of the resource that caused the abort.
                 },
                 "causesDrop": True or False, # This is a step that leads to the final state Drop.
+                "cloudFunction": { # For display only. Metadata associated with a Cloud function. # Display information of a Cloud function.
+                  "displayName": "A String", # Name of a Cloud function.
+                  "location": "A String", # Location in which the Cloud function is deployed.
+                  "uri": "A String", # URI of a Cloud function.
+                  "versionId": "A String", # Latest successfully deployed version id of the Cloud function.
+                },
                 "cloudSqlInstance": { # For display only. Metadata associated with a Cloud SQL instance. # Display information of a Cloud SQL instance.
                   "displayName": "A String", # Name of a Cloud SQL instance.
                   "externalIp": "A String", # External IP address of a Cloud SQL instance.
@@ -833,6 +885,11 @@ 
Method Details

                   "uri": "A String", # URI of a Compute Engine route. Dynamic route from cloud router does not have a URI. Advertised route from Google Cloud VPC to on-premises network also does not have a URI.
                 },
                 "state": "A String", # Each step is in one of the pre-defined states.
+                "vpcConnector": { # For display only. Metadata associated with a VPC connector. # Display information of a VPC connector.
+                  "displayName": "A String", # Name of a VPC connector.
+                  "location": "A String", # Location in which the VPC connector is deployed.
+                  "uri": "A String", # URI of a VPC connector.
+                },
                 "vpnGateway": { # For display only. Metadata associated with a Compute Engine VPN gateway. # Display information of a Compute Engine VPN gateway.
                   "displayName": "A String", # Name of a VPN gateway.
                   "ipAddress": "A String", # IP address of the VPN gateway.
@@ -862,6 +919,9 @@ 
Method Details

         "A String",
       ],
       "source": { # Source or destination of the Connectivity Test. # Required. Source specification of the Connectivity Test. You can use a combination of source IP address, virtual machine (VM) instance, or Compute Engine network to uniquely identify the source location. Examples: If the source IP address is an internal IP address within a Google Cloud Virtual Private Cloud (VPC) network, then you must also specify the VPC network. Otherwise, specify the VM instance, which already contains its internal IP address and VPC network information. If the source of the test is within an on-premises network, then you must provide the destination VPC network. If the source endpoint is a Compute Engine VM instance with multiple network interfaces, the instance itself is not sufficient to identify the endpoint. So, you must also specify the source IP address or VPC network. A reachability analysis proceeds even if the source location is ambiguous. However, the test result may include endpoints that you don't intend to test.
+        "cloudFunction": { # Wrapper for cloud function attributes. # A [Cloud function](https://cloud.google.com/functions).
+          "uri": "A String", # A [Cloud function](https://cloud.google.com/functions) name.
+        },
         "cloudSqlInstance": "A String", # A [Cloud SQL](https://cloud.google.com/sql) instance URI.
         "gkeMasterCluster": "A String", # A cluster URI for [Google Kubernetes Engine master](https://cloud.google.com/kubernetes-engine/docs/concepts/cluster-architecture).
         "instance": "A String", # A Compute Engine instance URI.
@@ -907,6 +967,9 @@ 
Method Details

   "createTime": "A String", # Output only. The time the test was created.
   "description": "A String", # The user-supplied description of the Connectivity Test. Maximum of 512 characters.
   "destination": { # Source or destination of the Connectivity Test. # Required. Destination specification of the Connectivity Test. You can use a combination of destination IP address, Compute Engine VM instance, or VPC network to uniquely identify the destination location. Even if the destination IP address is not unique, the source IP location is unique. Usually, the analysis can infer the destination endpoint from route information. If the destination you specify is a VM instance and the instance has multiple network interfaces, then you must also specify either a destination IP address or VPC network to identify the destination interface. A reachability analysis proceeds even if the destination location is ambiguous. However, the result can include endpoints that you don't intend to test.
+    "cloudFunction": { # Wrapper for cloud function attributes. # A [Cloud function](https://cloud.google.com/functions).
+      "uri": "A String", # A [Cloud function](https://cloud.google.com/functions) name.
+    },
     "cloudSqlInstance": "A String", # A [Cloud SQL](https://cloud.google.com/sql) instance URI.
     "gkeMasterCluster": "A String", # A cluster URI for [Google Kubernetes Engine master](https://cloud.google.com/kubernetes-engine/docs/concepts/cluster-architecture).
     "instance": "A String", # A Compute Engine instance URI.
@@ -948,9 +1011,18 @@ 
Method Details

           { # A simulated forwarding path is composed of multiple steps. Each step has a well-defined state and an associated configuration.
             "abort": { # Details of the final state "abort" and associated resource. # Display information of the final state "abort" and reason.
               "cause": "A String", # Causes that the analysis is aborted.
+              "projectsMissingPermission": [ # List of project IDs that the user has specified in the request but does not have permission to access network configs. Analysis is aborted in this case with the PERMISSION_DENIED cause.
+                "A String",
+              ],
               "resourceUri": "A String", # URI of the resource that caused the abort.
             },
             "causesDrop": True or False, # This is a step that leads to the final state Drop.
+            "cloudFunction": { # For display only. Metadata associated with a Cloud function. # Display information of a Cloud function.
+              "displayName": "A String", # Name of a Cloud function.
+              "location": "A String", # Location in which the Cloud function is deployed.
+              "uri": "A String", # URI of a Cloud function.
+              "versionId": "A String", # Latest successfully deployed version id of the Cloud function.
+            },
             "cloudSqlInstance": { # For display only. Metadata associated with a Cloud SQL instance. # Display information of a Cloud SQL instance.
               "displayName": "A String", # Name of a Cloud SQL instance.
               "externalIp": "A String", # External IP address of a Cloud SQL instance.
@@ -1063,6 +1135,11 @@ 
Method Details

               "uri": "A String", # URI of a Compute Engine route. Dynamic route from cloud router does not have a URI. Advertised route from Google Cloud VPC to on-premises network also does not have a URI.
             },
             "state": "A String", # Each step is in one of the pre-defined states.
+            "vpcConnector": { # For display only. Metadata associated with a VPC connector. # Display information of a VPC connector.
+              "displayName": "A String", # Name of a VPC connector.
+              "location": "A String", # Location in which the VPC connector is deployed.
+              "uri": "A String", # URI of a VPC connector.
+            },
             "vpnGateway": { # For display only. Metadata associated with a Compute Engine VPN gateway. # Display information of a Compute Engine VPN gateway.
               "displayName": "A String", # Name of a VPN gateway.
               "ipAddress": "A String", # IP address of the VPN gateway.
@@ -1092,6 +1169,9 @@ 
Method Details

     "A String",
   ],
   "source": { # Source or destination of the Connectivity Test. # Required. Source specification of the Connectivity Test. You can use a combination of source IP address, virtual machine (VM) instance, or Compute Engine network to uniquely identify the source location. Examples: If the source IP address is an internal IP address within a Google Cloud Virtual Private Cloud (VPC) network, then you must also specify the VPC network. Otherwise, specify the VM instance, which already contains its internal IP address and VPC network information. If the source of the test is within an on-premises network, then you must provide the destination VPC network. If the source endpoint is a Compute Engine VM instance with multiple network interfaces, the instance itself is not sufficient to identify the endpoint. So, you must also specify the source IP address or VPC network. A reachability analysis proceeds even if the source location is ambiguous. However, the test result may include endpoints that you don't intend to test.
+    "cloudFunction": { # Wrapper for cloud function attributes. # A [Cloud function](https://cloud.google.com/functions).
+      "uri": "A String", # A [Cloud function](https://cloud.google.com/functions) name.
+    },
     "cloudSqlInstance": "A String", # A [Cloud SQL](https://cloud.google.com/sql) instance URI.
     "gkeMasterCluster": "A String", # A cluster URI for [Google Kubernetes Engine master](https://cloud.google.com/kubernetes-engine/docs/concepts/cluster-architecture).
     "instance": "A String", # A Compute Engine instance URI.
@@ -1207,7 +1287,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1249,7 +1329,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/networkmanagement_v1beta1.projects.locations.global_.connectivityTests.html b/docs/dyn/networkmanagement_v1beta1.projects.locations.global_.connectivityTests.html
index 6d956ef621b..bea82bf6910 100644
--- a/docs/dyn/networkmanagement_v1beta1.projects.locations.global_.connectivityTests.html
+++ b/docs/dyn/networkmanagement_v1beta1.projects.locations.global_.connectivityTests.html
@@ -208,14 +208,11 @@ 
Method Details

           { # A simulated forwarding path is composed of multiple steps. Each step has a well-defined state and an associated configuration.
             "abort": { # Details of the final state "abort" and associated resource. # Display information of the final state "abort" and reason.
               "cause": "A String", # Causes that the analysis is aborted.
+              "projectsMissingPermission": [ # List of project IDs that the user has specified in the request but does not have permission to access network configs. Analysis is aborted in this case with the PERMISSION_DENIED cause.
+                "A String",
+              ],
               "resourceUri": "A String", # URI of the resource that caused the abort.
             },
-            "appEngineVersion": { # For display only. Metadata associated with an App Engine version. # Display information of an App Engine service version.
-              "displayName": "A String", # Name of an App Engine version.
-              "environment": "A String", # App Engine execution environment for a version.
-              "runtime": "A String", # Runtime of the App Engine version.
-              "uri": "A String", # URI of an App Engine version.
-            },
             "causesDrop": True or False, # This is a step that leads to the final state Drop.
             "cloudFunction": { # For display only. Metadata associated with a Cloud function. # Display information of a Cloud function.
               "displayName": "A String", # Name of a Cloud function.
@@ -550,14 +547,11 @@ 
Method Details

           { # A simulated forwarding path is composed of multiple steps. Each step has a well-defined state and an associated configuration.
             "abort": { # Details of the final state "abort" and associated resource. # Display information of the final state "abort" and reason.
               "cause": "A String", # Causes that the analysis is aborted.
+              "projectsMissingPermission": [ # List of project IDs that the user has specified in the request but does not have permission to access network configs. Analysis is aborted in this case with the PERMISSION_DENIED cause.
+                "A String",
+              ],
               "resourceUri": "A String", # URI of the resource that caused the abort.
             },
-            "appEngineVersion": { # For display only. Metadata associated with an App Engine version. # Display information of an App Engine service version.
-              "displayName": "A String", # Name of an App Engine version.
-              "environment": "A String", # App Engine execution environment for a version.
-              "runtime": "A String", # Runtime of the App Engine version.
-              "uri": "A String", # URI of an App Engine version.
-            },
             "causesDrop": True or False, # This is a step that leads to the final state Drop.
             "cloudFunction": { # For display only. Metadata associated with a Cloud function. # Display information of a Cloud function.
               "displayName": "A String", # Name of a Cloud function.
@@ -765,7 +759,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -883,14 +877,11 @@ 
Method Details

               { # A simulated forwarding path is composed of multiple steps. Each step has a well-defined state and an associated configuration.
                 "abort": { # Details of the final state "abort" and associated resource. # Display information of the final state "abort" and reason.
                   "cause": "A String", # Causes that the analysis is aborted.
+                  "projectsMissingPermission": [ # List of project IDs that the user has specified in the request but does not have permission to access network configs. Analysis is aborted in this case with the PERMISSION_DENIED cause.
+                    "A String",
+                  ],
                   "resourceUri": "A String", # URI of the resource that caused the abort.
                 },
-                "appEngineVersion": { # For display only. Metadata associated with an App Engine version. # Display information of an App Engine service version.
-                  "displayName": "A String", # Name of an App Engine version.
-                  "environment": "A String", # App Engine execution environment for a version.
-                  "runtime": "A String", # Runtime of the App Engine version.
-                  "uri": "A String", # URI of an App Engine version.
-                },
                 "causesDrop": True or False, # This is a step that leads to the final state Drop.
                 "cloudFunction": { # For display only. Metadata associated with a Cloud function. # Display information of a Cloud function.
                   "displayName": "A String", # Name of a Cloud function.
@@ -1175,14 +1166,11 @@ 
Method Details

           { # A simulated forwarding path is composed of multiple steps. Each step has a well-defined state and an associated configuration.
             "abort": { # Details of the final state "abort" and associated resource. # Display information of the final state "abort" and reason.
               "cause": "A String", # Causes that the analysis is aborted.
+              "projectsMissingPermission": [ # List of project IDs that the user has specified in the request but does not have permission to access network configs. Analysis is aborted in this case with the PERMISSION_DENIED cause.
+                "A String",
+              ],
               "resourceUri": "A String", # URI of the resource that caused the abort.
             },
-            "appEngineVersion": { # For display only. Metadata associated with an App Engine version. # Display information of an App Engine service version.
-              "displayName": "A String", # Name of an App Engine version.
-              "environment": "A String", # App Engine execution environment for a version.
-              "runtime": "A String", # Runtime of the App Engine version.
-              "uri": "A String", # URI of an App Engine version.
-            },
             "causesDrop": True or False, # This is a step that leads to the final state Drop.
             "cloudFunction": { # For display only. Metadata associated with a Cloud function. # Display information of a Cloud function.
               "displayName": "A String", # Name of a Cloud function.
@@ -1455,7 +1443,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -1497,7 +1485,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/networkservices_v1.projects.locations.edgeCacheKeysets.html b/docs/dyn/networkservices_v1.projects.locations.edgeCacheKeysets.html
index 232a280825c..97d04fcfb62 100644
--- a/docs/dyn/networkservices_v1.projects.locations.edgeCacheKeysets.html
+++ b/docs/dyn/networkservices_v1.projects.locations.edgeCacheKeysets.html
@@ -129,7 +129,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -172,7 +172,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -214,7 +214,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/networkservices_v1.projects.locations.edgeCacheOrigins.html b/docs/dyn/networkservices_v1.projects.locations.edgeCacheOrigins.html
index d6fdbfbd5bd..9e5a09f7d21 100644
--- a/docs/dyn/networkservices_v1.projects.locations.edgeCacheOrigins.html
+++ b/docs/dyn/networkservices_v1.projects.locations.edgeCacheOrigins.html
@@ -129,7 +129,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -172,7 +172,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -214,7 +214,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/networkservices_v1.projects.locations.edgeCacheServices.html b/docs/dyn/networkservices_v1.projects.locations.edgeCacheServices.html
index 249cb480d97..fc1a08218b4 100644
--- a/docs/dyn/networkservices_v1.projects.locations.edgeCacheServices.html
+++ b/docs/dyn/networkservices_v1.projects.locations.edgeCacheServices.html
@@ -129,7 +129,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -172,7 +172,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -214,7 +214,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/networkservices_v1.projects.locations.endpointPolicies.html b/docs/dyn/networkservices_v1.projects.locations.endpointPolicies.html
index e289e72b41c..1d1604bf7a8 100644
--- a/docs/dyn/networkservices_v1.projects.locations.endpointPolicies.html
+++ b/docs/dyn/networkservices_v1.projects.locations.endpointPolicies.html
@@ -296,7 +296,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -474,7 +474,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -516,7 +516,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/networkservices_v1.projects.locations.gateways.html b/docs/dyn/networkservices_v1.projects.locations.gateways.html
index 815d0d5bbf2..f80acdd961c 100644
--- a/docs/dyn/networkservices_v1.projects.locations.gateways.html
+++ b/docs/dyn/networkservices_v1.projects.locations.gateways.html
@@ -270,7 +270,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -422,7 +422,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -464,7 +464,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/networkservices_v1.projects.locations.meshes.html b/docs/dyn/networkservices_v1.projects.locations.meshes.html
index 63d3b270ee8..1dacc7ed2b3 100644
--- a/docs/dyn/networkservices_v1.projects.locations.meshes.html
+++ b/docs/dyn/networkservices_v1.projects.locations.meshes.html
@@ -260,7 +260,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -402,7 +402,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -444,7 +444,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/networkservices_v1.projects.locations.serviceBindings.html b/docs/dyn/networkservices_v1.projects.locations.serviceBindings.html
index f15f81a012f..0567202525a 100644
--- a/docs/dyn/networkservices_v1.projects.locations.serviceBindings.html
+++ b/docs/dyn/networkservices_v1.projects.locations.serviceBindings.html
@@ -255,7 +255,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -345,7 +345,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -387,7 +387,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/networkservices_v1beta1.projects.locations.endpointPolicies.html b/docs/dyn/networkservices_v1beta1.projects.locations.endpointPolicies.html
index 2655fe80200..908706397da 100644
--- a/docs/dyn/networkservices_v1beta1.projects.locations.endpointPolicies.html
+++ b/docs/dyn/networkservices_v1beta1.projects.locations.endpointPolicies.html
@@ -296,7 +296,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -474,7 +474,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -516,7 +516,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/networkservices_v1beta1.projects.locations.gateways.html b/docs/dyn/networkservices_v1beta1.projects.locations.gateways.html
index 4815c009570..9d98a8e70d6 100644
--- a/docs/dyn/networkservices_v1beta1.projects.locations.gateways.html
+++ b/docs/dyn/networkservices_v1beta1.projects.locations.gateways.html
@@ -270,7 +270,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -422,7 +422,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -464,7 +464,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/networkservices_v1beta1.projects.locations.meshes.html b/docs/dyn/networkservices_v1beta1.projects.locations.meshes.html
index bc67666ad18..15e358f2763 100644
--- a/docs/dyn/networkservices_v1beta1.projects.locations.meshes.html
+++ b/docs/dyn/networkservices_v1beta1.projects.locations.meshes.html
@@ -260,7 +260,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -402,7 +402,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -444,7 +444,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/networkservices_v1beta1.projects.locations.serviceBindings.html b/docs/dyn/networkservices_v1beta1.projects.locations.serviceBindings.html
index 6720fb89d45..ebcdb06fe2b 100644
--- a/docs/dyn/networkservices_v1beta1.projects.locations.serviceBindings.html
+++ b/docs/dyn/networkservices_v1beta1.projects.locations.serviceBindings.html
@@ -255,7 +255,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -345,7 +345,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -387,7 +387,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/orgpolicy_v2.organizations.customConstraints.html b/docs/dyn/orgpolicy_v2.organizations.customConstraints.html
index 0de61cb45c9..4653505c46f 100644
--- a/docs/dyn/orgpolicy_v2.organizations.customConstraints.html
+++ b/docs/dyn/orgpolicy_v2.organizations.customConstraints.html
@@ -77,6 +77,21 @@ 
Instance Methods

 

   close()

 
Close httplib2 connections.

+

+  create(parent, body=None, x__xgafv=None)

+
Creates a CustomConstraint. Returns a `google.rpc.Status` with `google.rpc.Code.NOT_FOUND` if the organization does not exist. Returns a `google.rpc.Status` with `google.rpc.Code.ALREADY_EXISTS` if the constraint already exists on the given organization.

+

+  delete(name, x__xgafv=None)

+
Deletes a Custom Constraint. Returns a `google.rpc.Status` with `google.rpc.Code.NOT_FOUND` if the constraint does not exist.

+

+  get(name, x__xgafv=None)

+
Gets a CustomConstraint. Returns a `google.rpc.Status` with `google.rpc.Code.NOT_FOUND` if the CustomConstraint does not exist.

+

+  list(parent, pageSize=None, pageToken=None, x__xgafv=None)

+
Retrieves all of the `CustomConstraints` that exist on a particular organization resource.

+

+  list_next()

+
Retrieves the next page of results.

 

   patch(name, body=None, x__xgafv=None)

 
Updates a Custom Constraint. Returns a `google.rpc.Status` with `google.rpc.Code.NOT_FOUND` if the constraint does not exist. Note: the supplied policy will perform a full overwrite of all fields.

@@ -86,6 +101,149 @@ 
Method Details

   
Close httplib2 connections.

 

 
+

+    create(parent, body=None, x__xgafv=None)
+  
Creates a CustomConstraint. Returns a `google.rpc.Status` with `google.rpc.Code.NOT_FOUND` if the organization does not exist. Returns a `google.rpc.Status` with `google.rpc.Code.ALREADY_EXISTS` if the constraint already exists on the given organization.
+
+Args:
+  parent: string, Required. Must be in the following form: * `organizations/{organization_id}` (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # A custom constraint defined by customers which can *only* be applied to the given resource types and organization. By creating a custom constraint, customers can applied policies of this custom constraint. *Creating a custom constraint itself does NOT apply any policy enforcement*.
+  "actionType": "A String", # Allow or deny type.
+  "condition": "A String", # Org policy condition/expression. For example: `resource.instanceName.matches("[production|test]_.*_(\d)+")'` or, `resource.management.auto_upgrade == true`
+  "description": "A String", # Detailed information about this custom policy constraint.
+  "displayName": "A String", # One line display name for the UI.
+  "methodTypes": [ # All the operations being applied for this constraint.
+    "A String",
+  ],
+  "name": "A String", # Immutable. Name of the constraint. This is unique within the organization. Format of the name should be * `organizations/{organization_id}/customConstraints/{custom_constraint_id}` Example : "organizations/123/customConstraints/custom.createOnlyE2TypeVms"
+  "resourceTypes": [ # Immutable. The Resource Instance type on which this policy applies to. Format will be of the form : "/" Example: * `compute.googleapis.com/Instance`.
+    "A String",
+  ],
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A custom constraint defined by customers which can *only* be applied to the given resource types and organization. By creating a custom constraint, customers can applied policies of this custom constraint. *Creating a custom constraint itself does NOT apply any policy enforcement*.
+  "actionType": "A String", # Allow or deny type.
+  "condition": "A String", # Org policy condition/expression. For example: `resource.instanceName.matches("[production|test]_.*_(\d)+")'` or, `resource.management.auto_upgrade == true`
+  "description": "A String", # Detailed information about this custom policy constraint.
+  "displayName": "A String", # One line display name for the UI.
+  "methodTypes": [ # All the operations being applied for this constraint.
+    "A String",
+  ],
+  "name": "A String", # Immutable. Name of the constraint. This is unique within the organization. Format of the name should be * `organizations/{organization_id}/customConstraints/{custom_constraint_id}` Example : "organizations/123/customConstraints/custom.createOnlyE2TypeVms"
+  "resourceTypes": [ # Immutable. The Resource Instance type on which this policy applies to. Format will be of the form : "/" Example: * `compute.googleapis.com/Instance`.
+    "A String",
+  ],
+}

+

+
+

+    delete(name, x__xgafv=None)
+  
Deletes a Custom Constraint. Returns a `google.rpc.Status` with `google.rpc.Code.NOT_FOUND` if the constraint does not exist.
+
+Args:
+  name: string, Required. Name of the custom constraint to delete. See `CustomConstraint` for naming rules. (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }
+}

+

+
+

+    get(name, x__xgafv=None)
+  
Gets a CustomConstraint. Returns a `google.rpc.Status` with `google.rpc.Code.NOT_FOUND` if the CustomConstraint does not exist.
+
+Args:
+  name: string, Required. Resource name of the custom constraint. See `CustomConstraint` for naming requirements. (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A custom constraint defined by customers which can *only* be applied to the given resource types and organization. By creating a custom constraint, customers can applied policies of this custom constraint. *Creating a custom constraint itself does NOT apply any policy enforcement*.
+  "actionType": "A String", # Allow or deny type.
+  "condition": "A String", # Org policy condition/expression. For example: `resource.instanceName.matches("[production|test]_.*_(\d)+")'` or, `resource.management.auto_upgrade == true`
+  "description": "A String", # Detailed information about this custom policy constraint.
+  "displayName": "A String", # One line display name for the UI.
+  "methodTypes": [ # All the operations being applied for this constraint.
+    "A String",
+  ],
+  "name": "A String", # Immutable. Name of the constraint. This is unique within the organization. Format of the name should be * `organizations/{organization_id}/customConstraints/{custom_constraint_id}` Example : "organizations/123/customConstraints/custom.createOnlyE2TypeVms"
+  "resourceTypes": [ # Immutable. The Resource Instance type on which this policy applies to. Format will be of the form : "/" Example: * `compute.googleapis.com/Instance`.
+    "A String",
+  ],
+}

+

+
+

+    list(parent, pageSize=None, pageToken=None, x__xgafv=None)
+  
Retrieves all of the `CustomConstraints` that exist on a particular organization resource.
+
+Args:
+  parent: string, Required. The target Cloud resource that parents the set of custom constraints that will be returned from this call. Must be in one of the following forms: * `organizations/{organization_id}` (required)
+  pageSize: integer, Size of the pages to be returned. This is currently unsupported and will be ignored. The server may at any point start using this field to limit page size.
+  pageToken: string, Page token used to retrieve the next page. This is currently unsupported and will be ignored. The server may at any point start using this field.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # The response returned from the ListCustomConstraints method. It will be empty if no `CustomConstraints` are set on the organization resource.
+  "customConstraints": [ # All `CustomConstraints` that exist on the organization resource. It will be empty if no `CustomConstraints` are set.
+    { # A custom constraint defined by customers which can *only* be applied to the given resource types and organization. By creating a custom constraint, customers can applied policies of this custom constraint. *Creating a custom constraint itself does NOT apply any policy enforcement*.
+      "actionType": "A String", # Allow or deny type.
+      "condition": "A String", # Org policy condition/expression. For example: `resource.instanceName.matches("[production|test]_.*_(\d)+")'` or, `resource.management.auto_upgrade == true`
+      "description": "A String", # Detailed information about this custom policy constraint.
+      "displayName": "A String", # One line display name for the UI.
+      "methodTypes": [ # All the operations being applied for this constraint.
+        "A String",
+      ],
+      "name": "A String", # Immutable. Name of the constraint. This is unique within the organization. Format of the name should be * `organizations/{organization_id}/customConstraints/{custom_constraint_id}` Example : "organizations/123/customConstraints/custom.createOnlyE2TypeVms"
+      "resourceTypes": [ # Immutable. The Resource Instance type on which this policy applies to. Format will be of the form : "/" Example: * `compute.googleapis.com/Instance`.
+        "A String",
+      ],
+    },
+  ],
+  "nextPageToken": "A String", # Page token used to retrieve the next page. This is currently not used, but the server may at any point start supplying a valid token.
+}

+

+
+

+    list_next()
+  
Retrieves the next page of results.
+
+        Args:
+          previous_request: The request for the previous page. (required)
+          previous_response: The response from the request for the previous page. (required)
+
+        Returns:
+          A request object that you can call 'execute()' on to request the next
+          page. Returns None if there are no more items in the collection.
+        

+

+
 

     patch(name, body=None, x__xgafv=None)
   
Updates a Custom Constraint. Returns a `google.rpc.Status` with `google.rpc.Code.NOT_FOUND` if the constraint does not exist. Note: the supplied policy will perform a full overwrite of all fields.
diff --git a/docs/dyn/orgpolicy_v2.organizations.html b/docs/dyn/orgpolicy_v2.organizations.html
index 4fb358d0f59..6858cca3a5f 100644
--- a/docs/dyn/orgpolicy_v2.organizations.html
+++ b/docs/dyn/orgpolicy_v2.organizations.html
@@ -79,6 +79,11 @@ 
Instance Methods

 

 
Returns the constraints Resource.

 
+

+  customConstraints()
+

+
Returns the customConstraints Resource.

+
 

   policies()
 

diff --git a/docs/dyn/playintegrity_v1.v1.html b/docs/dyn/playintegrity_v1.v1.html
index c0dc4852abc..65479be0e86 100644
--- a/docs/dyn/playintegrity_v1.v1.html
+++ b/docs/dyn/playintegrity_v1.v1.html
@@ -110,6 +110,9 @@ 
Method Details

     { # Response containing the decoded integrity payload.
   "tokenPayloadExternal": { # Contains basic app information and integrity signals like device attestation and licensing details. # Plain token payload generated from the decoded integrity token.
     "accountDetails": { # Contains the account information such as the licensing status for the user in the scope. # Required. Details about the Play Store account.
+      "accountRiskVerdict": { # Contains information about account risk that indicates if the current user session seems low risk, unknown, or risky before you allow important actions to proceed. # Details about the account risk for the user in the scope. This feature is available only to selected developers.
+        "riskLevel": "A String", # Required. Indicates the account risk level of the current user session.
+      },
       "appLicensingVerdict": "A String", # Required. Details about the licensing status of the user for the app in the scope.
     },
     "appIntegrity": { # Contains the application integrity information. # Required. Details about the application integrity.
diff --git a/docs/dyn/retail_v2.projects.locations.catalogs.attributesConfig.html b/docs/dyn/retail_v2.projects.locations.catalogs.attributesConfig.html
index f7f3cc1ba63..297c1aab480 100644
--- a/docs/dyn/retail_v2.projects.locations.catalogs.attributesConfig.html
+++ b/docs/dyn/retail_v2.projects.locations.catalogs.attributesConfig.html
@@ -83,6 +83,9 @@ 
Instance Methods

 

   removeCatalogAttribute(attributesConfig, body=None, x__xgafv=None)

 
Removes the specified CatalogAttribute from the AttributesConfig. If the CatalogAttribute to remove does not exist, a NOT_FOUND error is returned.

+

+  replaceCatalogAttribute(attributesConfig, body=None, x__xgafv=None)

+
Replaces the specified CatalogAttribute in the AttributesConfig by updating the catalog attribute with the same CatalogAttribute.key. If the CatalogAttribute to replace does not exist, a NOT_FOUND error is returned.

 
Method Details

 

     addCatalogAttribute(attributesConfig, body=None, x__xgafv=None)
@@ -170,4 +173,49 @@ 
Method Details

 }

 

 
+

+    replaceCatalogAttribute(attributesConfig, body=None, x__xgafv=None)
+  
Replaces the specified CatalogAttribute in the AttributesConfig by updating the catalog attribute with the same CatalogAttribute.key. If the CatalogAttribute to replace does not exist, a NOT_FOUND error is returned.
+
+Args:
+  attributesConfig: string, Required. Full AttributesConfig resource name. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/attributesConfig` (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request for CatalogService.ReplaceCatalogAttribute method.
+  "catalogAttribute": { # Catalog level attribute config for an attribute. For example, if customers want to enable/disable facet for a specific attribute. # Required. The updated CatalogAttribute.
+    "dynamicFacetableOption": "A String", # If DYNAMIC_FACETABLE_ENABLED, attribute values are available for dynamic facet. Could only be DYNAMIC_FACETABLE_DISABLED if CatalogAttribute.indexable_option is INDEXABLE_DISABLED. Otherwise, an INVALID_ARGUMENT error is returned.
+    "inUse": True or False, # Output only. Indicates whether this attribute has been used by any products. `True` if at least one Product is using this attribute in Product.attributes. Otherwise, this field is `False`. CatalogAttribute can be pre-loaded by using CatalogService.AddCatalogAttribute, CatalogService.ImportCatalogAttributes, or CatalogService.UpdateAttributesConfig APIs. This field is `False` for pre-loaded CatalogAttributes. Only pre-loaded CatalogAttributes that are neither in use by products nor predefined can be deleted. CatalogAttributes that are either in use by products or are predefined cannot be deleted; however, their configuration properties will reset to default values upon removal request. After catalog changes, it takes about 10 minutes for this field to update.
+    "indexableOption": "A String", # When AttributesConfig.attribute_config_level is CATALOG_LEVEL_ATTRIBUTE_CONFIG, if INDEXABLE_ENABLED attribute values are indexed so that it can be filtered, faceted, or boosted in SearchService.Search.
+    "key": "A String", # Required. Attribute name. For example: `color`, `brands`, `attributes.custom_attribute`, such as `attributes.xyz`. To be indexable, the attribute name can contain only alpha-numeric characters and underscores. For example, an attribute named `attributes.abc_xyz` can be indexed, but an attribute named `attributes.abc-xyz` cannot be indexed.
+    "searchableOption": "A String", # When AttributesConfig.attribute_config_level is CATALOG_LEVEL_ATTRIBUTE_CONFIG, if SEARCHABLE_ENABLED, attribute values are searchable by text queries in SearchService.Search. If SEARCHABLE_ENABLED but attribute type is numerical, attribute values will not be searchable by text queries in SearchService.Search, as there are no text values associated to numerical attributes.
+    "type": "A String", # Output only. The type of this attribute. This is derived from the attribute in Product.attributes.
+  },
+  "updateMask": "A String", # Indicates which fields in the provided CatalogAttribute to update. The following are NOT supported: * CatalogAttribute.key If not set, all supported fields are updated.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Catalog level attribute config.
+  "attributeConfigLevel": "A String", # Output only. The AttributeConfigLevel used for this catalog.
+  "catalogAttributes": { # Enable attribute(s) config at catalog level. For example, indexable, dynamic_facetable, or searchable for each attribute. The key is catalog attribute's name. For example: `color`, `brands`, `attributes.custom_attribute`, such as `attributes.xyz`. The maximum number of catalog attributes allowed in a request is 1000.
+    "a_key": { # Catalog level attribute config for an attribute. For example, if customers want to enable/disable facet for a specific attribute.
+      "dynamicFacetableOption": "A String", # If DYNAMIC_FACETABLE_ENABLED, attribute values are available for dynamic facet. Could only be DYNAMIC_FACETABLE_DISABLED if CatalogAttribute.indexable_option is INDEXABLE_DISABLED. Otherwise, an INVALID_ARGUMENT error is returned.
+      "inUse": True or False, # Output only. Indicates whether this attribute has been used by any products. `True` if at least one Product is using this attribute in Product.attributes. Otherwise, this field is `False`. CatalogAttribute can be pre-loaded by using CatalogService.AddCatalogAttribute, CatalogService.ImportCatalogAttributes, or CatalogService.UpdateAttributesConfig APIs. This field is `False` for pre-loaded CatalogAttributes. Only pre-loaded CatalogAttributes that are neither in use by products nor predefined can be deleted. CatalogAttributes that are either in use by products or are predefined cannot be deleted; however, their configuration properties will reset to default values upon removal request. After catalog changes, it takes about 10 minutes for this field to update.
+      "indexableOption": "A String", # When AttributesConfig.attribute_config_level is CATALOG_LEVEL_ATTRIBUTE_CONFIG, if INDEXABLE_ENABLED attribute values are indexed so that it can be filtered, faceted, or boosted in SearchService.Search.
+      "key": "A String", # Required. Attribute name. For example: `color`, `brands`, `attributes.custom_attribute`, such as `attributes.xyz`. To be indexable, the attribute name can contain only alpha-numeric characters and underscores. For example, an attribute named `attributes.abc_xyz` can be indexed, but an attribute named `attributes.abc-xyz` cannot be indexed.
+      "searchableOption": "A String", # When AttributesConfig.attribute_config_level is CATALOG_LEVEL_ATTRIBUTE_CONFIG, if SEARCHABLE_ENABLED, attribute values are searchable by text queries in SearchService.Search. If SEARCHABLE_ENABLED but attribute type is numerical, attribute values will not be searchable by text queries in SearchService.Search, as there are no text values associated to numerical attributes.
+      "type": "A String", # Output only. The type of this attribute. This is derived from the attribute in Product.attributes.
+    },
+  },
+  "name": "A String", # Required. Immutable. The fully qualified resource name of the attribute config. Format: `projects/*/locations/*/catalogs/*/attributesConfig`
+}

+

+
 
\ No newline at end of file
diff --git a/docs/dyn/retail_v2.projects.locations.catalogs.branches.products.html b/docs/dyn/retail_v2.projects.locations.catalogs.branches.products.html
index c220e41cca9..42447e1d93b 100644
--- a/docs/dyn/retail_v2.projects.locations.catalogs.branches.products.html
+++ b/docs/dyn/retail_v2.projects.locations.catalogs.branches.products.html
@@ -76,10 +76,10 @@ 
Retail API . 
 
Instance Methods

 

   addFulfillmentPlaces(product, body=None, x__xgafv=None)

-
Incrementally adds place IDs to Product.fulfillment_info.place_ids. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, the added place IDs are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.

+
Incrementally adds place IDs to Product.fulfillment_info.place_ids. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, the added place IDs are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. The returned Operations will be obsolete after 1 day, and GetOperation API will return NOT_FOUND afterwards. If conflicting updates are issued, the Operations associated with the stale updates will not be marked as done until being obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.

 

   addLocalInventories(product, body=None, x__xgafv=None)

-
Updates local inventory information for a Product at a list of places, while respecting the last update timestamps of each inventory field. This process is asynchronous and does not require the Product to exist before updating inventory information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, updates are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. Local inventory information can only be modified using this method. ProductService.CreateProduct and ProductService.UpdateProduct has no effect on local inventories. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.

+
Updates local inventory information for a Product at a list of places, while respecting the last update timestamps of each inventory field. This process is asynchronous and does not require the Product to exist before updating inventory information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, updates are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. Local inventory information can only be modified using this method. ProductService.CreateProduct and ProductService.UpdateProduct has no effect on local inventories. The returned Operations will be obsolete after 1 day, and GetOperation API will return NOT_FOUND afterwards. If conflicting updates are issued, the Operations associated with the stale updates will not be marked as done until being obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.

 

   close()

 
Close httplib2 connections.

@@ -106,17 +106,17 @@ 
Instance Methods

 
Updates a Product.

 

   removeFulfillmentPlaces(product, body=None, x__xgafv=None)

-
Incrementally removes place IDs from a Product.fulfillment_info.place_ids. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, the removed place IDs are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.

+
Incrementally removes place IDs from a Product.fulfillment_info.place_ids. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, the removed place IDs are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. The returned Operations will be obsolete after 1 day, and GetOperation API will return NOT_FOUND afterwards. If conflicting updates are issued, the Operations associated with the stale updates will not be marked as done until being obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.

 

   removeLocalInventories(product, body=None, x__xgafv=None)

-
Remove local inventory information for a Product at a list of places at a removal timestamp. This process is asynchronous. If the request is valid, the removal will be enqueued and processed downstream. As a consequence, when a response is returned, removals are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. Local inventory information can only be removed using this method. ProductService.CreateProduct and ProductService.UpdateProduct has no effect on local inventories. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.

+
Remove local inventory information for a Product at a list of places at a removal timestamp. This process is asynchronous. If the request is valid, the removal will be enqueued and processed downstream. As a consequence, when a response is returned, removals are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. Local inventory information can only be removed using this method. ProductService.CreateProduct and ProductService.UpdateProduct has no effect on local inventories. The returned Operations will be obsolete after 1 day, and GetOperation API will return NOT_FOUND afterwards. If conflicting updates are issued, the Operations associated with the stale updates will not be marked as done until being obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.

 

   setInventory(name, body=None, x__xgafv=None)

-
Updates inventory information for a Product while respecting the last update timestamps of each inventory field. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, updates are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. When inventory is updated with ProductService.CreateProduct and ProductService.UpdateProduct, the specified inventory field value(s) will overwrite any existing value(s) while ignoring the last update time for this field. Furthermore, the last update time for the specified inventory fields will be overwritten to the time of the ProductService.CreateProduct or ProductService.UpdateProduct request. If no inventory fields are set in CreateProductRequest.product, then any pre-existing inventory information for this product will be used. If no inventory fields are set in SetInventoryRequest.set_mask, then any existing inventory information will be preserved. Pre-existing inventory information can only be updated with ProductService.SetInventory, ProductService.AddFulfillmentPlaces, and ProductService.RemoveFulfillmentPlaces. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.

+
Updates inventory information for a Product while respecting the last update timestamps of each inventory field. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update is enqueued and processed downstream. As a consequence, when a response is returned, updates are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. When inventory is updated with ProductService.CreateProduct and ProductService.UpdateProduct, the specified inventory field value(s) overwrite any existing value(s) while ignoring the last update time for this field. Furthermore, the last update times for the specified inventory fields are overwritten by the times of the ProductService.CreateProduct or ProductService.UpdateProduct request. If no inventory fields are set in CreateProductRequest.product, then any pre-existing inventory information for this product is used. If no inventory fields are set in SetInventoryRequest.set_mask, then any existing inventory information is preserved. Pre-existing inventory information can only be updated with ProductService.SetInventory, ProductService.AddFulfillmentPlaces, and ProductService.RemoveFulfillmentPlaces. The returned Operations is obsolete after one day, and the GetOperation API returns `NOT_FOUND` afterwards. If conflicting updates are issued, the Operations associated with the stale updates are not marked as done until they are obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.

 
Method Details

 

     addFulfillmentPlaces(product, body=None, x__xgafv=None)
-  
Incrementally adds place IDs to Product.fulfillment_info.place_ids. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, the added place IDs are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.
+  
Incrementally adds place IDs to Product.fulfillment_info.place_ids. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, the added place IDs are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. The returned Operations will be obsolete after 1 day, and GetOperation API will return NOT_FOUND afterwards. If conflicting updates are issued, the Operations associated with the stale updates will not be marked as done until being obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.
 
 Args:
   product: string, Required. Full resource name of Product, such as `projects/*/locations/global/catalogs/default_catalog/branches/default_branch/products/some_product_id`. If the caller does not have permission to access the Product, regardless of whether or not it exists, a PERMISSION_DENIED error is returned. (required)
@@ -163,7 +163,7 @@ 
Method Details

 
 

     addLocalInventories(product, body=None, x__xgafv=None)
-  
Updates local inventory information for a Product at a list of places, while respecting the last update timestamps of each inventory field. This process is asynchronous and does not require the Product to exist before updating inventory information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, updates are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. Local inventory information can only be modified using this method. ProductService.CreateProduct and ProductService.UpdateProduct has no effect on local inventories. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.
+  
Updates local inventory information for a Product at a list of places, while respecting the last update timestamps of each inventory field. This process is asynchronous and does not require the Product to exist before updating inventory information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, updates are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. Local inventory information can only be modified using this method. ProductService.CreateProduct and ProductService.UpdateProduct has no effect on local inventories. The returned Operations will be obsolete after 1 day, and GetOperation API will return NOT_FOUND afterwards. If conflicting updates are issued, the Operations associated with the stale updates will not be marked as done until being obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.
 
 Args:
   product: string, Required. Full resource name of Product, such as `projects/*/locations/global/catalogs/default_catalog/branches/default_branch/products/some_product_id`. If the caller does not have permission to access the Product, regardless of whether or not it exists, a PERMISSION_DENIED error is returned. (required)
@@ -288,7 +288,7 @@ 
Method Details

   "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
     "A String",
   ],
-  "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+  "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
     "A String",
   ],
   "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -325,6 +325,48 @@ 
Method Details

     },
   ],
   "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+  "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+    { # The inventory information at a place (e.g. a store) identified by a place ID.
+      "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+        "a_key": { # A custom attribute that is not explicitly modeled in Product.
+          "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+          "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+            3.14,
+          ],
+          "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+          "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+            "A String",
+          ],
+        },
+      },
+      "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+        "A String",
+      ],
+      "placeId": "A String", # The place ID for the current set of inventory information.
+      "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+        "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+        "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+        "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+        "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+        "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+        "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+        "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+          "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+            "exclusiveMaximum": 3.14, # Exclusive upper bound.
+            "exclusiveMinimum": 3.14, # Exclusive lower bound.
+            "maximum": 3.14, # Inclusive upper bound.
+            "minimum": 3.14, # Inclusive lower bound.
+          },
+          "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+            "exclusiveMaximum": 3.14, # Exclusive upper bound.
+            "exclusiveMinimum": 3.14, # Exclusive lower bound.
+            "maximum": 3.14, # Inclusive upper bound.
+            "minimum": 3.14, # Inclusive lower bound.
+          },
+        },
+      },
+    },
+  ],
   "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
     "A String",
   ],
@@ -420,7 +462,7 @@ 
Method Details

   "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
     "A String",
   ],
-  "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+  "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
     "A String",
   ],
   "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -457,6 +499,48 @@ 
Method Details

     },
   ],
   "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+  "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+    { # The inventory information at a place (e.g. a store) identified by a place ID.
+      "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+        "a_key": { # A custom attribute that is not explicitly modeled in Product.
+          "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+          "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+            3.14,
+          ],
+          "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+          "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+            "A String",
+          ],
+        },
+      },
+      "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+        "A String",
+      ],
+      "placeId": "A String", # The place ID for the current set of inventory information.
+      "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+        "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+        "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+        "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+        "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+        "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+        "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+        "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+          "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+            "exclusiveMaximum": 3.14, # Exclusive upper bound.
+            "exclusiveMinimum": 3.14, # Exclusive lower bound.
+            "maximum": 3.14, # Inclusive upper bound.
+            "minimum": 3.14, # Inclusive lower bound.
+          },
+          "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+            "exclusiveMaximum": 3.14, # Exclusive upper bound.
+            "exclusiveMinimum": 3.14, # Exclusive lower bound.
+            "maximum": 3.14, # Inclusive upper bound.
+            "minimum": 3.14, # Inclusive lower bound.
+          },
+        },
+      },
+    },
+  ],
   "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
     "A String",
   ],
@@ -576,7 +660,7 @@ 
Method Details

   "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
     "A String",
   ],
-  "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+  "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
     "A String",
   ],
   "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -613,6 +697,48 @@ 
Method Details

     },
   ],
   "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+  "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+    { # The inventory information at a place (e.g. a store) identified by a place ID.
+      "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+        "a_key": { # A custom attribute that is not explicitly modeled in Product.
+          "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+          "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+            3.14,
+          ],
+          "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+          "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+            "A String",
+          ],
+        },
+      },
+      "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+        "A String",
+      ],
+      "placeId": "A String", # The place ID for the current set of inventory information.
+      "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+        "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+        "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+        "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+        "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+        "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+        "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+        "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+          "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+            "exclusiveMaximum": 3.14, # Exclusive upper bound.
+            "exclusiveMinimum": 3.14, # Exclusive lower bound.
+            "maximum": 3.14, # Inclusive upper bound.
+            "minimum": 3.14, # Inclusive lower bound.
+          },
+          "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+            "exclusiveMaximum": 3.14, # Exclusive upper bound.
+            "exclusiveMinimum": 3.14, # Exclusive lower bound.
+            "maximum": 3.14, # Inclusive upper bound.
+            "minimum": 3.14, # Inclusive lower bound.
+          },
+        },
+      },
+    },
+  ],
   "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
     "A String",
   ],
@@ -684,7 +810,7 @@ 
Method Details

 
 { # Request message for Import methods.
   "errorsConfig": { # Configuration of destination for Import related errors. # The desired location of errors incurred during the Import.
-    "gcsPrefix": "A String", # Google Cloud Storage prefix for import errors. This must be an empty, existing Cloud Storage directory. Import errors will be written to sharded files in this directory, one per line, as a JSON-encoded `google.rpc.Status` message.
+    "gcsPrefix": "A String", # Google Cloud Storage prefix for import errors. This must be an empty, existing Cloud Storage directory. Import errors are written to sharded files in this directory, one per line, as a JSON-encoded `google.rpc.Status` message.
   },
   "inputConfig": { # The input config source for products. # Required. The desired input location of the data.
     "bigQuerySource": { # BigQuery source import data from. # BigQuery input source.
@@ -699,8 +825,8 @@ 
Method Details

       "projectId": "A String", # The project ID (can be project # or ID) that the BigQuery source is in with a length limit of 128 characters. If not specified, inherits the project ID from the parent request.
       "tableId": "A String", # Required. The BigQuery table to copy the data from with a length limit of 1,024 characters.
     },
-    "gcsSource": { # Google Cloud Storage location for input content. format. # Google Cloud Storage location for the input content.
-      "dataSchema": "A String", # The schema to use when parsing the data from the source. Supported values for product imports: * `product` (default): One JSON Product per line. Each product must have a valid Product.id. * `product_merchant_center`: See [Importing catalog data from Merchant Center](https://cloud.google.com/retail/recommendations-ai/docs/upload-catalog#mc). Supported values for user events imports: * `user_event` (default): One JSON UserEvent per line. * `user_event_ga360`: Using https://support.google.com/analytics/answer/3437719. Supported values for control imports: * 'control' (default): One JSON Control per line. Supported values for catalog attribute imports: * 'catalog_attribute' (default): One CSV CatalogAttribute per line.
+    "gcsSource": { # Google Cloud Storage location for input content. # Google Cloud Storage location for the input content.
+      "dataSchema": "A String", # The schema to use when parsing the data from the source. Supported values for product imports: * `product` (default): One JSON Product per line. Each product must have a valid Product.id. * `product_merchant_center`: See [Importing catalog data from Merchant Center](https://cloud.google.com/retail/recommendations-ai/docs/upload-catalog#mc). Supported values for user events imports: * `user_event` (default): One JSON UserEvent per line. * `user_event_ga360`: Using https://support.google.com/analytics/answer/3437719. Supported values for control imports: * `control` (default): One JSON Control per line. Supported values for catalog attribute imports: * `catalog_attribute` (default): One CSV CatalogAttribute per line.
       "inputUris": [ # Required. Google Cloud Storage URIs to input files. URI can be up to 2000 characters long. URIs can match the full object path (for example, `gs://bucket/directory/object.json`) or a pattern matching one or more files, such as `gs://bucket/directory/*.json`. A request can contain at most 100 files, and each file can be up to 2 GB. See [Importing product information](https://cloud.google.com/retail/recommendations-ai/docs/upload-catalog) for the expected file format and setup instructions.
         "A String",
       ],
@@ -734,7 +860,7 @@ 
Method Details

           "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
             "A String",
           ],
-          "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+          "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
             "A String",
           ],
           "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -771,6 +897,48 @@ 
Method Details

             },
           ],
           "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+          "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+            { # The inventory information at a place (e.g. a store) identified by a place ID.
+              "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+                "a_key": { # A custom attribute that is not explicitly modeled in Product.
+                  "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+                  "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                    3.14,
+                  ],
+                  "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+                  "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                    "A String",
+                  ],
+                },
+              },
+              "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+                "A String",
+              ],
+              "placeId": "A String", # The place ID for the current set of inventory information.
+              "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+                "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+                "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+                "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+                "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+                "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+                "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+                "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+                  "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+                    "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                    "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                    "maximum": 3.14, # Inclusive upper bound.
+                    "minimum": 3.14, # Inclusive lower bound.
+                  },
+                  "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+                    "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                    "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                    "maximum": 3.14, # Inclusive upper bound.
+                    "minimum": 3.14, # Inclusive lower bound.
+                  },
+                },
+              },
+            },
+          ],
           "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
             "A String",
           ],
@@ -832,10 +1000,10 @@ 
Method Details

       ],
     },
   },
-  "notificationPubsubTopic": "A String", # Full Pub/Sub topic name for receiving notification. If this field is set, when the import is finished, a notification will be sent to specified Pub/Sub topic. The message data will be JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`. It has to be within the same project as ImportProductsRequest.parent. Make sure that `service-@gcp-sa-retail.iam.gserviceaccount.com` has the `pubsub.topics.publish` IAM permission on the topic.
+  "notificationPubsubTopic": "A String", # Full Pub/Sub topic name for receiving notification. If this field is set, when the import is finished, a notification is sent to specified Pub/Sub topic. The message data is JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`. It has to be within the same project as ImportProductsRequest.parent. Make sure that `service-@gcp-sa-retail.iam.gserviceaccount.com` has the `pubsub.topics.publish` IAM permission on the topic.
   "reconciliationMode": "A String", # The mode of reconciliation between existing products and the products to be imported. Defaults to ReconciliationMode.INCREMENTAL.
   "requestId": "A String", # Deprecated. This field has no effect.
-  "updateMask": "A String", # Indicates which fields in the provided imported 'products' to update. If not set, will by default update all fields.
+  "updateMask": "A String", # Indicates which fields in the provided imported `products` to update. If not set, all fields are updated.
 }
 
   x__xgafv: string, V1 error format.
@@ -915,7 +1083,7 @@ 
Method Details

       "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
         "A String",
       ],
-      "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+      "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
         "A String",
       ],
       "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -952,6 +1120,48 @@ 
Method Details

         },
       ],
       "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+      "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+        { # The inventory information at a place (e.g. a store) identified by a place ID.
+          "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+            "a_key": { # A custom attribute that is not explicitly modeled in Product.
+              "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+              "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                3.14,
+              ],
+              "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+              "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                "A String",
+              ],
+            },
+          },
+          "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+            "A String",
+          ],
+          "placeId": "A String", # The place ID for the current set of inventory information.
+          "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+            "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+            "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+            "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+            "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+            "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+            "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+            "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+              "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+                "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                "maximum": 3.14, # Inclusive upper bound.
+                "minimum": 3.14, # Inclusive lower bound.
+              },
+              "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+                "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                "maximum": 3.14, # Inclusive upper bound.
+                "minimum": 3.14, # Inclusive lower bound.
+              },
+            },
+          },
+        },
+      ],
       "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
         "A String",
       ],
@@ -1064,7 +1274,7 @@ 
Method Details

   "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
     "A String",
   ],
-  "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+  "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
     "A String",
   ],
   "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -1101,6 +1311,48 @@ 
Method Details

     },
   ],
   "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+  "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+    { # The inventory information at a place (e.g. a store) identified by a place ID.
+      "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+        "a_key": { # A custom attribute that is not explicitly modeled in Product.
+          "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+          "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+            3.14,
+          ],
+          "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+          "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+            "A String",
+          ],
+        },
+      },
+      "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+        "A String",
+      ],
+      "placeId": "A String", # The place ID for the current set of inventory information.
+      "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+        "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+        "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+        "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+        "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+        "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+        "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+        "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+          "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+            "exclusiveMaximum": 3.14, # Exclusive upper bound.
+            "exclusiveMinimum": 3.14, # Exclusive lower bound.
+            "maximum": 3.14, # Inclusive upper bound.
+            "minimum": 3.14, # Inclusive lower bound.
+          },
+          "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+            "exclusiveMaximum": 3.14, # Exclusive upper bound.
+            "exclusiveMinimum": 3.14, # Exclusive lower bound.
+            "maximum": 3.14, # Inclusive upper bound.
+            "minimum": 3.14, # Inclusive lower bound.
+          },
+        },
+      },
+    },
+  ],
   "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
     "A String",
   ],
@@ -1197,7 +1449,7 @@ 
Method Details

   "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
     "A String",
   ],
-  "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+  "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
     "A String",
   ],
   "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -1234,6 +1486,48 @@ 
Method Details

     },
   ],
   "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+  "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+    { # The inventory information at a place (e.g. a store) identified by a place ID.
+      "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+        "a_key": { # A custom attribute that is not explicitly modeled in Product.
+          "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+          "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+            3.14,
+          ],
+          "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+          "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+            "A String",
+          ],
+        },
+      },
+      "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+        "A String",
+      ],
+      "placeId": "A String", # The place ID for the current set of inventory information.
+      "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+        "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+        "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+        "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+        "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+        "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+        "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+        "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+          "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+            "exclusiveMaximum": 3.14, # Exclusive upper bound.
+            "exclusiveMinimum": 3.14, # Exclusive lower bound.
+            "maximum": 3.14, # Inclusive upper bound.
+            "minimum": 3.14, # Inclusive lower bound.
+          },
+          "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+            "exclusiveMaximum": 3.14, # Exclusive upper bound.
+            "exclusiveMinimum": 3.14, # Exclusive lower bound.
+            "maximum": 3.14, # Inclusive upper bound.
+            "minimum": 3.14, # Inclusive lower bound.
+          },
+        },
+      },
+    },
+  ],
   "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
     "A String",
   ],
@@ -1296,7 +1590,7 @@ 
Method Details

 
 

     removeFulfillmentPlaces(product, body=None, x__xgafv=None)
-  
Incrementally removes place IDs from a Product.fulfillment_info.place_ids. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, the removed place IDs are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.
+  
Incrementally removes place IDs from a Product.fulfillment_info.place_ids. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, the removed place IDs are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. The returned Operations will be obsolete after 1 day, and GetOperation API will return NOT_FOUND afterwards. If conflicting updates are issued, the Operations associated with the stale updates will not be marked as done until being obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.
 
 Args:
   product: string, Required. Full resource name of Product, such as `projects/*/locations/global/catalogs/default_catalog/branches/default_branch/products/some_product_id`. If the caller does not have permission to access the Product, regardless of whether or not it exists, a PERMISSION_DENIED error is returned. (required)
@@ -1343,7 +1637,7 @@ 
Method Details

 
 

     removeLocalInventories(product, body=None, x__xgafv=None)
-  
Remove local inventory information for a Product at a list of places at a removal timestamp. This process is asynchronous. If the request is valid, the removal will be enqueued and processed downstream. As a consequence, when a response is returned, removals are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. Local inventory information can only be removed using this method. ProductService.CreateProduct and ProductService.UpdateProduct has no effect on local inventories. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.
+  
Remove local inventory information for a Product at a list of places at a removal timestamp. This process is asynchronous. If the request is valid, the removal will be enqueued and processed downstream. As a consequence, when a response is returned, removals are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. Local inventory information can only be removed using this method. ProductService.CreateProduct and ProductService.UpdateProduct has no effect on local inventories. The returned Operations will be obsolete after 1 day, and GetOperation API will return NOT_FOUND afterwards. If conflicting updates are issued, the Operations associated with the stale updates will not be marked as done until being obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.
 
 Args:
   product: string, Required. Full resource name of Product, such as `projects/*/locations/global/catalogs/default_catalog/branches/default_branch/products/some_product_id`. If the caller does not have permission to access the Product, regardless of whether or not it exists, a PERMISSION_DENIED error is returned. (required)
@@ -1389,7 +1683,7 @@ 
Method Details

 
 

     setInventory(name, body=None, x__xgafv=None)
-  
Updates inventory information for a Product while respecting the last update timestamps of each inventory field. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, updates are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. When inventory is updated with ProductService.CreateProduct and ProductService.UpdateProduct, the specified inventory field value(s) will overwrite any existing value(s) while ignoring the last update time for this field. Furthermore, the last update time for the specified inventory fields will be overwritten to the time of the ProductService.CreateProduct or ProductService.UpdateProduct request. If no inventory fields are set in CreateProductRequest.product, then any pre-existing inventory information for this product will be used. If no inventory fields are set in SetInventoryRequest.set_mask, then any existing inventory information will be preserved. Pre-existing inventory information can only be updated with ProductService.SetInventory, ProductService.AddFulfillmentPlaces, and ProductService.RemoveFulfillmentPlaces. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.
+  
Updates inventory information for a Product while respecting the last update timestamps of each inventory field. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update is enqueued and processed downstream. As a consequence, when a response is returned, updates are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. When inventory is updated with ProductService.CreateProduct and ProductService.UpdateProduct, the specified inventory field value(s) overwrite any existing value(s) while ignoring the last update time for this field. Furthermore, the last update times for the specified inventory fields are overwritten by the times of the ProductService.CreateProduct or ProductService.UpdateProduct request. If no inventory fields are set in CreateProductRequest.product, then any pre-existing inventory information for this product is used. If no inventory fields are set in SetInventoryRequest.set_mask, then any existing inventory information is preserved. Pre-existing inventory information can only be updated with ProductService.SetInventory, ProductService.AddFulfillmentPlaces, and ProductService.RemoveFulfillmentPlaces. The returned Operations is obsolete after one day, and the GetOperation API returns `NOT_FOUND` afterwards. If conflicting updates are issued, the Operations associated with the stale updates are not marked as done until they are obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.
 
 Args:
   name: string, Immutable. Full resource name of the product, such as `projects/*/locations/global/catalogs/default_catalog/branches/default_branch/products/product_id`. (required)
@@ -1425,7 +1719,7 @@ 
Method Details

     "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
       "A String",
     ],
-    "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+    "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
       "A String",
     ],
     "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -1462,6 +1756,48 @@ 
Method Details

       },
     ],
     "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+    "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+      { # The inventory information at a place (e.g. a store) identified by a place ID.
+        "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+          "a_key": { # A custom attribute that is not explicitly modeled in Product.
+            "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+            "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+              3.14,
+            ],
+            "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+            "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+              "A String",
+            ],
+          },
+        },
+        "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+          "A String",
+        ],
+        "placeId": "A String", # The place ID for the current set of inventory information.
+        "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+          "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+          "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+          "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+          "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+          "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+          "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+          "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+            "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+              "exclusiveMaximum": 3.14, # Exclusive upper bound.
+              "exclusiveMinimum": 3.14, # Exclusive lower bound.
+              "maximum": 3.14, # Inclusive upper bound.
+              "minimum": 3.14, # Inclusive lower bound.
+            },
+            "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+              "exclusiveMaximum": 3.14, # Exclusive upper bound.
+              "exclusiveMinimum": 3.14, # Exclusive lower bound.
+              "maximum": 3.14, # Inclusive upper bound.
+              "minimum": 3.14, # Inclusive lower bound.
+            },
+          },
+        },
+      },
+    ],
     "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
       "A String",
     ],
diff --git a/docs/dyn/retail_v2.projects.locations.catalogs.completionData.html b/docs/dyn/retail_v2.projects.locations.catalogs.completionData.html
index cc977c77130..2d5efc8361f 100644
--- a/docs/dyn/retail_v2.projects.locations.catalogs.completionData.html
+++ b/docs/dyn/retail_v2.projects.locations.catalogs.completionData.html
@@ -79,7 +79,7 @@ 
Instance Methods

 
Close httplib2 connections.

 

   import_(parent, body=None, x__xgafv=None)

-
Bulk import of processed completion dataset. Request processing is asynchronous. Partial updating is not supported. The operation is successfully finished only after the imported suggestions are indexed successfully and ready for serving. The process takes hours. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.

+
Bulk import of processed completion dataset. Request processing is asynchronous. Partial updating is not supported. The operation is successfully finished only after the imported suggestions are indexed successfully and ready for serving. The process takes hours. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.

 
Method Details

 

     close()
@@ -88,7 +88,7 @@ 
Method Details

 
 

     import_(parent, body=None, x__xgafv=None)
-  
Bulk import of processed completion dataset. Request processing is asynchronous. Partial updating is not supported. The operation is successfully finished only after the imported suggestions are indexed successfully and ready for serving. The process takes hours. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.
+  
Bulk import of processed completion dataset. Request processing is asynchronous. Partial updating is not supported. The operation is successfully finished only after the imported suggestions are indexed successfully and ready for serving. The process takes hours. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.
 
 Args:
   parent: string, Required. The catalog which the suggestions dataset belongs to. Format: `projects/1234/locations/global/catalogs/default_catalog`. (required)
@@ -110,7 +110,7 @@ 
Method Details

       "tableId": "A String", # Required. The BigQuery table to copy the data from with a length limit of 1,024 characters.
     },
   },
-  "notificationPubsubTopic": "A String", # Pub/Sub topic for receiving notification. If this field is set, when the import is finished, a notification will be sent to specified Pub/Sub topic. The message data will be JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`.
+  "notificationPubsubTopic": "A String", # Pub/Sub topic for receiving notification. If this field is set, when the import is finished, a notification is sent to specified Pub/Sub topic. The message data is JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`.
 }
 
   x__xgafv: string, V1 error format.
diff --git a/docs/dyn/retail_v2.projects.locations.catalogs.controls.html b/docs/dyn/retail_v2.projects.locations.catalogs.controls.html
new file mode 100644
index 00000000000..f35bc486ace
--- /dev/null
+++ b/docs/dyn/retail_v2.projects.locations.catalogs.controls.html
@@ -0,0 +1,686 @@
+
+
+
+
Retail API . projects . locations . catalogs . controls

+
Instance Methods

+

+  close()

+
Close httplib2 connections.

+

+  create(parent, body=None, controlId=None, x__xgafv=None)

+
Creates a Control. If the Control to create already exists, an ALREADY_EXISTS error is returned.

+

+  delete(name, x__xgafv=None)

+
Deletes a Control. If the Control to delete does not exist, a NOT_FOUND error is returned.

+

+  get(name, x__xgafv=None)

+
Gets a Control.

+

+  list(parent, filter=None, pageSize=None, pageToken=None, x__xgafv=None)

+
Lists all Controls by their parent Catalog.

+

+  list_next()

+
Retrieves the next page of results.

+

+  patch(name, body=None, updateMask=None, x__xgafv=None)

+
Updates a Control. Control cannot be set to a different oneof field, if so an INVALID_ARGUMENT is returned. If the Control to update does not exist, a NOT_FOUND error is returned.

+
Method Details

+

+    close()
+  
Close httplib2 connections.

+

+
+

+    create(parent, body=None, controlId=None, x__xgafv=None)
+  
Creates a Control. If the Control to create already exists, an ALREADY_EXISTS error is returned.
+
+Args:
+  parent: string, Required. Full resource name of parent catalog. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}` (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Configures dynamic metadata that can be linked to a ServingConfig and affect search or recommendation results at serving time.
+  "associatedServingConfigIds": [ # Output only. List of serving configuration ids that are associated with this control in the same Catalog. Note the association is managed via the ServingConfig, this is an output only denormalized view.
+    "A String",
+  ],
+  "displayName": "A String", # Required. The human readable control display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is thrown.
+  "name": "A String", # Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/controls/*`
+  "rule": { # A rule is a condition-action pair * A condition defines when a rule is to be triggered. * An action specifies what occurs on that trigger. Currently rules only work for controls with SOLUTION_TYPE_SEARCH. # A rule control - a condition-action pair. Enacts a set action when the condition is triggered. For example: Boost "gShoe" when query full matches "Running Shoes".
+    "boostAction": { # A boost action to apply to results matching condition specified above. # A boost action.
+      "boost": 3.14, # Strength of the condition boost, which must be in [-1, 1]. Negative boost means demotion. Default is 0.0. Setting to 1.0 gives the item a big promotion. However, it does not necessarily mean that the boosted item will be the top result at all times, nor that other items will be excluded. Results could still be shown even when none of them matches the condition. And results that are significantly more relevant to the search query can still trump your heavily favored but irrelevant items. Setting to -1.0 gives the item a big demotion. However, results that are deeply relevant might still be shown. The item will have an upstream battle to get a fairly high ranking, but it is not blocked out completely. Setting to 0.0 means no boost applied. The boosting condition is ignored.
+      "productsFilter": "A String", # The filter can have a max size of 5000 characters. An expression which specifies which products to apply an action to. The syntax and supported fields are the same as a filter expression. See SearchRequest.filter for detail syntax and limitations. Examples: * To boost products with product ID "product_1" or "product_2", and color "Red" or "Blue": *(id: ANY("product_1", "product_2")) * *AND * *(colorFamilies: ANY("Red", "Blue")) *
+    },
+    "condition": { # Metadata that is used to define a condition that triggers an action. A valid condition must specify at least one of 'query_terms' or 'products_filter'. If multiple fields are specified, the condition is met if all the fields are satisfied e.g. if a set of query terms and product_filter are set, then only items matching the product_filter for requests with a query matching the query terms wil get boosted. # Required. The condition that triggers the rule. If the condition is empty, the rule will always apply.
+      "activeTimeRange": [ # Range of time(s) specifying when Condition is active. Condition true if any time range matches.
+        { # Used for time-dependent conditions. Example: Want to have rule applied for week long sale.
+          "endTime": "A String", # End of time range. Range is inclusive.
+          "startTime": "A String", # Start of time range. Range is inclusive.
+        },
+      ],
+      "queryTerms": [ # A list (up to 10 entries) of terms to match the query on. If not specified, match all queries. If many query terms are specified, the condition is matched if any of the terms is a match (i.e. using the OR operator).
+        { # Query terms that we want to match on.
+          "fullMatch": True or False, # Whether this is supposed to be a full or partial match.
+          "value": "A String", # The value of the term to match on. Value cannot be empty. Value can have at most 3 terms if specified as a partial match. Each space separated string is considered as one term. For example, "a b c" is 3 terms and allowed, but " a b c d" is 4 terms and not allowed for a partial match.
+        },
+      ],
+    },
+    "doNotAssociateAction": { # Prevents `query_term` from being associated with specified terms during search. Example: Don't associate "gShoe" and "cheap". # Prevents term from being associated with other terms.
+      "doNotAssociateTerms": [ # Cannot contain duplicates or the query term. Can specify up to 100 terms.
+        "A String",
+      ],
+      "queryTerms": [ # Terms from the search query. Will not consider do_not_associate_terms for search if in search query. Can specify up to 100 terms.
+        "A String",
+      ],
+      "terms": [ # Will be [deprecated = true] post migration;
+        "A String",
+      ],
+    },
+    "filterAction": { # * Rule Condition: - No Condition.query_terms provided is a global match. - 1 or more Condition.query_terms provided are combined with OR operator. * Action Input: The request query and filter that are applied to the retrieved products, in addition to any filters already provided with the SearchRequest. The AND operator is used to combine the query's existing filters with the filter rule(s). NOTE: May result in 0 results when filters conflict. * Action Result: Filters the returned objects to be ONLY those that passed the filter. # Filters results.
+      "filter": "A String", # A filter to apply on the matching condition results. Supported features: * filter must be set. * Filter syntax is identical to SearchRequest.filter. See more details at the Retail Search [user guide](/retail/search/docs/filter-and-order#filter). * To filter products with product ID "product_1" or "product_2", and color "Red" or "Blue": *(id: ANY("product_1", "product_2")) * *AND * *(colorFamilies: ANY("Red", "Blue")) *
+    },
+    "ignoreAction": { # Prevents a term in the query from being used in search. Example: Don't search for "shoddy". # Ignores specific terms from query during search.
+      "ignoreTerms": [ # Terms to ignore in the search query.
+        "A String",
+      ],
+    },
+    "onewaySynonymsAction": { # Maps a set of terms to a set of synonyms. Set of synonyms will be treated as synonyms of each query term only. `query_terms` will not be treated as synonyms of each other. Example: "sneakers" will use a synonym of "shoes". "shoes" will not use a synonym of "sneakers". # Treats specific term as a synonym with a group of terms. Group of terms will not be treated as synonyms with the specific term.
+      "onewayTerms": [ # Will be [deprecated = true] post migration;
+        "A String",
+      ],
+      "queryTerms": [ # Terms from the search query. Will treat synonyms as their synonyms. Not themselves synonyms of the synonyms. Can specify up to 100 terms.
+        "A String",
+      ],
+      "synonyms": [ # Defines a set of synonyms. Cannot contain duplicates. Can specify up to 100 synonyms.
+        "A String",
+      ],
+    },
+    "redirectAction": { # Redirects a shopper to a specific page. * Rule Condition: - Must specify Condition.query_terms. * Action Input: Request Query * Action Result: Redirects shopper to provided uri. # Redirects a shopper to a specific page.
+      "redirectUri": "A String", # URL must have length equal or less than 2000 characters.
+    },
+    "replacementAction": { # Replaces a term in the query. Multiple replacement candidates can be specified. All `query_terms` will be replaced with the replacement term. Example: Replace "gShoe" with "google shoe". # Replaces specific terms in the query.
+      "queryTerms": [ # Terms from the search query. Will be replaced by replacement term. Can specify up to 100 terms.
+        "A String",
+      ],
+      "replacementTerm": "A String", # Term that will be used for replacement.
+      "term": "A String", # Will be [deprecated = true] post migration;
+    },
+    "twowaySynonymsAction": { # Creates a set of terms that will be treated as synonyms of each other. Example: synonyms of "sneakers" and "shoes". * "sneakers" will use a synonym of "shoes". * "shoes" will use a synonym of "sneakers". # Treats a set of terms as synonyms of one another.
+      "synonyms": [ # Defines a set of synonyms. Can specify up to 100 synonyms. Must specify at least 2 synonyms.
+        "A String",
+      ],
+    },
+  },
+  "searchSolutionUseCase": [ # Specifies the use case for the control. Affects what condition fields can be set. Only settable by search controls. Will default to SEARCH_SOLUTION_USE_CASE_SEARCH if not specified. Currently only allow one search_solution_use_case per control.
+    "A String",
+  ],
+  "solutionTypes": [ # Required. Immutable. The solution types that the control is used for. Currently we support setting only one type of solution at creation time. Only `SOLUTION_TYPE_SEARCH` value is supported at the moment. If no solution type is provided at creation time, will default to SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+}
+
+  controlId: string, Required. The ID to use for the Control, which will become the final component of the Control's resource name. This value should be 4-63 characters, and valid characters are /a-z-_/.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Configures dynamic metadata that can be linked to a ServingConfig and affect search or recommendation results at serving time.
+  "associatedServingConfigIds": [ # Output only. List of serving configuration ids that are associated with this control in the same Catalog. Note the association is managed via the ServingConfig, this is an output only denormalized view.
+    "A String",
+  ],
+  "displayName": "A String", # Required. The human readable control display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is thrown.
+  "name": "A String", # Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/controls/*`
+  "rule": { # A rule is a condition-action pair * A condition defines when a rule is to be triggered. * An action specifies what occurs on that trigger. Currently rules only work for controls with SOLUTION_TYPE_SEARCH. # A rule control - a condition-action pair. Enacts a set action when the condition is triggered. For example: Boost "gShoe" when query full matches "Running Shoes".
+    "boostAction": { # A boost action to apply to results matching condition specified above. # A boost action.
+      "boost": 3.14, # Strength of the condition boost, which must be in [-1, 1]. Negative boost means demotion. Default is 0.0. Setting to 1.0 gives the item a big promotion. However, it does not necessarily mean that the boosted item will be the top result at all times, nor that other items will be excluded. Results could still be shown even when none of them matches the condition. And results that are significantly more relevant to the search query can still trump your heavily favored but irrelevant items. Setting to -1.0 gives the item a big demotion. However, results that are deeply relevant might still be shown. The item will have an upstream battle to get a fairly high ranking, but it is not blocked out completely. Setting to 0.0 means no boost applied. The boosting condition is ignored.
+      "productsFilter": "A String", # The filter can have a max size of 5000 characters. An expression which specifies which products to apply an action to. The syntax and supported fields are the same as a filter expression. See SearchRequest.filter for detail syntax and limitations. Examples: * To boost products with product ID "product_1" or "product_2", and color "Red" or "Blue": *(id: ANY("product_1", "product_2")) * *AND * *(colorFamilies: ANY("Red", "Blue")) *
+    },
+    "condition": { # Metadata that is used to define a condition that triggers an action. A valid condition must specify at least one of 'query_terms' or 'products_filter'. If multiple fields are specified, the condition is met if all the fields are satisfied e.g. if a set of query terms and product_filter are set, then only items matching the product_filter for requests with a query matching the query terms wil get boosted. # Required. The condition that triggers the rule. If the condition is empty, the rule will always apply.
+      "activeTimeRange": [ # Range of time(s) specifying when Condition is active. Condition true if any time range matches.
+        { # Used for time-dependent conditions. Example: Want to have rule applied for week long sale.
+          "endTime": "A String", # End of time range. Range is inclusive.
+          "startTime": "A String", # Start of time range. Range is inclusive.
+        },
+      ],
+      "queryTerms": [ # A list (up to 10 entries) of terms to match the query on. If not specified, match all queries. If many query terms are specified, the condition is matched if any of the terms is a match (i.e. using the OR operator).
+        { # Query terms that we want to match on.
+          "fullMatch": True or False, # Whether this is supposed to be a full or partial match.
+          "value": "A String", # The value of the term to match on. Value cannot be empty. Value can have at most 3 terms if specified as a partial match. Each space separated string is considered as one term. For example, "a b c" is 3 terms and allowed, but " a b c d" is 4 terms and not allowed for a partial match.
+        },
+      ],
+    },
+    "doNotAssociateAction": { # Prevents `query_term` from being associated with specified terms during search. Example: Don't associate "gShoe" and "cheap". # Prevents term from being associated with other terms.
+      "doNotAssociateTerms": [ # Cannot contain duplicates or the query term. Can specify up to 100 terms.
+        "A String",
+      ],
+      "queryTerms": [ # Terms from the search query. Will not consider do_not_associate_terms for search if in search query. Can specify up to 100 terms.
+        "A String",
+      ],
+      "terms": [ # Will be [deprecated = true] post migration;
+        "A String",
+      ],
+    },
+    "filterAction": { # * Rule Condition: - No Condition.query_terms provided is a global match. - 1 or more Condition.query_terms provided are combined with OR operator. * Action Input: The request query and filter that are applied to the retrieved products, in addition to any filters already provided with the SearchRequest. The AND operator is used to combine the query's existing filters with the filter rule(s). NOTE: May result in 0 results when filters conflict. * Action Result: Filters the returned objects to be ONLY those that passed the filter. # Filters results.
+      "filter": "A String", # A filter to apply on the matching condition results. Supported features: * filter must be set. * Filter syntax is identical to SearchRequest.filter. See more details at the Retail Search [user guide](/retail/search/docs/filter-and-order#filter). * To filter products with product ID "product_1" or "product_2", and color "Red" or "Blue": *(id: ANY("product_1", "product_2")) * *AND * *(colorFamilies: ANY("Red", "Blue")) *
+    },
+    "ignoreAction": { # Prevents a term in the query from being used in search. Example: Don't search for "shoddy". # Ignores specific terms from query during search.
+      "ignoreTerms": [ # Terms to ignore in the search query.
+        "A String",
+      ],
+    },
+    "onewaySynonymsAction": { # Maps a set of terms to a set of synonyms. Set of synonyms will be treated as synonyms of each query term only. `query_terms` will not be treated as synonyms of each other. Example: "sneakers" will use a synonym of "shoes". "shoes" will not use a synonym of "sneakers". # Treats specific term as a synonym with a group of terms. Group of terms will not be treated as synonyms with the specific term.
+      "onewayTerms": [ # Will be [deprecated = true] post migration;
+        "A String",
+      ],
+      "queryTerms": [ # Terms from the search query. Will treat synonyms as their synonyms. Not themselves synonyms of the synonyms. Can specify up to 100 terms.
+        "A String",
+      ],
+      "synonyms": [ # Defines a set of synonyms. Cannot contain duplicates. Can specify up to 100 synonyms.
+        "A String",
+      ],
+    },
+    "redirectAction": { # Redirects a shopper to a specific page. * Rule Condition: - Must specify Condition.query_terms. * Action Input: Request Query * Action Result: Redirects shopper to provided uri. # Redirects a shopper to a specific page.
+      "redirectUri": "A String", # URL must have length equal or less than 2000 characters.
+    },
+    "replacementAction": { # Replaces a term in the query. Multiple replacement candidates can be specified. All `query_terms` will be replaced with the replacement term. Example: Replace "gShoe" with "google shoe". # Replaces specific terms in the query.
+      "queryTerms": [ # Terms from the search query. Will be replaced by replacement term. Can specify up to 100 terms.
+        "A String",
+      ],
+      "replacementTerm": "A String", # Term that will be used for replacement.
+      "term": "A String", # Will be [deprecated = true] post migration;
+    },
+    "twowaySynonymsAction": { # Creates a set of terms that will be treated as synonyms of each other. Example: synonyms of "sneakers" and "shoes". * "sneakers" will use a synonym of "shoes". * "shoes" will use a synonym of "sneakers". # Treats a set of terms as synonyms of one another.
+      "synonyms": [ # Defines a set of synonyms. Can specify up to 100 synonyms. Must specify at least 2 synonyms.
+        "A String",
+      ],
+    },
+  },
+  "searchSolutionUseCase": [ # Specifies the use case for the control. Affects what condition fields can be set. Only settable by search controls. Will default to SEARCH_SOLUTION_USE_CASE_SEARCH if not specified. Currently only allow one search_solution_use_case per control.
+    "A String",
+  ],
+  "solutionTypes": [ # Required. Immutable. The solution types that the control is used for. Currently we support setting only one type of solution at creation time. Only `SOLUTION_TYPE_SEARCH` value is supported at the moment. If no solution type is provided at creation time, will default to SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+}

+

+
+

+    delete(name, x__xgafv=None)
+  
Deletes a Control. If the Control to delete does not exist, a NOT_FOUND error is returned.
+
+Args:
+  name: string, Required. The resource name of the Control to delete. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/controls/{control_id}` (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }
+}

+

+
+

+    get(name, x__xgafv=None)
+  
Gets a Control.
+
+Args:
+  name: string, Required. The resource name of the Control to get. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/controls/{control_id}` (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Configures dynamic metadata that can be linked to a ServingConfig and affect search or recommendation results at serving time.
+  "associatedServingConfigIds": [ # Output only. List of serving configuration ids that are associated with this control in the same Catalog. Note the association is managed via the ServingConfig, this is an output only denormalized view.
+    "A String",
+  ],
+  "displayName": "A String", # Required. The human readable control display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is thrown.
+  "name": "A String", # Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/controls/*`
+  "rule": { # A rule is a condition-action pair * A condition defines when a rule is to be triggered. * An action specifies what occurs on that trigger. Currently rules only work for controls with SOLUTION_TYPE_SEARCH. # A rule control - a condition-action pair. Enacts a set action when the condition is triggered. For example: Boost "gShoe" when query full matches "Running Shoes".
+    "boostAction": { # A boost action to apply to results matching condition specified above. # A boost action.
+      "boost": 3.14, # Strength of the condition boost, which must be in [-1, 1]. Negative boost means demotion. Default is 0.0. Setting to 1.0 gives the item a big promotion. However, it does not necessarily mean that the boosted item will be the top result at all times, nor that other items will be excluded. Results could still be shown even when none of them matches the condition. And results that are significantly more relevant to the search query can still trump your heavily favored but irrelevant items. Setting to -1.0 gives the item a big demotion. However, results that are deeply relevant might still be shown. The item will have an upstream battle to get a fairly high ranking, but it is not blocked out completely. Setting to 0.0 means no boost applied. The boosting condition is ignored.
+      "productsFilter": "A String", # The filter can have a max size of 5000 characters. An expression which specifies which products to apply an action to. The syntax and supported fields are the same as a filter expression. See SearchRequest.filter for detail syntax and limitations. Examples: * To boost products with product ID "product_1" or "product_2", and color "Red" or "Blue": *(id: ANY("product_1", "product_2")) * *AND * *(colorFamilies: ANY("Red", "Blue")) *
+    },
+    "condition": { # Metadata that is used to define a condition that triggers an action. A valid condition must specify at least one of 'query_terms' or 'products_filter'. If multiple fields are specified, the condition is met if all the fields are satisfied e.g. if a set of query terms and product_filter are set, then only items matching the product_filter for requests with a query matching the query terms wil get boosted. # Required. The condition that triggers the rule. If the condition is empty, the rule will always apply.
+      "activeTimeRange": [ # Range of time(s) specifying when Condition is active. Condition true if any time range matches.
+        { # Used for time-dependent conditions. Example: Want to have rule applied for week long sale.
+          "endTime": "A String", # End of time range. Range is inclusive.
+          "startTime": "A String", # Start of time range. Range is inclusive.
+        },
+      ],
+      "queryTerms": [ # A list (up to 10 entries) of terms to match the query on. If not specified, match all queries. If many query terms are specified, the condition is matched if any of the terms is a match (i.e. using the OR operator).
+        { # Query terms that we want to match on.
+          "fullMatch": True or False, # Whether this is supposed to be a full or partial match.
+          "value": "A String", # The value of the term to match on. Value cannot be empty. Value can have at most 3 terms if specified as a partial match. Each space separated string is considered as one term. For example, "a b c" is 3 terms and allowed, but " a b c d" is 4 terms and not allowed for a partial match.
+        },
+      ],
+    },
+    "doNotAssociateAction": { # Prevents `query_term` from being associated with specified terms during search. Example: Don't associate "gShoe" and "cheap". # Prevents term from being associated with other terms.
+      "doNotAssociateTerms": [ # Cannot contain duplicates or the query term. Can specify up to 100 terms.
+        "A String",
+      ],
+      "queryTerms": [ # Terms from the search query. Will not consider do_not_associate_terms for search if in search query. Can specify up to 100 terms.
+        "A String",
+      ],
+      "terms": [ # Will be [deprecated = true] post migration;
+        "A String",
+      ],
+    },
+    "filterAction": { # * Rule Condition: - No Condition.query_terms provided is a global match. - 1 or more Condition.query_terms provided are combined with OR operator. * Action Input: The request query and filter that are applied to the retrieved products, in addition to any filters already provided with the SearchRequest. The AND operator is used to combine the query's existing filters with the filter rule(s). NOTE: May result in 0 results when filters conflict. * Action Result: Filters the returned objects to be ONLY those that passed the filter. # Filters results.
+      "filter": "A String", # A filter to apply on the matching condition results. Supported features: * filter must be set. * Filter syntax is identical to SearchRequest.filter. See more details at the Retail Search [user guide](/retail/search/docs/filter-and-order#filter). * To filter products with product ID "product_1" or "product_2", and color "Red" or "Blue": *(id: ANY("product_1", "product_2")) * *AND * *(colorFamilies: ANY("Red", "Blue")) *
+    },
+    "ignoreAction": { # Prevents a term in the query from being used in search. Example: Don't search for "shoddy". # Ignores specific terms from query during search.
+      "ignoreTerms": [ # Terms to ignore in the search query.
+        "A String",
+      ],
+    },
+    "onewaySynonymsAction": { # Maps a set of terms to a set of synonyms. Set of synonyms will be treated as synonyms of each query term only. `query_terms` will not be treated as synonyms of each other. Example: "sneakers" will use a synonym of "shoes". "shoes" will not use a synonym of "sneakers". # Treats specific term as a synonym with a group of terms. Group of terms will not be treated as synonyms with the specific term.
+      "onewayTerms": [ # Will be [deprecated = true] post migration;
+        "A String",
+      ],
+      "queryTerms": [ # Terms from the search query. Will treat synonyms as their synonyms. Not themselves synonyms of the synonyms. Can specify up to 100 terms.
+        "A String",
+      ],
+      "synonyms": [ # Defines a set of synonyms. Cannot contain duplicates. Can specify up to 100 synonyms.
+        "A String",
+      ],
+    },
+    "redirectAction": { # Redirects a shopper to a specific page. * Rule Condition: - Must specify Condition.query_terms. * Action Input: Request Query * Action Result: Redirects shopper to provided uri. # Redirects a shopper to a specific page.
+      "redirectUri": "A String", # URL must have length equal or less than 2000 characters.
+    },
+    "replacementAction": { # Replaces a term in the query. Multiple replacement candidates can be specified. All `query_terms` will be replaced with the replacement term. Example: Replace "gShoe" with "google shoe". # Replaces specific terms in the query.
+      "queryTerms": [ # Terms from the search query. Will be replaced by replacement term. Can specify up to 100 terms.
+        "A String",
+      ],
+      "replacementTerm": "A String", # Term that will be used for replacement.
+      "term": "A String", # Will be [deprecated = true] post migration;
+    },
+    "twowaySynonymsAction": { # Creates a set of terms that will be treated as synonyms of each other. Example: synonyms of "sneakers" and "shoes". * "sneakers" will use a synonym of "shoes". * "shoes" will use a synonym of "sneakers". # Treats a set of terms as synonyms of one another.
+      "synonyms": [ # Defines a set of synonyms. Can specify up to 100 synonyms. Must specify at least 2 synonyms.
+        "A String",
+      ],
+    },
+  },
+  "searchSolutionUseCase": [ # Specifies the use case for the control. Affects what condition fields can be set. Only settable by search controls. Will default to SEARCH_SOLUTION_USE_CASE_SEARCH if not specified. Currently only allow one search_solution_use_case per control.
+    "A String",
+  ],
+  "solutionTypes": [ # Required. Immutable. The solution types that the control is used for. Currently we support setting only one type of solution at creation time. Only `SOLUTION_TYPE_SEARCH` value is supported at the moment. If no solution type is provided at creation time, will default to SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+}

+

+
+

+    list(parent, filter=None, pageSize=None, pageToken=None, x__xgafv=None)
+  
Lists all Controls by their parent Catalog.
+
+Args:
+  parent: string, Required. The catalog resource name. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}` (required)
+  filter: string, Optional. A filter to apply on the list results. Supported features: * List all the products under the parent branch if filter is unset. * List controls that are used in a single ServingConfig: 'serving_config = "boosted_home_page_cvr"'
+  pageSize: integer, Optional. Maximum number of results to return. If unspecified, defaults to 50. Max allowed value is 1000.
+  pageToken: string, Optional. A page token, received from a previous `ListControls` call. Provide this to retrieve the subsequent page.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response for ListControls method.
+  "controls": [ # All the Controls for a given catalog.
+    { # Configures dynamic metadata that can be linked to a ServingConfig and affect search or recommendation results at serving time.
+      "associatedServingConfigIds": [ # Output only. List of serving configuration ids that are associated with this control in the same Catalog. Note the association is managed via the ServingConfig, this is an output only denormalized view.
+        "A String",
+      ],
+      "displayName": "A String", # Required. The human readable control display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is thrown.
+      "name": "A String", # Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/controls/*`
+      "rule": { # A rule is a condition-action pair * A condition defines when a rule is to be triggered. * An action specifies what occurs on that trigger. Currently rules only work for controls with SOLUTION_TYPE_SEARCH. # A rule control - a condition-action pair. Enacts a set action when the condition is triggered. For example: Boost "gShoe" when query full matches "Running Shoes".
+        "boostAction": { # A boost action to apply to results matching condition specified above. # A boost action.
+          "boost": 3.14, # Strength of the condition boost, which must be in [-1, 1]. Negative boost means demotion. Default is 0.0. Setting to 1.0 gives the item a big promotion. However, it does not necessarily mean that the boosted item will be the top result at all times, nor that other items will be excluded. Results could still be shown even when none of them matches the condition. And results that are significantly more relevant to the search query can still trump your heavily favored but irrelevant items. Setting to -1.0 gives the item a big demotion. However, results that are deeply relevant might still be shown. The item will have an upstream battle to get a fairly high ranking, but it is not blocked out completely. Setting to 0.0 means no boost applied. The boosting condition is ignored.
+          "productsFilter": "A String", # The filter can have a max size of 5000 characters. An expression which specifies which products to apply an action to. The syntax and supported fields are the same as a filter expression. See SearchRequest.filter for detail syntax and limitations. Examples: * To boost products with product ID "product_1" or "product_2", and color "Red" or "Blue": *(id: ANY("product_1", "product_2")) * *AND * *(colorFamilies: ANY("Red", "Blue")) *
+        },
+        "condition": { # Metadata that is used to define a condition that triggers an action. A valid condition must specify at least one of 'query_terms' or 'products_filter'. If multiple fields are specified, the condition is met if all the fields are satisfied e.g. if a set of query terms and product_filter are set, then only items matching the product_filter for requests with a query matching the query terms wil get boosted. # Required. The condition that triggers the rule. If the condition is empty, the rule will always apply.
+          "activeTimeRange": [ # Range of time(s) specifying when Condition is active. Condition true if any time range matches.
+            { # Used for time-dependent conditions. Example: Want to have rule applied for week long sale.
+              "endTime": "A String", # End of time range. Range is inclusive.
+              "startTime": "A String", # Start of time range. Range is inclusive.
+            },
+          ],
+          "queryTerms": [ # A list (up to 10 entries) of terms to match the query on. If not specified, match all queries. If many query terms are specified, the condition is matched if any of the terms is a match (i.e. using the OR operator).
+            { # Query terms that we want to match on.
+              "fullMatch": True or False, # Whether this is supposed to be a full or partial match.
+              "value": "A String", # The value of the term to match on. Value cannot be empty. Value can have at most 3 terms if specified as a partial match. Each space separated string is considered as one term. For example, "a b c" is 3 terms and allowed, but " a b c d" is 4 terms and not allowed for a partial match.
+            },
+          ],
+        },
+        "doNotAssociateAction": { # Prevents `query_term` from being associated with specified terms during search. Example: Don't associate "gShoe" and "cheap". # Prevents term from being associated with other terms.
+          "doNotAssociateTerms": [ # Cannot contain duplicates or the query term. Can specify up to 100 terms.
+            "A String",
+          ],
+          "queryTerms": [ # Terms from the search query. Will not consider do_not_associate_terms for search if in search query. Can specify up to 100 terms.
+            "A String",
+          ],
+          "terms": [ # Will be [deprecated = true] post migration;
+            "A String",
+          ],
+        },
+        "filterAction": { # * Rule Condition: - No Condition.query_terms provided is a global match. - 1 or more Condition.query_terms provided are combined with OR operator. * Action Input: The request query and filter that are applied to the retrieved products, in addition to any filters already provided with the SearchRequest. The AND operator is used to combine the query's existing filters with the filter rule(s). NOTE: May result in 0 results when filters conflict. * Action Result: Filters the returned objects to be ONLY those that passed the filter. # Filters results.
+          "filter": "A String", # A filter to apply on the matching condition results. Supported features: * filter must be set. * Filter syntax is identical to SearchRequest.filter. See more details at the Retail Search [user guide](/retail/search/docs/filter-and-order#filter). * To filter products with product ID "product_1" or "product_2", and color "Red" or "Blue": *(id: ANY("product_1", "product_2")) * *AND * *(colorFamilies: ANY("Red", "Blue")) *
+        },
+        "ignoreAction": { # Prevents a term in the query from being used in search. Example: Don't search for "shoddy". # Ignores specific terms from query during search.
+          "ignoreTerms": [ # Terms to ignore in the search query.
+            "A String",
+          ],
+        },
+        "onewaySynonymsAction": { # Maps a set of terms to a set of synonyms. Set of synonyms will be treated as synonyms of each query term only. `query_terms` will not be treated as synonyms of each other. Example: "sneakers" will use a synonym of "shoes". "shoes" will not use a synonym of "sneakers". # Treats specific term as a synonym with a group of terms. Group of terms will not be treated as synonyms with the specific term.
+          "onewayTerms": [ # Will be [deprecated = true] post migration;
+            "A String",
+          ],
+          "queryTerms": [ # Terms from the search query. Will treat synonyms as their synonyms. Not themselves synonyms of the synonyms. Can specify up to 100 terms.
+            "A String",
+          ],
+          "synonyms": [ # Defines a set of synonyms. Cannot contain duplicates. Can specify up to 100 synonyms.
+            "A String",
+          ],
+        },
+        "redirectAction": { # Redirects a shopper to a specific page. * Rule Condition: - Must specify Condition.query_terms. * Action Input: Request Query * Action Result: Redirects shopper to provided uri. # Redirects a shopper to a specific page.
+          "redirectUri": "A String", # URL must have length equal or less than 2000 characters.
+        },
+        "replacementAction": { # Replaces a term in the query. Multiple replacement candidates can be specified. All `query_terms` will be replaced with the replacement term. Example: Replace "gShoe" with "google shoe". # Replaces specific terms in the query.
+          "queryTerms": [ # Terms from the search query. Will be replaced by replacement term. Can specify up to 100 terms.
+            "A String",
+          ],
+          "replacementTerm": "A String", # Term that will be used for replacement.
+          "term": "A String", # Will be [deprecated = true] post migration;
+        },
+        "twowaySynonymsAction": { # Creates a set of terms that will be treated as synonyms of each other. Example: synonyms of "sneakers" and "shoes". * "sneakers" will use a synonym of "shoes". * "shoes" will use a synonym of "sneakers". # Treats a set of terms as synonyms of one another.
+          "synonyms": [ # Defines a set of synonyms. Can specify up to 100 synonyms. Must specify at least 2 synonyms.
+            "A String",
+          ],
+        },
+      },
+      "searchSolutionUseCase": [ # Specifies the use case for the control. Affects what condition fields can be set. Only settable by search controls. Will default to SEARCH_SOLUTION_USE_CASE_SEARCH if not specified. Currently only allow one search_solution_use_case per control.
+        "A String",
+      ],
+      "solutionTypes": [ # Required. Immutable. The solution types that the control is used for. Currently we support setting only one type of solution at creation time. Only `SOLUTION_TYPE_SEARCH` value is supported at the moment. If no solution type is provided at creation time, will default to SOLUTION_TYPE_SEARCH.
+        "A String",
+      ],
+    },
+  ],
+  "nextPageToken": "A String", # Pagination token, if not returned indicates the last page.
+}

+

+
+

+    list_next()
+  
Retrieves the next page of results.
+
+        Args:
+          previous_request: The request for the previous page. (required)
+          previous_response: The response from the request for the previous page. (required)
+
+        Returns:
+          A request object that you can call 'execute()' on to request the next
+          page. Returns None if there are no more items in the collection.
+        

+

+
+

+    patch(name, body=None, updateMask=None, x__xgafv=None)
+  
Updates a Control. Control cannot be set to a different oneof field, if so an INVALID_ARGUMENT is returned. If the Control to update does not exist, a NOT_FOUND error is returned.
+
+Args:
+  name: string, Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/controls/*` (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Configures dynamic metadata that can be linked to a ServingConfig and affect search or recommendation results at serving time.
+  "associatedServingConfigIds": [ # Output only. List of serving configuration ids that are associated with this control in the same Catalog. Note the association is managed via the ServingConfig, this is an output only denormalized view.
+    "A String",
+  ],
+  "displayName": "A String", # Required. The human readable control display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is thrown.
+  "name": "A String", # Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/controls/*`
+  "rule": { # A rule is a condition-action pair * A condition defines when a rule is to be triggered. * An action specifies what occurs on that trigger. Currently rules only work for controls with SOLUTION_TYPE_SEARCH. # A rule control - a condition-action pair. Enacts a set action when the condition is triggered. For example: Boost "gShoe" when query full matches "Running Shoes".
+    "boostAction": { # A boost action to apply to results matching condition specified above. # A boost action.
+      "boost": 3.14, # Strength of the condition boost, which must be in [-1, 1]. Negative boost means demotion. Default is 0.0. Setting to 1.0 gives the item a big promotion. However, it does not necessarily mean that the boosted item will be the top result at all times, nor that other items will be excluded. Results could still be shown even when none of them matches the condition. And results that are significantly more relevant to the search query can still trump your heavily favored but irrelevant items. Setting to -1.0 gives the item a big demotion. However, results that are deeply relevant might still be shown. The item will have an upstream battle to get a fairly high ranking, but it is not blocked out completely. Setting to 0.0 means no boost applied. The boosting condition is ignored.
+      "productsFilter": "A String", # The filter can have a max size of 5000 characters. An expression which specifies which products to apply an action to. The syntax and supported fields are the same as a filter expression. See SearchRequest.filter for detail syntax and limitations. Examples: * To boost products with product ID "product_1" or "product_2", and color "Red" or "Blue": *(id: ANY("product_1", "product_2")) * *AND * *(colorFamilies: ANY("Red", "Blue")) *
+    },
+    "condition": { # Metadata that is used to define a condition that triggers an action. A valid condition must specify at least one of 'query_terms' or 'products_filter'. If multiple fields are specified, the condition is met if all the fields are satisfied e.g. if a set of query terms and product_filter are set, then only items matching the product_filter for requests with a query matching the query terms wil get boosted. # Required. The condition that triggers the rule. If the condition is empty, the rule will always apply.
+      "activeTimeRange": [ # Range of time(s) specifying when Condition is active. Condition true if any time range matches.
+        { # Used for time-dependent conditions. Example: Want to have rule applied for week long sale.
+          "endTime": "A String", # End of time range. Range is inclusive.
+          "startTime": "A String", # Start of time range. Range is inclusive.
+        },
+      ],
+      "queryTerms": [ # A list (up to 10 entries) of terms to match the query on. If not specified, match all queries. If many query terms are specified, the condition is matched if any of the terms is a match (i.e. using the OR operator).
+        { # Query terms that we want to match on.
+          "fullMatch": True or False, # Whether this is supposed to be a full or partial match.
+          "value": "A String", # The value of the term to match on. Value cannot be empty. Value can have at most 3 terms if specified as a partial match. Each space separated string is considered as one term. For example, "a b c" is 3 terms and allowed, but " a b c d" is 4 terms and not allowed for a partial match.
+        },
+      ],
+    },
+    "doNotAssociateAction": { # Prevents `query_term` from being associated with specified terms during search. Example: Don't associate "gShoe" and "cheap". # Prevents term from being associated with other terms.
+      "doNotAssociateTerms": [ # Cannot contain duplicates or the query term. Can specify up to 100 terms.
+        "A String",
+      ],
+      "queryTerms": [ # Terms from the search query. Will not consider do_not_associate_terms for search if in search query. Can specify up to 100 terms.
+        "A String",
+      ],
+      "terms": [ # Will be [deprecated = true] post migration;
+        "A String",
+      ],
+    },
+    "filterAction": { # * Rule Condition: - No Condition.query_terms provided is a global match. - 1 or more Condition.query_terms provided are combined with OR operator. * Action Input: The request query and filter that are applied to the retrieved products, in addition to any filters already provided with the SearchRequest. The AND operator is used to combine the query's existing filters with the filter rule(s). NOTE: May result in 0 results when filters conflict. * Action Result: Filters the returned objects to be ONLY those that passed the filter. # Filters results.
+      "filter": "A String", # A filter to apply on the matching condition results. Supported features: * filter must be set. * Filter syntax is identical to SearchRequest.filter. See more details at the Retail Search [user guide](/retail/search/docs/filter-and-order#filter). * To filter products with product ID "product_1" or "product_2", and color "Red" or "Blue": *(id: ANY("product_1", "product_2")) * *AND * *(colorFamilies: ANY("Red", "Blue")) *
+    },
+    "ignoreAction": { # Prevents a term in the query from being used in search. Example: Don't search for "shoddy". # Ignores specific terms from query during search.
+      "ignoreTerms": [ # Terms to ignore in the search query.
+        "A String",
+      ],
+    },
+    "onewaySynonymsAction": { # Maps a set of terms to a set of synonyms. Set of synonyms will be treated as synonyms of each query term only. `query_terms` will not be treated as synonyms of each other. Example: "sneakers" will use a synonym of "shoes". "shoes" will not use a synonym of "sneakers". # Treats specific term as a synonym with a group of terms. Group of terms will not be treated as synonyms with the specific term.
+      "onewayTerms": [ # Will be [deprecated = true] post migration;
+        "A String",
+      ],
+      "queryTerms": [ # Terms from the search query. Will treat synonyms as their synonyms. Not themselves synonyms of the synonyms. Can specify up to 100 terms.
+        "A String",
+      ],
+      "synonyms": [ # Defines a set of synonyms. Cannot contain duplicates. Can specify up to 100 synonyms.
+        "A String",
+      ],
+    },
+    "redirectAction": { # Redirects a shopper to a specific page. * Rule Condition: - Must specify Condition.query_terms. * Action Input: Request Query * Action Result: Redirects shopper to provided uri. # Redirects a shopper to a specific page.
+      "redirectUri": "A String", # URL must have length equal or less than 2000 characters.
+    },
+    "replacementAction": { # Replaces a term in the query. Multiple replacement candidates can be specified. All `query_terms` will be replaced with the replacement term. Example: Replace "gShoe" with "google shoe". # Replaces specific terms in the query.
+      "queryTerms": [ # Terms from the search query. Will be replaced by replacement term. Can specify up to 100 terms.
+        "A String",
+      ],
+      "replacementTerm": "A String", # Term that will be used for replacement.
+      "term": "A String", # Will be [deprecated = true] post migration;
+    },
+    "twowaySynonymsAction": { # Creates a set of terms that will be treated as synonyms of each other. Example: synonyms of "sneakers" and "shoes". * "sneakers" will use a synonym of "shoes". * "shoes" will use a synonym of "sneakers". # Treats a set of terms as synonyms of one another.
+      "synonyms": [ # Defines a set of synonyms. Can specify up to 100 synonyms. Must specify at least 2 synonyms.
+        "A String",
+      ],
+    },
+  },
+  "searchSolutionUseCase": [ # Specifies the use case for the control. Affects what condition fields can be set. Only settable by search controls. Will default to SEARCH_SOLUTION_USE_CASE_SEARCH if not specified. Currently only allow one search_solution_use_case per control.
+    "A String",
+  ],
+  "solutionTypes": [ # Required. Immutable. The solution types that the control is used for. Currently we support setting only one type of solution at creation time. Only `SOLUTION_TYPE_SEARCH` value is supported at the moment. If no solution type is provided at creation time, will default to SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+}
+
+  updateMask: string, Indicates which fields in the provided Control to update. The following are NOT supported: * Control.name If not set or empty, all supported fields are updated.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Configures dynamic metadata that can be linked to a ServingConfig and affect search or recommendation results at serving time.
+  "associatedServingConfigIds": [ # Output only. List of serving configuration ids that are associated with this control in the same Catalog. Note the association is managed via the ServingConfig, this is an output only denormalized view.
+    "A String",
+  ],
+  "displayName": "A String", # Required. The human readable control display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is thrown.
+  "name": "A String", # Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/controls/*`
+  "rule": { # A rule is a condition-action pair * A condition defines when a rule is to be triggered. * An action specifies what occurs on that trigger. Currently rules only work for controls with SOLUTION_TYPE_SEARCH. # A rule control - a condition-action pair. Enacts a set action when the condition is triggered. For example: Boost "gShoe" when query full matches "Running Shoes".
+    "boostAction": { # A boost action to apply to results matching condition specified above. # A boost action.
+      "boost": 3.14, # Strength of the condition boost, which must be in [-1, 1]. Negative boost means demotion. Default is 0.0. Setting to 1.0 gives the item a big promotion. However, it does not necessarily mean that the boosted item will be the top result at all times, nor that other items will be excluded. Results could still be shown even when none of them matches the condition. And results that are significantly more relevant to the search query can still trump your heavily favored but irrelevant items. Setting to -1.0 gives the item a big demotion. However, results that are deeply relevant might still be shown. The item will have an upstream battle to get a fairly high ranking, but it is not blocked out completely. Setting to 0.0 means no boost applied. The boosting condition is ignored.
+      "productsFilter": "A String", # The filter can have a max size of 5000 characters. An expression which specifies which products to apply an action to. The syntax and supported fields are the same as a filter expression. See SearchRequest.filter for detail syntax and limitations. Examples: * To boost products with product ID "product_1" or "product_2", and color "Red" or "Blue": *(id: ANY("product_1", "product_2")) * *AND * *(colorFamilies: ANY("Red", "Blue")) *
+    },
+    "condition": { # Metadata that is used to define a condition that triggers an action. A valid condition must specify at least one of 'query_terms' or 'products_filter'. If multiple fields are specified, the condition is met if all the fields are satisfied e.g. if a set of query terms and product_filter are set, then only items matching the product_filter for requests with a query matching the query terms wil get boosted. # Required. The condition that triggers the rule. If the condition is empty, the rule will always apply.
+      "activeTimeRange": [ # Range of time(s) specifying when Condition is active. Condition true if any time range matches.
+        { # Used for time-dependent conditions. Example: Want to have rule applied for week long sale.
+          "endTime": "A String", # End of time range. Range is inclusive.
+          "startTime": "A String", # Start of time range. Range is inclusive.
+        },
+      ],
+      "queryTerms": [ # A list (up to 10 entries) of terms to match the query on. If not specified, match all queries. If many query terms are specified, the condition is matched if any of the terms is a match (i.e. using the OR operator).
+        { # Query terms that we want to match on.
+          "fullMatch": True or False, # Whether this is supposed to be a full or partial match.
+          "value": "A String", # The value of the term to match on. Value cannot be empty. Value can have at most 3 terms if specified as a partial match. Each space separated string is considered as one term. For example, "a b c" is 3 terms and allowed, but " a b c d" is 4 terms and not allowed for a partial match.
+        },
+      ],
+    },
+    "doNotAssociateAction": { # Prevents `query_term` from being associated with specified terms during search. Example: Don't associate "gShoe" and "cheap". # Prevents term from being associated with other terms.
+      "doNotAssociateTerms": [ # Cannot contain duplicates or the query term. Can specify up to 100 terms.
+        "A String",
+      ],
+      "queryTerms": [ # Terms from the search query. Will not consider do_not_associate_terms for search if in search query. Can specify up to 100 terms.
+        "A String",
+      ],
+      "terms": [ # Will be [deprecated = true] post migration;
+        "A String",
+      ],
+    },
+    "filterAction": { # * Rule Condition: - No Condition.query_terms provided is a global match. - 1 or more Condition.query_terms provided are combined with OR operator. * Action Input: The request query and filter that are applied to the retrieved products, in addition to any filters already provided with the SearchRequest. The AND operator is used to combine the query's existing filters with the filter rule(s). NOTE: May result in 0 results when filters conflict. * Action Result: Filters the returned objects to be ONLY those that passed the filter. # Filters results.
+      "filter": "A String", # A filter to apply on the matching condition results. Supported features: * filter must be set. * Filter syntax is identical to SearchRequest.filter. See more details at the Retail Search [user guide](/retail/search/docs/filter-and-order#filter). * To filter products with product ID "product_1" or "product_2", and color "Red" or "Blue": *(id: ANY("product_1", "product_2")) * *AND * *(colorFamilies: ANY("Red", "Blue")) *
+    },
+    "ignoreAction": { # Prevents a term in the query from being used in search. Example: Don't search for "shoddy". # Ignores specific terms from query during search.
+      "ignoreTerms": [ # Terms to ignore in the search query.
+        "A String",
+      ],
+    },
+    "onewaySynonymsAction": { # Maps a set of terms to a set of synonyms. Set of synonyms will be treated as synonyms of each query term only. `query_terms` will not be treated as synonyms of each other. Example: "sneakers" will use a synonym of "shoes". "shoes" will not use a synonym of "sneakers". # Treats specific term as a synonym with a group of terms. Group of terms will not be treated as synonyms with the specific term.
+      "onewayTerms": [ # Will be [deprecated = true] post migration;
+        "A String",
+      ],
+      "queryTerms": [ # Terms from the search query. Will treat synonyms as their synonyms. Not themselves synonyms of the synonyms. Can specify up to 100 terms.
+        "A String",
+      ],
+      "synonyms": [ # Defines a set of synonyms. Cannot contain duplicates. Can specify up to 100 synonyms.
+        "A String",
+      ],
+    },
+    "redirectAction": { # Redirects a shopper to a specific page. * Rule Condition: - Must specify Condition.query_terms. * Action Input: Request Query * Action Result: Redirects shopper to provided uri. # Redirects a shopper to a specific page.
+      "redirectUri": "A String", # URL must have length equal or less than 2000 characters.
+    },
+    "replacementAction": { # Replaces a term in the query. Multiple replacement candidates can be specified. All `query_terms` will be replaced with the replacement term. Example: Replace "gShoe" with "google shoe". # Replaces specific terms in the query.
+      "queryTerms": [ # Terms from the search query. Will be replaced by replacement term. Can specify up to 100 terms.
+        "A String",
+      ],
+      "replacementTerm": "A String", # Term that will be used for replacement.
+      "term": "A String", # Will be [deprecated = true] post migration;
+    },
+    "twowaySynonymsAction": { # Creates a set of terms that will be treated as synonyms of each other. Example: synonyms of "sneakers" and "shoes". * "sneakers" will use a synonym of "shoes". * "shoes" will use a synonym of "sneakers". # Treats a set of terms as synonyms of one another.
+      "synonyms": [ # Defines a set of synonyms. Can specify up to 100 synonyms. Must specify at least 2 synonyms.
+        "A String",
+      ],
+    },
+  },
+  "searchSolutionUseCase": [ # Specifies the use case for the control. Affects what condition fields can be set. Only settable by search controls. Will default to SEARCH_SOLUTION_USE_CASE_SEARCH if not specified. Currently only allow one search_solution_use_case per control.
+    "A String",
+  ],
+  "solutionTypes": [ # Required. Immutable. The solution types that the control is used for. Currently we support setting only one type of solution at creation time. Only `SOLUTION_TYPE_SEARCH` value is supported at the moment. If no solution type is provided at creation time, will default to SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+}

+

+
+
\ No newline at end of file
diff --git a/docs/dyn/retail_v2.projects.locations.catalogs.html b/docs/dyn/retail_v2.projects.locations.catalogs.html
index 244bdd47238..199c28b35b6 100644
--- a/docs/dyn/retail_v2.projects.locations.catalogs.html
+++ b/docs/dyn/retail_v2.projects.locations.catalogs.html
@@ -89,6 +89,11 @@ 
Instance Methods

 

 
Returns the completionData Resource.

 
+

+  controls()
+

+
Returns the controls Resource.

+
 

   operations()
 

@@ -114,7 +119,7 @@ 
Instance Methods

 
Close httplib2 connections.

 

   completeQuery(catalog, dataset=None, deviceType=None, languageCodes=None, maxSuggestions=None, query=None, visitorId=None, x__xgafv=None)

-
Completes the specified prefix with keyword suggestions. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.

+
Completes the specified prefix with keyword suggestions. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.

 

   getAttributesConfig(name, x__xgafv=None)

 
Gets an AttributesConfig.

@@ -150,7 +155,7 @@ 
Method Details

 
 

     completeQuery(catalog, dataset=None, deviceType=None, languageCodes=None, maxSuggestions=None, query=None, visitorId=None, x__xgafv=None)
-  
Completes the specified prefix with keyword suggestions. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.
+  
Completes the specified prefix with keyword suggestions. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.
 
 Args:
   catalog: string, Required. Catalog for which the completion is performed. Full resource name of catalog, such as `projects/*/locations/global/catalogs/default_catalog`. (required)
@@ -230,7 +235,7 @@ 
Method Details

   
Gets a CompletionConfig.
 
 Args:
-  name: string, Required. Full CompletionConfig resource name. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/completionConfig (required)
+  name: string, Required. Full CompletionConfig resource name. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/completionConfig` (required)
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
diff --git a/docs/dyn/retail_v2.projects.locations.catalogs.placements.html b/docs/dyn/retail_v2.projects.locations.catalogs.placements.html
index c559bc8cdc2..b4e217f530b 100644
--- a/docs/dyn/retail_v2.projects.locations.catalogs.placements.html
+++ b/docs/dyn/retail_v2.projects.locations.catalogs.placements.html
@@ -82,7 +82,7 @@ 
Instance Methods

 
Makes a recommendation prediction.

 

   search(placement, body=None, x__xgafv=None)

-
Performs a search. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.

+
Performs a search. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.

 

   search_next()

 
Retrieves the next page of results.

@@ -139,7 +139,7 @@ 
Method Details

     "filter": "A String", # The filter syntax consists of an expression language for constructing a predicate from one or more fields of the products being filtered. See SearchRequest.filter for definition and syntax. The value must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned.
     "offset": 42, # An integer that specifies the current offset for pagination (the 0-indexed starting location, amongst the products deemed by the API as relevant). See SearchRequest.offset for definition. If this field is negative, an INVALID_ARGUMENT is returned. This can only be set for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
     "orderBy": "A String", # The order in which products are returned. See SearchRequest.order_by for definition and syntax. The value must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. This can only be set for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
-    "pageCategories": [ # The categories associated with a category page. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"]. Required for `category-page-view` events. At least one of search_query or page_categories is required for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
+    "pageCategories": [ # The categories associated with a category page. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"]. Required for `category-page-view` events. At least one of search_query or page_categories is required for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
       "A String",
     ],
     "pageViewId": "A String", # A unique ID of a web page view. This should be kept the same for all user events triggered from the same pageview. For example, an item detail page view could trigger multiple events as the user is browsing the page. The `pageViewId` property should be kept the same for all these events so that they can be grouped together properly. When using the client side event reporting with JavaScript pixel and Google Tag Manager, this value is filled in automatically.
@@ -172,7 +172,7 @@ 
Method Details

           "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
             "A String",
           ],
-          "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+          "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
             "A String",
           ],
           "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -209,6 +209,48 @@ 
Method Details

             },
           ],
           "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+          "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+            { # The inventory information at a place (e.g. a store) identified by a place ID.
+              "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+                "a_key": { # A custom attribute that is not explicitly modeled in Product.
+                  "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+                  "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                    3.14,
+                  ],
+                  "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+                  "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                    "A String",
+                  ],
+                },
+              },
+              "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+                "A String",
+              ],
+              "placeId": "A String", # The place ID for the current set of inventory information.
+              "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+                "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+                "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+                "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+                "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+                "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+                "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+                "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+                  "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+                    "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                    "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                    "maximum": 3.14, # Inclusive upper bound.
+                    "minimum": 3.14, # Inclusive lower bound.
+                  },
+                  "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+                    "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                    "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                    "maximum": 3.14, # Inclusive upper bound.
+                    "minimum": 3.14, # Inclusive lower bound.
+                  },
+                },
+              },
+            },
+          ],
           "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
             "A String",
           ],
@@ -319,7 +361,7 @@ 
Method Details

 
 

     search(placement, body=None, x__xgafv=None)
-  
Performs a search. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.
+  
Performs a search. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.
 
 Args:
   placement: string, Required. The resource name of the Retail Search serving config, such as `projects/*/locations/global/catalogs/default_catalog/servingConfigs/default_serving_config` or the name of the legacy placement resource, such as `projects/*/locations/global/catalogs/default_catalog/placements/default_search`. This field is used to identify the serving configuration name and the set of models that will be used to make the search. (required)
@@ -380,12 +422,12 @@ 
Method Details

   },
   "offset": 42, # A 0-indexed integer that specifies the current offset (that is, starting result location, amongst the Products deemed by the API as relevant) in search results. This field is only considered if page_token is unset. If this field is negative, an INVALID_ARGUMENT is returned.
   "orderBy": "A String", # The order in which products are returned. Products can be ordered by a field in an Product object. Leave it unset if ordered by relevance. OrderBy expression is case-sensitive. See more details at this [user guide](https://cloud.google.com/retail/docs/filter-and-order#order). If this field is unrecognizable, an INVALID_ARGUMENT is returned.
-  "pageCategories": [ # The categories associated with a category page. Required for category navigation queries to achieve good search quality. The format should be the same as UserEvent.page_categories; To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"].
+  "pageCategories": [ # The categories associated with a category page. Required for category navigation queries to achieve good search quality. The format should be the same as UserEvent.page_categories; To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"].
     "A String",
   ],
   "pageSize": 42, # Maximum number of Products to return. If unspecified, defaults to a reasonable value. The maximum allowed value is 120. Values above 120 will be coerced to 120. If this field is negative, an INVALID_ARGUMENT is returned.
   "pageToken": "A String", # A page token SearchResponse.next_page_token, received from a previous SearchService.Search call. Provide this to retrieve the subsequent page. When paginating, all other parameters provided to SearchService.Search must match the call that provided the page token. Otherwise, an INVALID_ARGUMENT error is returned.
-  "personalizationSpec": { # The specification for personalization. # The specification for personalization.
+  "personalizationSpec": { # The specification for personalization. # The specification for personalization. Notice that if both ServingConfig.personalization_spec and SearchRequest.personalization_spec are set. SearchRequest.personalization_spec will override ServingConfig.personalization_spec.
     "mode": "A String", # Defaults to Mode.AUTO.
   },
   "query": "A String", # Raw search query. If this field is empty, the request is considered a category browsing request and returned results are based on filter and page_categories.
@@ -492,7 +534,7 @@ 
Method Details

         "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
           "A String",
         ],
-        "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+        "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
           "A String",
         ],
         "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -529,6 +571,48 @@ 
Method Details

           },
         ],
         "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+        "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+          { # The inventory information at a place (e.g. a store) identified by a place ID.
+            "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+              "a_key": { # A custom attribute that is not explicitly modeled in Product.
+                "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+                "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                  3.14,
+                ],
+                "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+                "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                  "A String",
+                ],
+              },
+            },
+            "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+              "A String",
+            ],
+            "placeId": "A String", # The place ID for the current set of inventory information.
+            "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+              "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+              "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+              "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+              "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+              "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+              "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+              "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+                "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+                  "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                  "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                  "maximum": 3.14, # Inclusive upper bound.
+                  "minimum": 3.14, # Inclusive lower bound.
+                },
+                "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+                  "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                  "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                  "maximum": 3.14, # Inclusive upper bound.
+                  "minimum": 3.14, # Inclusive lower bound.
+                },
+              },
+            },
+          },
+        ],
         "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
           "A String",
         ],
diff --git a/docs/dyn/retail_v2.projects.locations.catalogs.servingConfigs.html b/docs/dyn/retail_v2.projects.locations.catalogs.servingConfigs.html
index 35fe50c2d78..80d3585e637 100644
--- a/docs/dyn/retail_v2.projects.locations.catalogs.servingConfigs.html
+++ b/docs/dyn/retail_v2.projects.locations.catalogs.servingConfigs.html
@@ -74,24 +74,499 @@
 
 
Retail API . projects . locations . catalogs . servingConfigs

 
Instance Methods

+

+  addControl(servingConfig, body=None, x__xgafv=None)

+
Enables a Control on the specified ServingConfig. The control is added in the last position of the list of controls it belongs to (e.g. if it's a facet spec control it will be applied in the last position of servingConfig.facetSpecIds) Returns a ALREADY_EXISTS error if the control has already been applied. Returns a FAILED_PRECONDITION error if the addition could exceed maximum number of control allowed for that type of control.

 

   close()

 
Close httplib2 connections.

+

+  create(parent, body=None, servingConfigId=None, x__xgafv=None)

+
Creates a ServingConfig. A maximum of 100 ServingConfigs are allowed in a Catalog, otherwise a FAILED_PRECONDITION error is returned.

+

+  delete(name, x__xgafv=None)

+
Deletes a ServingConfig. Returns a NotFound error if the ServingConfig does not exist.

+

+  get(name, x__xgafv=None)

+
Gets a ServingConfig. Returns a NotFound error if the ServingConfig does not exist.

+

+  list(parent, pageSize=None, pageToken=None, x__xgafv=None)

+
Lists all ServingConfigs linked to this catalog.

+

+  list_next()

+
Retrieves the next page of results.

+

+  patch(name, body=None, updateMask=None, x__xgafv=None)

+
Updates a ServingConfig.

 

   predict(placement, body=None, x__xgafv=None)

 
Makes a recommendation prediction.

+

+  removeControl(servingConfig, body=None, x__xgafv=None)

+
Disables a Control on the specified ServingConfig. The control is removed from the ServingConfig. Returns a NOT_FOUND error if the Control is not enabled for the ServingConfig.

 

   search(placement, body=None, x__xgafv=None)

-
Performs a search. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.

+
Performs a search. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.

 

   search_next()

 
Retrieves the next page of results.

 
Method Details

+

+    addControl(servingConfig, body=None, x__xgafv=None)
+  
Enables a Control on the specified ServingConfig. The control is added in the last position of the list of controls it belongs to (e.g. if it's a facet spec control it will be applied in the last position of servingConfig.facetSpecIds) Returns a ALREADY_EXISTS error if the control has already been applied. Returns a FAILED_PRECONDITION error if the addition could exceed maximum number of control allowed for that type of control.
+
+Args:
+  servingConfig: string, Required. The source ServingConfig resource name . Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/servingConfigs/{serving_config_id}` (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request for AddControl method.
+  "controlId": "A String", # Required. The id of the control to apply. Assumed to be in the same catalog as the serving config - if id is not found a NOT_FOUND error is returned.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions).
+  "boostControlIds": [ # Condition boost specifications. If a product matches multiple conditions in the specifications, boost scores from these specifications are all applied and combined in a non-linear way. Maximum number of specifications is 100. Notice that if both ServingConfig.boost_control_ids and SearchRequest.boost_spec are set, the boost conditions from both places are evaluated. If a search request matches multiple boost conditions, the final boost score is equal to the sum of the boost scores from all matched boost conditions. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "displayName": "A String", # Required. The human readable serving config display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is returned.
+  "diversityLevel": "A String", # How much diversity to use in recommendation model results e.g. `medium-diversity` or `high-diversity`. Currently supported values: * `no-diversity` * `low-diversity` * `medium-diversity` * `high-diversity` * `auto-diversity` If not specified, we choose default based on recommendation model type. Default value: `no-diversity`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "diversityType": "A String", # What kind of diversity to use - data driven or rule based.
+  "doNotAssociateControlIds": [ # Condition do not associate specifications. If multiple do not associate conditions match, all matching do not associate controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "dynamicFacetSpec": { # The specifications of dynamically generated facets. # The specification for dynamically generated facets. Notice that only textual facets can be dynamically generated. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "mode": "A String", # Mode of the DynamicFacet feature. Defaults to Mode.DISABLED if it's unset.
+  },
+  "enableCategoryFilterLevel": "A String", # Whether to add additional category filters on the `similar-items` model. If not specified, we enable it by default. Allowed values are: * `no-category-match`: No additional filtering of original results from the model and the customer's filters. * `relaxed-category-match`: Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "facetControlIds": [ # Facet specifications for faceted search. If empty, no facets are returned. The ids refer to the ids of Control resources with only the Facet control set. These controls are assumed to be in the same Catalog as the ServingConfig. A maximum of 100 values are allowed. Otherwise, an INVALID_ARGUMENT error is returned. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "filterControlIds": [ # Condition filter specifications. If a product matches multiple conditions in the specifications, filters from these specifications are all applied and combined via the AND operator. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "ignoreControlIds": [ # Condition ignore specifications. If multiple ignore conditions match, all matching ignore controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "modelId": "A String", # The id of the model in the same Catalog to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "name": "A String", # Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/servingConfig/*`
+  "onewaySynonymsControlIds": [ # Condition oneway synonyms specifications. If multiple oneway synonyms conditions match, all matching oneway synonyms controls in the list will execute. Order of controls in the list will not matter. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "personalizationSpec": { # The specification for personalization. # The specification for personalization spec. Can only be set if solution_types is SOLUTION_TYPE_SEARCH. Notice that if both ServingConfig.personalization_spec and SearchRequest.personalization_spec are set. SearchRequest.personalization_spec will override ServingConfig.personalization_spec.
+    "mode": "A String", # Defaults to Mode.AUTO.
+  },
+  "priceRerankingLevel": "A String", # How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * `no-price-reranking` * `low-price-raranking` * `medium-price-reranking` * `high-price-reranking` If not specified, we choose default based on model type. Default value: `no-price-reranking`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "redirectControlIds": [ # Condition redirect specifications. Only the first triggered redirect action is applied, even if multiple apply. Maximum number of specifications is 1000. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "replacementControlIds": [ # Condition replacement specifications. - Applied according to the order in the list. - A previously replaced term can not be re-replaced. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "solutionTypes": [ # Required. Immutable. Specifies the solution types that a serving config can be associated with. Currently we support setting only one type of solution.
+    "A String",
+  ],
+  "twowaySynonymsControlIds": [ # Condition synonyms specifications. If multiple syonyms conditions match, all matching synonyms control in the list will execute. Order of controls in the list will not matter. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+}

+

+
 

     close()
   
Close httplib2 connections.

 

 
+

+    create(parent, body=None, servingConfigId=None, x__xgafv=None)
+  
Creates a ServingConfig. A maximum of 100 ServingConfigs are allowed in a Catalog, otherwise a FAILED_PRECONDITION error is returned.
+
+Args:
+  parent: string, Required. Full resource name of parent. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}` (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions).
+  "boostControlIds": [ # Condition boost specifications. If a product matches multiple conditions in the specifications, boost scores from these specifications are all applied and combined in a non-linear way. Maximum number of specifications is 100. Notice that if both ServingConfig.boost_control_ids and SearchRequest.boost_spec are set, the boost conditions from both places are evaluated. If a search request matches multiple boost conditions, the final boost score is equal to the sum of the boost scores from all matched boost conditions. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "displayName": "A String", # Required. The human readable serving config display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is returned.
+  "diversityLevel": "A String", # How much diversity to use in recommendation model results e.g. `medium-diversity` or `high-diversity`. Currently supported values: * `no-diversity` * `low-diversity` * `medium-diversity` * `high-diversity` * `auto-diversity` If not specified, we choose default based on recommendation model type. Default value: `no-diversity`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "diversityType": "A String", # What kind of diversity to use - data driven or rule based.
+  "doNotAssociateControlIds": [ # Condition do not associate specifications. If multiple do not associate conditions match, all matching do not associate controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "dynamicFacetSpec": { # The specifications of dynamically generated facets. # The specification for dynamically generated facets. Notice that only textual facets can be dynamically generated. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "mode": "A String", # Mode of the DynamicFacet feature. Defaults to Mode.DISABLED if it's unset.
+  },
+  "enableCategoryFilterLevel": "A String", # Whether to add additional category filters on the `similar-items` model. If not specified, we enable it by default. Allowed values are: * `no-category-match`: No additional filtering of original results from the model and the customer's filters. * `relaxed-category-match`: Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "facetControlIds": [ # Facet specifications for faceted search. If empty, no facets are returned. The ids refer to the ids of Control resources with only the Facet control set. These controls are assumed to be in the same Catalog as the ServingConfig. A maximum of 100 values are allowed. Otherwise, an INVALID_ARGUMENT error is returned. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "filterControlIds": [ # Condition filter specifications. If a product matches multiple conditions in the specifications, filters from these specifications are all applied and combined via the AND operator. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "ignoreControlIds": [ # Condition ignore specifications. If multiple ignore conditions match, all matching ignore controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "modelId": "A String", # The id of the model in the same Catalog to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "name": "A String", # Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/servingConfig/*`
+  "onewaySynonymsControlIds": [ # Condition oneway synonyms specifications. If multiple oneway synonyms conditions match, all matching oneway synonyms controls in the list will execute. Order of controls in the list will not matter. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "personalizationSpec": { # The specification for personalization. # The specification for personalization spec. Can only be set if solution_types is SOLUTION_TYPE_SEARCH. Notice that if both ServingConfig.personalization_spec and SearchRequest.personalization_spec are set. SearchRequest.personalization_spec will override ServingConfig.personalization_spec.
+    "mode": "A String", # Defaults to Mode.AUTO.
+  },
+  "priceRerankingLevel": "A String", # How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * `no-price-reranking` * `low-price-raranking` * `medium-price-reranking` * `high-price-reranking` If not specified, we choose default based on model type. Default value: `no-price-reranking`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "redirectControlIds": [ # Condition redirect specifications. Only the first triggered redirect action is applied, even if multiple apply. Maximum number of specifications is 1000. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "replacementControlIds": [ # Condition replacement specifications. - Applied according to the order in the list. - A previously replaced term can not be re-replaced. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "solutionTypes": [ # Required. Immutable. Specifies the solution types that a serving config can be associated with. Currently we support setting only one type of solution.
+    "A String",
+  ],
+  "twowaySynonymsControlIds": [ # Condition synonyms specifications. If multiple syonyms conditions match, all matching synonyms control in the list will execute. Order of controls in the list will not matter. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+}
+
+  servingConfigId: string, Required. The ID to use for the ServingConfig, which will become the final component of the ServingConfig's resource name. This value should be 4-63 characters, and valid characters are /a-z-_/.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions).
+  "boostControlIds": [ # Condition boost specifications. If a product matches multiple conditions in the specifications, boost scores from these specifications are all applied and combined in a non-linear way. Maximum number of specifications is 100. Notice that if both ServingConfig.boost_control_ids and SearchRequest.boost_spec are set, the boost conditions from both places are evaluated. If a search request matches multiple boost conditions, the final boost score is equal to the sum of the boost scores from all matched boost conditions. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "displayName": "A String", # Required. The human readable serving config display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is returned.
+  "diversityLevel": "A String", # How much diversity to use in recommendation model results e.g. `medium-diversity` or `high-diversity`. Currently supported values: * `no-diversity` * `low-diversity` * `medium-diversity` * `high-diversity` * `auto-diversity` If not specified, we choose default based on recommendation model type. Default value: `no-diversity`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "diversityType": "A String", # What kind of diversity to use - data driven or rule based.
+  "doNotAssociateControlIds": [ # Condition do not associate specifications. If multiple do not associate conditions match, all matching do not associate controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "dynamicFacetSpec": { # The specifications of dynamically generated facets. # The specification for dynamically generated facets. Notice that only textual facets can be dynamically generated. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "mode": "A String", # Mode of the DynamicFacet feature. Defaults to Mode.DISABLED if it's unset.
+  },
+  "enableCategoryFilterLevel": "A String", # Whether to add additional category filters on the `similar-items` model. If not specified, we enable it by default. Allowed values are: * `no-category-match`: No additional filtering of original results from the model and the customer's filters. * `relaxed-category-match`: Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "facetControlIds": [ # Facet specifications for faceted search. If empty, no facets are returned. The ids refer to the ids of Control resources with only the Facet control set. These controls are assumed to be in the same Catalog as the ServingConfig. A maximum of 100 values are allowed. Otherwise, an INVALID_ARGUMENT error is returned. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "filterControlIds": [ # Condition filter specifications. If a product matches multiple conditions in the specifications, filters from these specifications are all applied and combined via the AND operator. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "ignoreControlIds": [ # Condition ignore specifications. If multiple ignore conditions match, all matching ignore controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "modelId": "A String", # The id of the model in the same Catalog to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "name": "A String", # Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/servingConfig/*`
+  "onewaySynonymsControlIds": [ # Condition oneway synonyms specifications. If multiple oneway synonyms conditions match, all matching oneway synonyms controls in the list will execute. Order of controls in the list will not matter. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "personalizationSpec": { # The specification for personalization. # The specification for personalization spec. Can only be set if solution_types is SOLUTION_TYPE_SEARCH. Notice that if both ServingConfig.personalization_spec and SearchRequest.personalization_spec are set. SearchRequest.personalization_spec will override ServingConfig.personalization_spec.
+    "mode": "A String", # Defaults to Mode.AUTO.
+  },
+  "priceRerankingLevel": "A String", # How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * `no-price-reranking` * `low-price-raranking` * `medium-price-reranking` * `high-price-reranking` If not specified, we choose default based on model type. Default value: `no-price-reranking`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "redirectControlIds": [ # Condition redirect specifications. Only the first triggered redirect action is applied, even if multiple apply. Maximum number of specifications is 1000. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "replacementControlIds": [ # Condition replacement specifications. - Applied according to the order in the list. - A previously replaced term can not be re-replaced. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "solutionTypes": [ # Required. Immutable. Specifies the solution types that a serving config can be associated with. Currently we support setting only one type of solution.
+    "A String",
+  ],
+  "twowaySynonymsControlIds": [ # Condition synonyms specifications. If multiple syonyms conditions match, all matching synonyms control in the list will execute. Order of controls in the list will not matter. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+}

+

+
+

+    delete(name, x__xgafv=None)
+  
Deletes a ServingConfig. Returns a NotFound error if the ServingConfig does not exist.
+
+Args:
+  name: string, Required. The resource name of the ServingConfig to delete. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/servingConfigs/{serving_config_id}` (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }
+}

+

+
+

+    get(name, x__xgafv=None)
+  
Gets a ServingConfig. Returns a NotFound error if the ServingConfig does not exist.
+
+Args:
+  name: string, Required. The resource name of the ServingConfig to get. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/servingConfigs/{serving_config_id}` (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions).
+  "boostControlIds": [ # Condition boost specifications. If a product matches multiple conditions in the specifications, boost scores from these specifications are all applied and combined in a non-linear way. Maximum number of specifications is 100. Notice that if both ServingConfig.boost_control_ids and SearchRequest.boost_spec are set, the boost conditions from both places are evaluated. If a search request matches multiple boost conditions, the final boost score is equal to the sum of the boost scores from all matched boost conditions. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "displayName": "A String", # Required. The human readable serving config display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is returned.
+  "diversityLevel": "A String", # How much diversity to use in recommendation model results e.g. `medium-diversity` or `high-diversity`. Currently supported values: * `no-diversity` * `low-diversity` * `medium-diversity` * `high-diversity` * `auto-diversity` If not specified, we choose default based on recommendation model type. Default value: `no-diversity`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "diversityType": "A String", # What kind of diversity to use - data driven or rule based.
+  "doNotAssociateControlIds": [ # Condition do not associate specifications. If multiple do not associate conditions match, all matching do not associate controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "dynamicFacetSpec": { # The specifications of dynamically generated facets. # The specification for dynamically generated facets. Notice that only textual facets can be dynamically generated. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "mode": "A String", # Mode of the DynamicFacet feature. Defaults to Mode.DISABLED if it's unset.
+  },
+  "enableCategoryFilterLevel": "A String", # Whether to add additional category filters on the `similar-items` model. If not specified, we enable it by default. Allowed values are: * `no-category-match`: No additional filtering of original results from the model and the customer's filters. * `relaxed-category-match`: Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "facetControlIds": [ # Facet specifications for faceted search. If empty, no facets are returned. The ids refer to the ids of Control resources with only the Facet control set. These controls are assumed to be in the same Catalog as the ServingConfig. A maximum of 100 values are allowed. Otherwise, an INVALID_ARGUMENT error is returned. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "filterControlIds": [ # Condition filter specifications. If a product matches multiple conditions in the specifications, filters from these specifications are all applied and combined via the AND operator. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "ignoreControlIds": [ # Condition ignore specifications. If multiple ignore conditions match, all matching ignore controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "modelId": "A String", # The id of the model in the same Catalog to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "name": "A String", # Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/servingConfig/*`
+  "onewaySynonymsControlIds": [ # Condition oneway synonyms specifications. If multiple oneway synonyms conditions match, all matching oneway synonyms controls in the list will execute. Order of controls in the list will not matter. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "personalizationSpec": { # The specification for personalization. # The specification for personalization spec. Can only be set if solution_types is SOLUTION_TYPE_SEARCH. Notice that if both ServingConfig.personalization_spec and SearchRequest.personalization_spec are set. SearchRequest.personalization_spec will override ServingConfig.personalization_spec.
+    "mode": "A String", # Defaults to Mode.AUTO.
+  },
+  "priceRerankingLevel": "A String", # How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * `no-price-reranking` * `low-price-raranking` * `medium-price-reranking` * `high-price-reranking` If not specified, we choose default based on model type. Default value: `no-price-reranking`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "redirectControlIds": [ # Condition redirect specifications. Only the first triggered redirect action is applied, even if multiple apply. Maximum number of specifications is 1000. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "replacementControlIds": [ # Condition replacement specifications. - Applied according to the order in the list. - A previously replaced term can not be re-replaced. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "solutionTypes": [ # Required. Immutable. Specifies the solution types that a serving config can be associated with. Currently we support setting only one type of solution.
+    "A String",
+  ],
+  "twowaySynonymsControlIds": [ # Condition synonyms specifications. If multiple syonyms conditions match, all matching synonyms control in the list will execute. Order of controls in the list will not matter. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+}

+

+
+

+    list(parent, pageSize=None, pageToken=None, x__xgafv=None)
+  
Lists all ServingConfigs linked to this catalog.
+
+Args:
+  parent: string, Required. The catalog resource name. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}` (required)
+  pageSize: integer, Optional. Maximum number of results to return. If unspecified, defaults to 100. If a value greater than 100 is provided, at most 100 results are returned.
+  pageToken: string, Optional. A page token, received from a previous `ListServingConfigs` call. Provide this to retrieve the subsequent page.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response for ListServingConfigs method.
+  "nextPageToken": "A String", # Pagination token, if not returned indicates the last page.
+  "servingConfigs": [ # All the ServingConfigs for a given catalog.
+    { # Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions).
+      "boostControlIds": [ # Condition boost specifications. If a product matches multiple conditions in the specifications, boost scores from these specifications are all applied and combined in a non-linear way. Maximum number of specifications is 100. Notice that if both ServingConfig.boost_control_ids and SearchRequest.boost_spec are set, the boost conditions from both places are evaluated. If a search request matches multiple boost conditions, the final boost score is equal to the sum of the boost scores from all matched boost conditions. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+        "A String",
+      ],
+      "displayName": "A String", # Required. The human readable serving config display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is returned.
+      "diversityLevel": "A String", # How much diversity to use in recommendation model results e.g. `medium-diversity` or `high-diversity`. Currently supported values: * `no-diversity` * `low-diversity` * `medium-diversity` * `high-diversity` * `auto-diversity` If not specified, we choose default based on recommendation model type. Default value: `no-diversity`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+      "diversityType": "A String", # What kind of diversity to use - data driven or rule based.
+      "doNotAssociateControlIds": [ # Condition do not associate specifications. If multiple do not associate conditions match, all matching do not associate controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+        "A String",
+      ],
+      "dynamicFacetSpec": { # The specifications of dynamically generated facets. # The specification for dynamically generated facets. Notice that only textual facets can be dynamically generated. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+        "mode": "A String", # Mode of the DynamicFacet feature. Defaults to Mode.DISABLED if it's unset.
+      },
+      "enableCategoryFilterLevel": "A String", # Whether to add additional category filters on the `similar-items` model. If not specified, we enable it by default. Allowed values are: * `no-category-match`: No additional filtering of original results from the model and the customer's filters. * `relaxed-category-match`: Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+      "facetControlIds": [ # Facet specifications for faceted search. If empty, no facets are returned. The ids refer to the ids of Control resources with only the Facet control set. These controls are assumed to be in the same Catalog as the ServingConfig. A maximum of 100 values are allowed. Otherwise, an INVALID_ARGUMENT error is returned. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+        "A String",
+      ],
+      "filterControlIds": [ # Condition filter specifications. If a product matches multiple conditions in the specifications, filters from these specifications are all applied and combined via the AND operator. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+        "A String",
+      ],
+      "ignoreControlIds": [ # Condition ignore specifications. If multiple ignore conditions match, all matching ignore controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+        "A String",
+      ],
+      "modelId": "A String", # The id of the model in the same Catalog to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.
+      "name": "A String", # Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/servingConfig/*`
+      "onewaySynonymsControlIds": [ # Condition oneway synonyms specifications. If multiple oneway synonyms conditions match, all matching oneway synonyms controls in the list will execute. Order of controls in the list will not matter. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+        "A String",
+      ],
+      "personalizationSpec": { # The specification for personalization. # The specification for personalization spec. Can only be set if solution_types is SOLUTION_TYPE_SEARCH. Notice that if both ServingConfig.personalization_spec and SearchRequest.personalization_spec are set. SearchRequest.personalization_spec will override ServingConfig.personalization_spec.
+        "mode": "A String", # Defaults to Mode.AUTO.
+      },
+      "priceRerankingLevel": "A String", # How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * `no-price-reranking` * `low-price-raranking` * `medium-price-reranking` * `high-price-reranking` If not specified, we choose default based on model type. Default value: `no-price-reranking`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+      "redirectControlIds": [ # Condition redirect specifications. Only the first triggered redirect action is applied, even if multiple apply. Maximum number of specifications is 1000. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+        "A String",
+      ],
+      "replacementControlIds": [ # Condition replacement specifications. - Applied according to the order in the list. - A previously replaced term can not be re-replaced. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+        "A String",
+      ],
+      "solutionTypes": [ # Required. Immutable. Specifies the solution types that a serving config can be associated with. Currently we support setting only one type of solution.
+        "A String",
+      ],
+      "twowaySynonymsControlIds": [ # Condition synonyms specifications. If multiple syonyms conditions match, all matching synonyms control in the list will execute. Order of controls in the list will not matter. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+        "A String",
+      ],
+    },
+  ],
+}

+

+
+

+    list_next()
+  
Retrieves the next page of results.
+
+        Args:
+          previous_request: The request for the previous page. (required)
+          previous_response: The response from the request for the previous page. (required)
+
+        Returns:
+          A request object that you can call 'execute()' on to request the next
+          page. Returns None if there are no more items in the collection.
+        

+

+
+

+    patch(name, body=None, updateMask=None, x__xgafv=None)
+  
Updates a ServingConfig.
+
+Args:
+  name: string, Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/servingConfig/*` (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions).
+  "boostControlIds": [ # Condition boost specifications. If a product matches multiple conditions in the specifications, boost scores from these specifications are all applied and combined in a non-linear way. Maximum number of specifications is 100. Notice that if both ServingConfig.boost_control_ids and SearchRequest.boost_spec are set, the boost conditions from both places are evaluated. If a search request matches multiple boost conditions, the final boost score is equal to the sum of the boost scores from all matched boost conditions. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "displayName": "A String", # Required. The human readable serving config display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is returned.
+  "diversityLevel": "A String", # How much diversity to use in recommendation model results e.g. `medium-diversity` or `high-diversity`. Currently supported values: * `no-diversity` * `low-diversity` * `medium-diversity` * `high-diversity` * `auto-diversity` If not specified, we choose default based on recommendation model type. Default value: `no-diversity`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "diversityType": "A String", # What kind of diversity to use - data driven or rule based.
+  "doNotAssociateControlIds": [ # Condition do not associate specifications. If multiple do not associate conditions match, all matching do not associate controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "dynamicFacetSpec": { # The specifications of dynamically generated facets. # The specification for dynamically generated facets. Notice that only textual facets can be dynamically generated. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "mode": "A String", # Mode of the DynamicFacet feature. Defaults to Mode.DISABLED if it's unset.
+  },
+  "enableCategoryFilterLevel": "A String", # Whether to add additional category filters on the `similar-items` model. If not specified, we enable it by default. Allowed values are: * `no-category-match`: No additional filtering of original results from the model and the customer's filters. * `relaxed-category-match`: Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "facetControlIds": [ # Facet specifications for faceted search. If empty, no facets are returned. The ids refer to the ids of Control resources with only the Facet control set. These controls are assumed to be in the same Catalog as the ServingConfig. A maximum of 100 values are allowed. Otherwise, an INVALID_ARGUMENT error is returned. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "filterControlIds": [ # Condition filter specifications. If a product matches multiple conditions in the specifications, filters from these specifications are all applied and combined via the AND operator. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "ignoreControlIds": [ # Condition ignore specifications. If multiple ignore conditions match, all matching ignore controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "modelId": "A String", # The id of the model in the same Catalog to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "name": "A String", # Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/servingConfig/*`
+  "onewaySynonymsControlIds": [ # Condition oneway synonyms specifications. If multiple oneway synonyms conditions match, all matching oneway synonyms controls in the list will execute. Order of controls in the list will not matter. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "personalizationSpec": { # The specification for personalization. # The specification for personalization spec. Can only be set if solution_types is SOLUTION_TYPE_SEARCH. Notice that if both ServingConfig.personalization_spec and SearchRequest.personalization_spec are set. SearchRequest.personalization_spec will override ServingConfig.personalization_spec.
+    "mode": "A String", # Defaults to Mode.AUTO.
+  },
+  "priceRerankingLevel": "A String", # How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * `no-price-reranking` * `low-price-raranking` * `medium-price-reranking` * `high-price-reranking` If not specified, we choose default based on model type. Default value: `no-price-reranking`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "redirectControlIds": [ # Condition redirect specifications. Only the first triggered redirect action is applied, even if multiple apply. Maximum number of specifications is 1000. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "replacementControlIds": [ # Condition replacement specifications. - Applied according to the order in the list. - A previously replaced term can not be re-replaced. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "solutionTypes": [ # Required. Immutable. Specifies the solution types that a serving config can be associated with. Currently we support setting only one type of solution.
+    "A String",
+  ],
+  "twowaySynonymsControlIds": [ # Condition synonyms specifications. If multiple syonyms conditions match, all matching synonyms control in the list will execute. Order of controls in the list will not matter. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+}
+
+  updateMask: string, Indicates which fields in the provided ServingConfig to update. The following are NOT supported: * ServingConfig.name If not set, all supported fields are updated.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions).
+  "boostControlIds": [ # Condition boost specifications. If a product matches multiple conditions in the specifications, boost scores from these specifications are all applied and combined in a non-linear way. Maximum number of specifications is 100. Notice that if both ServingConfig.boost_control_ids and SearchRequest.boost_spec are set, the boost conditions from both places are evaluated. If a search request matches multiple boost conditions, the final boost score is equal to the sum of the boost scores from all matched boost conditions. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "displayName": "A String", # Required. The human readable serving config display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is returned.
+  "diversityLevel": "A String", # How much diversity to use in recommendation model results e.g. `medium-diversity` or `high-diversity`. Currently supported values: * `no-diversity` * `low-diversity` * `medium-diversity` * `high-diversity` * `auto-diversity` If not specified, we choose default based on recommendation model type. Default value: `no-diversity`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "diversityType": "A String", # What kind of diversity to use - data driven or rule based.
+  "doNotAssociateControlIds": [ # Condition do not associate specifications. If multiple do not associate conditions match, all matching do not associate controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "dynamicFacetSpec": { # The specifications of dynamically generated facets. # The specification for dynamically generated facets. Notice that only textual facets can be dynamically generated. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "mode": "A String", # Mode of the DynamicFacet feature. Defaults to Mode.DISABLED if it's unset.
+  },
+  "enableCategoryFilterLevel": "A String", # Whether to add additional category filters on the `similar-items` model. If not specified, we enable it by default. Allowed values are: * `no-category-match`: No additional filtering of original results from the model and the customer's filters. * `relaxed-category-match`: Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "facetControlIds": [ # Facet specifications for faceted search. If empty, no facets are returned. The ids refer to the ids of Control resources with only the Facet control set. These controls are assumed to be in the same Catalog as the ServingConfig. A maximum of 100 values are allowed. Otherwise, an INVALID_ARGUMENT error is returned. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "filterControlIds": [ # Condition filter specifications. If a product matches multiple conditions in the specifications, filters from these specifications are all applied and combined via the AND operator. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "ignoreControlIds": [ # Condition ignore specifications. If multiple ignore conditions match, all matching ignore controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "modelId": "A String", # The id of the model in the same Catalog to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "name": "A String", # Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/servingConfig/*`
+  "onewaySynonymsControlIds": [ # Condition oneway synonyms specifications. If multiple oneway synonyms conditions match, all matching oneway synonyms controls in the list will execute. Order of controls in the list will not matter. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "personalizationSpec": { # The specification for personalization. # The specification for personalization spec. Can only be set if solution_types is SOLUTION_TYPE_SEARCH. Notice that if both ServingConfig.personalization_spec and SearchRequest.personalization_spec are set. SearchRequest.personalization_spec will override ServingConfig.personalization_spec.
+    "mode": "A String", # Defaults to Mode.AUTO.
+  },
+  "priceRerankingLevel": "A String", # How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * `no-price-reranking` * `low-price-raranking` * `medium-price-reranking` * `high-price-reranking` If not specified, we choose default based on model type. Default value: `no-price-reranking`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "redirectControlIds": [ # Condition redirect specifications. Only the first triggered redirect action is applied, even if multiple apply. Maximum number of specifications is 1000. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "replacementControlIds": [ # Condition replacement specifications. - Applied according to the order in the list. - A previously replaced term can not be re-replaced. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "solutionTypes": [ # Required. Immutable. Specifies the solution types that a serving config can be associated with. Currently we support setting only one type of solution.
+    "A String",
+  ],
+  "twowaySynonymsControlIds": [ # Condition synonyms specifications. If multiple syonyms conditions match, all matching synonyms control in the list will execute. Order of controls in the list will not matter. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+}

+

+
 

     predict(placement, body=None, x__xgafv=None)
   
Makes a recommendation prediction.
@@ -139,7 +614,7 @@ 
Method Details

     "filter": "A String", # The filter syntax consists of an expression language for constructing a predicate from one or more fields of the products being filtered. See SearchRequest.filter for definition and syntax. The value must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned.
     "offset": 42, # An integer that specifies the current offset for pagination (the 0-indexed starting location, amongst the products deemed by the API as relevant). See SearchRequest.offset for definition. If this field is negative, an INVALID_ARGUMENT is returned. This can only be set for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
     "orderBy": "A String", # The order in which products are returned. See SearchRequest.order_by for definition and syntax. The value must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. This can only be set for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
-    "pageCategories": [ # The categories associated with a category page. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"]. Required for `category-page-view` events. At least one of search_query or page_categories is required for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
+    "pageCategories": [ # The categories associated with a category page. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"]. Required for `category-page-view` events. At least one of search_query or page_categories is required for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
       "A String",
     ],
     "pageViewId": "A String", # A unique ID of a web page view. This should be kept the same for all user events triggered from the same pageview. For example, an item detail page view could trigger multiple events as the user is browsing the page. The `pageViewId` property should be kept the same for all these events so that they can be grouped together properly. When using the client side event reporting with JavaScript pixel and Google Tag Manager, this value is filled in automatically.
@@ -172,7 +647,7 @@ 
Method Details

           "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
             "A String",
           ],
-          "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+          "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
             "A String",
           ],
           "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -209,6 +684,48 @@ 
Method Details

             },
           ],
           "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+          "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+            { # The inventory information at a place (e.g. a store) identified by a place ID.
+              "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+                "a_key": { # A custom attribute that is not explicitly modeled in Product.
+                  "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+                  "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                    3.14,
+                  ],
+                  "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+                  "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                    "A String",
+                  ],
+                },
+              },
+              "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+                "A String",
+              ],
+              "placeId": "A String", # The place ID for the current set of inventory information.
+              "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+                "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+                "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+                "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+                "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+                "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+                "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+                "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+                  "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+                    "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                    "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                    "maximum": 3.14, # Inclusive upper bound.
+                    "minimum": 3.14, # Inclusive lower bound.
+                  },
+                  "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+                    "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                    "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                    "maximum": 3.14, # Inclusive upper bound.
+                    "minimum": 3.14, # Inclusive lower bound.
+                  },
+                },
+              },
+            },
+          ],
           "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
             "A String",
           ],
@@ -317,9 +834,77 @@ 
Method Details

 }

 

 
+

+    removeControl(servingConfig, body=None, x__xgafv=None)
+  
Disables a Control on the specified ServingConfig. The control is removed from the ServingConfig. Returns a NOT_FOUND error if the Control is not enabled for the ServingConfig.
+
+Args:
+  servingConfig: string, Required. The source ServingConfig resource name . Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/servingConfigs/{serving_config_id}` (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request for RemoveControl method.
+  "controlId": "A String", # Required. The id of the control to apply. Assumed to be in the same catalog as the serving config.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions).
+  "boostControlIds": [ # Condition boost specifications. If a product matches multiple conditions in the specifications, boost scores from these specifications are all applied and combined in a non-linear way. Maximum number of specifications is 100. Notice that if both ServingConfig.boost_control_ids and SearchRequest.boost_spec are set, the boost conditions from both places are evaluated. If a search request matches multiple boost conditions, the final boost score is equal to the sum of the boost scores from all matched boost conditions. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "displayName": "A String", # Required. The human readable serving config display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is returned.
+  "diversityLevel": "A String", # How much diversity to use in recommendation model results e.g. `medium-diversity` or `high-diversity`. Currently supported values: * `no-diversity` * `low-diversity` * `medium-diversity` * `high-diversity` * `auto-diversity` If not specified, we choose default based on recommendation model type. Default value: `no-diversity`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "diversityType": "A String", # What kind of diversity to use - data driven or rule based.
+  "doNotAssociateControlIds": [ # Condition do not associate specifications. If multiple do not associate conditions match, all matching do not associate controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "dynamicFacetSpec": { # The specifications of dynamically generated facets. # The specification for dynamically generated facets. Notice that only textual facets can be dynamically generated. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "mode": "A String", # Mode of the DynamicFacet feature. Defaults to Mode.DISABLED if it's unset.
+  },
+  "enableCategoryFilterLevel": "A String", # Whether to add additional category filters on the `similar-items` model. If not specified, we enable it by default. Allowed values are: * `no-category-match`: No additional filtering of original results from the model and the customer's filters. * `relaxed-category-match`: Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "facetControlIds": [ # Facet specifications for faceted search. If empty, no facets are returned. The ids refer to the ids of Control resources with only the Facet control set. These controls are assumed to be in the same Catalog as the ServingConfig. A maximum of 100 values are allowed. Otherwise, an INVALID_ARGUMENT error is returned. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "filterControlIds": [ # Condition filter specifications. If a product matches multiple conditions in the specifications, filters from these specifications are all applied and combined via the AND operator. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "ignoreControlIds": [ # Condition ignore specifications. If multiple ignore conditions match, all matching ignore controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "modelId": "A String", # The id of the model in the same Catalog to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "name": "A String", # Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/servingConfig/*`
+  "onewaySynonymsControlIds": [ # Condition oneway synonyms specifications. If multiple oneway synonyms conditions match, all matching oneway synonyms controls in the list will execute. Order of controls in the list will not matter. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "personalizationSpec": { # The specification for personalization. # The specification for personalization spec. Can only be set if solution_types is SOLUTION_TYPE_SEARCH. Notice that if both ServingConfig.personalization_spec and SearchRequest.personalization_spec are set. SearchRequest.personalization_spec will override ServingConfig.personalization_spec.
+    "mode": "A String", # Defaults to Mode.AUTO.
+  },
+  "priceRerankingLevel": "A String", # How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * `no-price-reranking` * `low-price-raranking` * `medium-price-reranking` * `high-price-reranking` If not specified, we choose default based on model type. Default value: `no-price-reranking`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "redirectControlIds": [ # Condition redirect specifications. Only the first triggered redirect action is applied, even if multiple apply. Maximum number of specifications is 1000. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "replacementControlIds": [ # Condition replacement specifications. - Applied according to the order in the list. - A previously replaced term can not be re-replaced. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+  "solutionTypes": [ # Required. Immutable. Specifies the solution types that a serving config can be associated with. Currently we support setting only one type of solution.
+    "A String",
+  ],
+  "twowaySynonymsControlIds": [ # Condition synonyms specifications. If multiple syonyms conditions match, all matching synonyms control in the list will execute. Order of controls in the list will not matter. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
+    "A String",
+  ],
+}

+

+
 

     search(placement, body=None, x__xgafv=None)
-  
Performs a search. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.
+  
Performs a search. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.
 
 Args:
   placement: string, Required. The resource name of the Retail Search serving config, such as `projects/*/locations/global/catalogs/default_catalog/servingConfigs/default_serving_config` or the name of the legacy placement resource, such as `projects/*/locations/global/catalogs/default_catalog/placements/default_search`. This field is used to identify the serving configuration name and the set of models that will be used to make the search. (required)
@@ -380,12 +965,12 @@ 
Method Details

   },
   "offset": 42, # A 0-indexed integer that specifies the current offset (that is, starting result location, amongst the Products deemed by the API as relevant) in search results. This field is only considered if page_token is unset. If this field is negative, an INVALID_ARGUMENT is returned.
   "orderBy": "A String", # The order in which products are returned. Products can be ordered by a field in an Product object. Leave it unset if ordered by relevance. OrderBy expression is case-sensitive. See more details at this [user guide](https://cloud.google.com/retail/docs/filter-and-order#order). If this field is unrecognizable, an INVALID_ARGUMENT is returned.
-  "pageCategories": [ # The categories associated with a category page. Required for category navigation queries to achieve good search quality. The format should be the same as UserEvent.page_categories; To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"].
+  "pageCategories": [ # The categories associated with a category page. Required for category navigation queries to achieve good search quality. The format should be the same as UserEvent.page_categories; To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"].
     "A String",
   ],
   "pageSize": 42, # Maximum number of Products to return. If unspecified, defaults to a reasonable value. The maximum allowed value is 120. Values above 120 will be coerced to 120. If this field is negative, an INVALID_ARGUMENT is returned.
   "pageToken": "A String", # A page token SearchResponse.next_page_token, received from a previous SearchService.Search call. Provide this to retrieve the subsequent page. When paginating, all other parameters provided to SearchService.Search must match the call that provided the page token. Otherwise, an INVALID_ARGUMENT error is returned.
-  "personalizationSpec": { # The specification for personalization. # The specification for personalization.
+  "personalizationSpec": { # The specification for personalization. # The specification for personalization. Notice that if both ServingConfig.personalization_spec and SearchRequest.personalization_spec are set. SearchRequest.personalization_spec will override ServingConfig.personalization_spec.
     "mode": "A String", # Defaults to Mode.AUTO.
   },
   "query": "A String", # Raw search query. If this field is empty, the request is considered a category browsing request and returned results are based on filter and page_categories.
@@ -492,7 +1077,7 @@ 
Method Details

         "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
           "A String",
         ],
-        "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+        "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
           "A String",
         ],
         "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -529,6 +1114,48 @@ 
Method Details

           },
         ],
         "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+        "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+          { # The inventory information at a place (e.g. a store) identified by a place ID.
+            "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+              "a_key": { # A custom attribute that is not explicitly modeled in Product.
+                "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+                "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                  3.14,
+                ],
+                "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+                "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                  "A String",
+                ],
+              },
+            },
+            "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+              "A String",
+            ],
+            "placeId": "A String", # The place ID for the current set of inventory information.
+            "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+              "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+              "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+              "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+              "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+              "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+              "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+              "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+                "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+                  "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                  "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                  "maximum": 3.14, # Inclusive upper bound.
+                  "minimum": 3.14, # Inclusive lower bound.
+                },
+                "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+                  "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                  "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                  "maximum": 3.14, # Inclusive upper bound.
+                  "minimum": 3.14, # Inclusive lower bound.
+                },
+              },
+            },
+          },
+        ],
         "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
           "A String",
         ],
diff --git a/docs/dyn/retail_v2.projects.locations.catalogs.userEvents.html b/docs/dyn/retail_v2.projects.locations.catalogs.userEvents.html
index f823eb5e7b1..ff7c907c431 100644
--- a/docs/dyn/retail_v2.projects.locations.catalogs.userEvents.html
+++ b/docs/dyn/retail_v2.projects.locations.catalogs.userEvents.html
@@ -82,13 +82,13 @@ 
Instance Methods

 
Writes a single user event from the browser. This uses a GET request to due to browser restriction of POST-ing to a 3rd party domain. This method is used only by the Retail API JavaScript pixel and Google Tag Manager. Users should not call this method directly.

 

   import_(parent, body=None, x__xgafv=None)

-
Bulk import of User events. Request processing might be synchronous. Events that already exist are skipped. Use this method for backfilling historical user events. Operation.response is of type ImportResponse. Note that it is possible for a subset of the items to be successfully inserted. Operation.metadata is of type ImportMetadata.

+
Bulk import of User events. Request processing might be synchronous. Events that already exist are skipped. Use this method for backfilling historical user events. `Operation.response` is of type `ImportResponse`. Note that it is possible for a subset of the items to be successfully inserted. `Operation.metadata` is of type `ImportMetadata`.

 

   purge(parent, body=None, x__xgafv=None)

 
Deletes permanently all user events specified by the filter provided. Depending on the number of events specified by the filter, this operation could take hours or days to complete. To test a filter, use the list command first.

 

   rejoin(parent, body=None, x__xgafv=None)

-
Starts a user event rejoin operation with latest product catalog. Events will not be annotated with detailed product information if product is missing from the catalog at the time the user event is ingested, and these events are stored as unjoined events with a limited usage on training and serving. This method can be used to start a join operation on specified events with latest version of product catalog. It can also be used to correct events joined with the wrong product catalog. A rejoin operation can take hours or days to complete.

+
Starts a user-event rejoin operation with latest product catalog. Events are not annotated with detailed product information for products that are missing from the catalog when the user event is ingested. These events are stored as unjoined events with limited usage on training and serving. You can use this method to start a join operation on specified events with the latest version of product catalog. You can also use this method to correct events joined with the wrong product catalog. A rejoin operation can take hours or days to complete.

 

   write(parent, body=None, x__xgafv=None)

 
Writes a single user event.

@@ -128,7 +128,7 @@ 
Method Details

 
 

     import_(parent, body=None, x__xgafv=None)
-  
Bulk import of User events. Request processing might be synchronous. Events that already exist are skipped. Use this method for backfilling historical user events. Operation.response is of type ImportResponse. Note that it is possible for a subset of the items to be successfully inserted. Operation.metadata is of type ImportMetadata.
+  
Bulk import of User events. Request processing might be synchronous. Events that already exist are skipped. Use this method for backfilling historical user events. `Operation.response` is of type `ImportResponse`. Note that it is possible for a subset of the items to be successfully inserted. `Operation.metadata` is of type `ImportMetadata`.
 
 Args:
   parent: string, Required. `projects/1234/locations/global/catalogs/default_catalog` (required)
@@ -137,7 +137,7 @@ 
Method Details

 
 { # Request message for the ImportUserEvents request.
   "errorsConfig": { # Configuration of destination for Import related errors. # The desired location of errors incurred during the Import. Cannot be set for inline user event imports.
-    "gcsPrefix": "A String", # Google Cloud Storage prefix for import errors. This must be an empty, existing Cloud Storage directory. Import errors will be written to sharded files in this directory, one per line, as a JSON-encoded `google.rpc.Status` message.
+    "gcsPrefix": "A String", # Google Cloud Storage prefix for import errors. This must be an empty, existing Cloud Storage directory. Import errors are written to sharded files in this directory, one per line, as a JSON-encoded `google.rpc.Status` message.
   },
   "inputConfig": { # The input config source for user events. # Required. The desired input location of the data.
     "bigQuerySource": { # BigQuery source import data from. # Required. BigQuery input source.
@@ -152,8 +152,8 @@ 
Method Details

       "projectId": "A String", # The project ID (can be project # or ID) that the BigQuery source is in with a length limit of 128 characters. If not specified, inherits the project ID from the parent request.
       "tableId": "A String", # Required. The BigQuery table to copy the data from with a length limit of 1,024 characters.
     },
-    "gcsSource": { # Google Cloud Storage location for input content. format. # Required. Google Cloud Storage location for the input content.
-      "dataSchema": "A String", # The schema to use when parsing the data from the source. Supported values for product imports: * `product` (default): One JSON Product per line. Each product must have a valid Product.id. * `product_merchant_center`: See [Importing catalog data from Merchant Center](https://cloud.google.com/retail/recommendations-ai/docs/upload-catalog#mc). Supported values for user events imports: * `user_event` (default): One JSON UserEvent per line. * `user_event_ga360`: Using https://support.google.com/analytics/answer/3437719. Supported values for control imports: * 'control' (default): One JSON Control per line. Supported values for catalog attribute imports: * 'catalog_attribute' (default): One CSV CatalogAttribute per line.
+    "gcsSource": { # Google Cloud Storage location for input content. # Required. Google Cloud Storage location for the input content.
+      "dataSchema": "A String", # The schema to use when parsing the data from the source. Supported values for product imports: * `product` (default): One JSON Product per line. Each product must have a valid Product.id. * `product_merchant_center`: See [Importing catalog data from Merchant Center](https://cloud.google.com/retail/recommendations-ai/docs/upload-catalog#mc). Supported values for user events imports: * `user_event` (default): One JSON UserEvent per line. * `user_event_ga360`: Using https://support.google.com/analytics/answer/3437719. Supported values for control imports: * `control` (default): One JSON Control per line. Supported values for catalog attribute imports: * `catalog_attribute` (default): One CSV CatalogAttribute per line.
       "inputUris": [ # Required. Google Cloud Storage URIs to input files. URI can be up to 2000 characters long. URIs can match the full object path (for example, `gs://bucket/directory/object.json`) or a pattern matching one or more files, such as `gs://bucket/directory/*.json`. A request can contain at most 100 files, and each file can be up to 2 GB. See [Importing product information](https://cloud.google.com/retail/recommendations-ai/docs/upload-catalog) for the expected file format and setup instructions.
         "A String",
       ],
@@ -188,7 +188,7 @@ 
Method Details

           "filter": "A String", # The filter syntax consists of an expression language for constructing a predicate from one or more fields of the products being filtered. See SearchRequest.filter for definition and syntax. The value must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned.
           "offset": 42, # An integer that specifies the current offset for pagination (the 0-indexed starting location, amongst the products deemed by the API as relevant). See SearchRequest.offset for definition. If this field is negative, an INVALID_ARGUMENT is returned. This can only be set for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
           "orderBy": "A String", # The order in which products are returned. See SearchRequest.order_by for definition and syntax. The value must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. This can only be set for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
-          "pageCategories": [ # The categories associated with a category page. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"]. Required for `category-page-view` events. At least one of search_query or page_categories is required for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
+          "pageCategories": [ # The categories associated with a category page. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"]. Required for `category-page-view` events. At least one of search_query or page_categories is required for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
             "A String",
           ],
           "pageViewId": "A String", # A unique ID of a web page view. This should be kept the same for all user events triggered from the same pageview. For example, an item detail page view could trigger multiple events as the user is browsing the page. The `pageViewId` property should be kept the same for all these events so that they can be grouped together properly. When using the client side event reporting with JavaScript pixel and Google Tag Manager, this value is filled in automatically.
@@ -221,7 +221,7 @@ 
Method Details

                 "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
                   "A String",
                 ],
-                "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+                "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
                   "A String",
                 ],
                 "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -258,6 +258,48 @@ 
Method Details

                   },
                 ],
                 "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+                "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+                  { # The inventory information at a place (e.g. a store) identified by a place ID.
+                    "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+                      "a_key": { # A custom attribute that is not explicitly modeled in Product.
+                        "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+                        "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                          3.14,
+                        ],
+                        "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+                        "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                          "A String",
+                        ],
+                      },
+                    },
+                    "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+                      "A String",
+                    ],
+                    "placeId": "A String", # The place ID for the current set of inventory information.
+                    "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+                      "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+                      "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+                      "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+                      "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+                      "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+                      "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+                      "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+                        "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+                          "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                          "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                          "maximum": 3.14, # Inclusive upper bound.
+                          "minimum": 3.14, # Inclusive lower bound.
+                        },
+                        "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+                          "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                          "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                          "maximum": 3.14, # Inclusive upper bound.
+                          "minimum": 3.14, # Inclusive lower bound.
+                        },
+                      },
+                    },
+                  },
+                ],
                 "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
                   "A String",
                 ],
@@ -417,7 +459,7 @@ 
Method Details

 
 

     rejoin(parent, body=None, x__xgafv=None)
-  
Starts a user event rejoin operation with latest product catalog. Events will not be annotated with detailed product information if product is missing from the catalog at the time the user event is ingested, and these events are stored as unjoined events with a limited usage on training and serving. This method can be used to start a join operation on specified events with latest version of product catalog. It can also be used to correct events joined with the wrong product catalog. A rejoin operation can take hours or days to complete.
+  
Starts a user-event rejoin operation with latest product catalog. Events are not annotated with detailed product information for products that are missing from the catalog when the user event is ingested. These events are stored as unjoined events with limited usage on training and serving. You can use this method to start a join operation on specified events with the latest version of product catalog. You can also use this method to correct events joined with the wrong product catalog. A rejoin operation can take hours or days to complete.
 
 Args:
   parent: string, Required. The parent catalog resource name, such as `projects/1234/locations/global/catalogs/default_catalog`. (required)
@@ -425,7 +467,7 @@ 
Method Details

     The object takes the form of:
 
 { # Request message for RejoinUserEvents method.
-  "userEventRejoinScope": "A String", # The type of the user event rejoin to define the scope and range of the user events to be rejoined with the latest product catalog. Defaults to USER_EVENT_REJOIN_SCOPE_UNSPECIFIED if this field is not set, or set to an invalid integer value.
+  "userEventRejoinScope": "A String", # The type of the user event rejoin to define the scope and range of the user events to be rejoined with the latest product catalog. Defaults to `USER_EVENT_REJOIN_SCOPE_UNSPECIFIED` if this field is not set, or set to an invalid integer value.
 }
 
   x__xgafv: string, V1 error format.
@@ -494,7 +536,7 @@ 
Method Details

   "filter": "A String", # The filter syntax consists of an expression language for constructing a predicate from one or more fields of the products being filtered. See SearchRequest.filter for definition and syntax. The value must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned.
   "offset": 42, # An integer that specifies the current offset for pagination (the 0-indexed starting location, amongst the products deemed by the API as relevant). See SearchRequest.offset for definition. If this field is negative, an INVALID_ARGUMENT is returned. This can only be set for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
   "orderBy": "A String", # The order in which products are returned. See SearchRequest.order_by for definition and syntax. The value must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. This can only be set for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
-  "pageCategories": [ # The categories associated with a category page. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"]. Required for `category-page-view` events. At least one of search_query or page_categories is required for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
+  "pageCategories": [ # The categories associated with a category page. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"]. Required for `category-page-view` events. At least one of search_query or page_categories is required for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
     "A String",
   ],
   "pageViewId": "A String", # A unique ID of a web page view. This should be kept the same for all user events triggered from the same pageview. For example, an item detail page view could trigger multiple events as the user is browsing the page. The `pageViewId` property should be kept the same for all these events so that they can be grouped together properly. When using the client side event reporting with JavaScript pixel and Google Tag Manager, this value is filled in automatically.
@@ -527,7 +569,7 @@ 
Method Details

         "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
           "A String",
         ],
-        "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+        "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
           "A String",
         ],
         "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -564,6 +606,48 @@ 
Method Details

           },
         ],
         "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+        "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+          { # The inventory information at a place (e.g. a store) identified by a place ID.
+            "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+              "a_key": { # A custom attribute that is not explicitly modeled in Product.
+                "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+                "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                  3.14,
+                ],
+                "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+                "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                  "A String",
+                ],
+              },
+            },
+            "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+              "A String",
+            ],
+            "placeId": "A String", # The place ID for the current set of inventory information.
+            "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+              "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+              "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+              "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+              "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+              "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+              "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+              "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+                "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+                  "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                  "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                  "maximum": 3.14, # Inclusive upper bound.
+                  "minimum": 3.14, # Inclusive lower bound.
+                },
+                "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+                  "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                  "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                  "maximum": 3.14, # Inclusive upper bound.
+                  "minimum": 3.14, # Inclusive lower bound.
+                },
+              },
+            },
+          },
+        ],
         "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
           "A String",
         ],
@@ -681,7 +765,7 @@ 
Method Details

   "filter": "A String", # The filter syntax consists of an expression language for constructing a predicate from one or more fields of the products being filtered. See SearchRequest.filter for definition and syntax. The value must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned.
   "offset": 42, # An integer that specifies the current offset for pagination (the 0-indexed starting location, amongst the products deemed by the API as relevant). See SearchRequest.offset for definition. If this field is negative, an INVALID_ARGUMENT is returned. This can only be set for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
   "orderBy": "A String", # The order in which products are returned. See SearchRequest.order_by for definition and syntax. The value must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. This can only be set for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
-  "pageCategories": [ # The categories associated with a category page. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"]. Required for `category-page-view` events. At least one of search_query or page_categories is required for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
+  "pageCategories": [ # The categories associated with a category page. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"]. Required for `category-page-view` events. At least one of search_query or page_categories is required for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
     "A String",
   ],
   "pageViewId": "A String", # A unique ID of a web page view. This should be kept the same for all user events triggered from the same pageview. For example, an item detail page view could trigger multiple events as the user is browsing the page. The `pageViewId` property should be kept the same for all these events so that they can be grouped together properly. When using the client side event reporting with JavaScript pixel and Google Tag Manager, this value is filled in automatically.
@@ -714,7 +798,7 @@ 
Method Details

         "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
           "A String",
         ],
-        "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+        "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
           "A String",
         ],
         "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -751,6 +835,48 @@ 
Method Details

           },
         ],
         "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+        "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+          { # The inventory information at a place (e.g. a store) identified by a place ID.
+            "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+              "a_key": { # A custom attribute that is not explicitly modeled in Product.
+                "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+                "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                  3.14,
+                ],
+                "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+                "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                  "A String",
+                ],
+              },
+            },
+            "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+              "A String",
+            ],
+            "placeId": "A String", # The place ID for the current set of inventory information.
+            "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+              "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+              "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+              "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+              "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+              "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+              "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+              "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+                "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+                  "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                  "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                  "maximum": 3.14, # Inclusive upper bound.
+                  "minimum": 3.14, # Inclusive lower bound.
+                },
+                "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+                  "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                  "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                  "maximum": 3.14, # Inclusive upper bound.
+                  "minimum": 3.14, # Inclusive lower bound.
+                },
+              },
+            },
+          },
+        ],
         "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
           "A String",
         ],
diff --git a/docs/dyn/retail_v2alpha.projects.locations.catalogs.branches.html b/docs/dyn/retail_v2alpha.projects.locations.catalogs.branches.html
index 87d6642b5f1..22759934b45 100644
--- a/docs/dyn/retail_v2alpha.projects.locations.catalogs.branches.html
+++ b/docs/dyn/retail_v2alpha.projects.locations.catalogs.branches.html
@@ -79,6 +79,11 @@ 
Instance Methods

 

 
Returns the operations Resource.

 
+

+  places()
+

+
Returns the places Resource.

+
 

   products()
 

diff --git a/docs/dyn/retail_v2alpha.projects.locations.catalogs.branches.places.html b/docs/dyn/retail_v2alpha.projects.locations.catalogs.branches.places.html
new file mode 100644
index 00000000000..4e8856eecf6
--- /dev/null
+++ b/docs/dyn/retail_v2alpha.projects.locations.catalogs.branches.places.html
@@ -0,0 +1,91 @@
+
+
+
+
Retail API . projects . locations . catalogs . branches . places

+
Instance Methods

+

+  operations()
+

+
Returns the operations Resource.

+
+

+  close()

+
Close httplib2 connections.

+
Method Details

+

+    close()
+  
Close httplib2 connections.

+

+
+
\ No newline at end of file
diff --git a/docs/dyn/retail_v2alpha.projects.locations.catalogs.branches.places.operations.html b/docs/dyn/retail_v2alpha.projects.locations.catalogs.branches.places.operations.html
new file mode 100644
index 00000000000..e3d99cbb136
--- /dev/null
+++ b/docs/dyn/retail_v2alpha.projects.locations.catalogs.branches.places.operations.html
@@ -0,0 +1,124 @@
+
+
+
+
Retail API . projects . locations . catalogs . branches . places . operations

+
Instance Methods

+

+  close()

+
Close httplib2 connections.

+

+  get(name, x__xgafv=None)

+
Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.

+
Method Details

+

+    close()
+  
Close httplib2 connections.

+

+
+

+    get(name, x__xgafv=None)
+  
Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.
+
+Args:
+  name: string, The name of the operation resource. (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # This resource represents a long-running operation that is the result of a network API call.
+  "done": True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
+  "error": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
+    "code": 42, # The status code, which should be an enum value of google.rpc.Code.
+    "details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
+      {
+        "a_key": "", # Properties of the object. Contains field @type with type URL.
+      },
+    ],
+    "message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
+  },
+  "metadata": { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
+    "a_key": "", # Properties of the object. Contains field @type with type URL.
+  },
+  "name": "A String", # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
+  "response": { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
+    "a_key": "", # Properties of the object. Contains field @type with type URL.
+  },
+}

+

+
+
\ No newline at end of file
diff --git a/docs/dyn/retail_v2alpha.projects.locations.catalogs.branches.products.html b/docs/dyn/retail_v2alpha.projects.locations.catalogs.branches.products.html
index 11159f1ccb3..ec081e6b8c0 100644
--- a/docs/dyn/retail_v2alpha.projects.locations.catalogs.branches.products.html
+++ b/docs/dyn/retail_v2alpha.projects.locations.catalogs.branches.products.html
@@ -76,10 +76,10 @@ 
Retail API . 
   addFulfillmentPlaces(product, body=None, x__xgafv=None)

-
Incrementally adds place IDs to Product.fulfillment_info.place_ids. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, the added place IDs are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.

+
Incrementally adds place IDs to Product.fulfillment_info.place_ids. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, the added place IDs are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. The returned Operations will be obsolete after 1 day, and GetOperation API will return NOT_FOUND afterwards. If conflicting updates are issued, the Operations associated with the stale updates will not be marked as done until being obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.

 

   addLocalInventories(product, body=None, x__xgafv=None)

-
Updates local inventory information for a Product at a list of places, while respecting the last update timestamps of each inventory field. This process is asynchronous and does not require the Product to exist before updating inventory information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, updates are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. Local inventory information can only be modified using this method. ProductService.CreateProduct and ProductService.UpdateProduct has no effect on local inventories. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.

+
Updates local inventory information for a Product at a list of places, while respecting the last update timestamps of each inventory field. This process is asynchronous and does not require the Product to exist before updating inventory information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, updates are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. Local inventory information can only be modified using this method. ProductService.CreateProduct and ProductService.UpdateProduct has no effect on local inventories. The returned Operations will be obsolete after 1 day, and GetOperation API will return NOT_FOUND afterwards. If conflicting updates are issued, the Operations associated with the stale updates will not be marked as done until being obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.

 

   close()

 
Close httplib2 connections.

@@ -109,17 +109,17 @@ 
Instance Methods

 
Permanently deletes all selected Products under a branch. This process is asynchronous. If the request is valid, the removal will be enqueued and processed offline. Depending on the number of Products, this operation could take hours to complete. Before the operation completes, some Products may still be returned by ProductService.GetProduct or ProductService.ListProducts. Depending on the number of Products, this operation could take hours to complete. To get a sample of Products that would be deleted, set PurgeProductsRequest.force to false.

 

   removeFulfillmentPlaces(product, body=None, x__xgafv=None)

-
Incrementally removes place IDs from a Product.fulfillment_info.place_ids. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, the removed place IDs are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.

+
Incrementally removes place IDs from a Product.fulfillment_info.place_ids. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, the removed place IDs are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. The returned Operations will be obsolete after 1 day, and GetOperation API will return NOT_FOUND afterwards. If conflicting updates are issued, the Operations associated with the stale updates will not be marked as done until being obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.

 

   removeLocalInventories(product, body=None, x__xgafv=None)

-
Remove local inventory information for a Product at a list of places at a removal timestamp. This process is asynchronous. If the request is valid, the removal will be enqueued and processed downstream. As a consequence, when a response is returned, removals are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. Local inventory information can only be removed using this method. ProductService.CreateProduct and ProductService.UpdateProduct has no effect on local inventories. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.

+
Remove local inventory information for a Product at a list of places at a removal timestamp. This process is asynchronous. If the request is valid, the removal will be enqueued and processed downstream. As a consequence, when a response is returned, removals are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. Local inventory information can only be removed using this method. ProductService.CreateProduct and ProductService.UpdateProduct has no effect on local inventories. The returned Operations will be obsolete after 1 day, and GetOperation API will return NOT_FOUND afterwards. If conflicting updates are issued, the Operations associated with the stale updates will not be marked as done until being obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.

 

   setInventory(name, body=None, x__xgafv=None)

-
Updates inventory information for a Product while respecting the last update timestamps of each inventory field. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, updates are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. When inventory is updated with ProductService.CreateProduct and ProductService.UpdateProduct, the specified inventory field value(s) will overwrite any existing value(s) while ignoring the last update time for this field. Furthermore, the last update time for the specified inventory fields will be overwritten to the time of the ProductService.CreateProduct or ProductService.UpdateProduct request. If no inventory fields are set in CreateProductRequest.product, then any pre-existing inventory information for this product will be used. If no inventory fields are set in SetInventoryRequest.set_mask, then any existing inventory information will be preserved. Pre-existing inventory information can only be updated with ProductService.SetInventory, ProductService.AddFulfillmentPlaces, and ProductService.RemoveFulfillmentPlaces. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.

+
Updates inventory information for a Product while respecting the last update timestamps of each inventory field. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update is enqueued and processed downstream. As a consequence, when a response is returned, updates are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. When inventory is updated with ProductService.CreateProduct and ProductService.UpdateProduct, the specified inventory field value(s) overwrite any existing value(s) while ignoring the last update time for this field. Furthermore, the last update times for the specified inventory fields are overwritten by the times of the ProductService.CreateProduct or ProductService.UpdateProduct request. If no inventory fields are set in CreateProductRequest.product, then any pre-existing inventory information for this product is used. If no inventory fields are set in SetInventoryRequest.set_mask, then any existing inventory information is preserved. Pre-existing inventory information can only be updated with ProductService.SetInventory, ProductService.AddFulfillmentPlaces, and ProductService.RemoveFulfillmentPlaces. The returned Operations is obsolete after one day, and the GetOperation API returns `NOT_FOUND` afterwards. If conflicting updates are issued, the Operations associated with the stale updates are not marked as done until they are obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.

 
Method Details

 

     addFulfillmentPlaces(product, body=None, x__xgafv=None)
-  
Incrementally adds place IDs to Product.fulfillment_info.place_ids. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, the added place IDs are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.
+  
Incrementally adds place IDs to Product.fulfillment_info.place_ids. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, the added place IDs are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. The returned Operations will be obsolete after 1 day, and GetOperation API will return NOT_FOUND afterwards. If conflicting updates are issued, the Operations associated with the stale updates will not be marked as done until being obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.
 
 Args:
   product: string, Required. Full resource name of Product, such as `projects/*/locations/global/catalogs/default_catalog/branches/default_branch/products/some_product_id`. If the caller does not have permission to access the Product, regardless of whether or not it exists, a PERMISSION_DENIED error is returned. (required)
@@ -166,7 +166,7 @@ 
Method Details

 
 

     addLocalInventories(product, body=None, x__xgafv=None)
-  
Updates local inventory information for a Product at a list of places, while respecting the last update timestamps of each inventory field. This process is asynchronous and does not require the Product to exist before updating inventory information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, updates are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. Local inventory information can only be modified using this method. ProductService.CreateProduct and ProductService.UpdateProduct has no effect on local inventories. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.
+  
Updates local inventory information for a Product at a list of places, while respecting the last update timestamps of each inventory field. This process is asynchronous and does not require the Product to exist before updating inventory information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, updates are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. Local inventory information can only be modified using this method. ProductService.CreateProduct and ProductService.UpdateProduct has no effect on local inventories. The returned Operations will be obsolete after 1 day, and GetOperation API will return NOT_FOUND afterwards. If conflicting updates are issued, the Operations associated with the stale updates will not be marked as done until being obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.
 
 Args:
   product: string, Required. Full resource name of Product, such as `projects/*/locations/global/catalogs/default_catalog/branches/default_branch/products/some_product_id`. If the caller does not have permission to access the Product, regardless of whether or not it exists, a PERMISSION_DENIED error is returned. (required)
@@ -291,7 +291,7 @@ 
Method Details

   "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
     "A String",
   ],
-  "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+  "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
     "A String",
   ],
   "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -328,6 +328,48 @@ 
Method Details

     },
   ],
   "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+  "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+    { # The inventory information at a place (e.g. a store) identified by a place ID.
+      "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+        "a_key": { # A custom attribute that is not explicitly modeled in Product.
+          "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+          "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+            3.14,
+          ],
+          "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+          "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+            "A String",
+          ],
+        },
+      },
+      "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+        "A String",
+      ],
+      "placeId": "A String", # The place ID for the current set of inventory information.
+      "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+        "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+        "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+        "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+        "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+        "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+        "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+        "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+          "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+            "exclusiveMaximum": 3.14, # Exclusive upper bound.
+            "exclusiveMinimum": 3.14, # Exclusive lower bound.
+            "maximum": 3.14, # Inclusive upper bound.
+            "minimum": 3.14, # Inclusive lower bound.
+          },
+          "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+            "exclusiveMaximum": 3.14, # Exclusive upper bound.
+            "exclusiveMinimum": 3.14, # Exclusive lower bound.
+            "maximum": 3.14, # Inclusive upper bound.
+            "minimum": 3.14, # Inclusive lower bound.
+          },
+        },
+      },
+    },
+  ],
   "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
     "A String",
   ],
@@ -423,7 +465,7 @@ 
Method Details

   "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
     "A String",
   ],
-  "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+  "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
     "A String",
   ],
   "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -460,6 +502,48 @@ 
Method Details

     },
   ],
   "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+  "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+    { # The inventory information at a place (e.g. a store) identified by a place ID.
+      "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+        "a_key": { # A custom attribute that is not explicitly modeled in Product.
+          "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+          "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+            3.14,
+          ],
+          "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+          "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+            "A String",
+          ],
+        },
+      },
+      "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+        "A String",
+      ],
+      "placeId": "A String", # The place ID for the current set of inventory information.
+      "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+        "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+        "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+        "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+        "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+        "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+        "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+        "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+          "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+            "exclusiveMaximum": 3.14, # Exclusive upper bound.
+            "exclusiveMinimum": 3.14, # Exclusive lower bound.
+            "maximum": 3.14, # Inclusive upper bound.
+            "minimum": 3.14, # Inclusive lower bound.
+          },
+          "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+            "exclusiveMaximum": 3.14, # Exclusive upper bound.
+            "exclusiveMinimum": 3.14, # Exclusive lower bound.
+            "maximum": 3.14, # Inclusive upper bound.
+            "minimum": 3.14, # Inclusive lower bound.
+          },
+        },
+      },
+    },
+  ],
   "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
     "A String",
   ],
@@ -579,7 +663,7 @@ 
Method Details

   "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
     "A String",
   ],
-  "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+  "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
     "A String",
   ],
   "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -616,6 +700,48 @@ 
Method Details

     },
   ],
   "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+  "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+    { # The inventory information at a place (e.g. a store) identified by a place ID.
+      "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+        "a_key": { # A custom attribute that is not explicitly modeled in Product.
+          "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+          "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+            3.14,
+          ],
+          "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+          "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+            "A String",
+          ],
+        },
+      },
+      "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+        "A String",
+      ],
+      "placeId": "A String", # The place ID for the current set of inventory information.
+      "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+        "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+        "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+        "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+        "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+        "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+        "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+        "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+          "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+            "exclusiveMaximum": 3.14, # Exclusive upper bound.
+            "exclusiveMinimum": 3.14, # Exclusive lower bound.
+            "maximum": 3.14, # Inclusive upper bound.
+            "minimum": 3.14, # Inclusive lower bound.
+          },
+          "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+            "exclusiveMaximum": 3.14, # Exclusive upper bound.
+            "exclusiveMinimum": 3.14, # Exclusive lower bound.
+            "maximum": 3.14, # Inclusive upper bound.
+            "minimum": 3.14, # Inclusive lower bound.
+          },
+        },
+      },
+    },
+  ],
   "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
     "A String",
   ],
@@ -687,7 +813,7 @@ 
Method Details

 
 { # Request message for Import methods.
   "errorsConfig": { # Configuration of destination for Import related errors. # The desired location of errors incurred during the Import.
-    "gcsPrefix": "A String", # Google Cloud Storage prefix for import errors. This must be an empty, existing Cloud Storage directory. Import errors will be written to sharded files in this directory, one per line, as a JSON-encoded `google.rpc.Status` message.
+    "gcsPrefix": "A String", # Google Cloud Storage prefix for import errors. This must be an empty, existing Cloud Storage directory. Import errors are written to sharded files in this directory, one per line, as a JSON-encoded `google.rpc.Status` message.
   },
   "inputConfig": { # The input config source for products. # Required. The desired input location of the data.
     "bigQuerySource": { # BigQuery source import data from. # BigQuery input source.
@@ -702,8 +828,8 @@ 
Method Details

       "projectId": "A String", # The project ID (can be project # or ID) that the BigQuery source is in with a length limit of 128 characters. If not specified, inherits the project ID from the parent request.
       "tableId": "A String", # Required. The BigQuery table to copy the data from with a length limit of 1,024 characters.
     },
-    "gcsSource": { # Google Cloud Storage location for input content. format. # Google Cloud Storage location for the input content.
-      "dataSchema": "A String", # The schema to use when parsing the data from the source. Supported values for product imports: * `product` (default): One JSON Product per line. Each product must have a valid Product.id. * `product_merchant_center`: See [Importing catalog data from Merchant Center](https://cloud.google.com/retail/recommendations-ai/docs/upload-catalog#mc). Supported values for user events imports: * `user_event` (default): One JSON UserEvent per line. * `user_event_ga360`: Using https://support.google.com/analytics/answer/3437719. Supported values for control imports: * 'control' (default): One JSON Control per line. Supported values for catalog attribute imports: * 'catalog_attribute' (default): One CSV CatalogAttribute per line.
+    "gcsSource": { # Google Cloud Storage location for input content. # Google Cloud Storage location for the input content.
+      "dataSchema": "A String", # The schema to use when parsing the data from the source. Supported values for product imports: * `product` (default): One JSON Product per line. Each product must have a valid Product.id. * `product_merchant_center`: See [Importing catalog data from Merchant Center](https://cloud.google.com/retail/recommendations-ai/docs/upload-catalog#mc). Supported values for user events imports: * `user_event` (default): One JSON UserEvent per line. * `user_event_ga360`: Using https://support.google.com/analytics/answer/3437719. Supported values for control imports: * `control` (default): One JSON Control per line. Supported values for catalog attribute imports: * `catalog_attribute` (default): One CSV CatalogAttribute per line.
       "inputUris": [ # Required. Google Cloud Storage URIs to input files. URI can be up to 2000 characters long. URIs can match the full object path (for example, `gs://bucket/directory/object.json`) or a pattern matching one or more files, such as `gs://bucket/directory/*.json`. A request can contain at most 100 files, and each file can be up to 2 GB. See [Importing product information](https://cloud.google.com/retail/recommendations-ai/docs/upload-catalog) for the expected file format and setup instructions.
         "A String",
       ],
@@ -737,7 +863,7 @@ 
Method Details

           "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
             "A String",
           ],
-          "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+          "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
             "A String",
           ],
           "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -774,6 +900,48 @@ 
Method Details

             },
           ],
           "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+          "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+            { # The inventory information at a place (e.g. a store) identified by a place ID.
+              "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+                "a_key": { # A custom attribute that is not explicitly modeled in Product.
+                  "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+                  "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                    3.14,
+                  ],
+                  "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+                  "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                    "A String",
+                  ],
+                },
+              },
+              "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+                "A String",
+              ],
+              "placeId": "A String", # The place ID for the current set of inventory information.
+              "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+                "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+                "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+                "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+                "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+                "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+                "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+                "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+                  "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+                    "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                    "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                    "maximum": 3.14, # Inclusive upper bound.
+                    "minimum": 3.14, # Inclusive lower bound.
+                  },
+                  "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+                    "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                    "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                    "maximum": 3.14, # Inclusive upper bound.
+                    "minimum": 3.14, # Inclusive lower bound.
+                  },
+                },
+              },
+            },
+          ],
           "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
             "A String",
           ],
@@ -835,11 +1003,11 @@ 
Method Details

       ],
     },
   },
-  "notificationPubsubTopic": "A String", # Full Pub/Sub topic name for receiving notification. If this field is set, when the import is finished, a notification will be sent to specified Pub/Sub topic. The message data will be JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`. It has to be within the same project as ImportProductsRequest.parent. Make sure that `service-@gcp-sa-retail.iam.gserviceaccount.com` has the `pubsub.topics.publish` IAM permission on the topic.
+  "notificationPubsubTopic": "A String", # Full Pub/Sub topic name for receiving notification. If this field is set, when the import is finished, a notification is sent to specified Pub/Sub topic. The message data is JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`. It has to be within the same project as ImportProductsRequest.parent. Make sure that `service-@gcp-sa-retail.iam.gserviceaccount.com` has the `pubsub.topics.publish` IAM permission on the topic.
   "reconciliationMode": "A String", # The mode of reconciliation between existing products and the products to be imported. Defaults to ReconciliationMode.INCREMENTAL.
   "requestId": "A String", # Deprecated. This field has no effect.
-  "skipDefaultBranchProtection": True or False, # If true, will perform the FULL import even if it would delete a large proportion of the products in the default branch, which could potentially cause outages if you have live predict/search traffic. Only supported when ImportProductsRequest.reconciliation_mode is set to `FULL`.
-  "updateMask": "A String", # Indicates which fields in the provided imported 'products' to update. If not set, will by default update all fields.
+  "skipDefaultBranchProtection": True or False, # If true, this performs the FULL import even if it would delete a large proportion of the products in the default branch, which could potentially cause outages if you have live predict/search traffic. Only supported when ImportProductsRequest.reconciliation_mode is set to `FULL`.
+  "updateMask": "A String", # Indicates which fields in the provided imported `products` to update. If not set, all fields are updated.
 }
 
   x__xgafv: string, V1 error format.
@@ -920,7 +1088,7 @@ 
Method Details

       "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
         "A String",
       ],
-      "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+      "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
         "A String",
       ],
       "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -957,6 +1125,48 @@ 
Method Details

         },
       ],
       "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+      "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+        { # The inventory information at a place (e.g. a store) identified by a place ID.
+          "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+            "a_key": { # A custom attribute that is not explicitly modeled in Product.
+              "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+              "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                3.14,
+              ],
+              "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+              "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                "A String",
+              ],
+            },
+          },
+          "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+            "A String",
+          ],
+          "placeId": "A String", # The place ID for the current set of inventory information.
+          "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+            "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+            "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+            "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+            "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+            "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+            "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+            "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+              "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+                "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                "maximum": 3.14, # Inclusive upper bound.
+                "minimum": 3.14, # Inclusive lower bound.
+              },
+              "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+                "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                "maximum": 3.14, # Inclusive upper bound.
+                "minimum": 3.14, # Inclusive lower bound.
+              },
+            },
+          },
+        },
+      ],
       "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
         "A String",
       ],
@@ -1070,7 +1280,7 @@ 
Method Details

   "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
     "A String",
   ],
-  "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+  "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
     "A String",
   ],
   "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -1107,6 +1317,48 @@ 
Method Details

     },
   ],
   "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+  "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+    { # The inventory information at a place (e.g. a store) identified by a place ID.
+      "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+        "a_key": { # A custom attribute that is not explicitly modeled in Product.
+          "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+          "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+            3.14,
+          ],
+          "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+          "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+            "A String",
+          ],
+        },
+      },
+      "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+        "A String",
+      ],
+      "placeId": "A String", # The place ID for the current set of inventory information.
+      "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+        "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+        "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+        "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+        "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+        "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+        "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+        "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+          "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+            "exclusiveMaximum": 3.14, # Exclusive upper bound.
+            "exclusiveMinimum": 3.14, # Exclusive lower bound.
+            "maximum": 3.14, # Inclusive upper bound.
+            "minimum": 3.14, # Inclusive lower bound.
+          },
+          "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+            "exclusiveMaximum": 3.14, # Exclusive upper bound.
+            "exclusiveMinimum": 3.14, # Exclusive lower bound.
+            "maximum": 3.14, # Inclusive upper bound.
+            "minimum": 3.14, # Inclusive lower bound.
+          },
+        },
+      },
+    },
+  ],
   "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
     "A String",
   ],
@@ -1203,7 +1455,7 @@ 
Method Details

   "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
     "A String",
   ],
-  "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+  "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
     "A String",
   ],
   "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -1240,6 +1492,48 @@ 
Method Details

     },
   ],
   "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+  "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+    { # The inventory information at a place (e.g. a store) identified by a place ID.
+      "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+        "a_key": { # A custom attribute that is not explicitly modeled in Product.
+          "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+          "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+            3.14,
+          ],
+          "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+          "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+            "A String",
+          ],
+        },
+      },
+      "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+        "A String",
+      ],
+      "placeId": "A String", # The place ID for the current set of inventory information.
+      "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+        "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+        "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+        "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+        "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+        "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+        "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+        "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+          "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+            "exclusiveMaximum": 3.14, # Exclusive upper bound.
+            "exclusiveMinimum": 3.14, # Exclusive lower bound.
+            "maximum": 3.14, # Inclusive upper bound.
+            "minimum": 3.14, # Inclusive lower bound.
+          },
+          "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+            "exclusiveMaximum": 3.14, # Exclusive upper bound.
+            "exclusiveMinimum": 3.14, # Exclusive lower bound.
+            "maximum": 3.14, # Inclusive upper bound.
+            "minimum": 3.14, # Inclusive lower bound.
+          },
+        },
+      },
+    },
+  ],
   "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
     "A String",
   ],
@@ -1345,7 +1639,7 @@ 
Method Details

 
 

     removeFulfillmentPlaces(product, body=None, x__xgafv=None)
-  
Incrementally removes place IDs from a Product.fulfillment_info.place_ids. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, the removed place IDs are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.
+  
Incrementally removes place IDs from a Product.fulfillment_info.place_ids. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, the removed place IDs are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. The returned Operations will be obsolete after 1 day, and GetOperation API will return NOT_FOUND afterwards. If conflicting updates are issued, the Operations associated with the stale updates will not be marked as done until being obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.
 
 Args:
   product: string, Required. Full resource name of Product, such as `projects/*/locations/global/catalogs/default_catalog/branches/default_branch/products/some_product_id`. If the caller does not have permission to access the Product, regardless of whether or not it exists, a PERMISSION_DENIED error is returned. (required)
@@ -1392,7 +1686,7 @@ 
Method Details

 
 

     removeLocalInventories(product, body=None, x__xgafv=None)
-  
Remove local inventory information for a Product at a list of places at a removal timestamp. This process is asynchronous. If the request is valid, the removal will be enqueued and processed downstream. As a consequence, when a response is returned, removals are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. Local inventory information can only be removed using this method. ProductService.CreateProduct and ProductService.UpdateProduct has no effect on local inventories. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.
+  
Remove local inventory information for a Product at a list of places at a removal timestamp. This process is asynchronous. If the request is valid, the removal will be enqueued and processed downstream. As a consequence, when a response is returned, removals are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. Local inventory information can only be removed using this method. ProductService.CreateProduct and ProductService.UpdateProduct has no effect on local inventories. The returned Operations will be obsolete after 1 day, and GetOperation API will return NOT_FOUND afterwards. If conflicting updates are issued, the Operations associated with the stale updates will not be marked as done until being obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.
 
 Args:
   product: string, Required. Full resource name of Product, such as `projects/*/locations/global/catalogs/default_catalog/branches/default_branch/products/some_product_id`. If the caller does not have permission to access the Product, regardless of whether or not it exists, a PERMISSION_DENIED error is returned. (required)
@@ -1438,7 +1732,7 @@ 
Method Details

 
 

     setInventory(name, body=None, x__xgafv=None)
-  
Updates inventory information for a Product while respecting the last update timestamps of each inventory field. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, updates are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. When inventory is updated with ProductService.CreateProduct and ProductService.UpdateProduct, the specified inventory field value(s) will overwrite any existing value(s) while ignoring the last update time for this field. Furthermore, the last update time for the specified inventory fields will be overwritten to the time of the ProductService.CreateProduct or ProductService.UpdateProduct request. If no inventory fields are set in CreateProductRequest.product, then any pre-existing inventory information for this product will be used. If no inventory fields are set in SetInventoryRequest.set_mask, then any existing inventory information will be preserved. Pre-existing inventory information can only be updated with ProductService.SetInventory, ProductService.AddFulfillmentPlaces, and ProductService.RemoveFulfillmentPlaces. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.
+  
Updates inventory information for a Product while respecting the last update timestamps of each inventory field. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update is enqueued and processed downstream. As a consequence, when a response is returned, updates are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. When inventory is updated with ProductService.CreateProduct and ProductService.UpdateProduct, the specified inventory field value(s) overwrite any existing value(s) while ignoring the last update time for this field. Furthermore, the last update times for the specified inventory fields are overwritten by the times of the ProductService.CreateProduct or ProductService.UpdateProduct request. If no inventory fields are set in CreateProductRequest.product, then any pre-existing inventory information for this product is used. If no inventory fields are set in SetInventoryRequest.set_mask, then any existing inventory information is preserved. Pre-existing inventory information can only be updated with ProductService.SetInventory, ProductService.AddFulfillmentPlaces, and ProductService.RemoveFulfillmentPlaces. The returned Operations is obsolete after one day, and the GetOperation API returns `NOT_FOUND` afterwards. If conflicting updates are issued, the Operations associated with the stale updates are not marked as done until they are obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.
 
 Args:
   name: string, Immutable. Full resource name of the product, such as `projects/*/locations/global/catalogs/default_catalog/branches/default_branch/products/product_id`. (required)
@@ -1474,7 +1768,7 @@ 
Method Details

     "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
       "A String",
     ],
-    "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+    "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
       "A String",
     ],
     "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -1511,6 +1805,48 @@ 
Method Details

       },
     ],
     "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+    "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+      { # The inventory information at a place (e.g. a store) identified by a place ID.
+        "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+          "a_key": { # A custom attribute that is not explicitly modeled in Product.
+            "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+            "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+              3.14,
+            ],
+            "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+            "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+              "A String",
+            ],
+          },
+        },
+        "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+          "A String",
+        ],
+        "placeId": "A String", # The place ID for the current set of inventory information.
+        "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+          "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+          "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+          "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+          "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+          "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+          "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+          "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+            "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+              "exclusiveMaximum": 3.14, # Exclusive upper bound.
+              "exclusiveMinimum": 3.14, # Exclusive lower bound.
+              "maximum": 3.14, # Inclusive upper bound.
+              "minimum": 3.14, # Inclusive lower bound.
+            },
+            "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+              "exclusiveMaximum": 3.14, # Exclusive upper bound.
+              "exclusiveMinimum": 3.14, # Exclusive lower bound.
+              "maximum": 3.14, # Inclusive upper bound.
+              "minimum": 3.14, # Inclusive lower bound.
+            },
+          },
+        },
+      },
+    ],
     "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
       "A String",
     ],
diff --git a/docs/dyn/retail_v2alpha.projects.locations.catalogs.completionData.html b/docs/dyn/retail_v2alpha.projects.locations.catalogs.completionData.html
index f1f77c7779a..67dee53ba52 100644
--- a/docs/dyn/retail_v2alpha.projects.locations.catalogs.completionData.html
+++ b/docs/dyn/retail_v2alpha.projects.locations.catalogs.completionData.html
@@ -79,7 +79,7 @@ 
Instance Methods

 
Close httplib2 connections.

 

   import_(parent, body=None, x__xgafv=None)

-
Bulk import of processed completion dataset. Request processing is asynchronous. Partial updating is not supported. The operation is successfully finished only after the imported suggestions are indexed successfully and ready for serving. The process takes hours. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.

+
Bulk import of processed completion dataset. Request processing is asynchronous. Partial updating is not supported. The operation is successfully finished only after the imported suggestions are indexed successfully and ready for serving. The process takes hours. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.

 
Method Details

 

     close()
@@ -88,7 +88,7 @@ 
Method Details

 
 

     import_(parent, body=None, x__xgafv=None)
-  
Bulk import of processed completion dataset. Request processing is asynchronous. Partial updating is not supported. The operation is successfully finished only after the imported suggestions are indexed successfully and ready for serving. The process takes hours. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.
+  
Bulk import of processed completion dataset. Request processing is asynchronous. Partial updating is not supported. The operation is successfully finished only after the imported suggestions are indexed successfully and ready for serving. The process takes hours. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.
 
 Args:
   parent: string, Required. The catalog which the suggestions dataset belongs to. Format: `projects/1234/locations/global/catalogs/default_catalog`. (required)
@@ -110,7 +110,7 @@ 
Method Details

       "tableId": "A String", # Required. The BigQuery table to copy the data from with a length limit of 1,024 characters.
     },
   },
-  "notificationPubsubTopic": "A String", # Pub/Sub topic for receiving notification. If this field is set, when the import is finished, a notification will be sent to specified Pub/Sub topic. The message data will be JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`.
+  "notificationPubsubTopic": "A String", # Pub/Sub topic for receiving notification. If this field is set, when the import is finished, a notification is sent to specified Pub/Sub topic. The message data is JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`.
 }
 
   x__xgafv: string, V1 error format.
diff --git a/docs/dyn/retail_v2alpha.projects.locations.catalogs.controls.html b/docs/dyn/retail_v2alpha.projects.locations.catalogs.controls.html
index a0996ab3927..165f9f8ad5f 100644
--- a/docs/dyn/retail_v2alpha.projects.locations.catalogs.controls.html
+++ b/docs/dyn/retail_v2alpha.projects.locations.catalogs.controls.html
@@ -88,13 +88,13 @@ 
Instance Methods

 
Gets a Control.

 

   list(parent, filter=None, pageSize=None, pageToken=None, x__xgafv=None)

-
Lists all Controls linked to this catalog.

+
Lists all Controls by their parent Catalog.

 

   list_next()

 
Retrieves the next page of results.

 

   patch(name, body=None, updateMask=None, x__xgafv=None)

-
Updates a Control. Control cannot be set to a different oneof field, if so an INVALID_ARGUMENT is returned. If the Control to delete does not exist, a NOT_FOUND error is returned.

+
Updates a Control. Control cannot be set to a different oneof field, if so an INVALID_ARGUMENT is returned. If the Control to update does not exist, a NOT_FOUND error is returned.

 
Method Details

 

     close()
@@ -110,12 +110,12 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Configures dynamic serving time metadata that is used to pre and post process search/recommendation model results.
-  "associatedServingConfigIds": [ # Output only. List of serving configuration ids that that are associated with this control. Note the association is managed via the ServingConfig, this is an output only denormalizeed view. Assumed to be in the same catalog.
+{ # Configures dynamic metadata that can be linked to a ServingConfig and affect search or recommendation results at serving time.
+  "associatedServingConfigIds": [ # Output only. List of serving configuration ids that are associated with this control in the same Catalog. Note the association is managed via the ServingConfig, this is an output only denormalized view.
     "A String",
   ],
   "displayName": "A String", # Required. The human readable control display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is thrown.
-  "facetSpec": { # A facet specification to perform faceted search. # A facet specification to perform faceted search.
+  "facetSpec": { # A facet specification to perform faceted search. # A facet specification to perform faceted search. Note that this field is deprecated and will throw NOT_IMPLEMENTED if used for creating a control.
     "enableDynamicPosition": True or False, # Enables dynamic position for this facet. If set to true, the position of this facet among all facets in the response is determined by Google Retail Search. It will be ordered together with dynamic facets if dynamic facets is enabled. If set to false, the position of this facet in the response will be the same as in the request, and it will be ranked before the facets with dynamic position enable and all dynamic facets. For example, you may always want to have rating facet returned in the response, but it's not necessarily to always display the rating facet at the top. In that case, you can set enable_dynamic_position to true so that the position of rating facet in response will be determined by Google Retail Search. Another example, assuming you have the following facets in the request: * "rating", enable_dynamic_position = true * "price", enable_dynamic_position = false * "brands", enable_dynamic_position = false And also you have a dynamic facets enable, which will generate a facet 'gender'. Then the final order of the facets in the response can be ("price", "brands", "rating", "gender") or ("price", "brands", "gender", "rating") depends on how Google Retail Search orders "gender" and "rating" facets. However, notice that "price" and "brands" will always be ranked at 1st and 2nd position since their enable_dynamic_position are false.
     "excludedFilterKeys": [ # List of keys to exclude when faceting. By default, FacetKey.key is not excluded from the filter unless it is listed in this field. Listing a facet key in this field allows its values to appear as facet results, even when they are filtered out of search results. Using this field does not affect what search results are returned. For example, suppose there are 100 products with the color facet "Red" and 200 products with the color facet "Blue". A query containing the filter "colorFamilies:ANY("Red")" and having "colorFamilies" as FacetKey.key would by default return only "Red" products in the search results, and also return "Red" with count 100 as the only color facet. Although there are also blue products available, "Blue" would not be shown as an available facet value. If "colorFamilies" is listed in "excludedFilterKeys", then the query returns the facet values "Red" with count 100 and "Blue" with count 200, because the "colorFamilies" key is now excluded from the filter. Because this field doesn't affect search results, the search results are still correctly filtered to return only "Red" products. A maximum of 100 values are allowed. Otherwise, an INVALID_ARGUMENT error is returned.
       "A String",
@@ -147,7 +147,7 @@ 
Method Details

     "limit": 42, # Maximum of facet values that should be returned for this facet. If unspecified, defaults to 20. The maximum allowed value is 300. Values above 300 will be coerced to 300. If this field is negative, an INVALID_ARGUMENT is returned.
   },
   "name": "A String", # Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/controls/*`
-  "rule": { # A rule is a condition-action pair * A condition defines when a rule is to be triggered. * An action specifies what occurs on that trigger. Currently only boost rules are supported. Currently only supported by the search endpoint. # A rule control - a condition-action pair. Enacts a set action when the condition is triggered. For example: Boost "gShoe" when query full matches "Running Shoes".
+  "rule": { # A rule is a condition-action pair * A condition defines when a rule is to be triggered. * An action specifies what occurs on that trigger. Currently rules only work for controls with SOLUTION_TYPE_SEARCH. # A rule control - a condition-action pair. Enacts a set action when the condition is triggered. For example: Boost "gShoe" when query full matches "Running Shoes".
     "boostAction": { # A boost action to apply to results matching condition specified above. # A boost action.
       "boost": 3.14, # Strength of the condition boost, which must be in [-1, 1]. Negative boost means demotion. Default is 0.0. Setting to 1.0 gives the item a big promotion. However, it does not necessarily mean that the boosted item will be the top result at all times, nor that other items will be excluded. Results could still be shown even when none of them matches the condition. And results that are significantly more relevant to the search query can still trump your heavily favored but irrelevant items. Setting to -1.0 gives the item a big demotion. However, results that are deeply relevant might still be shown. The item will have an upstream battle to get a fairly high ranking, but it is not blocked out completely. Setting to 0.0 means no boost applied. The boosting condition is ignored.
       "productsFilter": "A String", # The filter can have a max size of 5000 characters. An expression which specifies which products to apply an action to. The syntax and supported fields are the same as a filter expression. See SearchRequest.filter for detail syntax and limitations. Examples: * To boost products with product ID "product_1" or "product_2", and color "Red" or "Blue": *(id: ANY("product_1", "product_2")) * *AND * *(colorFamilies: ANY("Red", "Blue")) *
@@ -162,7 +162,7 @@ 
Method Details

       "queryTerms": [ # A list (up to 10 entries) of terms to match the query on. If not specified, match all queries. If many query terms are specified, the condition is matched if any of the terms is a match (i.e. using the OR operator).
         { # Query terms that we want to match on.
           "fullMatch": True or False, # Whether this is supposed to be a full or partial match.
-          "value": "A String", # The value of the term to match on. Value cannot be empty. Value can have at most 3 terms if specified as a partial match. Each space separated string is considered as one term. Example) "a b c" is 3 terms and allowed, " a b c d" is 4 terms and not allowed for partial match.
+          "value": "A String", # The value of the term to match on. Value cannot be empty. Value can have at most 3 terms if specified as a partial match. Each space separated string is considered as one term. For example, "a b c" is 3 terms and allowed, but " a b c d" is 4 terms and not allowed for a partial match.
         },
       ],
     },
@@ -212,7 +212,10 @@ 
Method Details

       ],
     },
   },
-  "solutionTypes": [ # Required. Immutable. The solution types that the serving config is used for. Currently we support setting only one type of solution at creation time. Only `SOLUTION_TYPE_SEARCH` value is supported at the moment. If no solution type is provided at creation time, will default to SOLUTION_TYPE_SEARCH.
+  "searchSolutionUseCase": [ # Specifies the use case for the control. Affects what condition fields can be set. Only settable by search controls. Will default to SEARCH_SOLUTION_USE_CASE_SEARCH if not specified. Currently only allow one search_solution_use_case per control.
+    "A String",
+  ],
+  "solutionTypes": [ # Required. Immutable. The solution types that the control is used for. Currently we support setting only one type of solution at creation time. Only `SOLUTION_TYPE_SEARCH` value is supported at the moment. If no solution type is provided at creation time, will default to SOLUTION_TYPE_SEARCH.
     "A String",
   ],
 }
@@ -226,12 +229,12 @@ 
Method Details

 Returns:
   An object of the form:
 
-    { # Configures dynamic serving time metadata that is used to pre and post process search/recommendation model results.
-  "associatedServingConfigIds": [ # Output only. List of serving configuration ids that that are associated with this control. Note the association is managed via the ServingConfig, this is an output only denormalizeed view. Assumed to be in the same catalog.
+    { # Configures dynamic metadata that can be linked to a ServingConfig and affect search or recommendation results at serving time.
+  "associatedServingConfigIds": [ # Output only. List of serving configuration ids that are associated with this control in the same Catalog. Note the association is managed via the ServingConfig, this is an output only denormalized view.
     "A String",
   ],
   "displayName": "A String", # Required. The human readable control display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is thrown.
-  "facetSpec": { # A facet specification to perform faceted search. # A facet specification to perform faceted search.
+  "facetSpec": { # A facet specification to perform faceted search. # A facet specification to perform faceted search. Note that this field is deprecated and will throw NOT_IMPLEMENTED if used for creating a control.
     "enableDynamicPosition": True or False, # Enables dynamic position for this facet. If set to true, the position of this facet among all facets in the response is determined by Google Retail Search. It will be ordered together with dynamic facets if dynamic facets is enabled. If set to false, the position of this facet in the response will be the same as in the request, and it will be ranked before the facets with dynamic position enable and all dynamic facets. For example, you may always want to have rating facet returned in the response, but it's not necessarily to always display the rating facet at the top. In that case, you can set enable_dynamic_position to true so that the position of rating facet in response will be determined by Google Retail Search. Another example, assuming you have the following facets in the request: * "rating", enable_dynamic_position = true * "price", enable_dynamic_position = false * "brands", enable_dynamic_position = false And also you have a dynamic facets enable, which will generate a facet 'gender'. Then the final order of the facets in the response can be ("price", "brands", "rating", "gender") or ("price", "brands", "gender", "rating") depends on how Google Retail Search orders "gender" and "rating" facets. However, notice that "price" and "brands" will always be ranked at 1st and 2nd position since their enable_dynamic_position are false.
     "excludedFilterKeys": [ # List of keys to exclude when faceting. By default, FacetKey.key is not excluded from the filter unless it is listed in this field. Listing a facet key in this field allows its values to appear as facet results, even when they are filtered out of search results. Using this field does not affect what search results are returned. For example, suppose there are 100 products with the color facet "Red" and 200 products with the color facet "Blue". A query containing the filter "colorFamilies:ANY("Red")" and having "colorFamilies" as FacetKey.key would by default return only "Red" products in the search results, and also return "Red" with count 100 as the only color facet. Although there are also blue products available, "Blue" would not be shown as an available facet value. If "colorFamilies" is listed in "excludedFilterKeys", then the query returns the facet values "Red" with count 100 and "Blue" with count 200, because the "colorFamilies" key is now excluded from the filter. Because this field doesn't affect search results, the search results are still correctly filtered to return only "Red" products. A maximum of 100 values are allowed. Otherwise, an INVALID_ARGUMENT error is returned.
       "A String",
@@ -263,7 +266,7 @@ 
Method Details

     "limit": 42, # Maximum of facet values that should be returned for this facet. If unspecified, defaults to 20. The maximum allowed value is 300. Values above 300 will be coerced to 300. If this field is negative, an INVALID_ARGUMENT is returned.
   },
   "name": "A String", # Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/controls/*`
-  "rule": { # A rule is a condition-action pair * A condition defines when a rule is to be triggered. * An action specifies what occurs on that trigger. Currently only boost rules are supported. Currently only supported by the search endpoint. # A rule control - a condition-action pair. Enacts a set action when the condition is triggered. For example: Boost "gShoe" when query full matches "Running Shoes".
+  "rule": { # A rule is a condition-action pair * A condition defines when a rule is to be triggered. * An action specifies what occurs on that trigger. Currently rules only work for controls with SOLUTION_TYPE_SEARCH. # A rule control - a condition-action pair. Enacts a set action when the condition is triggered. For example: Boost "gShoe" when query full matches "Running Shoes".
     "boostAction": { # A boost action to apply to results matching condition specified above. # A boost action.
       "boost": 3.14, # Strength of the condition boost, which must be in [-1, 1]. Negative boost means demotion. Default is 0.0. Setting to 1.0 gives the item a big promotion. However, it does not necessarily mean that the boosted item will be the top result at all times, nor that other items will be excluded. Results could still be shown even when none of them matches the condition. And results that are significantly more relevant to the search query can still trump your heavily favored but irrelevant items. Setting to -1.0 gives the item a big demotion. However, results that are deeply relevant might still be shown. The item will have an upstream battle to get a fairly high ranking, but it is not blocked out completely. Setting to 0.0 means no boost applied. The boosting condition is ignored.
       "productsFilter": "A String", # The filter can have a max size of 5000 characters. An expression which specifies which products to apply an action to. The syntax and supported fields are the same as a filter expression. See SearchRequest.filter for detail syntax and limitations. Examples: * To boost products with product ID "product_1" or "product_2", and color "Red" or "Blue": *(id: ANY("product_1", "product_2")) * *AND * *(colorFamilies: ANY("Red", "Blue")) *
@@ -278,7 +281,7 @@ 
Method Details

       "queryTerms": [ # A list (up to 10 entries) of terms to match the query on. If not specified, match all queries. If many query terms are specified, the condition is matched if any of the terms is a match (i.e. using the OR operator).
         { # Query terms that we want to match on.
           "fullMatch": True or False, # Whether this is supposed to be a full or partial match.
-          "value": "A String", # The value of the term to match on. Value cannot be empty. Value can have at most 3 terms if specified as a partial match. Each space separated string is considered as one term. Example) "a b c" is 3 terms and allowed, " a b c d" is 4 terms and not allowed for partial match.
+          "value": "A String", # The value of the term to match on. Value cannot be empty. Value can have at most 3 terms if specified as a partial match. Each space separated string is considered as one term. For example, "a b c" is 3 terms and allowed, but " a b c d" is 4 terms and not allowed for a partial match.
         },
       ],
     },
@@ -328,7 +331,10 @@ 
Method Details

       ],
     },
   },
-  "solutionTypes": [ # Required. Immutable. The solution types that the serving config is used for. Currently we support setting only one type of solution at creation time. Only `SOLUTION_TYPE_SEARCH` value is supported at the moment. If no solution type is provided at creation time, will default to SOLUTION_TYPE_SEARCH.
+  "searchSolutionUseCase": [ # Specifies the use case for the control. Affects what condition fields can be set. Only settable by search controls. Will default to SEARCH_SOLUTION_USE_CASE_SEARCH if not specified. Currently only allow one search_solution_use_case per control.
+    "A String",
+  ],
+  "solutionTypes": [ # Required. Immutable. The solution types that the control is used for. Currently we support setting only one type of solution at creation time. Only `SOLUTION_TYPE_SEARCH` value is supported at the moment. If no solution type is provided at creation time, will default to SOLUTION_TYPE_SEARCH.
     "A String",
   ],
 }

@@ -357,7 +363,7 @@ 
Method Details

   
Gets a Control.
 
 Args:
-  name: string, Required. The resource name of the Control to delete. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/controls/{control_id}` (required)
+  name: string, Required. The resource name of the Control to get. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/controls/{control_id}` (required)
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -366,12 +372,12 @@ 
Method Details

 Returns:
   An object of the form:
 
-    { # Configures dynamic serving time metadata that is used to pre and post process search/recommendation model results.
-  "associatedServingConfigIds": [ # Output only. List of serving configuration ids that that are associated with this control. Note the association is managed via the ServingConfig, this is an output only denormalizeed view. Assumed to be in the same catalog.
+    { # Configures dynamic metadata that can be linked to a ServingConfig and affect search or recommendation results at serving time.
+  "associatedServingConfigIds": [ # Output only. List of serving configuration ids that are associated with this control in the same Catalog. Note the association is managed via the ServingConfig, this is an output only denormalized view.
     "A String",
   ],
   "displayName": "A String", # Required. The human readable control display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is thrown.
-  "facetSpec": { # A facet specification to perform faceted search. # A facet specification to perform faceted search.
+  "facetSpec": { # A facet specification to perform faceted search. # A facet specification to perform faceted search. Note that this field is deprecated and will throw NOT_IMPLEMENTED if used for creating a control.
     "enableDynamicPosition": True or False, # Enables dynamic position for this facet. If set to true, the position of this facet among all facets in the response is determined by Google Retail Search. It will be ordered together with dynamic facets if dynamic facets is enabled. If set to false, the position of this facet in the response will be the same as in the request, and it will be ranked before the facets with dynamic position enable and all dynamic facets. For example, you may always want to have rating facet returned in the response, but it's not necessarily to always display the rating facet at the top. In that case, you can set enable_dynamic_position to true so that the position of rating facet in response will be determined by Google Retail Search. Another example, assuming you have the following facets in the request: * "rating", enable_dynamic_position = true * "price", enable_dynamic_position = false * "brands", enable_dynamic_position = false And also you have a dynamic facets enable, which will generate a facet 'gender'. Then the final order of the facets in the response can be ("price", "brands", "rating", "gender") or ("price", "brands", "gender", "rating") depends on how Google Retail Search orders "gender" and "rating" facets. However, notice that "price" and "brands" will always be ranked at 1st and 2nd position since their enable_dynamic_position are false.
     "excludedFilterKeys": [ # List of keys to exclude when faceting. By default, FacetKey.key is not excluded from the filter unless it is listed in this field. Listing a facet key in this field allows its values to appear as facet results, even when they are filtered out of search results. Using this field does not affect what search results are returned. For example, suppose there are 100 products with the color facet "Red" and 200 products with the color facet "Blue". A query containing the filter "colorFamilies:ANY("Red")" and having "colorFamilies" as FacetKey.key would by default return only "Red" products in the search results, and also return "Red" with count 100 as the only color facet. Although there are also blue products available, "Blue" would not be shown as an available facet value. If "colorFamilies" is listed in "excludedFilterKeys", then the query returns the facet values "Red" with count 100 and "Blue" with count 200, because the "colorFamilies" key is now excluded from the filter. Because this field doesn't affect search results, the search results are still correctly filtered to return only "Red" products. A maximum of 100 values are allowed. Otherwise, an INVALID_ARGUMENT error is returned.
       "A String",
@@ -403,7 +409,7 @@ 
Method Details

     "limit": 42, # Maximum of facet values that should be returned for this facet. If unspecified, defaults to 20. The maximum allowed value is 300. Values above 300 will be coerced to 300. If this field is negative, an INVALID_ARGUMENT is returned.
   },
   "name": "A String", # Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/controls/*`
-  "rule": { # A rule is a condition-action pair * A condition defines when a rule is to be triggered. * An action specifies what occurs on that trigger. Currently only boost rules are supported. Currently only supported by the search endpoint. # A rule control - a condition-action pair. Enacts a set action when the condition is triggered. For example: Boost "gShoe" when query full matches "Running Shoes".
+  "rule": { # A rule is a condition-action pair * A condition defines when a rule is to be triggered. * An action specifies what occurs on that trigger. Currently rules only work for controls with SOLUTION_TYPE_SEARCH. # A rule control - a condition-action pair. Enacts a set action when the condition is triggered. For example: Boost "gShoe" when query full matches "Running Shoes".
     "boostAction": { # A boost action to apply to results matching condition specified above. # A boost action.
       "boost": 3.14, # Strength of the condition boost, which must be in [-1, 1]. Negative boost means demotion. Default is 0.0. Setting to 1.0 gives the item a big promotion. However, it does not necessarily mean that the boosted item will be the top result at all times, nor that other items will be excluded. Results could still be shown even when none of them matches the condition. And results that are significantly more relevant to the search query can still trump your heavily favored but irrelevant items. Setting to -1.0 gives the item a big demotion. However, results that are deeply relevant might still be shown. The item will have an upstream battle to get a fairly high ranking, but it is not blocked out completely. Setting to 0.0 means no boost applied. The boosting condition is ignored.
       "productsFilter": "A String", # The filter can have a max size of 5000 characters. An expression which specifies which products to apply an action to. The syntax and supported fields are the same as a filter expression. See SearchRequest.filter for detail syntax and limitations. Examples: * To boost products with product ID "product_1" or "product_2", and color "Red" or "Blue": *(id: ANY("product_1", "product_2")) * *AND * *(colorFamilies: ANY("Red", "Blue")) *
@@ -418,7 +424,7 @@ 
Method Details

       "queryTerms": [ # A list (up to 10 entries) of terms to match the query on. If not specified, match all queries. If many query terms are specified, the condition is matched if any of the terms is a match (i.e. using the OR operator).
         { # Query terms that we want to match on.
           "fullMatch": True or False, # Whether this is supposed to be a full or partial match.
-          "value": "A String", # The value of the term to match on. Value cannot be empty. Value can have at most 3 terms if specified as a partial match. Each space separated string is considered as one term. Example) "a b c" is 3 terms and allowed, " a b c d" is 4 terms and not allowed for partial match.
+          "value": "A String", # The value of the term to match on. Value cannot be empty. Value can have at most 3 terms if specified as a partial match. Each space separated string is considered as one term. For example, "a b c" is 3 terms and allowed, but " a b c d" is 4 terms and not allowed for a partial match.
         },
       ],
     },
@@ -468,7 +474,10 @@ 
Method Details

       ],
     },
   },
-  "solutionTypes": [ # Required. Immutable. The solution types that the serving config is used for. Currently we support setting only one type of solution at creation time. Only `SOLUTION_TYPE_SEARCH` value is supported at the moment. If no solution type is provided at creation time, will default to SOLUTION_TYPE_SEARCH.
+  "searchSolutionUseCase": [ # Specifies the use case for the control. Affects what condition fields can be set. Only settable by search controls. Will default to SEARCH_SOLUTION_USE_CASE_SEARCH if not specified. Currently only allow one search_solution_use_case per control.
+    "A String",
+  ],
+  "solutionTypes": [ # Required. Immutable. The solution types that the control is used for. Currently we support setting only one type of solution at creation time. Only `SOLUTION_TYPE_SEARCH` value is supported at the moment. If no solution type is provided at creation time, will default to SOLUTION_TYPE_SEARCH.
     "A String",
   ],
 }

@@ -476,7 +485,7 @@ 
Method Details

 
 

     list(parent, filter=None, pageSize=None, pageToken=None, x__xgafv=None)
-  
Lists all Controls linked to this catalog.
+  
Lists all Controls by their parent Catalog.
 
 Args:
   parent: string, Required. The catalog resource name. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}` (required)
@@ -493,12 +502,12 @@ 
Method Details

 
     { # Response for ListControls method.
   "controls": [ # All the Controls for a given catalog.
-    { # Configures dynamic serving time metadata that is used to pre and post process search/recommendation model results.
-      "associatedServingConfigIds": [ # Output only. List of serving configuration ids that that are associated with this control. Note the association is managed via the ServingConfig, this is an output only denormalizeed view. Assumed to be in the same catalog.
+    { # Configures dynamic metadata that can be linked to a ServingConfig and affect search or recommendation results at serving time.
+      "associatedServingConfigIds": [ # Output only. List of serving configuration ids that are associated with this control in the same Catalog. Note the association is managed via the ServingConfig, this is an output only denormalized view.
         "A String",
       ],
       "displayName": "A String", # Required. The human readable control display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is thrown.
-      "facetSpec": { # A facet specification to perform faceted search. # A facet specification to perform faceted search.
+      "facetSpec": { # A facet specification to perform faceted search. # A facet specification to perform faceted search. Note that this field is deprecated and will throw NOT_IMPLEMENTED if used for creating a control.
         "enableDynamicPosition": True or False, # Enables dynamic position for this facet. If set to true, the position of this facet among all facets in the response is determined by Google Retail Search. It will be ordered together with dynamic facets if dynamic facets is enabled. If set to false, the position of this facet in the response will be the same as in the request, and it will be ranked before the facets with dynamic position enable and all dynamic facets. For example, you may always want to have rating facet returned in the response, but it's not necessarily to always display the rating facet at the top. In that case, you can set enable_dynamic_position to true so that the position of rating facet in response will be determined by Google Retail Search. Another example, assuming you have the following facets in the request: * "rating", enable_dynamic_position = true * "price", enable_dynamic_position = false * "brands", enable_dynamic_position = false And also you have a dynamic facets enable, which will generate a facet 'gender'. Then the final order of the facets in the response can be ("price", "brands", "rating", "gender") or ("price", "brands", "gender", "rating") depends on how Google Retail Search orders "gender" and "rating" facets. However, notice that "price" and "brands" will always be ranked at 1st and 2nd position since their enable_dynamic_position are false.
         "excludedFilterKeys": [ # List of keys to exclude when faceting. By default, FacetKey.key is not excluded from the filter unless it is listed in this field. Listing a facet key in this field allows its values to appear as facet results, even when they are filtered out of search results. Using this field does not affect what search results are returned. For example, suppose there are 100 products with the color facet "Red" and 200 products with the color facet "Blue". A query containing the filter "colorFamilies:ANY("Red")" and having "colorFamilies" as FacetKey.key would by default return only "Red" products in the search results, and also return "Red" with count 100 as the only color facet. Although there are also blue products available, "Blue" would not be shown as an available facet value. If "colorFamilies" is listed in "excludedFilterKeys", then the query returns the facet values "Red" with count 100 and "Blue" with count 200, because the "colorFamilies" key is now excluded from the filter. Because this field doesn't affect search results, the search results are still correctly filtered to return only "Red" products. A maximum of 100 values are allowed. Otherwise, an INVALID_ARGUMENT error is returned.
           "A String",
@@ -530,7 +539,7 @@ 
Method Details

         "limit": 42, # Maximum of facet values that should be returned for this facet. If unspecified, defaults to 20. The maximum allowed value is 300. Values above 300 will be coerced to 300. If this field is negative, an INVALID_ARGUMENT is returned.
       },
       "name": "A String", # Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/controls/*`
-      "rule": { # A rule is a condition-action pair * A condition defines when a rule is to be triggered. * An action specifies what occurs on that trigger. Currently only boost rules are supported. Currently only supported by the search endpoint. # A rule control - a condition-action pair. Enacts a set action when the condition is triggered. For example: Boost "gShoe" when query full matches "Running Shoes".
+      "rule": { # A rule is a condition-action pair * A condition defines when a rule is to be triggered. * An action specifies what occurs on that trigger. Currently rules only work for controls with SOLUTION_TYPE_SEARCH. # A rule control - a condition-action pair. Enacts a set action when the condition is triggered. For example: Boost "gShoe" when query full matches "Running Shoes".
         "boostAction": { # A boost action to apply to results matching condition specified above. # A boost action.
           "boost": 3.14, # Strength of the condition boost, which must be in [-1, 1]. Negative boost means demotion. Default is 0.0. Setting to 1.0 gives the item a big promotion. However, it does not necessarily mean that the boosted item will be the top result at all times, nor that other items will be excluded. Results could still be shown even when none of them matches the condition. And results that are significantly more relevant to the search query can still trump your heavily favored but irrelevant items. Setting to -1.0 gives the item a big demotion. However, results that are deeply relevant might still be shown. The item will have an upstream battle to get a fairly high ranking, but it is not blocked out completely. Setting to 0.0 means no boost applied. The boosting condition is ignored.
           "productsFilter": "A String", # The filter can have a max size of 5000 characters. An expression which specifies which products to apply an action to. The syntax and supported fields are the same as a filter expression. See SearchRequest.filter for detail syntax and limitations. Examples: * To boost products with product ID "product_1" or "product_2", and color "Red" or "Blue": *(id: ANY("product_1", "product_2")) * *AND * *(colorFamilies: ANY("Red", "Blue")) *
@@ -545,7 +554,7 @@ 
Method Details

           "queryTerms": [ # A list (up to 10 entries) of terms to match the query on. If not specified, match all queries. If many query terms are specified, the condition is matched if any of the terms is a match (i.e. using the OR operator).
             { # Query terms that we want to match on.
               "fullMatch": True or False, # Whether this is supposed to be a full or partial match.
-              "value": "A String", # The value of the term to match on. Value cannot be empty. Value can have at most 3 terms if specified as a partial match. Each space separated string is considered as one term. Example) "a b c" is 3 terms and allowed, " a b c d" is 4 terms and not allowed for partial match.
+              "value": "A String", # The value of the term to match on. Value cannot be empty. Value can have at most 3 terms if specified as a partial match. Each space separated string is considered as one term. For example, "a b c" is 3 terms and allowed, but " a b c d" is 4 terms and not allowed for a partial match.
             },
           ],
         },
@@ -595,7 +604,10 @@ 
Method Details

           ],
         },
       },
-      "solutionTypes": [ # Required. Immutable. The solution types that the serving config is used for. Currently we support setting only one type of solution at creation time. Only `SOLUTION_TYPE_SEARCH` value is supported at the moment. If no solution type is provided at creation time, will default to SOLUTION_TYPE_SEARCH.
+      "searchSolutionUseCase": [ # Specifies the use case for the control. Affects what condition fields can be set. Only settable by search controls. Will default to SEARCH_SOLUTION_USE_CASE_SEARCH if not specified. Currently only allow one search_solution_use_case per control.
+        "A String",
+      ],
+      "solutionTypes": [ # Required. Immutable. The solution types that the control is used for. Currently we support setting only one type of solution at creation time. Only `SOLUTION_TYPE_SEARCH` value is supported at the moment. If no solution type is provided at creation time, will default to SOLUTION_TYPE_SEARCH.
         "A String",
       ],
     },
@@ -620,19 +632,19 @@ 
Method Details

 
 

     patch(name, body=None, updateMask=None, x__xgafv=None)
-  
Updates a Control. Control cannot be set to a different oneof field, if so an INVALID_ARGUMENT is returned. If the Control to delete does not exist, a NOT_FOUND error is returned.
+  
Updates a Control. Control cannot be set to a different oneof field, if so an INVALID_ARGUMENT is returned. If the Control to update does not exist, a NOT_FOUND error is returned.
 
 Args:
   name: string, Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/controls/*` (required)
   body: object, The request body.
     The object takes the form of:
 
-{ # Configures dynamic serving time metadata that is used to pre and post process search/recommendation model results.
-  "associatedServingConfigIds": [ # Output only. List of serving configuration ids that that are associated with this control. Note the association is managed via the ServingConfig, this is an output only denormalizeed view. Assumed to be in the same catalog.
+{ # Configures dynamic metadata that can be linked to a ServingConfig and affect search or recommendation results at serving time.
+  "associatedServingConfigIds": [ # Output only. List of serving configuration ids that are associated with this control in the same Catalog. Note the association is managed via the ServingConfig, this is an output only denormalized view.
     "A String",
   ],
   "displayName": "A String", # Required. The human readable control display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is thrown.
-  "facetSpec": { # A facet specification to perform faceted search. # A facet specification to perform faceted search.
+  "facetSpec": { # A facet specification to perform faceted search. # A facet specification to perform faceted search. Note that this field is deprecated and will throw NOT_IMPLEMENTED if used for creating a control.
     "enableDynamicPosition": True or False, # Enables dynamic position for this facet. If set to true, the position of this facet among all facets in the response is determined by Google Retail Search. It will be ordered together with dynamic facets if dynamic facets is enabled. If set to false, the position of this facet in the response will be the same as in the request, and it will be ranked before the facets with dynamic position enable and all dynamic facets. For example, you may always want to have rating facet returned in the response, but it's not necessarily to always display the rating facet at the top. In that case, you can set enable_dynamic_position to true so that the position of rating facet in response will be determined by Google Retail Search. Another example, assuming you have the following facets in the request: * "rating", enable_dynamic_position = true * "price", enable_dynamic_position = false * "brands", enable_dynamic_position = false And also you have a dynamic facets enable, which will generate a facet 'gender'. Then the final order of the facets in the response can be ("price", "brands", "rating", "gender") or ("price", "brands", "gender", "rating") depends on how Google Retail Search orders "gender" and "rating" facets. However, notice that "price" and "brands" will always be ranked at 1st and 2nd position since their enable_dynamic_position are false.
     "excludedFilterKeys": [ # List of keys to exclude when faceting. By default, FacetKey.key is not excluded from the filter unless it is listed in this field. Listing a facet key in this field allows its values to appear as facet results, even when they are filtered out of search results. Using this field does not affect what search results are returned. For example, suppose there are 100 products with the color facet "Red" and 200 products with the color facet "Blue". A query containing the filter "colorFamilies:ANY("Red")" and having "colorFamilies" as FacetKey.key would by default return only "Red" products in the search results, and also return "Red" with count 100 as the only color facet. Although there are also blue products available, "Blue" would not be shown as an available facet value. If "colorFamilies" is listed in "excludedFilterKeys", then the query returns the facet values "Red" with count 100 and "Blue" with count 200, because the "colorFamilies" key is now excluded from the filter. Because this field doesn't affect search results, the search results are still correctly filtered to return only "Red" products. A maximum of 100 values are allowed. Otherwise, an INVALID_ARGUMENT error is returned.
       "A String",
@@ -664,7 +676,7 @@ 
Method Details

     "limit": 42, # Maximum of facet values that should be returned for this facet. If unspecified, defaults to 20. The maximum allowed value is 300. Values above 300 will be coerced to 300. If this field is negative, an INVALID_ARGUMENT is returned.
   },
   "name": "A String", # Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/controls/*`
-  "rule": { # A rule is a condition-action pair * A condition defines when a rule is to be triggered. * An action specifies what occurs on that trigger. Currently only boost rules are supported. Currently only supported by the search endpoint. # A rule control - a condition-action pair. Enacts a set action when the condition is triggered. For example: Boost "gShoe" when query full matches "Running Shoes".
+  "rule": { # A rule is a condition-action pair * A condition defines when a rule is to be triggered. * An action specifies what occurs on that trigger. Currently rules only work for controls with SOLUTION_TYPE_SEARCH. # A rule control - a condition-action pair. Enacts a set action when the condition is triggered. For example: Boost "gShoe" when query full matches "Running Shoes".
     "boostAction": { # A boost action to apply to results matching condition specified above. # A boost action.
       "boost": 3.14, # Strength of the condition boost, which must be in [-1, 1]. Negative boost means demotion. Default is 0.0. Setting to 1.0 gives the item a big promotion. However, it does not necessarily mean that the boosted item will be the top result at all times, nor that other items will be excluded. Results could still be shown even when none of them matches the condition. And results that are significantly more relevant to the search query can still trump your heavily favored but irrelevant items. Setting to -1.0 gives the item a big demotion. However, results that are deeply relevant might still be shown. The item will have an upstream battle to get a fairly high ranking, but it is not blocked out completely. Setting to 0.0 means no boost applied. The boosting condition is ignored.
       "productsFilter": "A String", # The filter can have a max size of 5000 characters. An expression which specifies which products to apply an action to. The syntax and supported fields are the same as a filter expression. See SearchRequest.filter for detail syntax and limitations. Examples: * To boost products with product ID "product_1" or "product_2", and color "Red" or "Blue": *(id: ANY("product_1", "product_2")) * *AND * *(colorFamilies: ANY("Red", "Blue")) *
@@ -679,7 +691,7 @@ 
Method Details

       "queryTerms": [ # A list (up to 10 entries) of terms to match the query on. If not specified, match all queries. If many query terms are specified, the condition is matched if any of the terms is a match (i.e. using the OR operator).
         { # Query terms that we want to match on.
           "fullMatch": True or False, # Whether this is supposed to be a full or partial match.
-          "value": "A String", # The value of the term to match on. Value cannot be empty. Value can have at most 3 terms if specified as a partial match. Each space separated string is considered as one term. Example) "a b c" is 3 terms and allowed, " a b c d" is 4 terms and not allowed for partial match.
+          "value": "A String", # The value of the term to match on. Value cannot be empty. Value can have at most 3 terms if specified as a partial match. Each space separated string is considered as one term. For example, "a b c" is 3 terms and allowed, but " a b c d" is 4 terms and not allowed for a partial match.
         },
       ],
     },
@@ -729,7 +741,10 @@ 
Method Details

       ],
     },
   },
-  "solutionTypes": [ # Required. Immutable. The solution types that the serving config is used for. Currently we support setting only one type of solution at creation time. Only `SOLUTION_TYPE_SEARCH` value is supported at the moment. If no solution type is provided at creation time, will default to SOLUTION_TYPE_SEARCH.
+  "searchSolutionUseCase": [ # Specifies the use case for the control. Affects what condition fields can be set. Only settable by search controls. Will default to SEARCH_SOLUTION_USE_CASE_SEARCH if not specified. Currently only allow one search_solution_use_case per control.
+    "A String",
+  ],
+  "solutionTypes": [ # Required. Immutable. The solution types that the control is used for. Currently we support setting only one type of solution at creation time. Only `SOLUTION_TYPE_SEARCH` value is supported at the moment. If no solution type is provided at creation time, will default to SOLUTION_TYPE_SEARCH.
     "A String",
   ],
 }
@@ -743,12 +758,12 @@ 
Method Details

 Returns:
   An object of the form:
 
-    { # Configures dynamic serving time metadata that is used to pre and post process search/recommendation model results.
-  "associatedServingConfigIds": [ # Output only. List of serving configuration ids that that are associated with this control. Note the association is managed via the ServingConfig, this is an output only denormalizeed view. Assumed to be in the same catalog.
+    { # Configures dynamic metadata that can be linked to a ServingConfig and affect search or recommendation results at serving time.
+  "associatedServingConfigIds": [ # Output only. List of serving configuration ids that are associated with this control in the same Catalog. Note the association is managed via the ServingConfig, this is an output only denormalized view.
     "A String",
   ],
   "displayName": "A String", # Required. The human readable control display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is thrown.
-  "facetSpec": { # A facet specification to perform faceted search. # A facet specification to perform faceted search.
+  "facetSpec": { # A facet specification to perform faceted search. # A facet specification to perform faceted search. Note that this field is deprecated and will throw NOT_IMPLEMENTED if used for creating a control.
     "enableDynamicPosition": True or False, # Enables dynamic position for this facet. If set to true, the position of this facet among all facets in the response is determined by Google Retail Search. It will be ordered together with dynamic facets if dynamic facets is enabled. If set to false, the position of this facet in the response will be the same as in the request, and it will be ranked before the facets with dynamic position enable and all dynamic facets. For example, you may always want to have rating facet returned in the response, but it's not necessarily to always display the rating facet at the top. In that case, you can set enable_dynamic_position to true so that the position of rating facet in response will be determined by Google Retail Search. Another example, assuming you have the following facets in the request: * "rating", enable_dynamic_position = true * "price", enable_dynamic_position = false * "brands", enable_dynamic_position = false And also you have a dynamic facets enable, which will generate a facet 'gender'. Then the final order of the facets in the response can be ("price", "brands", "rating", "gender") or ("price", "brands", "gender", "rating") depends on how Google Retail Search orders "gender" and "rating" facets. However, notice that "price" and "brands" will always be ranked at 1st and 2nd position since their enable_dynamic_position are false.
     "excludedFilterKeys": [ # List of keys to exclude when faceting. By default, FacetKey.key is not excluded from the filter unless it is listed in this field. Listing a facet key in this field allows its values to appear as facet results, even when they are filtered out of search results. Using this field does not affect what search results are returned. For example, suppose there are 100 products with the color facet "Red" and 200 products with the color facet "Blue". A query containing the filter "colorFamilies:ANY("Red")" and having "colorFamilies" as FacetKey.key would by default return only "Red" products in the search results, and also return "Red" with count 100 as the only color facet. Although there are also blue products available, "Blue" would not be shown as an available facet value. If "colorFamilies" is listed in "excludedFilterKeys", then the query returns the facet values "Red" with count 100 and "Blue" with count 200, because the "colorFamilies" key is now excluded from the filter. Because this field doesn't affect search results, the search results are still correctly filtered to return only "Red" products. A maximum of 100 values are allowed. Otherwise, an INVALID_ARGUMENT error is returned.
       "A String",
@@ -780,7 +795,7 @@ 
Method Details

     "limit": 42, # Maximum of facet values that should be returned for this facet. If unspecified, defaults to 20. The maximum allowed value is 300. Values above 300 will be coerced to 300. If this field is negative, an INVALID_ARGUMENT is returned.
   },
   "name": "A String", # Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/controls/*`
-  "rule": { # A rule is a condition-action pair * A condition defines when a rule is to be triggered. * An action specifies what occurs on that trigger. Currently only boost rules are supported. Currently only supported by the search endpoint. # A rule control - a condition-action pair. Enacts a set action when the condition is triggered. For example: Boost "gShoe" when query full matches "Running Shoes".
+  "rule": { # A rule is a condition-action pair * A condition defines when a rule is to be triggered. * An action specifies what occurs on that trigger. Currently rules only work for controls with SOLUTION_TYPE_SEARCH. # A rule control - a condition-action pair. Enacts a set action when the condition is triggered. For example: Boost "gShoe" when query full matches "Running Shoes".
     "boostAction": { # A boost action to apply to results matching condition specified above. # A boost action.
       "boost": 3.14, # Strength of the condition boost, which must be in [-1, 1]. Negative boost means demotion. Default is 0.0. Setting to 1.0 gives the item a big promotion. However, it does not necessarily mean that the boosted item will be the top result at all times, nor that other items will be excluded. Results could still be shown even when none of them matches the condition. And results that are significantly more relevant to the search query can still trump your heavily favored but irrelevant items. Setting to -1.0 gives the item a big demotion. However, results that are deeply relevant might still be shown. The item will have an upstream battle to get a fairly high ranking, but it is not blocked out completely. Setting to 0.0 means no boost applied. The boosting condition is ignored.
       "productsFilter": "A String", # The filter can have a max size of 5000 characters. An expression which specifies which products to apply an action to. The syntax and supported fields are the same as a filter expression. See SearchRequest.filter for detail syntax and limitations. Examples: * To boost products with product ID "product_1" or "product_2", and color "Red" or "Blue": *(id: ANY("product_1", "product_2")) * *AND * *(colorFamilies: ANY("Red", "Blue")) *
@@ -795,7 +810,7 @@ 
Method Details

       "queryTerms": [ # A list (up to 10 entries) of terms to match the query on. If not specified, match all queries. If many query terms are specified, the condition is matched if any of the terms is a match (i.e. using the OR operator).
         { # Query terms that we want to match on.
           "fullMatch": True or False, # Whether this is supposed to be a full or partial match.
-          "value": "A String", # The value of the term to match on. Value cannot be empty. Value can have at most 3 terms if specified as a partial match. Each space separated string is considered as one term. Example) "a b c" is 3 terms and allowed, " a b c d" is 4 terms and not allowed for partial match.
+          "value": "A String", # The value of the term to match on. Value cannot be empty. Value can have at most 3 terms if specified as a partial match. Each space separated string is considered as one term. For example, "a b c" is 3 terms and allowed, but " a b c d" is 4 terms and not allowed for a partial match.
         },
       ],
     },
@@ -845,7 +860,10 @@ 
Method Details

       ],
     },
   },
-  "solutionTypes": [ # Required. Immutable. The solution types that the serving config is used for. Currently we support setting only one type of solution at creation time. Only `SOLUTION_TYPE_SEARCH` value is supported at the moment. If no solution type is provided at creation time, will default to SOLUTION_TYPE_SEARCH.
+  "searchSolutionUseCase": [ # Specifies the use case for the control. Affects what condition fields can be set. Only settable by search controls. Will default to SEARCH_SOLUTION_USE_CASE_SEARCH if not specified. Currently only allow one search_solution_use_case per control.
+    "A String",
+  ],
+  "solutionTypes": [ # Required. Immutable. The solution types that the control is used for. Currently we support setting only one type of solution at creation time. Only `SOLUTION_TYPE_SEARCH` value is supported at the moment. If no solution type is provided at creation time, will default to SOLUTION_TYPE_SEARCH.
     "A String",
   ],
 }

diff --git a/docs/dyn/retail_v2alpha.projects.locations.catalogs.html b/docs/dyn/retail_v2alpha.projects.locations.catalogs.html
index 5768b73d56f..614fbd976e3 100644
--- a/docs/dyn/retail_v2alpha.projects.locations.catalogs.html
+++ b/docs/dyn/retail_v2alpha.projects.locations.catalogs.html
@@ -124,7 +124,7 @@ 
Instance Methods

 
Close httplib2 connections.

 

   completeQuery(catalog, dataset=None, deviceType=None, languageCodes=None, maxSuggestions=None, query=None, visitorId=None, x__xgafv=None)

-
Completes the specified prefix with keyword suggestions. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.

+
Completes the specified prefix with keyword suggestions. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.

 

   getAttributesConfig(name, x__xgafv=None)

 
Gets an AttributesConfig.

@@ -160,7 +160,7 @@ 
Method Details

 
 

     completeQuery(catalog, dataset=None, deviceType=None, languageCodes=None, maxSuggestions=None, query=None, visitorId=None, x__xgafv=None)
-  
Completes the specified prefix with keyword suggestions. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.
+  
Completes the specified prefix with keyword suggestions. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.
 
 Args:
   catalog: string, Required. Catalog for which the completion is performed. Full resource name of catalog, such as `projects/*/locations/global/catalogs/default_catalog`. (required)
@@ -242,7 +242,7 @@ 
Method Details

   
Gets a CompletionConfig.
 
 Args:
-  name: string, Required. Full CompletionConfig resource name. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/completionConfig (required)
+  name: string, Required. Full CompletionConfig resource name. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/completionConfig` (required)
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
diff --git a/docs/dyn/retail_v2alpha.projects.locations.catalogs.models.html b/docs/dyn/retail_v2alpha.projects.locations.catalogs.models.html
index 996bed9629e..45edc1f8c01 100644
--- a/docs/dyn/retail_v2alpha.projects.locations.catalogs.models.html
+++ b/docs/dyn/retail_v2alpha.projects.locations.catalogs.models.html
@@ -91,7 +91,7 @@ 
Instance Methods

 
Retrieves the next page of results.

 

   patch(name, body=None, updateMask=None, x__xgafv=None)

-
Update of model metadata. Only fields that currently can be updated are: filtering_option, periodic_tuning_state. If other values are provided, this API method will ignore them.

+
Update of model metadata. Only fields that currently can be updated are: `filtering_option` and `periodic_tuning_state`. If other values are provided, this API method ignores them.

 

   pause(name, body=None, x__xgafv=None)

 
Pauses the training of an existing model.

@@ -112,17 +112,17 @@ 
Method Details

   
Creates a new model.
 
 Args:
-  parent: string, Required. The parent resource under which to create the model. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id} (required)
+  parent: string, Required. The parent resource under which to create the model. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}` (required)
   body: object, The request body.
     The object takes the form of:
 
-{ # Metadata that describes the training and serving parameters of a Model. A Model can be associated with a ServingConfig and then queried through the Predict api.
+{ # Metadata that describes the training and serving parameters of a Model. A Model can be associated with a ServingConfig and then queried through the Predict API.
   "createTime": "A String", # Output only. Timestamp the Recommendation Model was created at.
-  "dataState": "A String", # Output only. The state of data requirements for this model: DATA_OK and DATA_ERROR. Recommendation model cannot be trained if the data is in DATA_ERROR state. Recommendation model can have DATA_ERROR state even if serving state is ACTIVE: models were trained successfully before, but cannot be refreshed because model no longer has sufficient data for training.
-  "displayName": "A String", # Required. The display name of the model. Should be human readable, used to display Recommendation Models in the Retail Cloud Cosole Dashboard. UTF-8 encoded string with limit of 1024 characters.
-  "filteringOption": "A String", # Optional. If RECOMMENDATIONS_FILTERING_ENABLED, recommendation filtering by attributes is enabled for the model.
+  "dataState": "A String", # Output only. The state of data requirements for this model: `DATA_OK` and `DATA_ERROR`. Recommendation model cannot be trained if the data is in `DATA_ERROR` state. Recommendation model can have `DATA_ERROR` state even if serving state is `ACTIVE`: models were trained successfully before, but cannot be refreshed because model no longer has sufficient data for training.
+  "displayName": "A String", # Required. The display name of the model. Should be human readable, used to display Recommendation Models in the Retail Cloud Console Dashboard. UTF-8 encoded string with limit of 1024 characters.
+  "filteringOption": "A String", # Optional. If `RECOMMENDATIONS_FILTERING_ENABLED`, recommendation filtering by attributes is enabled for the model.
   "lastTuneTime": "A String", # Output only. The timestamp when the latest successful tune finished.
-  "name": "A String", # Required. The fully qualified resource name of the model. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id} catalog_id has char limit of 50. recommendation_model_id has char limit of 40.
+  "name": "A String", # Required. The fully qualified resource name of the model. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` catalog_id has char limit of 50. recommendation_model_id has char limit of 40.
   "optimizationObjective": "A String", # Optional. The optimization objective e.g. `cvr`. Currently supported values: `ctr`, `cvr`, `revenue-per-order`. If not specified, we choose default based on model type. Default depends on type of recommendation: `recommended-for-you` => `ctr` `others-you-may-like` => `ctr` `frequently-bought-together` => `revenue_per_order`
   "pageOptimizationConfig": { # The PageOptimizationConfig for model training. This determines how many panels to optimize for, and which serving configurations to consider for each panel. The purpose of this model is to optimize which ServingConfig to show on which panels in way that optimizes the visitors shopping journey. # Optional. The page optimization config.
     "pageOptimizationEventType": "A String", # Required. The type of UserEvent this page optimization is shown for. Each page has an associated event type - this will be the corresponding event type for the page that the page optimization model is used on. Supported types: * `add-to-cart`: Products being added to cart. * `detail-page-view`: Products detail page viewed. * `home-page-view`: Homepage viewed * `category-page-view`: Homepage viewed * `shopping-cart-page-view`: User viewing a shopping cart. `home-page-view` only allows models with type `recommended-for-you`. All other page_optimization_event_type allow all Model.types.
@@ -130,33 +130,33 @@ 
Method Details

       { # An individual panel with a list of ServingConfigs to consider for it.
         "candidates": [ # Required. The candidates to consider on the panel. Limit = 10.
           { # A candidate to consider for a given panel. Currently only ServingConfig are valid candidates.
-            "servingConfigId": "A String", # This has to be a valid ServingConfig identifier. e.g. for a ServingConfig with full name: `projects/*/locations/global/catalogs/default_catalog/servingConfigs/my_candidate_config` this would be 'my_candidate_config'
+            "servingConfigId": "A String", # This has to be a valid ServingConfig identifier. For example, for a ServingConfig with full name: `projects/*/locations/global/catalogs/default_catalog/servingConfigs/my_candidate_config`, this would be `my_candidate_config`.
           },
         ],
-        "defaultCandidate": { # A candidate to consider for a given panel. Currently only ServingConfig are valid candidates. # Required. The default candidate (in case the model fails at serving time, we can fall back to the default).
-          "servingConfigId": "A String", # This has to be a valid ServingConfig identifier. e.g. for a ServingConfig with full name: `projects/*/locations/global/catalogs/default_catalog/servingConfigs/my_candidate_config` this would be 'my_candidate_config'
+        "defaultCandidate": { # A candidate to consider for a given panel. Currently only ServingConfig are valid candidates. # Required. The default candidate. If the model fails at serving time, we fall back to the default.
+          "servingConfigId": "A String", # This has to be a valid ServingConfig identifier. For example, for a ServingConfig with full name: `projects/*/locations/global/catalogs/default_catalog/servingConfigs/my_candidate_config`, this would be `my_candidate_config`.
         },
         "displayName": "A String", # Optional. The name to display for the panel.
       },
     ],
     "restriction": "A String", # Optional. How to restrict results across panels e.g. can the same ServingConfig be shown on multiple panels at once. If unspecified, default to `UNIQUE_MODEL_RESTRICTION`.
   },
-  "periodicTuningState": "A String", # Optional. The state of periodic tuning. The period we use is 3 months - to do a one-off tune earlier use the TuneModel method. Default value is PERIODIC_TUNING_ENABLED.
+  "periodicTuningState": "A String", # Optional. The state of periodic tuning. The period we use is 3 months - to do a one-off tune earlier use the `TuneModel` method. Default value is `PERIODIC_TUNING_ENABLED`.
   "servingConfigLists": [ # Output only. The list of valid serving configs associated with the PageOptimizationConfig.
-    { # Represents an ordered combination of valid serving configs, which / may be used for PAGE_OPTIMIZATION recommendations.
-      "servingConfigIds": [ # Optional. A set of valid serving configs that may be used for PAGE_OPTIMIZATION.
+    { # Represents an ordered combination of valid serving configs, which can be used for `PAGE_OPTIMIZATION` recommendations.
+      "servingConfigIds": [ # Optional. A set of valid serving configs that may be used for `PAGE_OPTIMIZATION`.
         "A String",
       ],
     },
   ],
-  "servingState": "A String", # Output only. The serving state of the model: ACTIVE, NOT_ACTIVE.
-  "trainingState": "A String", # Optional. The training state that the model is in (e.g. TRAINING or PAUSED). Since part of the cost of running the service is frequency of training - this can be used to determine when to train model in order to control cost. If not specified: the default value for CreateModel method is TRAINING. the default value for UpdateModel method is to keep the state the same as before.
+  "servingState": "A String", # Output only. The serving state of the model: `ACTIVE`, `NOT_ACTIVE`.
+  "trainingState": "A String", # Optional. The training state that the model is in (e.g. `TRAINING` or `PAUSED`). Since part of the cost of running the service is frequency of training - this can be used to determine when to train model in order to control cost. If not specified: the default value for `CreateModel` method is `TRAINING`. The default value for `UpdateModel` method is to keep the state the same as before.
   "tuningOperation": "A String", # Output only. The tune operation associated with the model. Can be used to determine if there is an ongoing tune for this recommendation. Empty field implies no tune is goig on.
-  "type": "A String", # Required. The type of model e.g. `home-page`. Currently supported values: `recommended-for-you`, `others-you-may-like`, `frequently-bought-together`, `page-optimization`, 'similar-items', 'buy-it-again', `recently-viewed`(readonly value).
+  "type": "A String", # Required. The type of model e.g. `home-page`. Currently supported values: `recommended-for-you`, `others-you-may-like`, `frequently-bought-together`, `page-optimization`, `similar-items`, `buy-it-again`, and `recently-viewed`(readonly value).
   "updateTime": "A String", # Output only. Timestamp the Recommendation Model was last updated. E.g. if a Recommendation Model was paused - this would be the time the pause was initiated.
 }
 
-  dryRun: boolean, Optional. Whether to run a dry_run to validate the request (without actually creating the model).
+  dryRun: boolean, Optional. Whether to run a dry run to validate the request (without actually creating the model).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -191,7 +191,7 @@ 
Method Details

   
Deletes an existing model.
 
 Args:
-  name: string, Required. The resource name of the [Model] to delete. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id} (required)
+  name: string, Required. The resource name of the Model to delete. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` (required)
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -209,7 +209,7 @@ 
Method Details

   
Lists all the models linked to this event store.
 
 Args:
-  parent: string, Required. The parent for which to list models. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id} (required)
+  parent: string, Required. The parent for which to list models. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}` (required)
   pageSize: integer, Optional. Maximum number of results to return. If unspecified, defaults to 50. Max allowed value is 1000.
   pageToken: string, Optional. A page token, received from a previous `ListModels` call. Provide this to retrieve the subsequent page.
   x__xgafv: string, V1 error format.
@@ -222,13 +222,13 @@ 
Method Details

 
     { # Response to a ListModelRequest.
   "models": [ # List of Models.
-    { # Metadata that describes the training and serving parameters of a Model. A Model can be associated with a ServingConfig and then queried through the Predict api.
+    { # Metadata that describes the training and serving parameters of a Model. A Model can be associated with a ServingConfig and then queried through the Predict API.
       "createTime": "A String", # Output only. Timestamp the Recommendation Model was created at.
-      "dataState": "A String", # Output only. The state of data requirements for this model: DATA_OK and DATA_ERROR. Recommendation model cannot be trained if the data is in DATA_ERROR state. Recommendation model can have DATA_ERROR state even if serving state is ACTIVE: models were trained successfully before, but cannot be refreshed because model no longer has sufficient data for training.
-      "displayName": "A String", # Required. The display name of the model. Should be human readable, used to display Recommendation Models in the Retail Cloud Cosole Dashboard. UTF-8 encoded string with limit of 1024 characters.
-      "filteringOption": "A String", # Optional. If RECOMMENDATIONS_FILTERING_ENABLED, recommendation filtering by attributes is enabled for the model.
+      "dataState": "A String", # Output only. The state of data requirements for this model: `DATA_OK` and `DATA_ERROR`. Recommendation model cannot be trained if the data is in `DATA_ERROR` state. Recommendation model can have `DATA_ERROR` state even if serving state is `ACTIVE`: models were trained successfully before, but cannot be refreshed because model no longer has sufficient data for training.
+      "displayName": "A String", # Required. The display name of the model. Should be human readable, used to display Recommendation Models in the Retail Cloud Console Dashboard. UTF-8 encoded string with limit of 1024 characters.
+      "filteringOption": "A String", # Optional. If `RECOMMENDATIONS_FILTERING_ENABLED`, recommendation filtering by attributes is enabled for the model.
       "lastTuneTime": "A String", # Output only. The timestamp when the latest successful tune finished.
-      "name": "A String", # Required. The fully qualified resource name of the model. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id} catalog_id has char limit of 50. recommendation_model_id has char limit of 40.
+      "name": "A String", # Required. The fully qualified resource name of the model. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` catalog_id has char limit of 50. recommendation_model_id has char limit of 40.
       "optimizationObjective": "A String", # Optional. The optimization objective e.g. `cvr`. Currently supported values: `ctr`, `cvr`, `revenue-per-order`. If not specified, we choose default based on model type. Default depends on type of recommendation: `recommended-for-you` => `ctr` `others-you-may-like` => `ctr` `frequently-bought-together` => `revenue_per_order`
       "pageOptimizationConfig": { # The PageOptimizationConfig for model training. This determines how many panels to optimize for, and which serving configurations to consider for each panel. The purpose of this model is to optimize which ServingConfig to show on which panels in way that optimizes the visitors shopping journey. # Optional. The page optimization config.
         "pageOptimizationEventType": "A String", # Required. The type of UserEvent this page optimization is shown for. Each page has an associated event type - this will be the corresponding event type for the page that the page optimization model is used on. Supported types: * `add-to-cart`: Products being added to cart. * `detail-page-view`: Products detail page viewed. * `home-page-view`: Homepage viewed * `category-page-view`: Homepage viewed * `shopping-cart-page-view`: User viewing a shopping cart. `home-page-view` only allows models with type `recommended-for-you`. All other page_optimization_event_type allow all Model.types.
@@ -236,29 +236,29 @@ 
Method Details

           { # An individual panel with a list of ServingConfigs to consider for it.
             "candidates": [ # Required. The candidates to consider on the panel. Limit = 10.
               { # A candidate to consider for a given panel. Currently only ServingConfig are valid candidates.
-                "servingConfigId": "A String", # This has to be a valid ServingConfig identifier. e.g. for a ServingConfig with full name: `projects/*/locations/global/catalogs/default_catalog/servingConfigs/my_candidate_config` this would be 'my_candidate_config'
+                "servingConfigId": "A String", # This has to be a valid ServingConfig identifier. For example, for a ServingConfig with full name: `projects/*/locations/global/catalogs/default_catalog/servingConfigs/my_candidate_config`, this would be `my_candidate_config`.
               },
             ],
-            "defaultCandidate": { # A candidate to consider for a given panel. Currently only ServingConfig are valid candidates. # Required. The default candidate (in case the model fails at serving time, we can fall back to the default).
-              "servingConfigId": "A String", # This has to be a valid ServingConfig identifier. e.g. for a ServingConfig with full name: `projects/*/locations/global/catalogs/default_catalog/servingConfigs/my_candidate_config` this would be 'my_candidate_config'
+            "defaultCandidate": { # A candidate to consider for a given panel. Currently only ServingConfig are valid candidates. # Required. The default candidate. If the model fails at serving time, we fall back to the default.
+              "servingConfigId": "A String", # This has to be a valid ServingConfig identifier. For example, for a ServingConfig with full name: `projects/*/locations/global/catalogs/default_catalog/servingConfigs/my_candidate_config`, this would be `my_candidate_config`.
             },
             "displayName": "A String", # Optional. The name to display for the panel.
           },
         ],
         "restriction": "A String", # Optional. How to restrict results across panels e.g. can the same ServingConfig be shown on multiple panels at once. If unspecified, default to `UNIQUE_MODEL_RESTRICTION`.
       },
-      "periodicTuningState": "A String", # Optional. The state of periodic tuning. The period we use is 3 months - to do a one-off tune earlier use the TuneModel method. Default value is PERIODIC_TUNING_ENABLED.
+      "periodicTuningState": "A String", # Optional. The state of periodic tuning. The period we use is 3 months - to do a one-off tune earlier use the `TuneModel` method. Default value is `PERIODIC_TUNING_ENABLED`.
       "servingConfigLists": [ # Output only. The list of valid serving configs associated with the PageOptimizationConfig.
-        { # Represents an ordered combination of valid serving configs, which / may be used for PAGE_OPTIMIZATION recommendations.
-          "servingConfigIds": [ # Optional. A set of valid serving configs that may be used for PAGE_OPTIMIZATION.
+        { # Represents an ordered combination of valid serving configs, which can be used for `PAGE_OPTIMIZATION` recommendations.
+          "servingConfigIds": [ # Optional. A set of valid serving configs that may be used for `PAGE_OPTIMIZATION`.
             "A String",
           ],
         },
       ],
-      "servingState": "A String", # Output only. The serving state of the model: ACTIVE, NOT_ACTIVE.
-      "trainingState": "A String", # Optional. The training state that the model is in (e.g. TRAINING or PAUSED). Since part of the cost of running the service is frequency of training - this can be used to determine when to train model in order to control cost. If not specified: the default value for CreateModel method is TRAINING. the default value for UpdateModel method is to keep the state the same as before.
+      "servingState": "A String", # Output only. The serving state of the model: `ACTIVE`, `NOT_ACTIVE`.
+      "trainingState": "A String", # Optional. The training state that the model is in (e.g. `TRAINING` or `PAUSED`). Since part of the cost of running the service is frequency of training - this can be used to determine when to train model in order to control cost. If not specified: the default value for `CreateModel` method is `TRAINING`. The default value for `UpdateModel` method is to keep the state the same as before.
       "tuningOperation": "A String", # Output only. The tune operation associated with the model. Can be used to determine if there is an ongoing tune for this recommendation. Empty field implies no tune is goig on.
-      "type": "A String", # Required. The type of model e.g. `home-page`. Currently supported values: `recommended-for-you`, `others-you-may-like`, `frequently-bought-together`, `page-optimization`, 'similar-items', 'buy-it-again', `recently-viewed`(readonly value).
+      "type": "A String", # Required. The type of model e.g. `home-page`. Currently supported values: `recommended-for-you`, `others-you-may-like`, `frequently-bought-together`, `page-optimization`, `similar-items`, `buy-it-again`, and `recently-viewed`(readonly value).
       "updateTime": "A String", # Output only. Timestamp the Recommendation Model was last updated. E.g. if a Recommendation Model was paused - this would be the time the pause was initiated.
     },
   ],
@@ -282,20 +282,20 @@ 
Method Details

 
 

     patch(name, body=None, updateMask=None, x__xgafv=None)
-  
Update of model metadata. Only fields that currently can be updated are: filtering_option, periodic_tuning_state. If other values are provided, this API method will ignore them.
+  
Update of model metadata. Only fields that currently can be updated are: `filtering_option` and `periodic_tuning_state`. If other values are provided, this API method ignores them.
 
 Args:
-  name: string, Required. The fully qualified resource name of the model. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id} catalog_id has char limit of 50. recommendation_model_id has char limit of 40. (required)
+  name: string, Required. The fully qualified resource name of the model. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` catalog_id has char limit of 50. recommendation_model_id has char limit of 40. (required)
   body: object, The request body.
     The object takes the form of:
 
-{ # Metadata that describes the training and serving parameters of a Model. A Model can be associated with a ServingConfig and then queried through the Predict api.
+{ # Metadata that describes the training and serving parameters of a Model. A Model can be associated with a ServingConfig and then queried through the Predict API.
   "createTime": "A String", # Output only. Timestamp the Recommendation Model was created at.
-  "dataState": "A String", # Output only. The state of data requirements for this model: DATA_OK and DATA_ERROR. Recommendation model cannot be trained if the data is in DATA_ERROR state. Recommendation model can have DATA_ERROR state even if serving state is ACTIVE: models were trained successfully before, but cannot be refreshed because model no longer has sufficient data for training.
-  "displayName": "A String", # Required. The display name of the model. Should be human readable, used to display Recommendation Models in the Retail Cloud Cosole Dashboard. UTF-8 encoded string with limit of 1024 characters.
-  "filteringOption": "A String", # Optional. If RECOMMENDATIONS_FILTERING_ENABLED, recommendation filtering by attributes is enabled for the model.
+  "dataState": "A String", # Output only. The state of data requirements for this model: `DATA_OK` and `DATA_ERROR`. Recommendation model cannot be trained if the data is in `DATA_ERROR` state. Recommendation model can have `DATA_ERROR` state even if serving state is `ACTIVE`: models were trained successfully before, but cannot be refreshed because model no longer has sufficient data for training.
+  "displayName": "A String", # Required. The display name of the model. Should be human readable, used to display Recommendation Models in the Retail Cloud Console Dashboard. UTF-8 encoded string with limit of 1024 characters.
+  "filteringOption": "A String", # Optional. If `RECOMMENDATIONS_FILTERING_ENABLED`, recommendation filtering by attributes is enabled for the model.
   "lastTuneTime": "A String", # Output only. The timestamp when the latest successful tune finished.
-  "name": "A String", # Required. The fully qualified resource name of the model. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id} catalog_id has char limit of 50. recommendation_model_id has char limit of 40.
+  "name": "A String", # Required. The fully qualified resource name of the model. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` catalog_id has char limit of 50. recommendation_model_id has char limit of 40.
   "optimizationObjective": "A String", # Optional. The optimization objective e.g. `cvr`. Currently supported values: `ctr`, `cvr`, `revenue-per-order`. If not specified, we choose default based on model type. Default depends on type of recommendation: `recommended-for-you` => `ctr` `others-you-may-like` => `ctr` `frequently-bought-together` => `revenue_per_order`
   "pageOptimizationConfig": { # The PageOptimizationConfig for model training. This determines how many panels to optimize for, and which serving configurations to consider for each panel. The purpose of this model is to optimize which ServingConfig to show on which panels in way that optimizes the visitors shopping journey. # Optional. The page optimization config.
     "pageOptimizationEventType": "A String", # Required. The type of UserEvent this page optimization is shown for. Each page has an associated event type - this will be the corresponding event type for the page that the page optimization model is used on. Supported types: * `add-to-cart`: Products being added to cart. * `detail-page-view`: Products detail page viewed. * `home-page-view`: Homepage viewed * `category-page-view`: Homepage viewed * `shopping-cart-page-view`: User viewing a shopping cart. `home-page-view` only allows models with type `recommended-for-you`. All other page_optimization_event_type allow all Model.types.
@@ -303,33 +303,33 @@ 
Method Details

       { # An individual panel with a list of ServingConfigs to consider for it.
         "candidates": [ # Required. The candidates to consider on the panel. Limit = 10.
           { # A candidate to consider for a given panel. Currently only ServingConfig are valid candidates.
-            "servingConfigId": "A String", # This has to be a valid ServingConfig identifier. e.g. for a ServingConfig with full name: `projects/*/locations/global/catalogs/default_catalog/servingConfigs/my_candidate_config` this would be 'my_candidate_config'
+            "servingConfigId": "A String", # This has to be a valid ServingConfig identifier. For example, for a ServingConfig with full name: `projects/*/locations/global/catalogs/default_catalog/servingConfigs/my_candidate_config`, this would be `my_candidate_config`.
           },
         ],
-        "defaultCandidate": { # A candidate to consider for a given panel. Currently only ServingConfig are valid candidates. # Required. The default candidate (in case the model fails at serving time, we can fall back to the default).
-          "servingConfigId": "A String", # This has to be a valid ServingConfig identifier. e.g. for a ServingConfig with full name: `projects/*/locations/global/catalogs/default_catalog/servingConfigs/my_candidate_config` this would be 'my_candidate_config'
+        "defaultCandidate": { # A candidate to consider for a given panel. Currently only ServingConfig are valid candidates. # Required. The default candidate. If the model fails at serving time, we fall back to the default.
+          "servingConfigId": "A String", # This has to be a valid ServingConfig identifier. For example, for a ServingConfig with full name: `projects/*/locations/global/catalogs/default_catalog/servingConfigs/my_candidate_config`, this would be `my_candidate_config`.
         },
         "displayName": "A String", # Optional. The name to display for the panel.
       },
     ],
     "restriction": "A String", # Optional. How to restrict results across panels e.g. can the same ServingConfig be shown on multiple panels at once. If unspecified, default to `UNIQUE_MODEL_RESTRICTION`.
   },
-  "periodicTuningState": "A String", # Optional. The state of periodic tuning. The period we use is 3 months - to do a one-off tune earlier use the TuneModel method. Default value is PERIODIC_TUNING_ENABLED.
+  "periodicTuningState": "A String", # Optional. The state of periodic tuning. The period we use is 3 months - to do a one-off tune earlier use the `TuneModel` method. Default value is `PERIODIC_TUNING_ENABLED`.
   "servingConfigLists": [ # Output only. The list of valid serving configs associated with the PageOptimizationConfig.
-    { # Represents an ordered combination of valid serving configs, which / may be used for PAGE_OPTIMIZATION recommendations.
-      "servingConfigIds": [ # Optional. A set of valid serving configs that may be used for PAGE_OPTIMIZATION.
+    { # Represents an ordered combination of valid serving configs, which can be used for `PAGE_OPTIMIZATION` recommendations.
+      "servingConfigIds": [ # Optional. A set of valid serving configs that may be used for `PAGE_OPTIMIZATION`.
         "A String",
       ],
     },
   ],
-  "servingState": "A String", # Output only. The serving state of the model: ACTIVE, NOT_ACTIVE.
-  "trainingState": "A String", # Optional. The training state that the model is in (e.g. TRAINING or PAUSED). Since part of the cost of running the service is frequency of training - this can be used to determine when to train model in order to control cost. If not specified: the default value for CreateModel method is TRAINING. the default value for UpdateModel method is to keep the state the same as before.
+  "servingState": "A String", # Output only. The serving state of the model: `ACTIVE`, `NOT_ACTIVE`.
+  "trainingState": "A String", # Optional. The training state that the model is in (e.g. `TRAINING` or `PAUSED`). Since part of the cost of running the service is frequency of training - this can be used to determine when to train model in order to control cost. If not specified: the default value for `CreateModel` method is `TRAINING`. The default value for `UpdateModel` method is to keep the state the same as before.
   "tuningOperation": "A String", # Output only. The tune operation associated with the model. Can be used to determine if there is an ongoing tune for this recommendation. Empty field implies no tune is goig on.
-  "type": "A String", # Required. The type of model e.g. `home-page`. Currently supported values: `recommended-for-you`, `others-you-may-like`, `frequently-bought-together`, `page-optimization`, 'similar-items', 'buy-it-again', `recently-viewed`(readonly value).
+  "type": "A String", # Required. The type of model e.g. `home-page`. Currently supported values: `recommended-for-you`, `others-you-may-like`, `frequently-bought-together`, `page-optimization`, `similar-items`, `buy-it-again`, and `recently-viewed`(readonly value).
   "updateTime": "A String", # Output only. Timestamp the Recommendation Model was last updated. E.g. if a Recommendation Model was paused - this would be the time the pause was initiated.
 }
 
-  updateMask: string, Optional. Indicates which fields in the provided 'model' to update. If not set, will by default update all fields.
+  updateMask: string, Optional. Indicates which fields in the provided 'model' to update. If not set, by default updates all fields.
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -338,13 +338,13 @@ 
Method Details

 Returns:
   An object of the form:
 
-    { # Metadata that describes the training and serving parameters of a Model. A Model can be associated with a ServingConfig and then queried through the Predict api.
+    { # Metadata that describes the training and serving parameters of a Model. A Model can be associated with a ServingConfig and then queried through the Predict API.
   "createTime": "A String", # Output only. Timestamp the Recommendation Model was created at.
-  "dataState": "A String", # Output only. The state of data requirements for this model: DATA_OK and DATA_ERROR. Recommendation model cannot be trained if the data is in DATA_ERROR state. Recommendation model can have DATA_ERROR state even if serving state is ACTIVE: models were trained successfully before, but cannot be refreshed because model no longer has sufficient data for training.
-  "displayName": "A String", # Required. The display name of the model. Should be human readable, used to display Recommendation Models in the Retail Cloud Cosole Dashboard. UTF-8 encoded string with limit of 1024 characters.
-  "filteringOption": "A String", # Optional. If RECOMMENDATIONS_FILTERING_ENABLED, recommendation filtering by attributes is enabled for the model.
+  "dataState": "A String", # Output only. The state of data requirements for this model: `DATA_OK` and `DATA_ERROR`. Recommendation model cannot be trained if the data is in `DATA_ERROR` state. Recommendation model can have `DATA_ERROR` state even if serving state is `ACTIVE`: models were trained successfully before, but cannot be refreshed because model no longer has sufficient data for training.
+  "displayName": "A String", # Required. The display name of the model. Should be human readable, used to display Recommendation Models in the Retail Cloud Console Dashboard. UTF-8 encoded string with limit of 1024 characters.
+  "filteringOption": "A String", # Optional. If `RECOMMENDATIONS_FILTERING_ENABLED`, recommendation filtering by attributes is enabled for the model.
   "lastTuneTime": "A String", # Output only. The timestamp when the latest successful tune finished.
-  "name": "A String", # Required. The fully qualified resource name of the model. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id} catalog_id has char limit of 50. recommendation_model_id has char limit of 40.
+  "name": "A String", # Required. The fully qualified resource name of the model. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` catalog_id has char limit of 50. recommendation_model_id has char limit of 40.
   "optimizationObjective": "A String", # Optional. The optimization objective e.g. `cvr`. Currently supported values: `ctr`, `cvr`, `revenue-per-order`. If not specified, we choose default based on model type. Default depends on type of recommendation: `recommended-for-you` => `ctr` `others-you-may-like` => `ctr` `frequently-bought-together` => `revenue_per_order`
   "pageOptimizationConfig": { # The PageOptimizationConfig for model training. This determines how many panels to optimize for, and which serving configurations to consider for each panel. The purpose of this model is to optimize which ServingConfig to show on which panels in way that optimizes the visitors shopping journey. # Optional. The page optimization config.
     "pageOptimizationEventType": "A String", # Required. The type of UserEvent this page optimization is shown for. Each page has an associated event type - this will be the corresponding event type for the page that the page optimization model is used on. Supported types: * `add-to-cart`: Products being added to cart. * `detail-page-view`: Products detail page viewed. * `home-page-view`: Homepage viewed * `category-page-view`: Homepage viewed * `shopping-cart-page-view`: User viewing a shopping cart. `home-page-view` only allows models with type `recommended-for-you`. All other page_optimization_event_type allow all Model.types.
@@ -352,29 +352,29 @@ 
Method Details

       { # An individual panel with a list of ServingConfigs to consider for it.
         "candidates": [ # Required. The candidates to consider on the panel. Limit = 10.
           { # A candidate to consider for a given panel. Currently only ServingConfig are valid candidates.
-            "servingConfigId": "A String", # This has to be a valid ServingConfig identifier. e.g. for a ServingConfig with full name: `projects/*/locations/global/catalogs/default_catalog/servingConfigs/my_candidate_config` this would be 'my_candidate_config'
+            "servingConfigId": "A String", # This has to be a valid ServingConfig identifier. For example, for a ServingConfig with full name: `projects/*/locations/global/catalogs/default_catalog/servingConfigs/my_candidate_config`, this would be `my_candidate_config`.
           },
         ],
-        "defaultCandidate": { # A candidate to consider for a given panel. Currently only ServingConfig are valid candidates. # Required. The default candidate (in case the model fails at serving time, we can fall back to the default).
-          "servingConfigId": "A String", # This has to be a valid ServingConfig identifier. e.g. for a ServingConfig with full name: `projects/*/locations/global/catalogs/default_catalog/servingConfigs/my_candidate_config` this would be 'my_candidate_config'
+        "defaultCandidate": { # A candidate to consider for a given panel. Currently only ServingConfig are valid candidates. # Required. The default candidate. If the model fails at serving time, we fall back to the default.
+          "servingConfigId": "A String", # This has to be a valid ServingConfig identifier. For example, for a ServingConfig with full name: `projects/*/locations/global/catalogs/default_catalog/servingConfigs/my_candidate_config`, this would be `my_candidate_config`.
         },
         "displayName": "A String", # Optional. The name to display for the panel.
       },
     ],
     "restriction": "A String", # Optional. How to restrict results across panels e.g. can the same ServingConfig be shown on multiple panels at once. If unspecified, default to `UNIQUE_MODEL_RESTRICTION`.
   },
-  "periodicTuningState": "A String", # Optional. The state of periodic tuning. The period we use is 3 months - to do a one-off tune earlier use the TuneModel method. Default value is PERIODIC_TUNING_ENABLED.
+  "periodicTuningState": "A String", # Optional. The state of periodic tuning. The period we use is 3 months - to do a one-off tune earlier use the `TuneModel` method. Default value is `PERIODIC_TUNING_ENABLED`.
   "servingConfigLists": [ # Output only. The list of valid serving configs associated with the PageOptimizationConfig.
-    { # Represents an ordered combination of valid serving configs, which / may be used for PAGE_OPTIMIZATION recommendations.
-      "servingConfigIds": [ # Optional. A set of valid serving configs that may be used for PAGE_OPTIMIZATION.
+    { # Represents an ordered combination of valid serving configs, which can be used for `PAGE_OPTIMIZATION` recommendations.
+      "servingConfigIds": [ # Optional. A set of valid serving configs that may be used for `PAGE_OPTIMIZATION`.
         "A String",
       ],
     },
   ],
-  "servingState": "A String", # Output only. The serving state of the model: ACTIVE, NOT_ACTIVE.
-  "trainingState": "A String", # Optional. The training state that the model is in (e.g. TRAINING or PAUSED). Since part of the cost of running the service is frequency of training - this can be used to determine when to train model in order to control cost. If not specified: the default value for CreateModel method is TRAINING. the default value for UpdateModel method is to keep the state the same as before.
+  "servingState": "A String", # Output only. The serving state of the model: `ACTIVE`, `NOT_ACTIVE`.
+  "trainingState": "A String", # Optional. The training state that the model is in (e.g. `TRAINING` or `PAUSED`). Since part of the cost of running the service is frequency of training - this can be used to determine when to train model in order to control cost. If not specified: the default value for `CreateModel` method is `TRAINING`. The default value for `UpdateModel` method is to keep the state the same as before.
   "tuningOperation": "A String", # Output only. The tune operation associated with the model. Can be used to determine if there is an ongoing tune for this recommendation. Empty field implies no tune is goig on.
-  "type": "A String", # Required. The type of model e.g. `home-page`. Currently supported values: `recommended-for-you`, `others-you-may-like`, `frequently-bought-together`, `page-optimization`, 'similar-items', 'buy-it-again', `recently-viewed`(readonly value).
+  "type": "A String", # Required. The type of model e.g. `home-page`. Currently supported values: `recommended-for-you`, `others-you-may-like`, `frequently-bought-together`, `page-optimization`, `similar-items`, `buy-it-again`, and `recently-viewed`(readonly value).
   "updateTime": "A String", # Output only. Timestamp the Recommendation Model was last updated. E.g. if a Recommendation Model was paused - this would be the time the pause was initiated.
 }

 

@@ -384,7 +384,7 @@ 
Method Details

   
Pauses the training of an existing model.
 
 Args:
-  name: string, Required. The name of the model to pause. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id} (required)
+  name: string, Required. The name of the model to pause. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` (required)
   body: object, The request body.
     The object takes the form of:
 
@@ -399,13 +399,13 @@ 
Method Details

 Returns:
   An object of the form:
 
-    { # Metadata that describes the training and serving parameters of a Model. A Model can be associated with a ServingConfig and then queried through the Predict api.
+    { # Metadata that describes the training and serving parameters of a Model. A Model can be associated with a ServingConfig and then queried through the Predict API.
   "createTime": "A String", # Output only. Timestamp the Recommendation Model was created at.
-  "dataState": "A String", # Output only. The state of data requirements for this model: DATA_OK and DATA_ERROR. Recommendation model cannot be trained if the data is in DATA_ERROR state. Recommendation model can have DATA_ERROR state even if serving state is ACTIVE: models were trained successfully before, but cannot be refreshed because model no longer has sufficient data for training.
-  "displayName": "A String", # Required. The display name of the model. Should be human readable, used to display Recommendation Models in the Retail Cloud Cosole Dashboard. UTF-8 encoded string with limit of 1024 characters.
-  "filteringOption": "A String", # Optional. If RECOMMENDATIONS_FILTERING_ENABLED, recommendation filtering by attributes is enabled for the model.
+  "dataState": "A String", # Output only. The state of data requirements for this model: `DATA_OK` and `DATA_ERROR`. Recommendation model cannot be trained if the data is in `DATA_ERROR` state. Recommendation model can have `DATA_ERROR` state even if serving state is `ACTIVE`: models were trained successfully before, but cannot be refreshed because model no longer has sufficient data for training.
+  "displayName": "A String", # Required. The display name of the model. Should be human readable, used to display Recommendation Models in the Retail Cloud Console Dashboard. UTF-8 encoded string with limit of 1024 characters.
+  "filteringOption": "A String", # Optional. If `RECOMMENDATIONS_FILTERING_ENABLED`, recommendation filtering by attributes is enabled for the model.
   "lastTuneTime": "A String", # Output only. The timestamp when the latest successful tune finished.
-  "name": "A String", # Required. The fully qualified resource name of the model. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id} catalog_id has char limit of 50. recommendation_model_id has char limit of 40.
+  "name": "A String", # Required. The fully qualified resource name of the model. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` catalog_id has char limit of 50. recommendation_model_id has char limit of 40.
   "optimizationObjective": "A String", # Optional. The optimization objective e.g. `cvr`. Currently supported values: `ctr`, `cvr`, `revenue-per-order`. If not specified, we choose default based on model type. Default depends on type of recommendation: `recommended-for-you` => `ctr` `others-you-may-like` => `ctr` `frequently-bought-together` => `revenue_per_order`
   "pageOptimizationConfig": { # The PageOptimizationConfig for model training. This determines how many panels to optimize for, and which serving configurations to consider for each panel. The purpose of this model is to optimize which ServingConfig to show on which panels in way that optimizes the visitors shopping journey. # Optional. The page optimization config.
     "pageOptimizationEventType": "A String", # Required. The type of UserEvent this page optimization is shown for. Each page has an associated event type - this will be the corresponding event type for the page that the page optimization model is used on. Supported types: * `add-to-cart`: Products being added to cart. * `detail-page-view`: Products detail page viewed. * `home-page-view`: Homepage viewed * `category-page-view`: Homepage viewed * `shopping-cart-page-view`: User viewing a shopping cart. `home-page-view` only allows models with type `recommended-for-you`. All other page_optimization_event_type allow all Model.types.
@@ -413,29 +413,29 @@ 
Method Details

       { # An individual panel with a list of ServingConfigs to consider for it.
         "candidates": [ # Required. The candidates to consider on the panel. Limit = 10.
           { # A candidate to consider for a given panel. Currently only ServingConfig are valid candidates.
-            "servingConfigId": "A String", # This has to be a valid ServingConfig identifier. e.g. for a ServingConfig with full name: `projects/*/locations/global/catalogs/default_catalog/servingConfigs/my_candidate_config` this would be 'my_candidate_config'
+            "servingConfigId": "A String", # This has to be a valid ServingConfig identifier. For example, for a ServingConfig with full name: `projects/*/locations/global/catalogs/default_catalog/servingConfigs/my_candidate_config`, this would be `my_candidate_config`.
           },
         ],
-        "defaultCandidate": { # A candidate to consider for a given panel. Currently only ServingConfig are valid candidates. # Required. The default candidate (in case the model fails at serving time, we can fall back to the default).
-          "servingConfigId": "A String", # This has to be a valid ServingConfig identifier. e.g. for a ServingConfig with full name: `projects/*/locations/global/catalogs/default_catalog/servingConfigs/my_candidate_config` this would be 'my_candidate_config'
+        "defaultCandidate": { # A candidate to consider for a given panel. Currently only ServingConfig are valid candidates. # Required. The default candidate. If the model fails at serving time, we fall back to the default.
+          "servingConfigId": "A String", # This has to be a valid ServingConfig identifier. For example, for a ServingConfig with full name: `projects/*/locations/global/catalogs/default_catalog/servingConfigs/my_candidate_config`, this would be `my_candidate_config`.
         },
         "displayName": "A String", # Optional. The name to display for the panel.
       },
     ],
     "restriction": "A String", # Optional. How to restrict results across panels e.g. can the same ServingConfig be shown on multiple panels at once. If unspecified, default to `UNIQUE_MODEL_RESTRICTION`.
   },
-  "periodicTuningState": "A String", # Optional. The state of periodic tuning. The period we use is 3 months - to do a one-off tune earlier use the TuneModel method. Default value is PERIODIC_TUNING_ENABLED.
+  "periodicTuningState": "A String", # Optional. The state of periodic tuning. The period we use is 3 months - to do a one-off tune earlier use the `TuneModel` method. Default value is `PERIODIC_TUNING_ENABLED`.
   "servingConfigLists": [ # Output only. The list of valid serving configs associated with the PageOptimizationConfig.
-    { # Represents an ordered combination of valid serving configs, which / may be used for PAGE_OPTIMIZATION recommendations.
-      "servingConfigIds": [ # Optional. A set of valid serving configs that may be used for PAGE_OPTIMIZATION.
+    { # Represents an ordered combination of valid serving configs, which can be used for `PAGE_OPTIMIZATION` recommendations.
+      "servingConfigIds": [ # Optional. A set of valid serving configs that may be used for `PAGE_OPTIMIZATION`.
         "A String",
       ],
     },
   ],
-  "servingState": "A String", # Output only. The serving state of the model: ACTIVE, NOT_ACTIVE.
-  "trainingState": "A String", # Optional. The training state that the model is in (e.g. TRAINING or PAUSED). Since part of the cost of running the service is frequency of training - this can be used to determine when to train model in order to control cost. If not specified: the default value for CreateModel method is TRAINING. the default value for UpdateModel method is to keep the state the same as before.
+  "servingState": "A String", # Output only. The serving state of the model: `ACTIVE`, `NOT_ACTIVE`.
+  "trainingState": "A String", # Optional. The training state that the model is in (e.g. `TRAINING` or `PAUSED`). Since part of the cost of running the service is frequency of training - this can be used to determine when to train model in order to control cost. If not specified: the default value for `CreateModel` method is `TRAINING`. The default value for `UpdateModel` method is to keep the state the same as before.
   "tuningOperation": "A String", # Output only. The tune operation associated with the model. Can be used to determine if there is an ongoing tune for this recommendation. Empty field implies no tune is goig on.
-  "type": "A String", # Required. The type of model e.g. `home-page`. Currently supported values: `recommended-for-you`, `others-you-may-like`, `frequently-bought-together`, `page-optimization`, 'similar-items', 'buy-it-again', `recently-viewed`(readonly value).
+  "type": "A String", # Required. The type of model e.g. `home-page`. Currently supported values: `recommended-for-you`, `others-you-may-like`, `frequently-bought-together`, `page-optimization`, `similar-items`, `buy-it-again`, and `recently-viewed`(readonly value).
   "updateTime": "A String", # Output only. Timestamp the Recommendation Model was last updated. E.g. if a Recommendation Model was paused - this would be the time the pause was initiated.
 }

 

@@ -445,7 +445,7 @@ 
Method Details

   
Resumes the training of an existing model.
 
 Args:
-  name: string, Required. The name of the model to resume. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id} (required)
+  name: string, Required. The name of the model to resume. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` (required)
   body: object, The request body.
     The object takes the form of:
 
@@ -460,13 +460,13 @@ 
Method Details

 Returns:
   An object of the form:
 
-    { # Metadata that describes the training and serving parameters of a Model. A Model can be associated with a ServingConfig and then queried through the Predict api.
+    { # Metadata that describes the training and serving parameters of a Model. A Model can be associated with a ServingConfig and then queried through the Predict API.
   "createTime": "A String", # Output only. Timestamp the Recommendation Model was created at.
-  "dataState": "A String", # Output only. The state of data requirements for this model: DATA_OK and DATA_ERROR. Recommendation model cannot be trained if the data is in DATA_ERROR state. Recommendation model can have DATA_ERROR state even if serving state is ACTIVE: models were trained successfully before, but cannot be refreshed because model no longer has sufficient data for training.
-  "displayName": "A String", # Required. The display name of the model. Should be human readable, used to display Recommendation Models in the Retail Cloud Cosole Dashboard. UTF-8 encoded string with limit of 1024 characters.
-  "filteringOption": "A String", # Optional. If RECOMMENDATIONS_FILTERING_ENABLED, recommendation filtering by attributes is enabled for the model.
+  "dataState": "A String", # Output only. The state of data requirements for this model: `DATA_OK` and `DATA_ERROR`. Recommendation model cannot be trained if the data is in `DATA_ERROR` state. Recommendation model can have `DATA_ERROR` state even if serving state is `ACTIVE`: models were trained successfully before, but cannot be refreshed because model no longer has sufficient data for training.
+  "displayName": "A String", # Required. The display name of the model. Should be human readable, used to display Recommendation Models in the Retail Cloud Console Dashboard. UTF-8 encoded string with limit of 1024 characters.
+  "filteringOption": "A String", # Optional. If `RECOMMENDATIONS_FILTERING_ENABLED`, recommendation filtering by attributes is enabled for the model.
   "lastTuneTime": "A String", # Output only. The timestamp when the latest successful tune finished.
-  "name": "A String", # Required. The fully qualified resource name of the model. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id} catalog_id has char limit of 50. recommendation_model_id has char limit of 40.
+  "name": "A String", # Required. The fully qualified resource name of the model. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` catalog_id has char limit of 50. recommendation_model_id has char limit of 40.
   "optimizationObjective": "A String", # Optional. The optimization objective e.g. `cvr`. Currently supported values: `ctr`, `cvr`, `revenue-per-order`. If not specified, we choose default based on model type. Default depends on type of recommendation: `recommended-for-you` => `ctr` `others-you-may-like` => `ctr` `frequently-bought-together` => `revenue_per_order`
   "pageOptimizationConfig": { # The PageOptimizationConfig for model training. This determines how many panels to optimize for, and which serving configurations to consider for each panel. The purpose of this model is to optimize which ServingConfig to show on which panels in way that optimizes the visitors shopping journey. # Optional. The page optimization config.
     "pageOptimizationEventType": "A String", # Required. The type of UserEvent this page optimization is shown for. Each page has an associated event type - this will be the corresponding event type for the page that the page optimization model is used on. Supported types: * `add-to-cart`: Products being added to cart. * `detail-page-view`: Products detail page viewed. * `home-page-view`: Homepage viewed * `category-page-view`: Homepage viewed * `shopping-cart-page-view`: User viewing a shopping cart. `home-page-view` only allows models with type `recommended-for-you`. All other page_optimization_event_type allow all Model.types.
@@ -474,29 +474,29 @@ 
Method Details

       { # An individual panel with a list of ServingConfigs to consider for it.
         "candidates": [ # Required. The candidates to consider on the panel. Limit = 10.
           { # A candidate to consider for a given panel. Currently only ServingConfig are valid candidates.
-            "servingConfigId": "A String", # This has to be a valid ServingConfig identifier. e.g. for a ServingConfig with full name: `projects/*/locations/global/catalogs/default_catalog/servingConfigs/my_candidate_config` this would be 'my_candidate_config'
+            "servingConfigId": "A String", # This has to be a valid ServingConfig identifier. For example, for a ServingConfig with full name: `projects/*/locations/global/catalogs/default_catalog/servingConfigs/my_candidate_config`, this would be `my_candidate_config`.
           },
         ],
-        "defaultCandidate": { # A candidate to consider for a given panel. Currently only ServingConfig are valid candidates. # Required. The default candidate (in case the model fails at serving time, we can fall back to the default).
-          "servingConfigId": "A String", # This has to be a valid ServingConfig identifier. e.g. for a ServingConfig with full name: `projects/*/locations/global/catalogs/default_catalog/servingConfigs/my_candidate_config` this would be 'my_candidate_config'
+        "defaultCandidate": { # A candidate to consider for a given panel. Currently only ServingConfig are valid candidates. # Required. The default candidate. If the model fails at serving time, we fall back to the default.
+          "servingConfigId": "A String", # This has to be a valid ServingConfig identifier. For example, for a ServingConfig with full name: `projects/*/locations/global/catalogs/default_catalog/servingConfigs/my_candidate_config`, this would be `my_candidate_config`.
         },
         "displayName": "A String", # Optional. The name to display for the panel.
       },
     ],
     "restriction": "A String", # Optional. How to restrict results across panels e.g. can the same ServingConfig be shown on multiple panels at once. If unspecified, default to `UNIQUE_MODEL_RESTRICTION`.
   },
-  "periodicTuningState": "A String", # Optional. The state of periodic tuning. The period we use is 3 months - to do a one-off tune earlier use the TuneModel method. Default value is PERIODIC_TUNING_ENABLED.
+  "periodicTuningState": "A String", # Optional. The state of periodic tuning. The period we use is 3 months - to do a one-off tune earlier use the `TuneModel` method. Default value is `PERIODIC_TUNING_ENABLED`.
   "servingConfigLists": [ # Output only. The list of valid serving configs associated with the PageOptimizationConfig.
-    { # Represents an ordered combination of valid serving configs, which / may be used for PAGE_OPTIMIZATION recommendations.
-      "servingConfigIds": [ # Optional. A set of valid serving configs that may be used for PAGE_OPTIMIZATION.
+    { # Represents an ordered combination of valid serving configs, which can be used for `PAGE_OPTIMIZATION` recommendations.
+      "servingConfigIds": [ # Optional. A set of valid serving configs that may be used for `PAGE_OPTIMIZATION`.
         "A String",
       ],
     },
   ],
-  "servingState": "A String", # Output only. The serving state of the model: ACTIVE, NOT_ACTIVE.
-  "trainingState": "A String", # Optional. The training state that the model is in (e.g. TRAINING or PAUSED). Since part of the cost of running the service is frequency of training - this can be used to determine when to train model in order to control cost. If not specified: the default value for CreateModel method is TRAINING. the default value for UpdateModel method is to keep the state the same as before.
+  "servingState": "A String", # Output only. The serving state of the model: `ACTIVE`, `NOT_ACTIVE`.
+  "trainingState": "A String", # Optional. The training state that the model is in (e.g. `TRAINING` or `PAUSED`). Since part of the cost of running the service is frequency of training - this can be used to determine when to train model in order to control cost. If not specified: the default value for `CreateModel` method is `TRAINING`. The default value for `UpdateModel` method is to keep the state the same as before.
   "tuningOperation": "A String", # Output only. The tune operation associated with the model. Can be used to determine if there is an ongoing tune for this recommendation. Empty field implies no tune is goig on.
-  "type": "A String", # Required. The type of model e.g. `home-page`. Currently supported values: `recommended-for-you`, `others-you-may-like`, `frequently-bought-together`, `page-optimization`, 'similar-items', 'buy-it-again', `recently-viewed`(readonly value).
+  "type": "A String", # Required. The type of model e.g. `home-page`. Currently supported values: `recommended-for-you`, `others-you-may-like`, `frequently-bought-together`, `page-optimization`, `similar-items`, `buy-it-again`, and `recently-viewed`(readonly value).
   "updateTime": "A String", # Output only. Timestamp the Recommendation Model was last updated. E.g. if a Recommendation Model was paused - this would be the time the pause was initiated.
 }

 

@@ -506,7 +506,7 @@ 
Method Details

   
Tunes an existing model.
 
 Args:
-  name: string, Required. The resource name of the model to tune. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id} (required)
+  name: string, Required. The resource name of the model to tune. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` (required)
   body: object, The request body.
     The object takes the form of:
 
diff --git a/docs/dyn/retail_v2alpha.projects.locations.catalogs.placements.html b/docs/dyn/retail_v2alpha.projects.locations.catalogs.placements.html
index d2545d5b716..12ea4dd1d3c 100644
--- a/docs/dyn/retail_v2alpha.projects.locations.catalogs.placements.html
+++ b/docs/dyn/retail_v2alpha.projects.locations.catalogs.placements.html
@@ -82,7 +82,7 @@ 
Instance Methods

 
Makes a recommendation prediction.

 

   search(placement, body=None, x__xgafv=None)

-
Performs a search. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.

+
Performs a search. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.

 

   search_next()

 
Retrieves the next page of results.

@@ -139,7 +139,7 @@ 
Method Details

     "filter": "A String", # The filter syntax consists of an expression language for constructing a predicate from one or more fields of the products being filtered. See SearchRequest.filter for definition and syntax. The value must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned.
     "offset": 42, # An integer that specifies the current offset for pagination (the 0-indexed starting location, amongst the products deemed by the API as relevant). See SearchRequest.offset for definition. If this field is negative, an INVALID_ARGUMENT is returned. This can only be set for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
     "orderBy": "A String", # The order in which products are returned. See SearchRequest.order_by for definition and syntax. The value must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. This can only be set for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
-    "pageCategories": [ # The categories associated with a category page. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"]. Required for `category-page-view` events. At least one of search_query or page_categories is required for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
+    "pageCategories": [ # The categories associated with a category page. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"]. Required for `category-page-view` events. At least one of search_query or page_categories is required for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
       "A String",
     ],
     "pageViewId": "A String", # A unique ID of a web page view. This should be kept the same for all user events triggered from the same pageview. For example, an item detail page view could trigger multiple events as the user is browsing the page. The `pageViewId` property should be kept the same for all these events so that they can be grouped together properly. When using the client side event reporting with JavaScript pixel and Google Tag Manager, this value is filled in automatically.
@@ -172,7 +172,7 @@ 
Method Details

           "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
             "A String",
           ],
-          "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+          "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
             "A String",
           ],
           "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -209,6 +209,48 @@ 
Method Details

             },
           ],
           "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+          "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+            { # The inventory information at a place (e.g. a store) identified by a place ID.
+              "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+                "a_key": { # A custom attribute that is not explicitly modeled in Product.
+                  "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+                  "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                    3.14,
+                  ],
+                  "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+                  "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                    "A String",
+                  ],
+                },
+              },
+              "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+                "A String",
+              ],
+              "placeId": "A String", # The place ID for the current set of inventory information.
+              "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+                "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+                "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+                "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+                "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+                "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+                "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+                "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+                  "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+                    "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                    "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                    "maximum": 3.14, # Inclusive upper bound.
+                    "minimum": 3.14, # Inclusive lower bound.
+                  },
+                  "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+                    "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                    "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                    "maximum": 3.14, # Inclusive upper bound.
+                    "minimum": 3.14, # Inclusive lower bound.
+                  },
+                },
+              },
+            },
+          ],
           "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
             "A String",
           ],
@@ -319,7 +361,7 @@ 
Method Details

 
 

     search(placement, body=None, x__xgafv=None)
-  
Performs a search. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.
+  
Performs a search. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.
 
 Args:
   placement: string, Required. The resource name of the Retail Search serving config, such as `projects/*/locations/global/catalogs/default_catalog/servingConfigs/default_serving_config` or the name of the legacy placement resource, such as `projects/*/locations/global/catalogs/default_catalog/placements/default_search`. This field is used to identify the serving configuration name and the set of models that will be used to make the search. (required)
@@ -380,12 +422,12 @@ 
Method Details

   },
   "offset": 42, # A 0-indexed integer that specifies the current offset (that is, starting result location, amongst the Products deemed by the API as relevant) in search results. This field is only considered if page_token is unset. If this field is negative, an INVALID_ARGUMENT is returned.
   "orderBy": "A String", # The order in which products are returned. Products can be ordered by a field in an Product object. Leave it unset if ordered by relevance. OrderBy expression is case-sensitive. See more details at this [user guide](https://cloud.google.com/retail/docs/filter-and-order#order). If this field is unrecognizable, an INVALID_ARGUMENT is returned.
-  "pageCategories": [ # The categories associated with a category page. Required for category navigation queries to achieve good search quality. The format should be the same as UserEvent.page_categories; To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"].
+  "pageCategories": [ # The categories associated with a category page. Required for category navigation queries to achieve good search quality. The format should be the same as UserEvent.page_categories; To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"].
     "A String",
   ],
   "pageSize": 42, # Maximum number of Products to return. If unspecified, defaults to a reasonable value. The maximum allowed value is 120. Values above 120 will be coerced to 120. If this field is negative, an INVALID_ARGUMENT is returned.
   "pageToken": "A String", # A page token SearchResponse.next_page_token, received from a previous SearchService.Search call. Provide this to retrieve the subsequent page. When paginating, all other parameters provided to SearchService.Search must match the call that provided the page token. Otherwise, an INVALID_ARGUMENT error is returned.
-  "personalizationSpec": { # The specification for personalization. # The specification for personalization.
+  "personalizationSpec": { # The specification for personalization. # The specification for personalization. Notice that if both ServingConfig.personalization_spec and SearchRequest.personalization_spec are set. SearchRequest.personalization_spec will override ServingConfig.personalization_spec.
     "mode": "A String", # Defaults to Mode.AUTO.
   },
   "query": "A String", # Raw search query. If this field is empty, the request is considered a category browsing request and returned results are based on filter and page_categories.
@@ -493,7 +535,7 @@ 
Method Details

         "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
           "A String",
         ],
-        "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+        "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
           "A String",
         ],
         "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -530,6 +572,48 @@ 
Method Details

           },
         ],
         "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+        "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+          { # The inventory information at a place (e.g. a store) identified by a place ID.
+            "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+              "a_key": { # A custom attribute that is not explicitly modeled in Product.
+                "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+                "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                  3.14,
+                ],
+                "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+                "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                  "A String",
+                ],
+              },
+            },
+            "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+              "A String",
+            ],
+            "placeId": "A String", # The place ID for the current set of inventory information.
+            "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+              "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+              "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+              "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+              "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+              "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+              "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+              "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+                "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+                  "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                  "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                  "maximum": 3.14, # Inclusive upper bound.
+                  "minimum": 3.14, # Inclusive lower bound.
+                },
+                "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+                  "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                  "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                  "maximum": 3.14, # Inclusive upper bound.
+                  "minimum": 3.14, # Inclusive lower bound.
+                },
+              },
+            },
+          },
+        ],
         "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
           "A String",
         ],
diff --git a/docs/dyn/retail_v2alpha.projects.locations.catalogs.servingConfigs.html b/docs/dyn/retail_v2alpha.projects.locations.catalogs.servingConfigs.html
index e90b9d8e569..b640790ab7f 100644
--- a/docs/dyn/retail_v2alpha.projects.locations.catalogs.servingConfigs.html
+++ b/docs/dyn/retail_v2alpha.projects.locations.catalogs.servingConfigs.html
@@ -106,7 +106,7 @@ 
Instance Methods

 
Disables a Control on the specified ServingConfig. The control is removed from the ServingConfig. Returns a NOT_FOUND error if the Control is not enabled for the ServingConfig.

 

   search(placement, body=None, x__xgafv=None)

-
Performs a search. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.

+
Performs a search. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.

 

   search_next()

 
Retrieves the next page of results.

@@ -116,7 +116,7 @@ 
Method Details

   
Enables a Control on the specified ServingConfig. The control is added in the last position of the list of controls it belongs to (e.g. if it's a facet spec control it will be applied in the last position of servingConfig.facetSpecIds) Returns a ALREADY_EXISTS error if the control has already been applied. Returns a FAILED_PRECONDITION error if the addition could exceed maximum number of control allowed for that type of control.
 
 Args:
-  servingConfig: string, Required. The source ServingConfig resource name . Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/servingConfigs/{serving_config_id} (required)
+  servingConfig: string, Required. The source ServingConfig resource name . Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/servingConfigs/{serving_config_id}` (required)
   body: object, The request body.
     The object takes the form of:
 
@@ -132,19 +132,20 @@ 
Method Details

 Returns:
   An object of the form:
 
-    { # Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions). The ServingConfig is passed in the search and predict request and together with the Catalog.default_branch, generates results.
+    { # Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions).
   "boostControlIds": [ # Condition boost specifications. If a product matches multiple conditions in the specifications, boost scores from these specifications are all applied and combined in a non-linear way. Maximum number of specifications is 100. Notice that if both ServingConfig.boost_control_ids and SearchRequest.boost_spec are set, the boost conditions from both places are evaluated. If a search request matches multiple boost conditions, the final boost score is equal to the sum of the boost scores from all matched boost conditions. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
   "displayName": "A String", # Required. The human readable serving config display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is returned.
-  "diversityLevel": "A String", # How much diversity to use in recommendation model results e.g. 'medium-diversity' or 'high-diversity'. Currently supported values: * 'no-diversity' * 'low-diversity' * 'medium-diversity' * 'high-diversity' * 'auto-diversity' If not specified, we choose default based on recommendation model type. Default value: 'no-diversity'. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "diversityLevel": "A String", # How much diversity to use in recommendation model results e.g. `medium-diversity` or `high-diversity`. Currently supported values: * `no-diversity` * `low-diversity` * `medium-diversity` * `high-diversity` * `auto-diversity` If not specified, we choose default based on recommendation model type. Default value: `no-diversity`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "diversityType": "A String", # What kind of diversity to use - data driven or rule based.
   "doNotAssociateControlIds": [ # Condition do not associate specifications. If multiple do not associate conditions match, all matching do not associate controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
   "dynamicFacetSpec": { # The specifications of dynamically generated facets. # The specification for dynamically generated facets. Notice that only textual facets can be dynamically generated. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "mode": "A String", # Mode of the DynamicFacet feature. Defaults to Mode.DISABLED if it's unset.
   },
-  "enableCategoryFilterLevel": "A String", # Whether to add additional category filters on the 'similar-items' model. If not specified, we enable it by default. Allowed values are: * 'no-category-match': No additional filtering of original results from the model and the customer's filters. * 'relaxed-category-match': Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "enableCategoryFilterLevel": "A String", # Whether to add additional category filters on the `similar-items` model. If not specified, we enable it by default. Allowed values are: * `no-category-match`: No additional filtering of original results from the model and the customer's filters. * `relaxed-category-match`: Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
   "facetControlIds": [ # Facet specifications for faceted search. If empty, no facets are returned. The ids refer to the ids of Control resources with only the Facet control set. These controls are assumed to be in the same Catalog as the ServingConfig. A maximum of 100 values are allowed. Otherwise, an INVALID_ARGUMENT error is returned. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
@@ -154,12 +155,15 @@ 
Method Details

   "ignoreControlIds": [ # Condition ignore specifications. If multiple ignore conditions match, all matching ignore controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
-  "modelId": "A String", # The id of the model to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "modelId": "A String", # The id of the model in the same Catalog to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.
   "name": "A String", # Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/servingConfig/*`
   "onewaySynonymsControlIds": [ # Condition oneway synonyms specifications. If multiple oneway synonyms conditions match, all matching oneway synonyms controls in the list will execute. Order of controls in the list will not matter. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
-  "priceRerankingLevel": "A String", # How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * 'no-price-reranking' * 'low-price-raranking' * 'medium-price-reranking' * 'high-price-reranking' If not specified, we choose default based on model type. Default value: 'no-price-reranking'. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "personalizationSpec": { # The specification for personalization. # The specification for personalization spec. Can only be set if solution_types is SOLUTION_TYPE_SEARCH. Notice that if both ServingConfig.personalization_spec and SearchRequest.personalization_spec are set. SearchRequest.personalization_spec will override ServingConfig.personalization_spec.
+    "mode": "A String", # Defaults to Mode.AUTO.
+  },
+  "priceRerankingLevel": "A String", # How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * `no-price-reranking` * `low-price-raranking` * `medium-price-reranking` * `high-price-reranking` If not specified, we choose default based on model type. Default value: `no-price-reranking`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
   "redirectControlIds": [ # Condition redirect specifications. Only the first triggered redirect action is applied, even if multiple apply. Maximum number of specifications is 1000. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
@@ -189,19 +193,20 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions). The ServingConfig is passed in the search and predict request and together with the Catalog.default_branch, generates results.
+{ # Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions).
   "boostControlIds": [ # Condition boost specifications. If a product matches multiple conditions in the specifications, boost scores from these specifications are all applied and combined in a non-linear way. Maximum number of specifications is 100. Notice that if both ServingConfig.boost_control_ids and SearchRequest.boost_spec are set, the boost conditions from both places are evaluated. If a search request matches multiple boost conditions, the final boost score is equal to the sum of the boost scores from all matched boost conditions. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
   "displayName": "A String", # Required. The human readable serving config display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is returned.
-  "diversityLevel": "A String", # How much diversity to use in recommendation model results e.g. 'medium-diversity' or 'high-diversity'. Currently supported values: * 'no-diversity' * 'low-diversity' * 'medium-diversity' * 'high-diversity' * 'auto-diversity' If not specified, we choose default based on recommendation model type. Default value: 'no-diversity'. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "diversityLevel": "A String", # How much diversity to use in recommendation model results e.g. `medium-diversity` or `high-diversity`. Currently supported values: * `no-diversity` * `low-diversity` * `medium-diversity` * `high-diversity` * `auto-diversity` If not specified, we choose default based on recommendation model type. Default value: `no-diversity`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "diversityType": "A String", # What kind of diversity to use - data driven or rule based.
   "doNotAssociateControlIds": [ # Condition do not associate specifications. If multiple do not associate conditions match, all matching do not associate controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
   "dynamicFacetSpec": { # The specifications of dynamically generated facets. # The specification for dynamically generated facets. Notice that only textual facets can be dynamically generated. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "mode": "A String", # Mode of the DynamicFacet feature. Defaults to Mode.DISABLED if it's unset.
   },
-  "enableCategoryFilterLevel": "A String", # Whether to add additional category filters on the 'similar-items' model. If not specified, we enable it by default. Allowed values are: * 'no-category-match': No additional filtering of original results from the model and the customer's filters. * 'relaxed-category-match': Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "enableCategoryFilterLevel": "A String", # Whether to add additional category filters on the `similar-items` model. If not specified, we enable it by default. Allowed values are: * `no-category-match`: No additional filtering of original results from the model and the customer's filters. * `relaxed-category-match`: Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
   "facetControlIds": [ # Facet specifications for faceted search. If empty, no facets are returned. The ids refer to the ids of Control resources with only the Facet control set. These controls are assumed to be in the same Catalog as the ServingConfig. A maximum of 100 values are allowed. Otherwise, an INVALID_ARGUMENT error is returned. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
@@ -211,12 +216,15 @@ 
Method Details

   "ignoreControlIds": [ # Condition ignore specifications. If multiple ignore conditions match, all matching ignore controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
-  "modelId": "A String", # The id of the model to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "modelId": "A String", # The id of the model in the same Catalog to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.
   "name": "A String", # Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/servingConfig/*`
   "onewaySynonymsControlIds": [ # Condition oneway synonyms specifications. If multiple oneway synonyms conditions match, all matching oneway synonyms controls in the list will execute. Order of controls in the list will not matter. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
-  "priceRerankingLevel": "A String", # How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * 'no-price-reranking' * 'low-price-raranking' * 'medium-price-reranking' * 'high-price-reranking' If not specified, we choose default based on model type. Default value: 'no-price-reranking'. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "personalizationSpec": { # The specification for personalization. # The specification for personalization spec. Can only be set if solution_types is SOLUTION_TYPE_SEARCH. Notice that if both ServingConfig.personalization_spec and SearchRequest.personalization_spec are set. SearchRequest.personalization_spec will override ServingConfig.personalization_spec.
+    "mode": "A String", # Defaults to Mode.AUTO.
+  },
+  "priceRerankingLevel": "A String", # How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * `no-price-reranking` * `low-price-raranking` * `medium-price-reranking` * `high-price-reranking` If not specified, we choose default based on model type. Default value: `no-price-reranking`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
   "redirectControlIds": [ # Condition redirect specifications. Only the first triggered redirect action is applied, even if multiple apply. Maximum number of specifications is 1000. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
@@ -240,19 +248,20 @@ 
Method Details

 Returns:
   An object of the form:
 
-    { # Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions). The ServingConfig is passed in the search and predict request and together with the Catalog.default_branch, generates results.
+    { # Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions).
   "boostControlIds": [ # Condition boost specifications. If a product matches multiple conditions in the specifications, boost scores from these specifications are all applied and combined in a non-linear way. Maximum number of specifications is 100. Notice that if both ServingConfig.boost_control_ids and SearchRequest.boost_spec are set, the boost conditions from both places are evaluated. If a search request matches multiple boost conditions, the final boost score is equal to the sum of the boost scores from all matched boost conditions. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
   "displayName": "A String", # Required. The human readable serving config display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is returned.
-  "diversityLevel": "A String", # How much diversity to use in recommendation model results e.g. 'medium-diversity' or 'high-diversity'. Currently supported values: * 'no-diversity' * 'low-diversity' * 'medium-diversity' * 'high-diversity' * 'auto-diversity' If not specified, we choose default based on recommendation model type. Default value: 'no-diversity'. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "diversityLevel": "A String", # How much diversity to use in recommendation model results e.g. `medium-diversity` or `high-diversity`. Currently supported values: * `no-diversity` * `low-diversity` * `medium-diversity` * `high-diversity` * `auto-diversity` If not specified, we choose default based on recommendation model type. Default value: `no-diversity`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "diversityType": "A String", # What kind of diversity to use - data driven or rule based.
   "doNotAssociateControlIds": [ # Condition do not associate specifications. If multiple do not associate conditions match, all matching do not associate controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
   "dynamicFacetSpec": { # The specifications of dynamically generated facets. # The specification for dynamically generated facets. Notice that only textual facets can be dynamically generated. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "mode": "A String", # Mode of the DynamicFacet feature. Defaults to Mode.DISABLED if it's unset.
   },
-  "enableCategoryFilterLevel": "A String", # Whether to add additional category filters on the 'similar-items' model. If not specified, we enable it by default. Allowed values are: * 'no-category-match': No additional filtering of original results from the model and the customer's filters. * 'relaxed-category-match': Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "enableCategoryFilterLevel": "A String", # Whether to add additional category filters on the `similar-items` model. If not specified, we enable it by default. Allowed values are: * `no-category-match`: No additional filtering of original results from the model and the customer's filters. * `relaxed-category-match`: Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
   "facetControlIds": [ # Facet specifications for faceted search. If empty, no facets are returned. The ids refer to the ids of Control resources with only the Facet control set. These controls are assumed to be in the same Catalog as the ServingConfig. A maximum of 100 values are allowed. Otherwise, an INVALID_ARGUMENT error is returned. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
@@ -262,12 +271,15 @@ 
Method Details

   "ignoreControlIds": [ # Condition ignore specifications. If multiple ignore conditions match, all matching ignore controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
-  "modelId": "A String", # The id of the model to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "modelId": "A String", # The id of the model in the same Catalog to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.
   "name": "A String", # Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/servingConfig/*`
   "onewaySynonymsControlIds": [ # Condition oneway synonyms specifications. If multiple oneway synonyms conditions match, all matching oneway synonyms controls in the list will execute. Order of controls in the list will not matter. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
-  "priceRerankingLevel": "A String", # How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * 'no-price-reranking' * 'low-price-raranking' * 'medium-price-reranking' * 'high-price-reranking' If not specified, we choose default based on model type. Default value: 'no-price-reranking'. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "personalizationSpec": { # The specification for personalization. # The specification for personalization spec. Can only be set if solution_types is SOLUTION_TYPE_SEARCH. Notice that if both ServingConfig.personalization_spec and SearchRequest.personalization_spec are set. SearchRequest.personalization_spec will override ServingConfig.personalization_spec.
+    "mode": "A String", # Defaults to Mode.AUTO.
+  },
+  "priceRerankingLevel": "A String", # How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * `no-price-reranking` * `low-price-raranking` * `medium-price-reranking` * `high-price-reranking` If not specified, we choose default based on model type. Default value: `no-price-reranking`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
   "redirectControlIds": [ # Condition redirect specifications. Only the first triggered redirect action is applied, even if multiple apply. Maximum number of specifications is 1000. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
@@ -288,7 +300,7 @@ 
Method Details

   
Deletes a ServingConfig. Returns a NotFound error if the ServingConfig does not exist.
 
 Args:
-  name: string, Required. The resource name of the ServingConfig to delete. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/servingConfigs/{serving_config_id} (required)
+  name: string, Required. The resource name of the ServingConfig to delete. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/servingConfigs/{serving_config_id}` (required)
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -306,7 +318,7 @@ 
Method Details

   
Gets a ServingConfig. Returns a NotFound error if the ServingConfig does not exist.
 
 Args:
-  name: string, Required. The resource name of the ServingConfig to get. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/servingConfigs/{serving_config_id} (required)
+  name: string, Required. The resource name of the ServingConfig to get. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/servingConfigs/{serving_config_id}` (required)
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -315,19 +327,20 @@ 
Method Details

 Returns:
   An object of the form:
 
-    { # Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions). The ServingConfig is passed in the search and predict request and together with the Catalog.default_branch, generates results.
+    { # Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions).
   "boostControlIds": [ # Condition boost specifications. If a product matches multiple conditions in the specifications, boost scores from these specifications are all applied and combined in a non-linear way. Maximum number of specifications is 100. Notice that if both ServingConfig.boost_control_ids and SearchRequest.boost_spec are set, the boost conditions from both places are evaluated. If a search request matches multiple boost conditions, the final boost score is equal to the sum of the boost scores from all matched boost conditions. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
   "displayName": "A String", # Required. The human readable serving config display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is returned.
-  "diversityLevel": "A String", # How much diversity to use in recommendation model results e.g. 'medium-diversity' or 'high-diversity'. Currently supported values: * 'no-diversity' * 'low-diversity' * 'medium-diversity' * 'high-diversity' * 'auto-diversity' If not specified, we choose default based on recommendation model type. Default value: 'no-diversity'. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "diversityLevel": "A String", # How much diversity to use in recommendation model results e.g. `medium-diversity` or `high-diversity`. Currently supported values: * `no-diversity` * `low-diversity` * `medium-diversity` * `high-diversity` * `auto-diversity` If not specified, we choose default based on recommendation model type. Default value: `no-diversity`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "diversityType": "A String", # What kind of diversity to use - data driven or rule based.
   "doNotAssociateControlIds": [ # Condition do not associate specifications. If multiple do not associate conditions match, all matching do not associate controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
   "dynamicFacetSpec": { # The specifications of dynamically generated facets. # The specification for dynamically generated facets. Notice that only textual facets can be dynamically generated. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "mode": "A String", # Mode of the DynamicFacet feature. Defaults to Mode.DISABLED if it's unset.
   },
-  "enableCategoryFilterLevel": "A String", # Whether to add additional category filters on the 'similar-items' model. If not specified, we enable it by default. Allowed values are: * 'no-category-match': No additional filtering of original results from the model and the customer's filters. * 'relaxed-category-match': Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "enableCategoryFilterLevel": "A String", # Whether to add additional category filters on the `similar-items` model. If not specified, we enable it by default. Allowed values are: * `no-category-match`: No additional filtering of original results from the model and the customer's filters. * `relaxed-category-match`: Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
   "facetControlIds": [ # Facet specifications for faceted search. If empty, no facets are returned. The ids refer to the ids of Control resources with only the Facet control set. These controls are assumed to be in the same Catalog as the ServingConfig. A maximum of 100 values are allowed. Otherwise, an INVALID_ARGUMENT error is returned. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
@@ -337,12 +350,15 @@ 
Method Details

   "ignoreControlIds": [ # Condition ignore specifications. If multiple ignore conditions match, all matching ignore controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
-  "modelId": "A String", # The id of the model to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "modelId": "A String", # The id of the model in the same Catalog to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.
   "name": "A String", # Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/servingConfig/*`
   "onewaySynonymsControlIds": [ # Condition oneway synonyms specifications. If multiple oneway synonyms conditions match, all matching oneway synonyms controls in the list will execute. Order of controls in the list will not matter. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
-  "priceRerankingLevel": "A String", # How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * 'no-price-reranking' * 'low-price-raranking' * 'medium-price-reranking' * 'high-price-reranking' If not specified, we choose default based on model type. Default value: 'no-price-reranking'. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "personalizationSpec": { # The specification for personalization. # The specification for personalization spec. Can only be set if solution_types is SOLUTION_TYPE_SEARCH. Notice that if both ServingConfig.personalization_spec and SearchRequest.personalization_spec are set. SearchRequest.personalization_spec will override ServingConfig.personalization_spec.
+    "mode": "A String", # Defaults to Mode.AUTO.
+  },
+  "priceRerankingLevel": "A String", # How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * `no-price-reranking` * `low-price-raranking` * `medium-price-reranking` * `high-price-reranking` If not specified, we choose default based on model type. Default value: `no-price-reranking`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
   "redirectControlIds": [ # Condition redirect specifications. Only the first triggered redirect action is applied, even if multiple apply. Maximum number of specifications is 1000. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
@@ -363,7 +379,7 @@ 
Method Details

   
Lists all ServingConfigs linked to this catalog.
 
 Args:
-  parent: string, Required. The catalog resource name. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id} (required)
+  parent: string, Required. The catalog resource name. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}` (required)
   pageSize: integer, Optional. Maximum number of results to return. If unspecified, defaults to 100. If a value greater than 100 is provided, at most 100 results are returned.
   pageToken: string, Optional. A page token, received from a previous `ListServingConfigs` call. Provide this to retrieve the subsequent page.
   x__xgafv: string, V1 error format.
@@ -377,19 +393,20 @@ 
Method Details

     { # Response for ListServingConfigs method.
   "nextPageToken": "A String", # Pagination token, if not returned indicates the last page.
   "servingConfigs": [ # All the ServingConfigs for a given catalog.
-    { # Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions). The ServingConfig is passed in the search and predict request and together with the Catalog.default_branch, generates results.
+    { # Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions).
       "boostControlIds": [ # Condition boost specifications. If a product matches multiple conditions in the specifications, boost scores from these specifications are all applied and combined in a non-linear way. Maximum number of specifications is 100. Notice that if both ServingConfig.boost_control_ids and SearchRequest.boost_spec are set, the boost conditions from both places are evaluated. If a search request matches multiple boost conditions, the final boost score is equal to the sum of the boost scores from all matched boost conditions. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
         "A String",
       ],
       "displayName": "A String", # Required. The human readable serving config display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is returned.
-      "diversityLevel": "A String", # How much diversity to use in recommendation model results e.g. 'medium-diversity' or 'high-diversity'. Currently supported values: * 'no-diversity' * 'low-diversity' * 'medium-diversity' * 'high-diversity' * 'auto-diversity' If not specified, we choose default based on recommendation model type. Default value: 'no-diversity'. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+      "diversityLevel": "A String", # How much diversity to use in recommendation model results e.g. `medium-diversity` or `high-diversity`. Currently supported values: * `no-diversity` * `low-diversity` * `medium-diversity` * `high-diversity` * `auto-diversity` If not specified, we choose default based on recommendation model type. Default value: `no-diversity`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+      "diversityType": "A String", # What kind of diversity to use - data driven or rule based.
       "doNotAssociateControlIds": [ # Condition do not associate specifications. If multiple do not associate conditions match, all matching do not associate controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
         "A String",
       ],
       "dynamicFacetSpec": { # The specifications of dynamically generated facets. # The specification for dynamically generated facets. Notice that only textual facets can be dynamically generated. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
         "mode": "A String", # Mode of the DynamicFacet feature. Defaults to Mode.DISABLED if it's unset.
       },
-      "enableCategoryFilterLevel": "A String", # Whether to add additional category filters on the 'similar-items' model. If not specified, we enable it by default. Allowed values are: * 'no-category-match': No additional filtering of original results from the model and the customer's filters. * 'relaxed-category-match': Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+      "enableCategoryFilterLevel": "A String", # Whether to add additional category filters on the `similar-items` model. If not specified, we enable it by default. Allowed values are: * `no-category-match`: No additional filtering of original results from the model and the customer's filters. * `relaxed-category-match`: Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
       "facetControlIds": [ # Facet specifications for faceted search. If empty, no facets are returned. The ids refer to the ids of Control resources with only the Facet control set. These controls are assumed to be in the same Catalog as the ServingConfig. A maximum of 100 values are allowed. Otherwise, an INVALID_ARGUMENT error is returned. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
         "A String",
       ],
@@ -399,12 +416,15 @@ 
Method Details

       "ignoreControlIds": [ # Condition ignore specifications. If multiple ignore conditions match, all matching ignore controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
         "A String",
       ],
-      "modelId": "A String", # The id of the model to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.
+      "modelId": "A String", # The id of the model in the same Catalog to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.
       "name": "A String", # Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/servingConfig/*`
       "onewaySynonymsControlIds": [ # Condition oneway synonyms specifications. If multiple oneway synonyms conditions match, all matching oneway synonyms controls in the list will execute. Order of controls in the list will not matter. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
         "A String",
       ],
-      "priceRerankingLevel": "A String", # How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * 'no-price-reranking' * 'low-price-raranking' * 'medium-price-reranking' * 'high-price-reranking' If not specified, we choose default based on model type. Default value: 'no-price-reranking'. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+      "personalizationSpec": { # The specification for personalization. # The specification for personalization spec. Can only be set if solution_types is SOLUTION_TYPE_SEARCH. Notice that if both ServingConfig.personalization_spec and SearchRequest.personalization_spec are set. SearchRequest.personalization_spec will override ServingConfig.personalization_spec.
+        "mode": "A String", # Defaults to Mode.AUTO.
+      },
+      "priceRerankingLevel": "A String", # How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * `no-price-reranking` * `low-price-raranking` * `medium-price-reranking` * `high-price-reranking` If not specified, we choose default based on model type. Default value: `no-price-reranking`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
       "redirectControlIds": [ # Condition redirect specifications. Only the first triggered redirect action is applied, even if multiple apply. Maximum number of specifications is 1000. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
         "A String",
       ],
@@ -445,19 +465,20 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions). The ServingConfig is passed in the search and predict request and together with the Catalog.default_branch, generates results.
+{ # Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions).
   "boostControlIds": [ # Condition boost specifications. If a product matches multiple conditions in the specifications, boost scores from these specifications are all applied and combined in a non-linear way. Maximum number of specifications is 100. Notice that if both ServingConfig.boost_control_ids and SearchRequest.boost_spec are set, the boost conditions from both places are evaluated. If a search request matches multiple boost conditions, the final boost score is equal to the sum of the boost scores from all matched boost conditions. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
   "displayName": "A String", # Required. The human readable serving config display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is returned.
-  "diversityLevel": "A String", # How much diversity to use in recommendation model results e.g. 'medium-diversity' or 'high-diversity'. Currently supported values: * 'no-diversity' * 'low-diversity' * 'medium-diversity' * 'high-diversity' * 'auto-diversity' If not specified, we choose default based on recommendation model type. Default value: 'no-diversity'. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "diversityLevel": "A String", # How much diversity to use in recommendation model results e.g. `medium-diversity` or `high-diversity`. Currently supported values: * `no-diversity` * `low-diversity` * `medium-diversity` * `high-diversity` * `auto-diversity` If not specified, we choose default based on recommendation model type. Default value: `no-diversity`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "diversityType": "A String", # What kind of diversity to use - data driven or rule based.
   "doNotAssociateControlIds": [ # Condition do not associate specifications. If multiple do not associate conditions match, all matching do not associate controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
   "dynamicFacetSpec": { # The specifications of dynamically generated facets. # The specification for dynamically generated facets. Notice that only textual facets can be dynamically generated. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "mode": "A String", # Mode of the DynamicFacet feature. Defaults to Mode.DISABLED if it's unset.
   },
-  "enableCategoryFilterLevel": "A String", # Whether to add additional category filters on the 'similar-items' model. If not specified, we enable it by default. Allowed values are: * 'no-category-match': No additional filtering of original results from the model and the customer's filters. * 'relaxed-category-match': Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "enableCategoryFilterLevel": "A String", # Whether to add additional category filters on the `similar-items` model. If not specified, we enable it by default. Allowed values are: * `no-category-match`: No additional filtering of original results from the model and the customer's filters. * `relaxed-category-match`: Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
   "facetControlIds": [ # Facet specifications for faceted search. If empty, no facets are returned. The ids refer to the ids of Control resources with only the Facet control set. These controls are assumed to be in the same Catalog as the ServingConfig. A maximum of 100 values are allowed. Otherwise, an INVALID_ARGUMENT error is returned. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
@@ -467,12 +488,15 @@ 
Method Details

   "ignoreControlIds": [ # Condition ignore specifications. If multiple ignore conditions match, all matching ignore controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
-  "modelId": "A String", # The id of the model to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "modelId": "A String", # The id of the model in the same Catalog to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.
   "name": "A String", # Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/servingConfig/*`
   "onewaySynonymsControlIds": [ # Condition oneway synonyms specifications. If multiple oneway synonyms conditions match, all matching oneway synonyms controls in the list will execute. Order of controls in the list will not matter. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
-  "priceRerankingLevel": "A String", # How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * 'no-price-reranking' * 'low-price-raranking' * 'medium-price-reranking' * 'high-price-reranking' If not specified, we choose default based on model type. Default value: 'no-price-reranking'. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "personalizationSpec": { # The specification for personalization. # The specification for personalization spec. Can only be set if solution_types is SOLUTION_TYPE_SEARCH. Notice that if both ServingConfig.personalization_spec and SearchRequest.personalization_spec are set. SearchRequest.personalization_spec will override ServingConfig.personalization_spec.
+    "mode": "A String", # Defaults to Mode.AUTO.
+  },
+  "priceRerankingLevel": "A String", # How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * `no-price-reranking` * `low-price-raranking` * `medium-price-reranking` * `high-price-reranking` If not specified, we choose default based on model type. Default value: `no-price-reranking`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
   "redirectControlIds": [ # Condition redirect specifications. Only the first triggered redirect action is applied, even if multiple apply. Maximum number of specifications is 1000. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
@@ -496,19 +520,20 @@ 
Method Details

 Returns:
   An object of the form:
 
-    { # Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions). The ServingConfig is passed in the search and predict request and together with the Catalog.default_branch, generates results.
+    { # Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions).
   "boostControlIds": [ # Condition boost specifications. If a product matches multiple conditions in the specifications, boost scores from these specifications are all applied and combined in a non-linear way. Maximum number of specifications is 100. Notice that if both ServingConfig.boost_control_ids and SearchRequest.boost_spec are set, the boost conditions from both places are evaluated. If a search request matches multiple boost conditions, the final boost score is equal to the sum of the boost scores from all matched boost conditions. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
   "displayName": "A String", # Required. The human readable serving config display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is returned.
-  "diversityLevel": "A String", # How much diversity to use in recommendation model results e.g. 'medium-diversity' or 'high-diversity'. Currently supported values: * 'no-diversity' * 'low-diversity' * 'medium-diversity' * 'high-diversity' * 'auto-diversity' If not specified, we choose default based on recommendation model type. Default value: 'no-diversity'. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "diversityLevel": "A String", # How much diversity to use in recommendation model results e.g. `medium-diversity` or `high-diversity`. Currently supported values: * `no-diversity` * `low-diversity` * `medium-diversity` * `high-diversity` * `auto-diversity` If not specified, we choose default based on recommendation model type. Default value: `no-diversity`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "diversityType": "A String", # What kind of diversity to use - data driven or rule based.
   "doNotAssociateControlIds": [ # Condition do not associate specifications. If multiple do not associate conditions match, all matching do not associate controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
   "dynamicFacetSpec": { # The specifications of dynamically generated facets. # The specification for dynamically generated facets. Notice that only textual facets can be dynamically generated. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "mode": "A String", # Mode of the DynamicFacet feature. Defaults to Mode.DISABLED if it's unset.
   },
-  "enableCategoryFilterLevel": "A String", # Whether to add additional category filters on the 'similar-items' model. If not specified, we enable it by default. Allowed values are: * 'no-category-match': No additional filtering of original results from the model and the customer's filters. * 'relaxed-category-match': Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "enableCategoryFilterLevel": "A String", # Whether to add additional category filters on the `similar-items` model. If not specified, we enable it by default. Allowed values are: * `no-category-match`: No additional filtering of original results from the model and the customer's filters. * `relaxed-category-match`: Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
   "facetControlIds": [ # Facet specifications for faceted search. If empty, no facets are returned. The ids refer to the ids of Control resources with only the Facet control set. These controls are assumed to be in the same Catalog as the ServingConfig. A maximum of 100 values are allowed. Otherwise, an INVALID_ARGUMENT error is returned. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
@@ -518,12 +543,15 @@ 
Method Details

   "ignoreControlIds": [ # Condition ignore specifications. If multiple ignore conditions match, all matching ignore controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
-  "modelId": "A String", # The id of the model to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "modelId": "A String", # The id of the model in the same Catalog to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.
   "name": "A String", # Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/servingConfig/*`
   "onewaySynonymsControlIds": [ # Condition oneway synonyms specifications. If multiple oneway synonyms conditions match, all matching oneway synonyms controls in the list will execute. Order of controls in the list will not matter. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
-  "priceRerankingLevel": "A String", # How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * 'no-price-reranking' * 'low-price-raranking' * 'medium-price-reranking' * 'high-price-reranking' If not specified, we choose default based on model type. Default value: 'no-price-reranking'. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "personalizationSpec": { # The specification for personalization. # The specification for personalization spec. Can only be set if solution_types is SOLUTION_TYPE_SEARCH. Notice that if both ServingConfig.personalization_spec and SearchRequest.personalization_spec are set. SearchRequest.personalization_spec will override ServingConfig.personalization_spec.
+    "mode": "A String", # Defaults to Mode.AUTO.
+  },
+  "priceRerankingLevel": "A String", # How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * `no-price-reranking` * `low-price-raranking` * `medium-price-reranking` * `high-price-reranking` If not specified, we choose default based on model type. Default value: `no-price-reranking`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
   "redirectControlIds": [ # Condition redirect specifications. Only the first triggered redirect action is applied, even if multiple apply. Maximum number of specifications is 1000. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
@@ -586,7 +614,7 @@ 
Method Details

     "filter": "A String", # The filter syntax consists of an expression language for constructing a predicate from one or more fields of the products being filtered. See SearchRequest.filter for definition and syntax. The value must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned.
     "offset": 42, # An integer that specifies the current offset for pagination (the 0-indexed starting location, amongst the products deemed by the API as relevant). See SearchRequest.offset for definition. If this field is negative, an INVALID_ARGUMENT is returned. This can only be set for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
     "orderBy": "A String", # The order in which products are returned. See SearchRequest.order_by for definition and syntax. The value must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. This can only be set for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
-    "pageCategories": [ # The categories associated with a category page. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"]. Required for `category-page-view` events. At least one of search_query or page_categories is required for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
+    "pageCategories": [ # The categories associated with a category page. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"]. Required for `category-page-view` events. At least one of search_query or page_categories is required for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
       "A String",
     ],
     "pageViewId": "A String", # A unique ID of a web page view. This should be kept the same for all user events triggered from the same pageview. For example, an item detail page view could trigger multiple events as the user is browsing the page. The `pageViewId` property should be kept the same for all these events so that they can be grouped together properly. When using the client side event reporting with JavaScript pixel and Google Tag Manager, this value is filled in automatically.
@@ -619,7 +647,7 @@ 
Method Details

           "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
             "A String",
           ],
-          "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+          "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
             "A String",
           ],
           "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -656,6 +684,48 @@ 
Method Details

             },
           ],
           "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+          "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+            { # The inventory information at a place (e.g. a store) identified by a place ID.
+              "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+                "a_key": { # A custom attribute that is not explicitly modeled in Product.
+                  "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+                  "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                    3.14,
+                  ],
+                  "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+                  "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                    "A String",
+                  ],
+                },
+              },
+              "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+                "A String",
+              ],
+              "placeId": "A String", # The place ID for the current set of inventory information.
+              "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+                "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+                "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+                "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+                "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+                "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+                "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+                "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+                  "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+                    "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                    "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                    "maximum": 3.14, # Inclusive upper bound.
+                    "minimum": 3.14, # Inclusive lower bound.
+                  },
+                  "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+                    "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                    "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                    "maximum": 3.14, # Inclusive upper bound.
+                    "minimum": 3.14, # Inclusive lower bound.
+                  },
+                },
+              },
+            },
+          ],
           "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
             "A String",
           ],
@@ -769,7 +839,7 @@ 
Method Details

   
Disables a Control on the specified ServingConfig. The control is removed from the ServingConfig. Returns a NOT_FOUND error if the Control is not enabled for the ServingConfig.
 
 Args:
-  servingConfig: string, Required. The source ServingConfig resource name . Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/servingConfigs/{serving_config_id} (required)
+  servingConfig: string, Required. The source ServingConfig resource name . Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/servingConfigs/{serving_config_id}` (required)
   body: object, The request body.
     The object takes the form of:
 
@@ -785,19 +855,20 @@ 
Method Details

 Returns:
   An object of the form:
 
-    { # Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions). The ServingConfig is passed in the search and predict request and together with the Catalog.default_branch, generates results.
+    { # Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions).
   "boostControlIds": [ # Condition boost specifications. If a product matches multiple conditions in the specifications, boost scores from these specifications are all applied and combined in a non-linear way. Maximum number of specifications is 100. Notice that if both ServingConfig.boost_control_ids and SearchRequest.boost_spec are set, the boost conditions from both places are evaluated. If a search request matches multiple boost conditions, the final boost score is equal to the sum of the boost scores from all matched boost conditions. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
   "displayName": "A String", # Required. The human readable serving config display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is returned.
-  "diversityLevel": "A String", # How much diversity to use in recommendation model results e.g. 'medium-diversity' or 'high-diversity'. Currently supported values: * 'no-diversity' * 'low-diversity' * 'medium-diversity' * 'high-diversity' * 'auto-diversity' If not specified, we choose default based on recommendation model type. Default value: 'no-diversity'. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "diversityLevel": "A String", # How much diversity to use in recommendation model results e.g. `medium-diversity` or `high-diversity`. Currently supported values: * `no-diversity` * `low-diversity` * `medium-diversity` * `high-diversity` * `auto-diversity` If not specified, we choose default based on recommendation model type. Default value: `no-diversity`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "diversityType": "A String", # What kind of diversity to use - data driven or rule based.
   "doNotAssociateControlIds": [ # Condition do not associate specifications. If multiple do not associate conditions match, all matching do not associate controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
   "dynamicFacetSpec": { # The specifications of dynamically generated facets. # The specification for dynamically generated facets. Notice that only textual facets can be dynamically generated. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "mode": "A String", # Mode of the DynamicFacet feature. Defaults to Mode.DISABLED if it's unset.
   },
-  "enableCategoryFilterLevel": "A String", # Whether to add additional category filters on the 'similar-items' model. If not specified, we enable it by default. Allowed values are: * 'no-category-match': No additional filtering of original results from the model and the customer's filters. * 'relaxed-category-match': Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "enableCategoryFilterLevel": "A String", # Whether to add additional category filters on the `similar-items` model. If not specified, we enable it by default. Allowed values are: * `no-category-match`: No additional filtering of original results from the model and the customer's filters. * `relaxed-category-match`: Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
   "facetControlIds": [ # Facet specifications for faceted search. If empty, no facets are returned. The ids refer to the ids of Control resources with only the Facet control set. These controls are assumed to be in the same Catalog as the ServingConfig. A maximum of 100 values are allowed. Otherwise, an INVALID_ARGUMENT error is returned. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
@@ -807,12 +878,15 @@ 
Method Details

   "ignoreControlIds": [ # Condition ignore specifications. If multiple ignore conditions match, all matching ignore controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
-  "modelId": "A String", # The id of the model to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "modelId": "A String", # The id of the model in the same Catalog to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.
   "name": "A String", # Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/servingConfig/*`
   "onewaySynonymsControlIds": [ # Condition oneway synonyms specifications. If multiple oneway synonyms conditions match, all matching oneway synonyms controls in the list will execute. Order of controls in the list will not matter. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
-  "priceRerankingLevel": "A String", # How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * 'no-price-reranking' * 'low-price-raranking' * 'medium-price-reranking' * 'high-price-reranking' If not specified, we choose default based on model type. Default value: 'no-price-reranking'. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "personalizationSpec": { # The specification for personalization. # The specification for personalization spec. Can only be set if solution_types is SOLUTION_TYPE_SEARCH. Notice that if both ServingConfig.personalization_spec and SearchRequest.personalization_spec are set. SearchRequest.personalization_spec will override ServingConfig.personalization_spec.
+    "mode": "A String", # Defaults to Mode.AUTO.
+  },
+  "priceRerankingLevel": "A String", # How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * `no-price-reranking` * `low-price-raranking` * `medium-price-reranking` * `high-price-reranking` If not specified, we choose default based on model type. Default value: `no-price-reranking`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
   "redirectControlIds": [ # Condition redirect specifications. Only the first triggered redirect action is applied, even if multiple apply. Maximum number of specifications is 1000. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
@@ -830,7 +904,7 @@ 
Method Details

 
 

     search(placement, body=None, x__xgafv=None)
-  
Performs a search. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.
+  
Performs a search. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.
 
 Args:
   placement: string, Required. The resource name of the Retail Search serving config, such as `projects/*/locations/global/catalogs/default_catalog/servingConfigs/default_serving_config` or the name of the legacy placement resource, such as `projects/*/locations/global/catalogs/default_catalog/placements/default_search`. This field is used to identify the serving configuration name and the set of models that will be used to make the search. (required)
@@ -891,12 +965,12 @@ 
Method Details

   },
   "offset": 42, # A 0-indexed integer that specifies the current offset (that is, starting result location, amongst the Products deemed by the API as relevant) in search results. This field is only considered if page_token is unset. If this field is negative, an INVALID_ARGUMENT is returned.
   "orderBy": "A String", # The order in which products are returned. Products can be ordered by a field in an Product object. Leave it unset if ordered by relevance. OrderBy expression is case-sensitive. See more details at this [user guide](https://cloud.google.com/retail/docs/filter-and-order#order). If this field is unrecognizable, an INVALID_ARGUMENT is returned.
-  "pageCategories": [ # The categories associated with a category page. Required for category navigation queries to achieve good search quality. The format should be the same as UserEvent.page_categories; To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"].
+  "pageCategories": [ # The categories associated with a category page. Required for category navigation queries to achieve good search quality. The format should be the same as UserEvent.page_categories; To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"].
     "A String",
   ],
   "pageSize": 42, # Maximum number of Products to return. If unspecified, defaults to a reasonable value. The maximum allowed value is 120. Values above 120 will be coerced to 120. If this field is negative, an INVALID_ARGUMENT is returned.
   "pageToken": "A String", # A page token SearchResponse.next_page_token, received from a previous SearchService.Search call. Provide this to retrieve the subsequent page. When paginating, all other parameters provided to SearchService.Search must match the call that provided the page token. Otherwise, an INVALID_ARGUMENT error is returned.
-  "personalizationSpec": { # The specification for personalization. # The specification for personalization.
+  "personalizationSpec": { # The specification for personalization. # The specification for personalization. Notice that if both ServingConfig.personalization_spec and SearchRequest.personalization_spec are set. SearchRequest.personalization_spec will override ServingConfig.personalization_spec.
     "mode": "A String", # Defaults to Mode.AUTO.
   },
   "query": "A String", # Raw search query. If this field is empty, the request is considered a category browsing request and returned results are based on filter and page_categories.
@@ -1004,7 +1078,7 @@ 
Method Details

         "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
           "A String",
         ],
-        "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+        "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
           "A String",
         ],
         "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -1041,6 +1115,48 @@ 
Method Details

           },
         ],
         "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+        "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+          { # The inventory information at a place (e.g. a store) identified by a place ID.
+            "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+              "a_key": { # A custom attribute that is not explicitly modeled in Product.
+                "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+                "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                  3.14,
+                ],
+                "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+                "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                  "A String",
+                ],
+              },
+            },
+            "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+              "A String",
+            ],
+            "placeId": "A String", # The place ID for the current set of inventory information.
+            "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+              "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+              "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+              "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+              "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+              "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+              "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+              "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+                "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+                  "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                  "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                  "maximum": 3.14, # Inclusive upper bound.
+                  "minimum": 3.14, # Inclusive lower bound.
+                },
+                "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+                  "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                  "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                  "maximum": 3.14, # Inclusive upper bound.
+                  "minimum": 3.14, # Inclusive lower bound.
+                },
+              },
+            },
+          },
+        ],
         "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
           "A String",
         ],
diff --git a/docs/dyn/retail_v2alpha.projects.locations.catalogs.userEvents.html b/docs/dyn/retail_v2alpha.projects.locations.catalogs.userEvents.html
index 051515e6915..978ac999b68 100644
--- a/docs/dyn/retail_v2alpha.projects.locations.catalogs.userEvents.html
+++ b/docs/dyn/retail_v2alpha.projects.locations.catalogs.userEvents.html
@@ -82,13 +82,13 @@ 
Instance Methods

 
Writes a single user event from the browser. This uses a GET request to due to browser restriction of POST-ing to a 3rd party domain. This method is used only by the Retail API JavaScript pixel and Google Tag Manager. Users should not call this method directly.

 

   import_(parent, body=None, x__xgafv=None)

-
Bulk import of User events. Request processing might be synchronous. Events that already exist are skipped. Use this method for backfilling historical user events. Operation.response is of type ImportResponse. Note that it is possible for a subset of the items to be successfully inserted. Operation.metadata is of type ImportMetadata.

+
Bulk import of User events. Request processing might be synchronous. Events that already exist are skipped. Use this method for backfilling historical user events. `Operation.response` is of type `ImportResponse`. Note that it is possible for a subset of the items to be successfully inserted. `Operation.metadata` is of type `ImportMetadata`.

 

   purge(parent, body=None, x__xgafv=None)

 
Deletes permanently all user events specified by the filter provided. Depending on the number of events specified by the filter, this operation could take hours or days to complete. To test a filter, use the list command first.

 

   rejoin(parent, body=None, x__xgafv=None)

-
Starts a user event rejoin operation with latest product catalog. Events will not be annotated with detailed product information if product is missing from the catalog at the time the user event is ingested, and these events are stored as unjoined events with a limited usage on training and serving. This method can be used to start a join operation on specified events with latest version of product catalog. It can also be used to correct events joined with the wrong product catalog. A rejoin operation can take hours or days to complete.

+
Starts a user-event rejoin operation with latest product catalog. Events are not annotated with detailed product information for products that are missing from the catalog when the user event is ingested. These events are stored as unjoined events with limited usage on training and serving. You can use this method to start a join operation on specified events with the latest version of product catalog. You can also use this method to correct events joined with the wrong product catalog. A rejoin operation can take hours or days to complete.

 

   write(parent, body=None, x__xgafv=None)

 
Writes a single user event.

@@ -128,7 +128,7 @@ 
Method Details

 
 

     import_(parent, body=None, x__xgafv=None)
-  
Bulk import of User events. Request processing might be synchronous. Events that already exist are skipped. Use this method for backfilling historical user events. Operation.response is of type ImportResponse. Note that it is possible for a subset of the items to be successfully inserted. Operation.metadata is of type ImportMetadata.
+  
Bulk import of User events. Request processing might be synchronous. Events that already exist are skipped. Use this method for backfilling historical user events. `Operation.response` is of type `ImportResponse`. Note that it is possible for a subset of the items to be successfully inserted. `Operation.metadata` is of type `ImportMetadata`.
 
 Args:
   parent: string, Required. `projects/1234/locations/global/catalogs/default_catalog` (required)
@@ -137,7 +137,7 @@ 
Method Details

 
 { # Request message for the ImportUserEvents request.
   "errorsConfig": { # Configuration of destination for Import related errors. # The desired location of errors incurred during the Import. Cannot be set for inline user event imports.
-    "gcsPrefix": "A String", # Google Cloud Storage prefix for import errors. This must be an empty, existing Cloud Storage directory. Import errors will be written to sharded files in this directory, one per line, as a JSON-encoded `google.rpc.Status` message.
+    "gcsPrefix": "A String", # Google Cloud Storage prefix for import errors. This must be an empty, existing Cloud Storage directory. Import errors are written to sharded files in this directory, one per line, as a JSON-encoded `google.rpc.Status` message.
   },
   "inputConfig": { # The input config source for user events. # Required. The desired input location of the data.
     "bigQuerySource": { # BigQuery source import data from. # Required. BigQuery input source.
@@ -152,8 +152,8 @@ 
Method Details

       "projectId": "A String", # The project ID (can be project # or ID) that the BigQuery source is in with a length limit of 128 characters. If not specified, inherits the project ID from the parent request.
       "tableId": "A String", # Required. The BigQuery table to copy the data from with a length limit of 1,024 characters.
     },
-    "gcsSource": { # Google Cloud Storage location for input content. format. # Required. Google Cloud Storage location for the input content.
-      "dataSchema": "A String", # The schema to use when parsing the data from the source. Supported values for product imports: * `product` (default): One JSON Product per line. Each product must have a valid Product.id. * `product_merchant_center`: See [Importing catalog data from Merchant Center](https://cloud.google.com/retail/recommendations-ai/docs/upload-catalog#mc). Supported values for user events imports: * `user_event` (default): One JSON UserEvent per line. * `user_event_ga360`: Using https://support.google.com/analytics/answer/3437719. Supported values for control imports: * 'control' (default): One JSON Control per line. Supported values for catalog attribute imports: * 'catalog_attribute' (default): One CSV CatalogAttribute per line.
+    "gcsSource": { # Google Cloud Storage location for input content. # Required. Google Cloud Storage location for the input content.
+      "dataSchema": "A String", # The schema to use when parsing the data from the source. Supported values for product imports: * `product` (default): One JSON Product per line. Each product must have a valid Product.id. * `product_merchant_center`: See [Importing catalog data from Merchant Center](https://cloud.google.com/retail/recommendations-ai/docs/upload-catalog#mc). Supported values for user events imports: * `user_event` (default): One JSON UserEvent per line. * `user_event_ga360`: Using https://support.google.com/analytics/answer/3437719. Supported values for control imports: * `control` (default): One JSON Control per line. Supported values for catalog attribute imports: * `catalog_attribute` (default): One CSV CatalogAttribute per line.
       "inputUris": [ # Required. Google Cloud Storage URIs to input files. URI can be up to 2000 characters long. URIs can match the full object path (for example, `gs://bucket/directory/object.json`) or a pattern matching one or more files, such as `gs://bucket/directory/*.json`. A request can contain at most 100 files, and each file can be up to 2 GB. See [Importing product information](https://cloud.google.com/retail/recommendations-ai/docs/upload-catalog) for the expected file format and setup instructions.
         "A String",
       ],
@@ -188,7 +188,7 @@ 
Method Details

           "filter": "A String", # The filter syntax consists of an expression language for constructing a predicate from one or more fields of the products being filtered. See SearchRequest.filter for definition and syntax. The value must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned.
           "offset": 42, # An integer that specifies the current offset for pagination (the 0-indexed starting location, amongst the products deemed by the API as relevant). See SearchRequest.offset for definition. If this field is negative, an INVALID_ARGUMENT is returned. This can only be set for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
           "orderBy": "A String", # The order in which products are returned. See SearchRequest.order_by for definition and syntax. The value must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. This can only be set for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
-          "pageCategories": [ # The categories associated with a category page. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"]. Required for `category-page-view` events. At least one of search_query or page_categories is required for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
+          "pageCategories": [ # The categories associated with a category page. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"]. Required for `category-page-view` events. At least one of search_query or page_categories is required for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
             "A String",
           ],
           "pageViewId": "A String", # A unique ID of a web page view. This should be kept the same for all user events triggered from the same pageview. For example, an item detail page view could trigger multiple events as the user is browsing the page. The `pageViewId` property should be kept the same for all these events so that they can be grouped together properly. When using the client side event reporting with JavaScript pixel and Google Tag Manager, this value is filled in automatically.
@@ -221,7 +221,7 @@ 
Method Details

                 "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
                   "A String",
                 ],
-                "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+                "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
                   "A String",
                 ],
                 "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -258,6 +258,48 @@ 
Method Details

                   },
                 ],
                 "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+                "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+                  { # The inventory information at a place (e.g. a store) identified by a place ID.
+                    "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+                      "a_key": { # A custom attribute that is not explicitly modeled in Product.
+                        "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+                        "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                          3.14,
+                        ],
+                        "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+                        "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                          "A String",
+                        ],
+                      },
+                    },
+                    "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+                      "A String",
+                    ],
+                    "placeId": "A String", # The place ID for the current set of inventory information.
+                    "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+                      "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+                      "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+                      "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+                      "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+                      "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+                      "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+                      "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+                        "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+                          "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                          "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                          "maximum": 3.14, # Inclusive upper bound.
+                          "minimum": 3.14, # Inclusive lower bound.
+                        },
+                        "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+                          "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                          "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                          "maximum": 3.14, # Inclusive upper bound.
+                          "minimum": 3.14, # Inclusive lower bound.
+                        },
+                      },
+                    },
+                  },
+                ],
                 "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
                   "A String",
                 ],
@@ -417,7 +459,7 @@ 
Method Details

 
 

     rejoin(parent, body=None, x__xgafv=None)
-  
Starts a user event rejoin operation with latest product catalog. Events will not be annotated with detailed product information if product is missing from the catalog at the time the user event is ingested, and these events are stored as unjoined events with a limited usage on training and serving. This method can be used to start a join operation on specified events with latest version of product catalog. It can also be used to correct events joined with the wrong product catalog. A rejoin operation can take hours or days to complete.
+  
Starts a user-event rejoin operation with latest product catalog. Events are not annotated with detailed product information for products that are missing from the catalog when the user event is ingested. These events are stored as unjoined events with limited usage on training and serving. You can use this method to start a join operation on specified events with the latest version of product catalog. You can also use this method to correct events joined with the wrong product catalog. A rejoin operation can take hours or days to complete.
 
 Args:
   parent: string, Required. The parent catalog resource name, such as `projects/1234/locations/global/catalogs/default_catalog`. (required)
@@ -425,7 +467,7 @@ 
Method Details

     The object takes the form of:
 
 { # Request message for RejoinUserEvents method.
-  "userEventRejoinScope": "A String", # The type of the user event rejoin to define the scope and range of the user events to be rejoined with the latest product catalog. Defaults to USER_EVENT_REJOIN_SCOPE_UNSPECIFIED if this field is not set, or set to an invalid integer value.
+  "userEventRejoinScope": "A String", # The type of the user event rejoin to define the scope and range of the user events to be rejoined with the latest product catalog. Defaults to `USER_EVENT_REJOIN_SCOPE_UNSPECIFIED` if this field is not set, or set to an invalid integer value.
 }
 
   x__xgafv: string, V1 error format.
@@ -494,7 +536,7 @@ 
Method Details

   "filter": "A String", # The filter syntax consists of an expression language for constructing a predicate from one or more fields of the products being filtered. See SearchRequest.filter for definition and syntax. The value must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned.
   "offset": 42, # An integer that specifies the current offset for pagination (the 0-indexed starting location, amongst the products deemed by the API as relevant). See SearchRequest.offset for definition. If this field is negative, an INVALID_ARGUMENT is returned. This can only be set for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
   "orderBy": "A String", # The order in which products are returned. See SearchRequest.order_by for definition and syntax. The value must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. This can only be set for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
-  "pageCategories": [ # The categories associated with a category page. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"]. Required for `category-page-view` events. At least one of search_query or page_categories is required for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
+  "pageCategories": [ # The categories associated with a category page. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"]. Required for `category-page-view` events. At least one of search_query or page_categories is required for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
     "A String",
   ],
   "pageViewId": "A String", # A unique ID of a web page view. This should be kept the same for all user events triggered from the same pageview. For example, an item detail page view could trigger multiple events as the user is browsing the page. The `pageViewId` property should be kept the same for all these events so that they can be grouped together properly. When using the client side event reporting with JavaScript pixel and Google Tag Manager, this value is filled in automatically.
@@ -527,7 +569,7 @@ 
Method Details

         "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
           "A String",
         ],
-        "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+        "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
           "A String",
         ],
         "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -564,6 +606,48 @@ 
Method Details

           },
         ],
         "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+        "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+          { # The inventory information at a place (e.g. a store) identified by a place ID.
+            "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+              "a_key": { # A custom attribute that is not explicitly modeled in Product.
+                "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+                "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                  3.14,
+                ],
+                "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+                "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                  "A String",
+                ],
+              },
+            },
+            "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+              "A String",
+            ],
+            "placeId": "A String", # The place ID for the current set of inventory information.
+            "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+              "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+              "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+              "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+              "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+              "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+              "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+              "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+                "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+                  "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                  "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                  "maximum": 3.14, # Inclusive upper bound.
+                  "minimum": 3.14, # Inclusive lower bound.
+                },
+                "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+                  "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                  "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                  "maximum": 3.14, # Inclusive upper bound.
+                  "minimum": 3.14, # Inclusive lower bound.
+                },
+              },
+            },
+          },
+        ],
         "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
           "A String",
         ],
@@ -681,7 +765,7 @@ 
Method Details

   "filter": "A String", # The filter syntax consists of an expression language for constructing a predicate from one or more fields of the products being filtered. See SearchRequest.filter for definition and syntax. The value must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned.
   "offset": 42, # An integer that specifies the current offset for pagination (the 0-indexed starting location, amongst the products deemed by the API as relevant). See SearchRequest.offset for definition. If this field is negative, an INVALID_ARGUMENT is returned. This can only be set for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
   "orderBy": "A String", # The order in which products are returned. See SearchRequest.order_by for definition and syntax. The value must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. This can only be set for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
-  "pageCategories": [ # The categories associated with a category page. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"]. Required for `category-page-view` events. At least one of search_query or page_categories is required for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
+  "pageCategories": [ # The categories associated with a category page. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"]. Required for `category-page-view` events. At least one of search_query or page_categories is required for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
     "A String",
   ],
   "pageViewId": "A String", # A unique ID of a web page view. This should be kept the same for all user events triggered from the same pageview. For example, an item detail page view could trigger multiple events as the user is browsing the page. The `pageViewId` property should be kept the same for all these events so that they can be grouped together properly. When using the client side event reporting with JavaScript pixel and Google Tag Manager, this value is filled in automatically.
@@ -714,7 +798,7 @@ 
Method Details

         "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
           "A String",
         ],
-        "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+        "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
           "A String",
         ],
         "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -751,6 +835,48 @@ 
Method Details

           },
         ],
         "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+        "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+          { # The inventory information at a place (e.g. a store) identified by a place ID.
+            "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+              "a_key": { # A custom attribute that is not explicitly modeled in Product.
+                "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+                "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                  3.14,
+                ],
+                "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+                "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                  "A String",
+                ],
+              },
+            },
+            "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+              "A String",
+            ],
+            "placeId": "A String", # The place ID for the current set of inventory information.
+            "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+              "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+              "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+              "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+              "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+              "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+              "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+              "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+                "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+                  "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                  "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                  "maximum": 3.14, # Inclusive upper bound.
+                  "minimum": 3.14, # Inclusive lower bound.
+                },
+                "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+                  "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                  "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                  "maximum": 3.14, # Inclusive upper bound.
+                  "minimum": 3.14, # Inclusive lower bound.
+                },
+              },
+            },
+          },
+        ],
         "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
           "A String",
         ],
diff --git a/docs/dyn/retail_v2beta.projects.locations.catalogs.branches.products.html b/docs/dyn/retail_v2beta.projects.locations.catalogs.branches.products.html
index 8fb6f935dc3..3587d8d39fa 100644
--- a/docs/dyn/retail_v2beta.projects.locations.catalogs.branches.products.html
+++ b/docs/dyn/retail_v2beta.projects.locations.catalogs.branches.products.html
@@ -76,10 +76,10 @@ 
Retail API . 
   addFulfillmentPlaces(product, body=None, x__xgafv=None)

-
Incrementally adds place IDs to Product.fulfillment_info.place_ids. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, the added place IDs are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.

+
Incrementally adds place IDs to Product.fulfillment_info.place_ids. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, the added place IDs are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. The returned Operations will be obsolete after 1 day, and GetOperation API will return NOT_FOUND afterwards. If conflicting updates are issued, the Operations associated with the stale updates will not be marked as done until being obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.

 

   addLocalInventories(product, body=None, x__xgafv=None)

-
Updates local inventory information for a Product at a list of places, while respecting the last update timestamps of each inventory field. This process is asynchronous and does not require the Product to exist before updating inventory information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, updates are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. Local inventory information can only be modified using this method. ProductService.CreateProduct and ProductService.UpdateProduct has no effect on local inventories. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.

+
Updates local inventory information for a Product at a list of places, while respecting the last update timestamps of each inventory field. This process is asynchronous and does not require the Product to exist before updating inventory information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, updates are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. Local inventory information can only be modified using this method. ProductService.CreateProduct and ProductService.UpdateProduct has no effect on local inventories. The returned Operations will be obsolete after 1 day, and GetOperation API will return NOT_FOUND afterwards. If conflicting updates are issued, the Operations associated with the stale updates will not be marked as done until being obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.

 

   close()

 
Close httplib2 connections.

@@ -106,17 +106,17 @@ 
Instance Methods

 
Updates a Product.

 

   removeFulfillmentPlaces(product, body=None, x__xgafv=None)

-
Incrementally removes place IDs from a Product.fulfillment_info.place_ids. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, the removed place IDs are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.

+
Incrementally removes place IDs from a Product.fulfillment_info.place_ids. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, the removed place IDs are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. The returned Operations will be obsolete after 1 day, and GetOperation API will return NOT_FOUND afterwards. If conflicting updates are issued, the Operations associated with the stale updates will not be marked as done until being obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.

 

   removeLocalInventories(product, body=None, x__xgafv=None)

-
Remove local inventory information for a Product at a list of places at a removal timestamp. This process is asynchronous. If the request is valid, the removal will be enqueued and processed downstream. As a consequence, when a response is returned, removals are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. Local inventory information can only be removed using this method. ProductService.CreateProduct and ProductService.UpdateProduct has no effect on local inventories. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.

+
Remove local inventory information for a Product at a list of places at a removal timestamp. This process is asynchronous. If the request is valid, the removal will be enqueued and processed downstream. As a consequence, when a response is returned, removals are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. Local inventory information can only be removed using this method. ProductService.CreateProduct and ProductService.UpdateProduct has no effect on local inventories. The returned Operations will be obsolete after 1 day, and GetOperation API will return NOT_FOUND afterwards. If conflicting updates are issued, the Operations associated with the stale updates will not be marked as done until being obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.

 

   setInventory(name, body=None, x__xgafv=None)

-
Updates inventory information for a Product while respecting the last update timestamps of each inventory field. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, updates are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. When inventory is updated with ProductService.CreateProduct and ProductService.UpdateProduct, the specified inventory field value(s) will overwrite any existing value(s) while ignoring the last update time for this field. Furthermore, the last update time for the specified inventory fields will be overwritten to the time of the ProductService.CreateProduct or ProductService.UpdateProduct request. If no inventory fields are set in CreateProductRequest.product, then any pre-existing inventory information for this product will be used. If no inventory fields are set in SetInventoryRequest.set_mask, then any existing inventory information will be preserved. Pre-existing inventory information can only be updated with ProductService.SetInventory, ProductService.AddFulfillmentPlaces, and ProductService.RemoveFulfillmentPlaces. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.

+
Updates inventory information for a Product while respecting the last update timestamps of each inventory field. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update is enqueued and processed downstream. As a consequence, when a response is returned, updates are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. When inventory is updated with ProductService.CreateProduct and ProductService.UpdateProduct, the specified inventory field value(s) overwrite any existing value(s) while ignoring the last update time for this field. Furthermore, the last update times for the specified inventory fields are overwritten by the times of the ProductService.CreateProduct or ProductService.UpdateProduct request. If no inventory fields are set in CreateProductRequest.product, then any pre-existing inventory information for this product is used. If no inventory fields are set in SetInventoryRequest.set_mask, then any existing inventory information is preserved. Pre-existing inventory information can only be updated with ProductService.SetInventory, ProductService.AddFulfillmentPlaces, and ProductService.RemoveFulfillmentPlaces. The returned Operations is obsolete after one day, and the GetOperation API returns `NOT_FOUND` afterwards. If conflicting updates are issued, the Operations associated with the stale updates are not marked as done until they are obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.

 
Method Details

 

     addFulfillmentPlaces(product, body=None, x__xgafv=None)
-  
Incrementally adds place IDs to Product.fulfillment_info.place_ids. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, the added place IDs are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.
+  
Incrementally adds place IDs to Product.fulfillment_info.place_ids. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, the added place IDs are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. The returned Operations will be obsolete after 1 day, and GetOperation API will return NOT_FOUND afterwards. If conflicting updates are issued, the Operations associated with the stale updates will not be marked as done until being obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.
 
 Args:
   product: string, Required. Full resource name of Product, such as `projects/*/locations/global/catalogs/default_catalog/branches/default_branch/products/some_product_id`. If the caller does not have permission to access the Product, regardless of whether or not it exists, a PERMISSION_DENIED error is returned. (required)
@@ -163,7 +163,7 @@ 
Method Details

 
 

     addLocalInventories(product, body=None, x__xgafv=None)
-  
Updates local inventory information for a Product at a list of places, while respecting the last update timestamps of each inventory field. This process is asynchronous and does not require the Product to exist before updating inventory information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, updates are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. Local inventory information can only be modified using this method. ProductService.CreateProduct and ProductService.UpdateProduct has no effect on local inventories. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.
+  
Updates local inventory information for a Product at a list of places, while respecting the last update timestamps of each inventory field. This process is asynchronous and does not require the Product to exist before updating inventory information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, updates are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. Local inventory information can only be modified using this method. ProductService.CreateProduct and ProductService.UpdateProduct has no effect on local inventories. The returned Operations will be obsolete after 1 day, and GetOperation API will return NOT_FOUND afterwards. If conflicting updates are issued, the Operations associated with the stale updates will not be marked as done until being obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.
 
 Args:
   product: string, Required. Full resource name of Product, such as `projects/*/locations/global/catalogs/default_catalog/branches/default_branch/products/some_product_id`. If the caller does not have permission to access the Product, regardless of whether or not it exists, a PERMISSION_DENIED error is returned. (required)
@@ -288,7 +288,7 @@ 
Method Details

   "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
     "A String",
   ],
-  "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+  "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
     "A String",
   ],
   "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -325,6 +325,48 @@ 
Method Details

     },
   ],
   "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+  "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+    { # The inventory information at a place (e.g. a store) identified by a place ID.
+      "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+        "a_key": { # A custom attribute that is not explicitly modeled in Product.
+          "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+          "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+            3.14,
+          ],
+          "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+          "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+            "A String",
+          ],
+        },
+      },
+      "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+        "A String",
+      ],
+      "placeId": "A String", # The place ID for the current set of inventory information.
+      "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+        "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+        "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+        "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+        "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+        "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+        "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+        "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+          "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+            "exclusiveMaximum": 3.14, # Exclusive upper bound.
+            "exclusiveMinimum": 3.14, # Exclusive lower bound.
+            "maximum": 3.14, # Inclusive upper bound.
+            "minimum": 3.14, # Inclusive lower bound.
+          },
+          "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+            "exclusiveMaximum": 3.14, # Exclusive upper bound.
+            "exclusiveMinimum": 3.14, # Exclusive lower bound.
+            "maximum": 3.14, # Inclusive upper bound.
+            "minimum": 3.14, # Inclusive lower bound.
+          },
+        },
+      },
+    },
+  ],
   "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
     "A String",
   ],
@@ -420,7 +462,7 @@ 
Method Details

   "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
     "A String",
   ],
-  "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+  "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
     "A String",
   ],
   "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -457,6 +499,48 @@ 
Method Details

     },
   ],
   "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+  "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+    { # The inventory information at a place (e.g. a store) identified by a place ID.
+      "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+        "a_key": { # A custom attribute that is not explicitly modeled in Product.
+          "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+          "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+            3.14,
+          ],
+          "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+          "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+            "A String",
+          ],
+        },
+      },
+      "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+        "A String",
+      ],
+      "placeId": "A String", # The place ID for the current set of inventory information.
+      "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+        "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+        "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+        "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+        "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+        "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+        "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+        "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+          "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+            "exclusiveMaximum": 3.14, # Exclusive upper bound.
+            "exclusiveMinimum": 3.14, # Exclusive lower bound.
+            "maximum": 3.14, # Inclusive upper bound.
+            "minimum": 3.14, # Inclusive lower bound.
+          },
+          "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+            "exclusiveMaximum": 3.14, # Exclusive upper bound.
+            "exclusiveMinimum": 3.14, # Exclusive lower bound.
+            "maximum": 3.14, # Inclusive upper bound.
+            "minimum": 3.14, # Inclusive lower bound.
+          },
+        },
+      },
+    },
+  ],
   "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
     "A String",
   ],
@@ -576,7 +660,7 @@ 
Method Details

   "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
     "A String",
   ],
-  "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+  "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
     "A String",
   ],
   "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -613,6 +697,48 @@ 
Method Details

     },
   ],
   "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+  "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+    { # The inventory information at a place (e.g. a store) identified by a place ID.
+      "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+        "a_key": { # A custom attribute that is not explicitly modeled in Product.
+          "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+          "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+            3.14,
+          ],
+          "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+          "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+            "A String",
+          ],
+        },
+      },
+      "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+        "A String",
+      ],
+      "placeId": "A String", # The place ID for the current set of inventory information.
+      "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+        "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+        "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+        "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+        "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+        "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+        "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+        "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+          "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+            "exclusiveMaximum": 3.14, # Exclusive upper bound.
+            "exclusiveMinimum": 3.14, # Exclusive lower bound.
+            "maximum": 3.14, # Inclusive upper bound.
+            "minimum": 3.14, # Inclusive lower bound.
+          },
+          "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+            "exclusiveMaximum": 3.14, # Exclusive upper bound.
+            "exclusiveMinimum": 3.14, # Exclusive lower bound.
+            "maximum": 3.14, # Inclusive upper bound.
+            "minimum": 3.14, # Inclusive lower bound.
+          },
+        },
+      },
+    },
+  ],
   "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
     "A String",
   ],
@@ -684,7 +810,7 @@ 
Method Details

 
 { # Request message for Import methods.
   "errorsConfig": { # Configuration of destination for Import related errors. # The desired location of errors incurred during the Import.
-    "gcsPrefix": "A String", # Google Cloud Storage prefix for import errors. This must be an empty, existing Cloud Storage directory. Import errors will be written to sharded files in this directory, one per line, as a JSON-encoded `google.rpc.Status` message.
+    "gcsPrefix": "A String", # Google Cloud Storage prefix for import errors. This must be an empty, existing Cloud Storage directory. Import errors are written to sharded files in this directory, one per line, as a JSON-encoded `google.rpc.Status` message.
   },
   "inputConfig": { # The input config source for products. # Required. The desired input location of the data.
     "bigQuerySource": { # BigQuery source import data from. # BigQuery input source.
@@ -699,8 +825,8 @@ 
Method Details

       "projectId": "A String", # The project ID (can be project # or ID) that the BigQuery source is in with a length limit of 128 characters. If not specified, inherits the project ID from the parent request.
       "tableId": "A String", # Required. The BigQuery table to copy the data from with a length limit of 1,024 characters.
     },
-    "gcsSource": { # Google Cloud Storage location for input content. format. # Google Cloud Storage location for the input content.
-      "dataSchema": "A String", # The schema to use when parsing the data from the source. Supported values for product imports: * `product` (default): One JSON Product per line. Each product must have a valid Product.id. * `product_merchant_center`: See [Importing catalog data from Merchant Center](https://cloud.google.com/retail/recommendations-ai/docs/upload-catalog#mc). Supported values for user events imports: * `user_event` (default): One JSON UserEvent per line. * `user_event_ga360`: Using https://support.google.com/analytics/answer/3437719. Supported values for control imports: * 'control' (default): One JSON Control per line. Supported values for catalog attribute imports: * 'catalog_attribute' (default): One CSV CatalogAttribute per line.
+    "gcsSource": { # Google Cloud Storage location for input content. # Google Cloud Storage location for the input content.
+      "dataSchema": "A String", # The schema to use when parsing the data from the source. Supported values for product imports: * `product` (default): One JSON Product per line. Each product must have a valid Product.id. * `product_merchant_center`: See [Importing catalog data from Merchant Center](https://cloud.google.com/retail/recommendations-ai/docs/upload-catalog#mc). Supported values for user events imports: * `user_event` (default): One JSON UserEvent per line. * `user_event_ga360`: Using https://support.google.com/analytics/answer/3437719. Supported values for control imports: * `control` (default): One JSON Control per line. Supported values for catalog attribute imports: * `catalog_attribute` (default): One CSV CatalogAttribute per line.
       "inputUris": [ # Required. Google Cloud Storage URIs to input files. URI can be up to 2000 characters long. URIs can match the full object path (for example, `gs://bucket/directory/object.json`) or a pattern matching one or more files, such as `gs://bucket/directory/*.json`. A request can contain at most 100 files, and each file can be up to 2 GB. See [Importing product information](https://cloud.google.com/retail/recommendations-ai/docs/upload-catalog) for the expected file format and setup instructions.
         "A String",
       ],
@@ -734,7 +860,7 @@ 
Method Details

           "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
             "A String",
           ],
-          "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+          "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
             "A String",
           ],
           "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -771,6 +897,48 @@ 
Method Details

             },
           ],
           "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+          "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+            { # The inventory information at a place (e.g. a store) identified by a place ID.
+              "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+                "a_key": { # A custom attribute that is not explicitly modeled in Product.
+                  "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+                  "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                    3.14,
+                  ],
+                  "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+                  "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                    "A String",
+                  ],
+                },
+              },
+              "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+                "A String",
+              ],
+              "placeId": "A String", # The place ID for the current set of inventory information.
+              "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+                "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+                "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+                "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+                "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+                "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+                "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+                "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+                  "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+                    "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                    "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                    "maximum": 3.14, # Inclusive upper bound.
+                    "minimum": 3.14, # Inclusive lower bound.
+                  },
+                  "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+                    "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                    "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                    "maximum": 3.14, # Inclusive upper bound.
+                    "minimum": 3.14, # Inclusive lower bound.
+                  },
+                },
+              },
+            },
+          ],
           "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
             "A String",
           ],
@@ -832,10 +1000,10 @@ 
Method Details

       ],
     },
   },
-  "notificationPubsubTopic": "A String", # Full Pub/Sub topic name for receiving notification. If this field is set, when the import is finished, a notification will be sent to specified Pub/Sub topic. The message data will be JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`. It has to be within the same project as ImportProductsRequest.parent. Make sure that `service-@gcp-sa-retail.iam.gserviceaccount.com` has the `pubsub.topics.publish` IAM permission on the topic.
+  "notificationPubsubTopic": "A String", # Full Pub/Sub topic name for receiving notification. If this field is set, when the import is finished, a notification is sent to specified Pub/Sub topic. The message data is JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`. It has to be within the same project as ImportProductsRequest.parent. Make sure that `service-@gcp-sa-retail.iam.gserviceaccount.com` has the `pubsub.topics.publish` IAM permission on the topic.
   "reconciliationMode": "A String", # The mode of reconciliation between existing products and the products to be imported. Defaults to ReconciliationMode.INCREMENTAL.
   "requestId": "A String", # Deprecated. This field has no effect.
-  "updateMask": "A String", # Indicates which fields in the provided imported 'products' to update. If not set, will by default update all fields.
+  "updateMask": "A String", # Indicates which fields in the provided imported `products` to update. If not set, all fields are updated.
 }
 
   x__xgafv: string, V1 error format.
@@ -915,7 +1083,7 @@ 
Method Details

       "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
         "A String",
       ],
-      "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+      "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
         "A String",
       ],
       "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -952,6 +1120,48 @@ 
Method Details

         },
       ],
       "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+      "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+        { # The inventory information at a place (e.g. a store) identified by a place ID.
+          "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+            "a_key": { # A custom attribute that is not explicitly modeled in Product.
+              "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+              "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                3.14,
+              ],
+              "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+              "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                "A String",
+              ],
+            },
+          },
+          "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+            "A String",
+          ],
+          "placeId": "A String", # The place ID for the current set of inventory information.
+          "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+            "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+            "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+            "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+            "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+            "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+            "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+            "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+              "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+                "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                "maximum": 3.14, # Inclusive upper bound.
+                "minimum": 3.14, # Inclusive lower bound.
+              },
+              "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+                "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                "maximum": 3.14, # Inclusive upper bound.
+                "minimum": 3.14, # Inclusive lower bound.
+              },
+            },
+          },
+        },
+      ],
       "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
         "A String",
       ],
@@ -1064,7 +1274,7 @@ 
Method Details

   "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
     "A String",
   ],
-  "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+  "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
     "A String",
   ],
   "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -1101,6 +1311,48 @@ 
Method Details

     },
   ],
   "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+  "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+    { # The inventory information at a place (e.g. a store) identified by a place ID.
+      "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+        "a_key": { # A custom attribute that is not explicitly modeled in Product.
+          "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+          "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+            3.14,
+          ],
+          "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+          "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+            "A String",
+          ],
+        },
+      },
+      "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+        "A String",
+      ],
+      "placeId": "A String", # The place ID for the current set of inventory information.
+      "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+        "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+        "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+        "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+        "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+        "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+        "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+        "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+          "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+            "exclusiveMaximum": 3.14, # Exclusive upper bound.
+            "exclusiveMinimum": 3.14, # Exclusive lower bound.
+            "maximum": 3.14, # Inclusive upper bound.
+            "minimum": 3.14, # Inclusive lower bound.
+          },
+          "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+            "exclusiveMaximum": 3.14, # Exclusive upper bound.
+            "exclusiveMinimum": 3.14, # Exclusive lower bound.
+            "maximum": 3.14, # Inclusive upper bound.
+            "minimum": 3.14, # Inclusive lower bound.
+          },
+        },
+      },
+    },
+  ],
   "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
     "A String",
   ],
@@ -1197,7 +1449,7 @@ 
Method Details

   "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
     "A String",
   ],
-  "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+  "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
     "A String",
   ],
   "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -1234,6 +1486,48 @@ 
Method Details

     },
   ],
   "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+  "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+    { # The inventory information at a place (e.g. a store) identified by a place ID.
+      "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+        "a_key": { # A custom attribute that is not explicitly modeled in Product.
+          "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+          "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+            3.14,
+          ],
+          "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+          "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+            "A String",
+          ],
+        },
+      },
+      "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+        "A String",
+      ],
+      "placeId": "A String", # The place ID for the current set of inventory information.
+      "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+        "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+        "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+        "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+        "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+        "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+        "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+        "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+          "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+            "exclusiveMaximum": 3.14, # Exclusive upper bound.
+            "exclusiveMinimum": 3.14, # Exclusive lower bound.
+            "maximum": 3.14, # Inclusive upper bound.
+            "minimum": 3.14, # Inclusive lower bound.
+          },
+          "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+            "exclusiveMaximum": 3.14, # Exclusive upper bound.
+            "exclusiveMinimum": 3.14, # Exclusive lower bound.
+            "maximum": 3.14, # Inclusive upper bound.
+            "minimum": 3.14, # Inclusive lower bound.
+          },
+        },
+      },
+    },
+  ],
   "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
     "A String",
   ],
@@ -1296,7 +1590,7 @@ 
Method Details

 
 

     removeFulfillmentPlaces(product, body=None, x__xgafv=None)
-  
Incrementally removes place IDs from a Product.fulfillment_info.place_ids. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, the removed place IDs are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.
+  
Incrementally removes place IDs from a Product.fulfillment_info.place_ids. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, the removed place IDs are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. The returned Operations will be obsolete after 1 day, and GetOperation API will return NOT_FOUND afterwards. If conflicting updates are issued, the Operations associated with the stale updates will not be marked as done until being obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.
 
 Args:
   product: string, Required. Full resource name of Product, such as `projects/*/locations/global/catalogs/default_catalog/branches/default_branch/products/some_product_id`. If the caller does not have permission to access the Product, regardless of whether or not it exists, a PERMISSION_DENIED error is returned. (required)
@@ -1343,7 +1637,7 @@ 
Method Details

 
 

     removeLocalInventories(product, body=None, x__xgafv=None)
-  
Remove local inventory information for a Product at a list of places at a removal timestamp. This process is asynchronous. If the request is valid, the removal will be enqueued and processed downstream. As a consequence, when a response is returned, removals are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. Local inventory information can only be removed using this method. ProductService.CreateProduct and ProductService.UpdateProduct has no effect on local inventories. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.
+  
Remove local inventory information for a Product at a list of places at a removal timestamp. This process is asynchronous. If the request is valid, the removal will be enqueued and processed downstream. As a consequence, when a response is returned, removals are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. Local inventory information can only be removed using this method. ProductService.CreateProduct and ProductService.UpdateProduct has no effect on local inventories. The returned Operations will be obsolete after 1 day, and GetOperation API will return NOT_FOUND afterwards. If conflicting updates are issued, the Operations associated with the stale updates will not be marked as done until being obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.
 
 Args:
   product: string, Required. Full resource name of Product, such as `projects/*/locations/global/catalogs/default_catalog/branches/default_branch/products/some_product_id`. If the caller does not have permission to access the Product, regardless of whether or not it exists, a PERMISSION_DENIED error is returned. (required)
@@ -1389,7 +1683,7 @@ 
Method Details

 
 

     setInventory(name, body=None, x__xgafv=None)
-  
Updates inventory information for a Product while respecting the last update timestamps of each inventory field. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, updates are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. When inventory is updated with ProductService.CreateProduct and ProductService.UpdateProduct, the specified inventory field value(s) will overwrite any existing value(s) while ignoring the last update time for this field. Furthermore, the last update time for the specified inventory fields will be overwritten to the time of the ProductService.CreateProduct or ProductService.UpdateProduct request. If no inventory fields are set in CreateProductRequest.product, then any pre-existing inventory information for this product will be used. If no inventory fields are set in SetInventoryRequest.set_mask, then any existing inventory information will be preserved. Pre-existing inventory information can only be updated with ProductService.SetInventory, ProductService.AddFulfillmentPlaces, and ProductService.RemoveFulfillmentPlaces. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.
+  
Updates inventory information for a Product while respecting the last update timestamps of each inventory field. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update is enqueued and processed downstream. As a consequence, when a response is returned, updates are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. When inventory is updated with ProductService.CreateProduct and ProductService.UpdateProduct, the specified inventory field value(s) overwrite any existing value(s) while ignoring the last update time for this field. Furthermore, the last update times for the specified inventory fields are overwritten by the times of the ProductService.CreateProduct or ProductService.UpdateProduct request. If no inventory fields are set in CreateProductRequest.product, then any pre-existing inventory information for this product is used. If no inventory fields are set in SetInventoryRequest.set_mask, then any existing inventory information is preserved. Pre-existing inventory information can only be updated with ProductService.SetInventory, ProductService.AddFulfillmentPlaces, and ProductService.RemoveFulfillmentPlaces. The returned Operations is obsolete after one day, and the GetOperation API returns `NOT_FOUND` afterwards. If conflicting updates are issued, the Operations associated with the stale updates are not marked as done until they are obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.
 
 Args:
   name: string, Immutable. Full resource name of the product, such as `projects/*/locations/global/catalogs/default_catalog/branches/default_branch/products/product_id`. (required)
@@ -1425,7 +1719,7 @@ 
Method Details

     "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
       "A String",
     ],
-    "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+    "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
       "A String",
     ],
     "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -1462,6 +1756,48 @@ 
Method Details

       },
     ],
     "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+    "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+      { # The inventory information at a place (e.g. a store) identified by a place ID.
+        "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+          "a_key": { # A custom attribute that is not explicitly modeled in Product.
+            "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+            "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+              3.14,
+            ],
+            "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+            "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+              "A String",
+            ],
+          },
+        },
+        "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+          "A String",
+        ],
+        "placeId": "A String", # The place ID for the current set of inventory information.
+        "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+          "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+          "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+          "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+          "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+          "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+          "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+          "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+            "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+              "exclusiveMaximum": 3.14, # Exclusive upper bound.
+              "exclusiveMinimum": 3.14, # Exclusive lower bound.
+              "maximum": 3.14, # Inclusive upper bound.
+              "minimum": 3.14, # Inclusive lower bound.
+            },
+            "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+              "exclusiveMaximum": 3.14, # Exclusive upper bound.
+              "exclusiveMinimum": 3.14, # Exclusive lower bound.
+              "maximum": 3.14, # Inclusive upper bound.
+              "minimum": 3.14, # Inclusive lower bound.
+            },
+          },
+        },
+      },
+    ],
     "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
       "A String",
     ],
diff --git a/docs/dyn/retail_v2beta.projects.locations.catalogs.completionData.html b/docs/dyn/retail_v2beta.projects.locations.catalogs.completionData.html
index a429ef105e7..74f3db9434d 100644
--- a/docs/dyn/retail_v2beta.projects.locations.catalogs.completionData.html
+++ b/docs/dyn/retail_v2beta.projects.locations.catalogs.completionData.html
@@ -79,7 +79,7 @@ 
Instance Methods

 
Close httplib2 connections.

 

   import_(parent, body=None, x__xgafv=None)

-
Bulk import of processed completion dataset. Request processing is asynchronous. Partial updating is not supported. The operation is successfully finished only after the imported suggestions are indexed successfully and ready for serving. The process takes hours. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.

+
Bulk import of processed completion dataset. Request processing is asynchronous. Partial updating is not supported. The operation is successfully finished only after the imported suggestions are indexed successfully and ready for serving. The process takes hours. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.

 
Method Details

 

     close()
@@ -88,7 +88,7 @@ 
Method Details

 
 

     import_(parent, body=None, x__xgafv=None)
-  
Bulk import of processed completion dataset. Request processing is asynchronous. Partial updating is not supported. The operation is successfully finished only after the imported suggestions are indexed successfully and ready for serving. The process takes hours. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.
+  
Bulk import of processed completion dataset. Request processing is asynchronous. Partial updating is not supported. The operation is successfully finished only after the imported suggestions are indexed successfully and ready for serving. The process takes hours. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.
 
 Args:
   parent: string, Required. The catalog which the suggestions dataset belongs to. Format: `projects/1234/locations/global/catalogs/default_catalog`. (required)
@@ -110,7 +110,7 @@ 
Method Details

       "tableId": "A String", # Required. The BigQuery table to copy the data from with a length limit of 1,024 characters.
     },
   },
-  "notificationPubsubTopic": "A String", # Pub/Sub topic for receiving notification. If this field is set, when the import is finished, a notification will be sent to specified Pub/Sub topic. The message data will be JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`.
+  "notificationPubsubTopic": "A String", # Pub/Sub topic for receiving notification. If this field is set, when the import is finished, a notification is sent to specified Pub/Sub topic. The message data is JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`.
 }
 
   x__xgafv: string, V1 error format.
diff --git a/docs/dyn/retail_v2beta.projects.locations.catalogs.controls.html b/docs/dyn/retail_v2beta.projects.locations.catalogs.controls.html
index d393a9948fb..2a8ca578ae0 100644
--- a/docs/dyn/retail_v2beta.projects.locations.catalogs.controls.html
+++ b/docs/dyn/retail_v2beta.projects.locations.catalogs.controls.html
@@ -88,13 +88,13 @@ 
Instance Methods

 
Gets a Control.

 

   list(parent, filter=None, pageSize=None, pageToken=None, x__xgafv=None)

-
Lists all Controls linked to this catalog.

+
Lists all Controls by their parent Catalog.

 

   list_next()

 
Retrieves the next page of results.

 

   patch(name, body=None, updateMask=None, x__xgafv=None)

-
Updates a Control. Control cannot be set to a different oneof field, if so an INVALID_ARGUMENT is returned. If the Control to delete does not exist, a NOT_FOUND error is returned.

+
Updates a Control. Control cannot be set to a different oneof field, if so an INVALID_ARGUMENT is returned. If the Control to update does not exist, a NOT_FOUND error is returned.

 
Method Details

 

     close()
@@ -110,12 +110,12 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Configures dynamic serving time metadata that is used to pre and post process search/recommendation model results.
-  "associatedServingConfigIds": [ # Output only. List of serving configuration ids that that are associated with this control. Note the association is managed via the ServingConfig, this is an output only denormalizeed view. Assumed to be in the same catalog.
+{ # Configures dynamic metadata that can be linked to a ServingConfig and affect search or recommendation results at serving time.
+  "associatedServingConfigIds": [ # Output only. List of serving configuration ids that are associated with this control in the same Catalog. Note the association is managed via the ServingConfig, this is an output only denormalized view.
     "A String",
   ],
   "displayName": "A String", # Required. The human readable control display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is thrown.
-  "facetSpec": { # A facet specification to perform faceted search. # A facet specification to perform faceted search.
+  "facetSpec": { # A facet specification to perform faceted search. # A facet specification to perform faceted search. Note that this field is deprecated and will throw NOT_IMPLEMENTED if used for creating a control.
     "enableDynamicPosition": True or False, # Enables dynamic position for this facet. If set to true, the position of this facet among all facets in the response is determined by Google Retail Search. It will be ordered together with dynamic facets if dynamic facets is enabled. If set to false, the position of this facet in the response will be the same as in the request, and it will be ranked before the facets with dynamic position enable and all dynamic facets. For example, you may always want to have rating facet returned in the response, but it's not necessarily to always display the rating facet at the top. In that case, you can set enable_dynamic_position to true so that the position of rating facet in response will be determined by Google Retail Search. Another example, assuming you have the following facets in the request: * "rating", enable_dynamic_position = true * "price", enable_dynamic_position = false * "brands", enable_dynamic_position = false And also you have a dynamic facets enable, which will generate a facet 'gender'. Then the final order of the facets in the response can be ("price", "brands", "rating", "gender") or ("price", "brands", "gender", "rating") depends on how Google Retail Search orders "gender" and "rating" facets. However, notice that "price" and "brands" will always be ranked at 1st and 2nd position since their enable_dynamic_position are false.
     "excludedFilterKeys": [ # List of keys to exclude when faceting. By default, FacetKey.key is not excluded from the filter unless it is listed in this field. Listing a facet key in this field allows its values to appear as facet results, even when they are filtered out of search results. Using this field does not affect what search results are returned. For example, suppose there are 100 products with the color facet "Red" and 200 products with the color facet "Blue". A query containing the filter "colorFamilies:ANY("Red")" and having "colorFamilies" as FacetKey.key would by default return only "Red" products in the search results, and also return "Red" with count 100 as the only color facet. Although there are also blue products available, "Blue" would not be shown as an available facet value. If "colorFamilies" is listed in "excludedFilterKeys", then the query returns the facet values "Red" with count 100 and "Blue" with count 200, because the "colorFamilies" key is now excluded from the filter. Because this field doesn't affect search results, the search results are still correctly filtered to return only "Red" products. A maximum of 100 values are allowed. Otherwise, an INVALID_ARGUMENT error is returned.
       "A String",
@@ -147,7 +147,7 @@ 
Method Details

     "limit": 42, # Maximum of facet values that should be returned for this facet. If unspecified, defaults to 20. The maximum allowed value is 300. Values above 300 will be coerced to 300. If this field is negative, an INVALID_ARGUMENT is returned.
   },
   "name": "A String", # Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/controls/*`
-  "rule": { # A rule is a condition-action pair * A condition defines when a rule is to be triggered. * An action specifies what occurs on that trigger. Currently only boost rules are supported. Currently only supported by the search endpoint. # A rule control - a condition-action pair. Enacts a set action when the condition is triggered. For example: Boost "gShoe" when query full matches "Running Shoes".
+  "rule": { # A rule is a condition-action pair * A condition defines when a rule is to be triggered. * An action specifies what occurs on that trigger. Currently rules only work for controls with SOLUTION_TYPE_SEARCH. # A rule control - a condition-action pair. Enacts a set action when the condition is triggered. For example: Boost "gShoe" when query full matches "Running Shoes".
     "boostAction": { # A boost action to apply to results matching condition specified above. # A boost action.
       "boost": 3.14, # Strength of the condition boost, which must be in [-1, 1]. Negative boost means demotion. Default is 0.0. Setting to 1.0 gives the item a big promotion. However, it does not necessarily mean that the boosted item will be the top result at all times, nor that other items will be excluded. Results could still be shown even when none of them matches the condition. And results that are significantly more relevant to the search query can still trump your heavily favored but irrelevant items. Setting to -1.0 gives the item a big demotion. However, results that are deeply relevant might still be shown. The item will have an upstream battle to get a fairly high ranking, but it is not blocked out completely. Setting to 0.0 means no boost applied. The boosting condition is ignored.
       "productsFilter": "A String", # The filter can have a max size of 5000 characters. An expression which specifies which products to apply an action to. The syntax and supported fields are the same as a filter expression. See SearchRequest.filter for detail syntax and limitations. Examples: * To boost products with product ID "product_1" or "product_2", and color "Red" or "Blue": *(id: ANY("product_1", "product_2")) * *AND * *(colorFamilies: ANY("Red", "Blue")) *
@@ -162,7 +162,7 @@ 
Method Details

       "queryTerms": [ # A list (up to 10 entries) of terms to match the query on. If not specified, match all queries. If many query terms are specified, the condition is matched if any of the terms is a match (i.e. using the OR operator).
         { # Query terms that we want to match on.
           "fullMatch": True or False, # Whether this is supposed to be a full or partial match.
-          "value": "A String", # The value of the term to match on. Value cannot be empty. Value can have at most 3 terms if specified as a partial match. Each space separated string is considered as one term. Example) "a b c" is 3 terms and allowed, " a b c d" is 4 terms and not allowed for partial match.
+          "value": "A String", # The value of the term to match on. Value cannot be empty. Value can have at most 3 terms if specified as a partial match. Each space separated string is considered as one term. For example, "a b c" is 3 terms and allowed, but " a b c d" is 4 terms and not allowed for a partial match.
         },
       ],
     },
@@ -212,7 +212,10 @@ 
Method Details

       ],
     },
   },
-  "solutionTypes": [ # Required. Immutable. The solution types that the serving config is used for. Currently we support setting only one type of solution at creation time. Only `SOLUTION_TYPE_SEARCH` value is supported at the moment. If no solution type is provided at creation time, will default to SOLUTION_TYPE_SEARCH.
+  "searchSolutionUseCase": [ # Specifies the use case for the control. Affects what condition fields can be set. Only settable by search controls. Will default to SEARCH_SOLUTION_USE_CASE_SEARCH if not specified. Currently only allow one search_solution_use_case per control.
+    "A String",
+  ],
+  "solutionTypes": [ # Required. Immutable. The solution types that the control is used for. Currently we support setting only one type of solution at creation time. Only `SOLUTION_TYPE_SEARCH` value is supported at the moment. If no solution type is provided at creation time, will default to SOLUTION_TYPE_SEARCH.
     "A String",
   ],
 }
@@ -226,12 +229,12 @@ 
Method Details

 Returns:
   An object of the form:
 
-    { # Configures dynamic serving time metadata that is used to pre and post process search/recommendation model results.
-  "associatedServingConfigIds": [ # Output only. List of serving configuration ids that that are associated with this control. Note the association is managed via the ServingConfig, this is an output only denormalizeed view. Assumed to be in the same catalog.
+    { # Configures dynamic metadata that can be linked to a ServingConfig and affect search or recommendation results at serving time.
+  "associatedServingConfigIds": [ # Output only. List of serving configuration ids that are associated with this control in the same Catalog. Note the association is managed via the ServingConfig, this is an output only denormalized view.
     "A String",
   ],
   "displayName": "A String", # Required. The human readable control display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is thrown.
-  "facetSpec": { # A facet specification to perform faceted search. # A facet specification to perform faceted search.
+  "facetSpec": { # A facet specification to perform faceted search. # A facet specification to perform faceted search. Note that this field is deprecated and will throw NOT_IMPLEMENTED if used for creating a control.
     "enableDynamicPosition": True or False, # Enables dynamic position for this facet. If set to true, the position of this facet among all facets in the response is determined by Google Retail Search. It will be ordered together with dynamic facets if dynamic facets is enabled. If set to false, the position of this facet in the response will be the same as in the request, and it will be ranked before the facets with dynamic position enable and all dynamic facets. For example, you may always want to have rating facet returned in the response, but it's not necessarily to always display the rating facet at the top. In that case, you can set enable_dynamic_position to true so that the position of rating facet in response will be determined by Google Retail Search. Another example, assuming you have the following facets in the request: * "rating", enable_dynamic_position = true * "price", enable_dynamic_position = false * "brands", enable_dynamic_position = false And also you have a dynamic facets enable, which will generate a facet 'gender'. Then the final order of the facets in the response can be ("price", "brands", "rating", "gender") or ("price", "brands", "gender", "rating") depends on how Google Retail Search orders "gender" and "rating" facets. However, notice that "price" and "brands" will always be ranked at 1st and 2nd position since their enable_dynamic_position are false.
     "excludedFilterKeys": [ # List of keys to exclude when faceting. By default, FacetKey.key is not excluded from the filter unless it is listed in this field. Listing a facet key in this field allows its values to appear as facet results, even when they are filtered out of search results. Using this field does not affect what search results are returned. For example, suppose there are 100 products with the color facet "Red" and 200 products with the color facet "Blue". A query containing the filter "colorFamilies:ANY("Red")" and having "colorFamilies" as FacetKey.key would by default return only "Red" products in the search results, and also return "Red" with count 100 as the only color facet. Although there are also blue products available, "Blue" would not be shown as an available facet value. If "colorFamilies" is listed in "excludedFilterKeys", then the query returns the facet values "Red" with count 100 and "Blue" with count 200, because the "colorFamilies" key is now excluded from the filter. Because this field doesn't affect search results, the search results are still correctly filtered to return only "Red" products. A maximum of 100 values are allowed. Otherwise, an INVALID_ARGUMENT error is returned.
       "A String",
@@ -263,7 +266,7 @@ 
Method Details

     "limit": 42, # Maximum of facet values that should be returned for this facet. If unspecified, defaults to 20. The maximum allowed value is 300. Values above 300 will be coerced to 300. If this field is negative, an INVALID_ARGUMENT is returned.
   },
   "name": "A String", # Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/controls/*`
-  "rule": { # A rule is a condition-action pair * A condition defines when a rule is to be triggered. * An action specifies what occurs on that trigger. Currently only boost rules are supported. Currently only supported by the search endpoint. # A rule control - a condition-action pair. Enacts a set action when the condition is triggered. For example: Boost "gShoe" when query full matches "Running Shoes".
+  "rule": { # A rule is a condition-action pair * A condition defines when a rule is to be triggered. * An action specifies what occurs on that trigger. Currently rules only work for controls with SOLUTION_TYPE_SEARCH. # A rule control - a condition-action pair. Enacts a set action when the condition is triggered. For example: Boost "gShoe" when query full matches "Running Shoes".
     "boostAction": { # A boost action to apply to results matching condition specified above. # A boost action.
       "boost": 3.14, # Strength of the condition boost, which must be in [-1, 1]. Negative boost means demotion. Default is 0.0. Setting to 1.0 gives the item a big promotion. However, it does not necessarily mean that the boosted item will be the top result at all times, nor that other items will be excluded. Results could still be shown even when none of them matches the condition. And results that are significantly more relevant to the search query can still trump your heavily favored but irrelevant items. Setting to -1.0 gives the item a big demotion. However, results that are deeply relevant might still be shown. The item will have an upstream battle to get a fairly high ranking, but it is not blocked out completely. Setting to 0.0 means no boost applied. The boosting condition is ignored.
       "productsFilter": "A String", # The filter can have a max size of 5000 characters. An expression which specifies which products to apply an action to. The syntax and supported fields are the same as a filter expression. See SearchRequest.filter for detail syntax and limitations. Examples: * To boost products with product ID "product_1" or "product_2", and color "Red" or "Blue": *(id: ANY("product_1", "product_2")) * *AND * *(colorFamilies: ANY("Red", "Blue")) *
@@ -278,7 +281,7 @@ 
Method Details

       "queryTerms": [ # A list (up to 10 entries) of terms to match the query on. If not specified, match all queries. If many query terms are specified, the condition is matched if any of the terms is a match (i.e. using the OR operator).
         { # Query terms that we want to match on.
           "fullMatch": True or False, # Whether this is supposed to be a full or partial match.
-          "value": "A String", # The value of the term to match on. Value cannot be empty. Value can have at most 3 terms if specified as a partial match. Each space separated string is considered as one term. Example) "a b c" is 3 terms and allowed, " a b c d" is 4 terms and not allowed for partial match.
+          "value": "A String", # The value of the term to match on. Value cannot be empty. Value can have at most 3 terms if specified as a partial match. Each space separated string is considered as one term. For example, "a b c" is 3 terms and allowed, but " a b c d" is 4 terms and not allowed for a partial match.
         },
       ],
     },
@@ -328,7 +331,10 @@ 
Method Details

       ],
     },
   },
-  "solutionTypes": [ # Required. Immutable. The solution types that the serving config is used for. Currently we support setting only one type of solution at creation time. Only `SOLUTION_TYPE_SEARCH` value is supported at the moment. If no solution type is provided at creation time, will default to SOLUTION_TYPE_SEARCH.
+  "searchSolutionUseCase": [ # Specifies the use case for the control. Affects what condition fields can be set. Only settable by search controls. Will default to SEARCH_SOLUTION_USE_CASE_SEARCH if not specified. Currently only allow one search_solution_use_case per control.
+    "A String",
+  ],
+  "solutionTypes": [ # Required. Immutable. The solution types that the control is used for. Currently we support setting only one type of solution at creation time. Only `SOLUTION_TYPE_SEARCH` value is supported at the moment. If no solution type is provided at creation time, will default to SOLUTION_TYPE_SEARCH.
     "A String",
   ],
 }

@@ -357,7 +363,7 @@ 
Method Details

   
Gets a Control.
 
 Args:
-  name: string, Required. The resource name of the Control to delete. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/controls/{control_id}` (required)
+  name: string, Required. The resource name of the Control to get. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/controls/{control_id}` (required)
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -366,12 +372,12 @@ 
Method Details

 Returns:
   An object of the form:
 
-    { # Configures dynamic serving time metadata that is used to pre and post process search/recommendation model results.
-  "associatedServingConfigIds": [ # Output only. List of serving configuration ids that that are associated with this control. Note the association is managed via the ServingConfig, this is an output only denormalizeed view. Assumed to be in the same catalog.
+    { # Configures dynamic metadata that can be linked to a ServingConfig and affect search or recommendation results at serving time.
+  "associatedServingConfigIds": [ # Output only. List of serving configuration ids that are associated with this control in the same Catalog. Note the association is managed via the ServingConfig, this is an output only denormalized view.
     "A String",
   ],
   "displayName": "A String", # Required. The human readable control display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is thrown.
-  "facetSpec": { # A facet specification to perform faceted search. # A facet specification to perform faceted search.
+  "facetSpec": { # A facet specification to perform faceted search. # A facet specification to perform faceted search. Note that this field is deprecated and will throw NOT_IMPLEMENTED if used for creating a control.
     "enableDynamicPosition": True or False, # Enables dynamic position for this facet. If set to true, the position of this facet among all facets in the response is determined by Google Retail Search. It will be ordered together with dynamic facets if dynamic facets is enabled. If set to false, the position of this facet in the response will be the same as in the request, and it will be ranked before the facets with dynamic position enable and all dynamic facets. For example, you may always want to have rating facet returned in the response, but it's not necessarily to always display the rating facet at the top. In that case, you can set enable_dynamic_position to true so that the position of rating facet in response will be determined by Google Retail Search. Another example, assuming you have the following facets in the request: * "rating", enable_dynamic_position = true * "price", enable_dynamic_position = false * "brands", enable_dynamic_position = false And also you have a dynamic facets enable, which will generate a facet 'gender'. Then the final order of the facets in the response can be ("price", "brands", "rating", "gender") or ("price", "brands", "gender", "rating") depends on how Google Retail Search orders "gender" and "rating" facets. However, notice that "price" and "brands" will always be ranked at 1st and 2nd position since their enable_dynamic_position are false.
     "excludedFilterKeys": [ # List of keys to exclude when faceting. By default, FacetKey.key is not excluded from the filter unless it is listed in this field. Listing a facet key in this field allows its values to appear as facet results, even when they are filtered out of search results. Using this field does not affect what search results are returned. For example, suppose there are 100 products with the color facet "Red" and 200 products with the color facet "Blue". A query containing the filter "colorFamilies:ANY("Red")" and having "colorFamilies" as FacetKey.key would by default return only "Red" products in the search results, and also return "Red" with count 100 as the only color facet. Although there are also blue products available, "Blue" would not be shown as an available facet value. If "colorFamilies" is listed in "excludedFilterKeys", then the query returns the facet values "Red" with count 100 and "Blue" with count 200, because the "colorFamilies" key is now excluded from the filter. Because this field doesn't affect search results, the search results are still correctly filtered to return only "Red" products. A maximum of 100 values are allowed. Otherwise, an INVALID_ARGUMENT error is returned.
       "A String",
@@ -403,7 +409,7 @@ 
Method Details

     "limit": 42, # Maximum of facet values that should be returned for this facet. If unspecified, defaults to 20. The maximum allowed value is 300. Values above 300 will be coerced to 300. If this field is negative, an INVALID_ARGUMENT is returned.
   },
   "name": "A String", # Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/controls/*`
-  "rule": { # A rule is a condition-action pair * A condition defines when a rule is to be triggered. * An action specifies what occurs on that trigger. Currently only boost rules are supported. Currently only supported by the search endpoint. # A rule control - a condition-action pair. Enacts a set action when the condition is triggered. For example: Boost "gShoe" when query full matches "Running Shoes".
+  "rule": { # A rule is a condition-action pair * A condition defines when a rule is to be triggered. * An action specifies what occurs on that trigger. Currently rules only work for controls with SOLUTION_TYPE_SEARCH. # A rule control - a condition-action pair. Enacts a set action when the condition is triggered. For example: Boost "gShoe" when query full matches "Running Shoes".
     "boostAction": { # A boost action to apply to results matching condition specified above. # A boost action.
       "boost": 3.14, # Strength of the condition boost, which must be in [-1, 1]. Negative boost means demotion. Default is 0.0. Setting to 1.0 gives the item a big promotion. However, it does not necessarily mean that the boosted item will be the top result at all times, nor that other items will be excluded. Results could still be shown even when none of them matches the condition. And results that are significantly more relevant to the search query can still trump your heavily favored but irrelevant items. Setting to -1.0 gives the item a big demotion. However, results that are deeply relevant might still be shown. The item will have an upstream battle to get a fairly high ranking, but it is not blocked out completely. Setting to 0.0 means no boost applied. The boosting condition is ignored.
       "productsFilter": "A String", # The filter can have a max size of 5000 characters. An expression which specifies which products to apply an action to. The syntax and supported fields are the same as a filter expression. See SearchRequest.filter for detail syntax and limitations. Examples: * To boost products with product ID "product_1" or "product_2", and color "Red" or "Blue": *(id: ANY("product_1", "product_2")) * *AND * *(colorFamilies: ANY("Red", "Blue")) *
@@ -418,7 +424,7 @@ 
Method Details

       "queryTerms": [ # A list (up to 10 entries) of terms to match the query on. If not specified, match all queries. If many query terms are specified, the condition is matched if any of the terms is a match (i.e. using the OR operator).
         { # Query terms that we want to match on.
           "fullMatch": True or False, # Whether this is supposed to be a full or partial match.
-          "value": "A String", # The value of the term to match on. Value cannot be empty. Value can have at most 3 terms if specified as a partial match. Each space separated string is considered as one term. Example) "a b c" is 3 terms and allowed, " a b c d" is 4 terms and not allowed for partial match.
+          "value": "A String", # The value of the term to match on. Value cannot be empty. Value can have at most 3 terms if specified as a partial match. Each space separated string is considered as one term. For example, "a b c" is 3 terms and allowed, but " a b c d" is 4 terms and not allowed for a partial match.
         },
       ],
     },
@@ -468,7 +474,10 @@ 
Method Details

       ],
     },
   },
-  "solutionTypes": [ # Required. Immutable. The solution types that the serving config is used for. Currently we support setting only one type of solution at creation time. Only `SOLUTION_TYPE_SEARCH` value is supported at the moment. If no solution type is provided at creation time, will default to SOLUTION_TYPE_SEARCH.
+  "searchSolutionUseCase": [ # Specifies the use case for the control. Affects what condition fields can be set. Only settable by search controls. Will default to SEARCH_SOLUTION_USE_CASE_SEARCH if not specified. Currently only allow one search_solution_use_case per control.
+    "A String",
+  ],
+  "solutionTypes": [ # Required. Immutable. The solution types that the control is used for. Currently we support setting only one type of solution at creation time. Only `SOLUTION_TYPE_SEARCH` value is supported at the moment. If no solution type is provided at creation time, will default to SOLUTION_TYPE_SEARCH.
     "A String",
   ],
 }

@@ -476,7 +485,7 @@ 
Method Details

 
 

     list(parent, filter=None, pageSize=None, pageToken=None, x__xgafv=None)
-  
Lists all Controls linked to this catalog.
+  
Lists all Controls by their parent Catalog.
 
 Args:
   parent: string, Required. The catalog resource name. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}` (required)
@@ -493,12 +502,12 @@ 
Method Details

 
     { # Response for ListControls method.
   "controls": [ # All the Controls for a given catalog.
-    { # Configures dynamic serving time metadata that is used to pre and post process search/recommendation model results.
-      "associatedServingConfigIds": [ # Output only. List of serving configuration ids that that are associated with this control. Note the association is managed via the ServingConfig, this is an output only denormalizeed view. Assumed to be in the same catalog.
+    { # Configures dynamic metadata that can be linked to a ServingConfig and affect search or recommendation results at serving time.
+      "associatedServingConfigIds": [ # Output only. List of serving configuration ids that are associated with this control in the same Catalog. Note the association is managed via the ServingConfig, this is an output only denormalized view.
         "A String",
       ],
       "displayName": "A String", # Required. The human readable control display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is thrown.
-      "facetSpec": { # A facet specification to perform faceted search. # A facet specification to perform faceted search.
+      "facetSpec": { # A facet specification to perform faceted search. # A facet specification to perform faceted search. Note that this field is deprecated and will throw NOT_IMPLEMENTED if used for creating a control.
         "enableDynamicPosition": True or False, # Enables dynamic position for this facet. If set to true, the position of this facet among all facets in the response is determined by Google Retail Search. It will be ordered together with dynamic facets if dynamic facets is enabled. If set to false, the position of this facet in the response will be the same as in the request, and it will be ranked before the facets with dynamic position enable and all dynamic facets. For example, you may always want to have rating facet returned in the response, but it's not necessarily to always display the rating facet at the top. In that case, you can set enable_dynamic_position to true so that the position of rating facet in response will be determined by Google Retail Search. Another example, assuming you have the following facets in the request: * "rating", enable_dynamic_position = true * "price", enable_dynamic_position = false * "brands", enable_dynamic_position = false And also you have a dynamic facets enable, which will generate a facet 'gender'. Then the final order of the facets in the response can be ("price", "brands", "rating", "gender") or ("price", "brands", "gender", "rating") depends on how Google Retail Search orders "gender" and "rating" facets. However, notice that "price" and "brands" will always be ranked at 1st and 2nd position since their enable_dynamic_position are false.
         "excludedFilterKeys": [ # List of keys to exclude when faceting. By default, FacetKey.key is not excluded from the filter unless it is listed in this field. Listing a facet key in this field allows its values to appear as facet results, even when they are filtered out of search results. Using this field does not affect what search results are returned. For example, suppose there are 100 products with the color facet "Red" and 200 products with the color facet "Blue". A query containing the filter "colorFamilies:ANY("Red")" and having "colorFamilies" as FacetKey.key would by default return only "Red" products in the search results, and also return "Red" with count 100 as the only color facet. Although there are also blue products available, "Blue" would not be shown as an available facet value. If "colorFamilies" is listed in "excludedFilterKeys", then the query returns the facet values "Red" with count 100 and "Blue" with count 200, because the "colorFamilies" key is now excluded from the filter. Because this field doesn't affect search results, the search results are still correctly filtered to return only "Red" products. A maximum of 100 values are allowed. Otherwise, an INVALID_ARGUMENT error is returned.
           "A String",
@@ -530,7 +539,7 @@ 
Method Details

         "limit": 42, # Maximum of facet values that should be returned for this facet. If unspecified, defaults to 20. The maximum allowed value is 300. Values above 300 will be coerced to 300. If this field is negative, an INVALID_ARGUMENT is returned.
       },
       "name": "A String", # Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/controls/*`
-      "rule": { # A rule is a condition-action pair * A condition defines when a rule is to be triggered. * An action specifies what occurs on that trigger. Currently only boost rules are supported. Currently only supported by the search endpoint. # A rule control - a condition-action pair. Enacts a set action when the condition is triggered. For example: Boost "gShoe" when query full matches "Running Shoes".
+      "rule": { # A rule is a condition-action pair * A condition defines when a rule is to be triggered. * An action specifies what occurs on that trigger. Currently rules only work for controls with SOLUTION_TYPE_SEARCH. # A rule control - a condition-action pair. Enacts a set action when the condition is triggered. For example: Boost "gShoe" when query full matches "Running Shoes".
         "boostAction": { # A boost action to apply to results matching condition specified above. # A boost action.
           "boost": 3.14, # Strength of the condition boost, which must be in [-1, 1]. Negative boost means demotion. Default is 0.0. Setting to 1.0 gives the item a big promotion. However, it does not necessarily mean that the boosted item will be the top result at all times, nor that other items will be excluded. Results could still be shown even when none of them matches the condition. And results that are significantly more relevant to the search query can still trump your heavily favored but irrelevant items. Setting to -1.0 gives the item a big demotion. However, results that are deeply relevant might still be shown. The item will have an upstream battle to get a fairly high ranking, but it is not blocked out completely. Setting to 0.0 means no boost applied. The boosting condition is ignored.
           "productsFilter": "A String", # The filter can have a max size of 5000 characters. An expression which specifies which products to apply an action to. The syntax and supported fields are the same as a filter expression. See SearchRequest.filter for detail syntax and limitations. Examples: * To boost products with product ID "product_1" or "product_2", and color "Red" or "Blue": *(id: ANY("product_1", "product_2")) * *AND * *(colorFamilies: ANY("Red", "Blue")) *
@@ -545,7 +554,7 @@ 
Method Details

           "queryTerms": [ # A list (up to 10 entries) of terms to match the query on. If not specified, match all queries. If many query terms are specified, the condition is matched if any of the terms is a match (i.e. using the OR operator).
             { # Query terms that we want to match on.
               "fullMatch": True or False, # Whether this is supposed to be a full or partial match.
-              "value": "A String", # The value of the term to match on. Value cannot be empty. Value can have at most 3 terms if specified as a partial match. Each space separated string is considered as one term. Example) "a b c" is 3 terms and allowed, " a b c d" is 4 terms and not allowed for partial match.
+              "value": "A String", # The value of the term to match on. Value cannot be empty. Value can have at most 3 terms if specified as a partial match. Each space separated string is considered as one term. For example, "a b c" is 3 terms and allowed, but " a b c d" is 4 terms and not allowed for a partial match.
             },
           ],
         },
@@ -595,7 +604,10 @@ 
Method Details

           ],
         },
       },
-      "solutionTypes": [ # Required. Immutable. The solution types that the serving config is used for. Currently we support setting only one type of solution at creation time. Only `SOLUTION_TYPE_SEARCH` value is supported at the moment. If no solution type is provided at creation time, will default to SOLUTION_TYPE_SEARCH.
+      "searchSolutionUseCase": [ # Specifies the use case for the control. Affects what condition fields can be set. Only settable by search controls. Will default to SEARCH_SOLUTION_USE_CASE_SEARCH if not specified. Currently only allow one search_solution_use_case per control.
+        "A String",
+      ],
+      "solutionTypes": [ # Required. Immutable. The solution types that the control is used for. Currently we support setting only one type of solution at creation time. Only `SOLUTION_TYPE_SEARCH` value is supported at the moment. If no solution type is provided at creation time, will default to SOLUTION_TYPE_SEARCH.
         "A String",
       ],
     },
@@ -620,19 +632,19 @@ 
Method Details

 
 

     patch(name, body=None, updateMask=None, x__xgafv=None)
-  
Updates a Control. Control cannot be set to a different oneof field, if so an INVALID_ARGUMENT is returned. If the Control to delete does not exist, a NOT_FOUND error is returned.
+  
Updates a Control. Control cannot be set to a different oneof field, if so an INVALID_ARGUMENT is returned. If the Control to update does not exist, a NOT_FOUND error is returned.
 
 Args:
   name: string, Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/controls/*` (required)
   body: object, The request body.
     The object takes the form of:
 
-{ # Configures dynamic serving time metadata that is used to pre and post process search/recommendation model results.
-  "associatedServingConfigIds": [ # Output only. List of serving configuration ids that that are associated with this control. Note the association is managed via the ServingConfig, this is an output only denormalizeed view. Assumed to be in the same catalog.
+{ # Configures dynamic metadata that can be linked to a ServingConfig and affect search or recommendation results at serving time.
+  "associatedServingConfigIds": [ # Output only. List of serving configuration ids that are associated with this control in the same Catalog. Note the association is managed via the ServingConfig, this is an output only denormalized view.
     "A String",
   ],
   "displayName": "A String", # Required. The human readable control display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is thrown.
-  "facetSpec": { # A facet specification to perform faceted search. # A facet specification to perform faceted search.
+  "facetSpec": { # A facet specification to perform faceted search. # A facet specification to perform faceted search. Note that this field is deprecated and will throw NOT_IMPLEMENTED if used for creating a control.
     "enableDynamicPosition": True or False, # Enables dynamic position for this facet. If set to true, the position of this facet among all facets in the response is determined by Google Retail Search. It will be ordered together with dynamic facets if dynamic facets is enabled. If set to false, the position of this facet in the response will be the same as in the request, and it will be ranked before the facets with dynamic position enable and all dynamic facets. For example, you may always want to have rating facet returned in the response, but it's not necessarily to always display the rating facet at the top. In that case, you can set enable_dynamic_position to true so that the position of rating facet in response will be determined by Google Retail Search. Another example, assuming you have the following facets in the request: * "rating", enable_dynamic_position = true * "price", enable_dynamic_position = false * "brands", enable_dynamic_position = false And also you have a dynamic facets enable, which will generate a facet 'gender'. Then the final order of the facets in the response can be ("price", "brands", "rating", "gender") or ("price", "brands", "gender", "rating") depends on how Google Retail Search orders "gender" and "rating" facets. However, notice that "price" and "brands" will always be ranked at 1st and 2nd position since their enable_dynamic_position are false.
     "excludedFilterKeys": [ # List of keys to exclude when faceting. By default, FacetKey.key is not excluded from the filter unless it is listed in this field. Listing a facet key in this field allows its values to appear as facet results, even when they are filtered out of search results. Using this field does not affect what search results are returned. For example, suppose there are 100 products with the color facet "Red" and 200 products with the color facet "Blue". A query containing the filter "colorFamilies:ANY("Red")" and having "colorFamilies" as FacetKey.key would by default return only "Red" products in the search results, and also return "Red" with count 100 as the only color facet. Although there are also blue products available, "Blue" would not be shown as an available facet value. If "colorFamilies" is listed in "excludedFilterKeys", then the query returns the facet values "Red" with count 100 and "Blue" with count 200, because the "colorFamilies" key is now excluded from the filter. Because this field doesn't affect search results, the search results are still correctly filtered to return only "Red" products. A maximum of 100 values are allowed. Otherwise, an INVALID_ARGUMENT error is returned.
       "A String",
@@ -664,7 +676,7 @@ 
Method Details

     "limit": 42, # Maximum of facet values that should be returned for this facet. If unspecified, defaults to 20. The maximum allowed value is 300. Values above 300 will be coerced to 300. If this field is negative, an INVALID_ARGUMENT is returned.
   },
   "name": "A String", # Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/controls/*`
-  "rule": { # A rule is a condition-action pair * A condition defines when a rule is to be triggered. * An action specifies what occurs on that trigger. Currently only boost rules are supported. Currently only supported by the search endpoint. # A rule control - a condition-action pair. Enacts a set action when the condition is triggered. For example: Boost "gShoe" when query full matches "Running Shoes".
+  "rule": { # A rule is a condition-action pair * A condition defines when a rule is to be triggered. * An action specifies what occurs on that trigger. Currently rules only work for controls with SOLUTION_TYPE_SEARCH. # A rule control - a condition-action pair. Enacts a set action when the condition is triggered. For example: Boost "gShoe" when query full matches "Running Shoes".
     "boostAction": { # A boost action to apply to results matching condition specified above. # A boost action.
       "boost": 3.14, # Strength of the condition boost, which must be in [-1, 1]. Negative boost means demotion. Default is 0.0. Setting to 1.0 gives the item a big promotion. However, it does not necessarily mean that the boosted item will be the top result at all times, nor that other items will be excluded. Results could still be shown even when none of them matches the condition. And results that are significantly more relevant to the search query can still trump your heavily favored but irrelevant items. Setting to -1.0 gives the item a big demotion. However, results that are deeply relevant might still be shown. The item will have an upstream battle to get a fairly high ranking, but it is not blocked out completely. Setting to 0.0 means no boost applied. The boosting condition is ignored.
       "productsFilter": "A String", # The filter can have a max size of 5000 characters. An expression which specifies which products to apply an action to. The syntax and supported fields are the same as a filter expression. See SearchRequest.filter for detail syntax and limitations. Examples: * To boost products with product ID "product_1" or "product_2", and color "Red" or "Blue": *(id: ANY("product_1", "product_2")) * *AND * *(colorFamilies: ANY("Red", "Blue")) *
@@ -679,7 +691,7 @@ 
Method Details

       "queryTerms": [ # A list (up to 10 entries) of terms to match the query on. If not specified, match all queries. If many query terms are specified, the condition is matched if any of the terms is a match (i.e. using the OR operator).
         { # Query terms that we want to match on.
           "fullMatch": True or False, # Whether this is supposed to be a full or partial match.
-          "value": "A String", # The value of the term to match on. Value cannot be empty. Value can have at most 3 terms if specified as a partial match. Each space separated string is considered as one term. Example) "a b c" is 3 terms and allowed, " a b c d" is 4 terms and not allowed for partial match.
+          "value": "A String", # The value of the term to match on. Value cannot be empty. Value can have at most 3 terms if specified as a partial match. Each space separated string is considered as one term. For example, "a b c" is 3 terms and allowed, but " a b c d" is 4 terms and not allowed for a partial match.
         },
       ],
     },
@@ -729,7 +741,10 @@ 
Method Details

       ],
     },
   },
-  "solutionTypes": [ # Required. Immutable. The solution types that the serving config is used for. Currently we support setting only one type of solution at creation time. Only `SOLUTION_TYPE_SEARCH` value is supported at the moment. If no solution type is provided at creation time, will default to SOLUTION_TYPE_SEARCH.
+  "searchSolutionUseCase": [ # Specifies the use case for the control. Affects what condition fields can be set. Only settable by search controls. Will default to SEARCH_SOLUTION_USE_CASE_SEARCH if not specified. Currently only allow one search_solution_use_case per control.
+    "A String",
+  ],
+  "solutionTypes": [ # Required. Immutable. The solution types that the control is used for. Currently we support setting only one type of solution at creation time. Only `SOLUTION_TYPE_SEARCH` value is supported at the moment. If no solution type is provided at creation time, will default to SOLUTION_TYPE_SEARCH.
     "A String",
   ],
 }
@@ -743,12 +758,12 @@ 
Method Details

 Returns:
   An object of the form:
 
-    { # Configures dynamic serving time metadata that is used to pre and post process search/recommendation model results.
-  "associatedServingConfigIds": [ # Output only. List of serving configuration ids that that are associated with this control. Note the association is managed via the ServingConfig, this is an output only denormalizeed view. Assumed to be in the same catalog.
+    { # Configures dynamic metadata that can be linked to a ServingConfig and affect search or recommendation results at serving time.
+  "associatedServingConfigIds": [ # Output only. List of serving configuration ids that are associated with this control in the same Catalog. Note the association is managed via the ServingConfig, this is an output only denormalized view.
     "A String",
   ],
   "displayName": "A String", # Required. The human readable control display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is thrown.
-  "facetSpec": { # A facet specification to perform faceted search. # A facet specification to perform faceted search.
+  "facetSpec": { # A facet specification to perform faceted search. # A facet specification to perform faceted search. Note that this field is deprecated and will throw NOT_IMPLEMENTED if used for creating a control.
     "enableDynamicPosition": True or False, # Enables dynamic position for this facet. If set to true, the position of this facet among all facets in the response is determined by Google Retail Search. It will be ordered together with dynamic facets if dynamic facets is enabled. If set to false, the position of this facet in the response will be the same as in the request, and it will be ranked before the facets with dynamic position enable and all dynamic facets. For example, you may always want to have rating facet returned in the response, but it's not necessarily to always display the rating facet at the top. In that case, you can set enable_dynamic_position to true so that the position of rating facet in response will be determined by Google Retail Search. Another example, assuming you have the following facets in the request: * "rating", enable_dynamic_position = true * "price", enable_dynamic_position = false * "brands", enable_dynamic_position = false And also you have a dynamic facets enable, which will generate a facet 'gender'. Then the final order of the facets in the response can be ("price", "brands", "rating", "gender") or ("price", "brands", "gender", "rating") depends on how Google Retail Search orders "gender" and "rating" facets. However, notice that "price" and "brands" will always be ranked at 1st and 2nd position since their enable_dynamic_position are false.
     "excludedFilterKeys": [ # List of keys to exclude when faceting. By default, FacetKey.key is not excluded from the filter unless it is listed in this field. Listing a facet key in this field allows its values to appear as facet results, even when they are filtered out of search results. Using this field does not affect what search results are returned. For example, suppose there are 100 products with the color facet "Red" and 200 products with the color facet "Blue". A query containing the filter "colorFamilies:ANY("Red")" and having "colorFamilies" as FacetKey.key would by default return only "Red" products in the search results, and also return "Red" with count 100 as the only color facet. Although there are also blue products available, "Blue" would not be shown as an available facet value. If "colorFamilies" is listed in "excludedFilterKeys", then the query returns the facet values "Red" with count 100 and "Blue" with count 200, because the "colorFamilies" key is now excluded from the filter. Because this field doesn't affect search results, the search results are still correctly filtered to return only "Red" products. A maximum of 100 values are allowed. Otherwise, an INVALID_ARGUMENT error is returned.
       "A String",
@@ -780,7 +795,7 @@ 
Method Details

     "limit": 42, # Maximum of facet values that should be returned for this facet. If unspecified, defaults to 20. The maximum allowed value is 300. Values above 300 will be coerced to 300. If this field is negative, an INVALID_ARGUMENT is returned.
   },
   "name": "A String", # Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/controls/*`
-  "rule": { # A rule is a condition-action pair * A condition defines when a rule is to be triggered. * An action specifies what occurs on that trigger. Currently only boost rules are supported. Currently only supported by the search endpoint. # A rule control - a condition-action pair. Enacts a set action when the condition is triggered. For example: Boost "gShoe" when query full matches "Running Shoes".
+  "rule": { # A rule is a condition-action pair * A condition defines when a rule is to be triggered. * An action specifies what occurs on that trigger. Currently rules only work for controls with SOLUTION_TYPE_SEARCH. # A rule control - a condition-action pair. Enacts a set action when the condition is triggered. For example: Boost "gShoe" when query full matches "Running Shoes".
     "boostAction": { # A boost action to apply to results matching condition specified above. # A boost action.
       "boost": 3.14, # Strength of the condition boost, which must be in [-1, 1]. Negative boost means demotion. Default is 0.0. Setting to 1.0 gives the item a big promotion. However, it does not necessarily mean that the boosted item will be the top result at all times, nor that other items will be excluded. Results could still be shown even when none of them matches the condition. And results that are significantly more relevant to the search query can still trump your heavily favored but irrelevant items. Setting to -1.0 gives the item a big demotion. However, results that are deeply relevant might still be shown. The item will have an upstream battle to get a fairly high ranking, but it is not blocked out completely. Setting to 0.0 means no boost applied. The boosting condition is ignored.
       "productsFilter": "A String", # The filter can have a max size of 5000 characters. An expression which specifies which products to apply an action to. The syntax and supported fields are the same as a filter expression. See SearchRequest.filter for detail syntax and limitations. Examples: * To boost products with product ID "product_1" or "product_2", and color "Red" or "Blue": *(id: ANY("product_1", "product_2")) * *AND * *(colorFamilies: ANY("Red", "Blue")) *
@@ -795,7 +810,7 @@ 
Method Details

       "queryTerms": [ # A list (up to 10 entries) of terms to match the query on. If not specified, match all queries. If many query terms are specified, the condition is matched if any of the terms is a match (i.e. using the OR operator).
         { # Query terms that we want to match on.
           "fullMatch": True or False, # Whether this is supposed to be a full or partial match.
-          "value": "A String", # The value of the term to match on. Value cannot be empty. Value can have at most 3 terms if specified as a partial match. Each space separated string is considered as one term. Example) "a b c" is 3 terms and allowed, " a b c d" is 4 terms and not allowed for partial match.
+          "value": "A String", # The value of the term to match on. Value cannot be empty. Value can have at most 3 terms if specified as a partial match. Each space separated string is considered as one term. For example, "a b c" is 3 terms and allowed, but " a b c d" is 4 terms and not allowed for a partial match.
         },
       ],
     },
@@ -845,7 +860,10 @@ 
Method Details

       ],
     },
   },
-  "solutionTypes": [ # Required. Immutable. The solution types that the serving config is used for. Currently we support setting only one type of solution at creation time. Only `SOLUTION_TYPE_SEARCH` value is supported at the moment. If no solution type is provided at creation time, will default to SOLUTION_TYPE_SEARCH.
+  "searchSolutionUseCase": [ # Specifies the use case for the control. Affects what condition fields can be set. Only settable by search controls. Will default to SEARCH_SOLUTION_USE_CASE_SEARCH if not specified. Currently only allow one search_solution_use_case per control.
+    "A String",
+  ],
+  "solutionTypes": [ # Required. Immutable. The solution types that the control is used for. Currently we support setting only one type of solution at creation time. Only `SOLUTION_TYPE_SEARCH` value is supported at the moment. If no solution type is provided at creation time, will default to SOLUTION_TYPE_SEARCH.
     "A String",
   ],
 }

diff --git a/docs/dyn/retail_v2beta.projects.locations.catalogs.html b/docs/dyn/retail_v2beta.projects.locations.catalogs.html
index 56a7d655247..5c78648b49d 100644
--- a/docs/dyn/retail_v2beta.projects.locations.catalogs.html
+++ b/docs/dyn/retail_v2beta.projects.locations.catalogs.html
@@ -94,6 +94,11 @@ 
Instance Methods

 

 
Returns the controls Resource.

 
+

+  models()
+

+
Returns the models Resource.

+
 

   operations()
 

@@ -119,7 +124,7 @@ 
Instance Methods

 
Close httplib2 connections.

 

   completeQuery(catalog, dataset=None, deviceType=None, languageCodes=None, maxSuggestions=None, query=None, visitorId=None, x__xgafv=None)

-
Completes the specified prefix with keyword suggestions. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.

+
Completes the specified prefix with keyword suggestions. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.

 

   getAttributesConfig(name, x__xgafv=None)

 
Gets an AttributesConfig.

@@ -155,7 +160,7 @@ 
Method Details

 
 

     completeQuery(catalog, dataset=None, deviceType=None, languageCodes=None, maxSuggestions=None, query=None, visitorId=None, x__xgafv=None)
-  
Completes the specified prefix with keyword suggestions. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.
+  
Completes the specified prefix with keyword suggestions. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.
 
 Args:
   catalog: string, Required. Catalog for which the completion is performed. Full resource name of catalog, such as `projects/*/locations/global/catalogs/default_catalog`. (required)
@@ -237,7 +242,7 @@ 
Method Details

   
Gets a CompletionConfig.
 
 Args:
-  name: string, Required. Full CompletionConfig resource name. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/completionConfig (required)
+  name: string, Required. Full CompletionConfig resource name. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/completionConfig` (required)
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
diff --git a/docs/dyn/retail_v2beta.projects.locations.catalogs.models.html b/docs/dyn/retail_v2beta.projects.locations.catalogs.models.html
new file mode 100644
index 00000000000..d9b369a8df4
--- /dev/null
+++ b/docs/dyn/retail_v2beta.projects.locations.catalogs.models.html
@@ -0,0 +1,443 @@
+
+
+
+
Retail API . projects . locations . catalogs . models

+
Instance Methods

+

+  close()

+
Close httplib2 connections.

+

+  create(parent, body=None, dryRun=None, x__xgafv=None)

+
Creates a new model.

+

+  delete(name, x__xgafv=None)

+
Deletes an existing model.

+

+  list(parent, pageSize=None, pageToken=None, x__xgafv=None)

+
Lists all the models linked to this event store.

+

+  list_next()

+
Retrieves the next page of results.

+

+  patch(name, body=None, updateMask=None, x__xgafv=None)

+
Update of model metadata. Only fields that currently can be updated are: `filtering_option` and `periodic_tuning_state`. If other values are provided, this API method ignores them.

+

+  pause(name, body=None, x__xgafv=None)

+
Pauses the training of an existing model.

+

+  resume(name, body=None, x__xgafv=None)

+
Resumes the training of an existing model.

+

+  tune(name, body=None, x__xgafv=None)

+
Tunes an existing model.

+
Method Details

+

+    close()
+  
Close httplib2 connections.

+

+
+

+    create(parent, body=None, dryRun=None, x__xgafv=None)
+  
Creates a new model.
+
+Args:
+  parent: string, Required. The parent resource under which to create the model. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}` (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Metadata that describes the training and serving parameters of a Model. A Model can be associated with a ServingConfig and then queried through the Predict API.
+  "createTime": "A String", # Output only. Timestamp the Recommendation Model was created at.
+  "dataState": "A String", # Output only. The state of data requirements for this model: `DATA_OK` and `DATA_ERROR`. Recommendation model cannot be trained if the data is in `DATA_ERROR` state. Recommendation model can have `DATA_ERROR` state even if serving state is `ACTIVE`: models were trained successfully before, but cannot be refreshed because model no longer has sufficient data for training.
+  "displayName": "A String", # Required. The display name of the model. Should be human readable, used to display Recommendation Models in the Retail Cloud Console Dashboard. UTF-8 encoded string with limit of 1024 characters.
+  "filteringOption": "A String", # Optional. If `RECOMMENDATIONS_FILTERING_ENABLED`, recommendation filtering by attributes is enabled for the model.
+  "lastTuneTime": "A String", # Output only. The timestamp when the latest successful tune finished.
+  "name": "A String", # Required. The fully qualified resource name of the model. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` catalog_id has char limit of 50. recommendation_model_id has char limit of 40.
+  "optimizationObjective": "A String", # Optional. The optimization objective e.g. `cvr`. Currently supported values: `ctr`, `cvr`, `revenue-per-order`. If not specified, we choose default based on model type. Default depends on type of recommendation: `recommended-for-you` => `ctr` `others-you-may-like` => `ctr` `frequently-bought-together` => `revenue_per_order`
+  "periodicTuningState": "A String", # Optional. The state of periodic tuning. The period we use is 3 months - to do a one-off tune earlier use the `TuneModel` method. Default value is `PERIODIC_TUNING_ENABLED`.
+  "servingConfigLists": [ # Output only. The list of valid serving configs associated with the PageOptimizationConfig.
+    { # Represents an ordered combination of valid serving configs, which can be used for `PAGE_OPTIMIZATION` recommendations.
+      "servingConfigIds": [ # Optional. A set of valid serving configs that may be used for `PAGE_OPTIMIZATION`.
+        "A String",
+      ],
+    },
+  ],
+  "servingState": "A String", # Output only. The serving state of the model: `ACTIVE`, `NOT_ACTIVE`.
+  "trainingState": "A String", # Optional. The training state that the model is in (e.g. `TRAINING` or `PAUSED`). Since part of the cost of running the service is frequency of training - this can be used to determine when to train model in order to control cost. If not specified: the default value for `CreateModel` method is `TRAINING`. The default value for `UpdateModel` method is to keep the state the same as before.
+  "tuningOperation": "A String", # Output only. The tune operation associated with the model. Can be used to determine if there is an ongoing tune for this recommendation. Empty field implies no tune is goig on.
+  "type": "A String", # Required. The type of model e.g. `home-page`. Currently supported values: `recommended-for-you`, `others-you-may-like`, `frequently-bought-together`, `page-optimization`, `similar-items`, `buy-it-again`, and `recently-viewed`(readonly value).
+  "updateTime": "A String", # Output only. Timestamp the Recommendation Model was last updated. E.g. if a Recommendation Model was paused - this would be the time the pause was initiated.
+}
+
+  dryRun: boolean, Optional. Whether to run a dry run to validate the request (without actually creating the model).
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # This resource represents a long-running operation that is the result of a network API call.
+  "done": True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
+  "error": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
+    "code": 42, # The status code, which should be an enum value of google.rpc.Code.
+    "details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
+      {
+        "a_key": "", # Properties of the object. Contains field @type with type URL.
+      },
+    ],
+    "message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
+  },
+  "metadata": { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
+    "a_key": "", # Properties of the object. Contains field @type with type URL.
+  },
+  "name": "A String", # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
+  "response": { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
+    "a_key": "", # Properties of the object. Contains field @type with type URL.
+  },
+}

+

+
+

+    delete(name, x__xgafv=None)
+  
Deletes an existing model.
+
+Args:
+  name: string, Required. The resource name of the Model to delete. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }
+}

+

+
+

+    list(parent, pageSize=None, pageToken=None, x__xgafv=None)
+  
Lists all the models linked to this event store.
+
+Args:
+  parent: string, Required. The parent for which to list models. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}` (required)
+  pageSize: integer, Optional. Maximum number of results to return. If unspecified, defaults to 50. Max allowed value is 1000.
+  pageToken: string, Optional. A page token, received from a previous `ListModels` call. Provide this to retrieve the subsequent page.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response to a ListModelRequest.
+  "models": [ # List of Models.
+    { # Metadata that describes the training and serving parameters of a Model. A Model can be associated with a ServingConfig and then queried through the Predict API.
+      "createTime": "A String", # Output only. Timestamp the Recommendation Model was created at.
+      "dataState": "A String", # Output only. The state of data requirements for this model: `DATA_OK` and `DATA_ERROR`. Recommendation model cannot be trained if the data is in `DATA_ERROR` state. Recommendation model can have `DATA_ERROR` state even if serving state is `ACTIVE`: models were trained successfully before, but cannot be refreshed because model no longer has sufficient data for training.
+      "displayName": "A String", # Required. The display name of the model. Should be human readable, used to display Recommendation Models in the Retail Cloud Console Dashboard. UTF-8 encoded string with limit of 1024 characters.
+      "filteringOption": "A String", # Optional. If `RECOMMENDATIONS_FILTERING_ENABLED`, recommendation filtering by attributes is enabled for the model.
+      "lastTuneTime": "A String", # Output only. The timestamp when the latest successful tune finished.
+      "name": "A String", # Required. The fully qualified resource name of the model. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` catalog_id has char limit of 50. recommendation_model_id has char limit of 40.
+      "optimizationObjective": "A String", # Optional. The optimization objective e.g. `cvr`. Currently supported values: `ctr`, `cvr`, `revenue-per-order`. If not specified, we choose default based on model type. Default depends on type of recommendation: `recommended-for-you` => `ctr` `others-you-may-like` => `ctr` `frequently-bought-together` => `revenue_per_order`
+      "periodicTuningState": "A String", # Optional. The state of periodic tuning. The period we use is 3 months - to do a one-off tune earlier use the `TuneModel` method. Default value is `PERIODIC_TUNING_ENABLED`.
+      "servingConfigLists": [ # Output only. The list of valid serving configs associated with the PageOptimizationConfig.
+        { # Represents an ordered combination of valid serving configs, which can be used for `PAGE_OPTIMIZATION` recommendations.
+          "servingConfigIds": [ # Optional. A set of valid serving configs that may be used for `PAGE_OPTIMIZATION`.
+            "A String",
+          ],
+        },
+      ],
+      "servingState": "A String", # Output only. The serving state of the model: `ACTIVE`, `NOT_ACTIVE`.
+      "trainingState": "A String", # Optional. The training state that the model is in (e.g. `TRAINING` or `PAUSED`). Since part of the cost of running the service is frequency of training - this can be used to determine when to train model in order to control cost. If not specified: the default value for `CreateModel` method is `TRAINING`. The default value for `UpdateModel` method is to keep the state the same as before.
+      "tuningOperation": "A String", # Output only. The tune operation associated with the model. Can be used to determine if there is an ongoing tune for this recommendation. Empty field implies no tune is goig on.
+      "type": "A String", # Required. The type of model e.g. `home-page`. Currently supported values: `recommended-for-you`, `others-you-may-like`, `frequently-bought-together`, `page-optimization`, `similar-items`, `buy-it-again`, and `recently-viewed`(readonly value).
+      "updateTime": "A String", # Output only. Timestamp the Recommendation Model was last updated. E.g. if a Recommendation Model was paused - this would be the time the pause was initiated.
+    },
+  ],
+  "nextPageToken": "A String", # Pagination token, if not returned indicates the last page.
+}

+

+
+

+    list_next()
+  
Retrieves the next page of results.
+
+        Args:
+          previous_request: The request for the previous page. (required)
+          previous_response: The response from the request for the previous page. (required)
+
+        Returns:
+          A request object that you can call 'execute()' on to request the next
+          page. Returns None if there are no more items in the collection.
+        

+

+
+

+    patch(name, body=None, updateMask=None, x__xgafv=None)
+  
Update of model metadata. Only fields that currently can be updated are: `filtering_option` and `periodic_tuning_state`. If other values are provided, this API method ignores them.
+
+Args:
+  name: string, Required. The fully qualified resource name of the model. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` catalog_id has char limit of 50. recommendation_model_id has char limit of 40. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Metadata that describes the training and serving parameters of a Model. A Model can be associated with a ServingConfig and then queried through the Predict API.
+  "createTime": "A String", # Output only. Timestamp the Recommendation Model was created at.
+  "dataState": "A String", # Output only. The state of data requirements for this model: `DATA_OK` and `DATA_ERROR`. Recommendation model cannot be trained if the data is in `DATA_ERROR` state. Recommendation model can have `DATA_ERROR` state even if serving state is `ACTIVE`: models were trained successfully before, but cannot be refreshed because model no longer has sufficient data for training.
+  "displayName": "A String", # Required. The display name of the model. Should be human readable, used to display Recommendation Models in the Retail Cloud Console Dashboard. UTF-8 encoded string with limit of 1024 characters.
+  "filteringOption": "A String", # Optional. If `RECOMMENDATIONS_FILTERING_ENABLED`, recommendation filtering by attributes is enabled for the model.
+  "lastTuneTime": "A String", # Output only. The timestamp when the latest successful tune finished.
+  "name": "A String", # Required. The fully qualified resource name of the model. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` catalog_id has char limit of 50. recommendation_model_id has char limit of 40.
+  "optimizationObjective": "A String", # Optional. The optimization objective e.g. `cvr`. Currently supported values: `ctr`, `cvr`, `revenue-per-order`. If not specified, we choose default based on model type. Default depends on type of recommendation: `recommended-for-you` => `ctr` `others-you-may-like` => `ctr` `frequently-bought-together` => `revenue_per_order`
+  "periodicTuningState": "A String", # Optional. The state of periodic tuning. The period we use is 3 months - to do a one-off tune earlier use the `TuneModel` method. Default value is `PERIODIC_TUNING_ENABLED`.
+  "servingConfigLists": [ # Output only. The list of valid serving configs associated with the PageOptimizationConfig.
+    { # Represents an ordered combination of valid serving configs, which can be used for `PAGE_OPTIMIZATION` recommendations.
+      "servingConfigIds": [ # Optional. A set of valid serving configs that may be used for `PAGE_OPTIMIZATION`.
+        "A String",
+      ],
+    },
+  ],
+  "servingState": "A String", # Output only. The serving state of the model: `ACTIVE`, `NOT_ACTIVE`.
+  "trainingState": "A String", # Optional. The training state that the model is in (e.g. `TRAINING` or `PAUSED`). Since part of the cost of running the service is frequency of training - this can be used to determine when to train model in order to control cost. If not specified: the default value for `CreateModel` method is `TRAINING`. The default value for `UpdateModel` method is to keep the state the same as before.
+  "tuningOperation": "A String", # Output only. The tune operation associated with the model. Can be used to determine if there is an ongoing tune for this recommendation. Empty field implies no tune is goig on.
+  "type": "A String", # Required. The type of model e.g. `home-page`. Currently supported values: `recommended-for-you`, `others-you-may-like`, `frequently-bought-together`, `page-optimization`, `similar-items`, `buy-it-again`, and `recently-viewed`(readonly value).
+  "updateTime": "A String", # Output only. Timestamp the Recommendation Model was last updated. E.g. if a Recommendation Model was paused - this would be the time the pause was initiated.
+}
+
+  updateMask: string, Optional. Indicates which fields in the provided 'model' to update. If not set, by default updates all fields.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Metadata that describes the training and serving parameters of a Model. A Model can be associated with a ServingConfig and then queried through the Predict API.
+  "createTime": "A String", # Output only. Timestamp the Recommendation Model was created at.
+  "dataState": "A String", # Output only. The state of data requirements for this model: `DATA_OK` and `DATA_ERROR`. Recommendation model cannot be trained if the data is in `DATA_ERROR` state. Recommendation model can have `DATA_ERROR` state even if serving state is `ACTIVE`: models were trained successfully before, but cannot be refreshed because model no longer has sufficient data for training.
+  "displayName": "A String", # Required. The display name of the model. Should be human readable, used to display Recommendation Models in the Retail Cloud Console Dashboard. UTF-8 encoded string with limit of 1024 characters.
+  "filteringOption": "A String", # Optional. If `RECOMMENDATIONS_FILTERING_ENABLED`, recommendation filtering by attributes is enabled for the model.
+  "lastTuneTime": "A String", # Output only. The timestamp when the latest successful tune finished.
+  "name": "A String", # Required. The fully qualified resource name of the model. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` catalog_id has char limit of 50. recommendation_model_id has char limit of 40.
+  "optimizationObjective": "A String", # Optional. The optimization objective e.g. `cvr`. Currently supported values: `ctr`, `cvr`, `revenue-per-order`. If not specified, we choose default based on model type. Default depends on type of recommendation: `recommended-for-you` => `ctr` `others-you-may-like` => `ctr` `frequently-bought-together` => `revenue_per_order`
+  "periodicTuningState": "A String", # Optional. The state of periodic tuning. The period we use is 3 months - to do a one-off tune earlier use the `TuneModel` method. Default value is `PERIODIC_TUNING_ENABLED`.
+  "servingConfigLists": [ # Output only. The list of valid serving configs associated with the PageOptimizationConfig.
+    { # Represents an ordered combination of valid serving configs, which can be used for `PAGE_OPTIMIZATION` recommendations.
+      "servingConfigIds": [ # Optional. A set of valid serving configs that may be used for `PAGE_OPTIMIZATION`.
+        "A String",
+      ],
+    },
+  ],
+  "servingState": "A String", # Output only. The serving state of the model: `ACTIVE`, `NOT_ACTIVE`.
+  "trainingState": "A String", # Optional. The training state that the model is in (e.g. `TRAINING` or `PAUSED`). Since part of the cost of running the service is frequency of training - this can be used to determine when to train model in order to control cost. If not specified: the default value for `CreateModel` method is `TRAINING`. The default value for `UpdateModel` method is to keep the state the same as before.
+  "tuningOperation": "A String", # Output only. The tune operation associated with the model. Can be used to determine if there is an ongoing tune for this recommendation. Empty field implies no tune is goig on.
+  "type": "A String", # Required. The type of model e.g. `home-page`. Currently supported values: `recommended-for-you`, `others-you-may-like`, `frequently-bought-together`, `page-optimization`, `similar-items`, `buy-it-again`, and `recently-viewed`(readonly value).
+  "updateTime": "A String", # Output only. Timestamp the Recommendation Model was last updated. E.g. if a Recommendation Model was paused - this would be the time the pause was initiated.
+}

+

+
+

+    pause(name, body=None, x__xgafv=None)
+  
Pauses the training of an existing model.
+
+Args:
+  name: string, Required. The name of the model to pause. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request for pausing training of a model.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Metadata that describes the training and serving parameters of a Model. A Model can be associated with a ServingConfig and then queried through the Predict API.
+  "createTime": "A String", # Output only. Timestamp the Recommendation Model was created at.
+  "dataState": "A String", # Output only. The state of data requirements for this model: `DATA_OK` and `DATA_ERROR`. Recommendation model cannot be trained if the data is in `DATA_ERROR` state. Recommendation model can have `DATA_ERROR` state even if serving state is `ACTIVE`: models were trained successfully before, but cannot be refreshed because model no longer has sufficient data for training.
+  "displayName": "A String", # Required. The display name of the model. Should be human readable, used to display Recommendation Models in the Retail Cloud Console Dashboard. UTF-8 encoded string with limit of 1024 characters.
+  "filteringOption": "A String", # Optional. If `RECOMMENDATIONS_FILTERING_ENABLED`, recommendation filtering by attributes is enabled for the model.
+  "lastTuneTime": "A String", # Output only. The timestamp when the latest successful tune finished.
+  "name": "A String", # Required. The fully qualified resource name of the model. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` catalog_id has char limit of 50. recommendation_model_id has char limit of 40.
+  "optimizationObjective": "A String", # Optional. The optimization objective e.g. `cvr`. Currently supported values: `ctr`, `cvr`, `revenue-per-order`. If not specified, we choose default based on model type. Default depends on type of recommendation: `recommended-for-you` => `ctr` `others-you-may-like` => `ctr` `frequently-bought-together` => `revenue_per_order`
+  "periodicTuningState": "A String", # Optional. The state of periodic tuning. The period we use is 3 months - to do a one-off tune earlier use the `TuneModel` method. Default value is `PERIODIC_TUNING_ENABLED`.
+  "servingConfigLists": [ # Output only. The list of valid serving configs associated with the PageOptimizationConfig.
+    { # Represents an ordered combination of valid serving configs, which can be used for `PAGE_OPTIMIZATION` recommendations.
+      "servingConfigIds": [ # Optional. A set of valid serving configs that may be used for `PAGE_OPTIMIZATION`.
+        "A String",
+      ],
+    },
+  ],
+  "servingState": "A String", # Output only. The serving state of the model: `ACTIVE`, `NOT_ACTIVE`.
+  "trainingState": "A String", # Optional. The training state that the model is in (e.g. `TRAINING` or `PAUSED`). Since part of the cost of running the service is frequency of training - this can be used to determine when to train model in order to control cost. If not specified: the default value for `CreateModel` method is `TRAINING`. The default value for `UpdateModel` method is to keep the state the same as before.
+  "tuningOperation": "A String", # Output only. The tune operation associated with the model. Can be used to determine if there is an ongoing tune for this recommendation. Empty field implies no tune is goig on.
+  "type": "A String", # Required. The type of model e.g. `home-page`. Currently supported values: `recommended-for-you`, `others-you-may-like`, `frequently-bought-together`, `page-optimization`, `similar-items`, `buy-it-again`, and `recently-viewed`(readonly value).
+  "updateTime": "A String", # Output only. Timestamp the Recommendation Model was last updated. E.g. if a Recommendation Model was paused - this would be the time the pause was initiated.
+}

+

+
+

+    resume(name, body=None, x__xgafv=None)
+  
Resumes the training of an existing model.
+
+Args:
+  name: string, Required. The name of the model to resume. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request for resuming training of a model.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Metadata that describes the training and serving parameters of a Model. A Model can be associated with a ServingConfig and then queried through the Predict API.
+  "createTime": "A String", # Output only. Timestamp the Recommendation Model was created at.
+  "dataState": "A String", # Output only. The state of data requirements for this model: `DATA_OK` and `DATA_ERROR`. Recommendation model cannot be trained if the data is in `DATA_ERROR` state. Recommendation model can have `DATA_ERROR` state even if serving state is `ACTIVE`: models were trained successfully before, but cannot be refreshed because model no longer has sufficient data for training.
+  "displayName": "A String", # Required. The display name of the model. Should be human readable, used to display Recommendation Models in the Retail Cloud Console Dashboard. UTF-8 encoded string with limit of 1024 characters.
+  "filteringOption": "A String", # Optional. If `RECOMMENDATIONS_FILTERING_ENABLED`, recommendation filtering by attributes is enabled for the model.
+  "lastTuneTime": "A String", # Output only. The timestamp when the latest successful tune finished.
+  "name": "A String", # Required. The fully qualified resource name of the model. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` catalog_id has char limit of 50. recommendation_model_id has char limit of 40.
+  "optimizationObjective": "A String", # Optional. The optimization objective e.g. `cvr`. Currently supported values: `ctr`, `cvr`, `revenue-per-order`. If not specified, we choose default based on model type. Default depends on type of recommendation: `recommended-for-you` => `ctr` `others-you-may-like` => `ctr` `frequently-bought-together` => `revenue_per_order`
+  "periodicTuningState": "A String", # Optional. The state of periodic tuning. The period we use is 3 months - to do a one-off tune earlier use the `TuneModel` method. Default value is `PERIODIC_TUNING_ENABLED`.
+  "servingConfigLists": [ # Output only. The list of valid serving configs associated with the PageOptimizationConfig.
+    { # Represents an ordered combination of valid serving configs, which can be used for `PAGE_OPTIMIZATION` recommendations.
+      "servingConfigIds": [ # Optional. A set of valid serving configs that may be used for `PAGE_OPTIMIZATION`.
+        "A String",
+      ],
+    },
+  ],
+  "servingState": "A String", # Output only. The serving state of the model: `ACTIVE`, `NOT_ACTIVE`.
+  "trainingState": "A String", # Optional. The training state that the model is in (e.g. `TRAINING` or `PAUSED`). Since part of the cost of running the service is frequency of training - this can be used to determine when to train model in order to control cost. If not specified: the default value for `CreateModel` method is `TRAINING`. The default value for `UpdateModel` method is to keep the state the same as before.
+  "tuningOperation": "A String", # Output only. The tune operation associated with the model. Can be used to determine if there is an ongoing tune for this recommendation. Empty field implies no tune is goig on.
+  "type": "A String", # Required. The type of model e.g. `home-page`. Currently supported values: `recommended-for-you`, `others-you-may-like`, `frequently-bought-together`, `page-optimization`, `similar-items`, `buy-it-again`, and `recently-viewed`(readonly value).
+  "updateTime": "A String", # Output only. Timestamp the Recommendation Model was last updated. E.g. if a Recommendation Model was paused - this would be the time the pause was initiated.
+}

+

+
+

+    tune(name, body=None, x__xgafv=None)
+  
Tunes an existing model.
+
+Args:
+  name: string, Required. The resource name of the model to tune. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request to manually start a tuning process now (instead of waiting for the periodically scheduled tuning to happen).
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # This resource represents a long-running operation that is the result of a network API call.
+  "done": True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
+  "error": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
+    "code": 42, # The status code, which should be an enum value of google.rpc.Code.
+    "details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
+      {
+        "a_key": "", # Properties of the object. Contains field @type with type URL.
+      },
+    ],
+    "message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
+  },
+  "metadata": { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
+    "a_key": "", # Properties of the object. Contains field @type with type URL.
+  },
+  "name": "A String", # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
+  "response": { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
+    "a_key": "", # Properties of the object. Contains field @type with type URL.
+  },
+}

+

+
+
\ No newline at end of file
diff --git a/docs/dyn/retail_v2beta.projects.locations.catalogs.placements.html b/docs/dyn/retail_v2beta.projects.locations.catalogs.placements.html
index 95eb594be6a..a5e950f907d 100644
--- a/docs/dyn/retail_v2beta.projects.locations.catalogs.placements.html
+++ b/docs/dyn/retail_v2beta.projects.locations.catalogs.placements.html
@@ -82,7 +82,7 @@ 
Instance Methods

 
Makes a recommendation prediction.

 

   search(placement, body=None, x__xgafv=None)

-
Performs a search. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.

+
Performs a search. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.

 

   search_next()

 
Retrieves the next page of results.

@@ -139,7 +139,7 @@ 
Method Details

     "filter": "A String", # The filter syntax consists of an expression language for constructing a predicate from one or more fields of the products being filtered. See SearchRequest.filter for definition and syntax. The value must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned.
     "offset": 42, # An integer that specifies the current offset for pagination (the 0-indexed starting location, amongst the products deemed by the API as relevant). See SearchRequest.offset for definition. If this field is negative, an INVALID_ARGUMENT is returned. This can only be set for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
     "orderBy": "A String", # The order in which products are returned. See SearchRequest.order_by for definition and syntax. The value must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. This can only be set for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
-    "pageCategories": [ # The categories associated with a category page. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"]. Required for `category-page-view` events. At least one of search_query or page_categories is required for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
+    "pageCategories": [ # The categories associated with a category page. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"]. Required for `category-page-view` events. At least one of search_query or page_categories is required for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
       "A String",
     ],
     "pageViewId": "A String", # A unique ID of a web page view. This should be kept the same for all user events triggered from the same pageview. For example, an item detail page view could trigger multiple events as the user is browsing the page. The `pageViewId` property should be kept the same for all these events so that they can be grouped together properly. When using the client side event reporting with JavaScript pixel and Google Tag Manager, this value is filled in automatically.
@@ -172,7 +172,7 @@ 
Method Details

           "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
             "A String",
           ],
-          "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+          "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
             "A String",
           ],
           "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -209,6 +209,48 @@ 
Method Details

             },
           ],
           "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+          "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+            { # The inventory information at a place (e.g. a store) identified by a place ID.
+              "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+                "a_key": { # A custom attribute that is not explicitly modeled in Product.
+                  "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+                  "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                    3.14,
+                  ],
+                  "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+                  "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                    "A String",
+                  ],
+                },
+              },
+              "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+                "A String",
+              ],
+              "placeId": "A String", # The place ID for the current set of inventory information.
+              "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+                "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+                "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+                "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+                "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+                "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+                "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+                "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+                  "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+                    "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                    "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                    "maximum": 3.14, # Inclusive upper bound.
+                    "minimum": 3.14, # Inclusive lower bound.
+                  },
+                  "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+                    "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                    "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                    "maximum": 3.14, # Inclusive upper bound.
+                    "minimum": 3.14, # Inclusive lower bound.
+                  },
+                },
+              },
+            },
+          ],
           "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
             "A String",
           ],
@@ -319,7 +361,7 @@ 
Method Details

 
 

     search(placement, body=None, x__xgafv=None)
-  
Performs a search. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.
+  
Performs a search. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.
 
 Args:
   placement: string, Required. The resource name of the Retail Search serving config, such as `projects/*/locations/global/catalogs/default_catalog/servingConfigs/default_serving_config` or the name of the legacy placement resource, such as `projects/*/locations/global/catalogs/default_catalog/placements/default_search`. This field is used to identify the serving configuration name and the set of models that will be used to make the search. (required)
@@ -380,12 +422,12 @@ 
Method Details

   },
   "offset": 42, # A 0-indexed integer that specifies the current offset (that is, starting result location, amongst the Products deemed by the API as relevant) in search results. This field is only considered if page_token is unset. If this field is negative, an INVALID_ARGUMENT is returned.
   "orderBy": "A String", # The order in which products are returned. Products can be ordered by a field in an Product object. Leave it unset if ordered by relevance. OrderBy expression is case-sensitive. See more details at this [user guide](https://cloud.google.com/retail/docs/filter-and-order#order). If this field is unrecognizable, an INVALID_ARGUMENT is returned.
-  "pageCategories": [ # The categories associated with a category page. Required for category navigation queries to achieve good search quality. The format should be the same as UserEvent.page_categories; To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"].
+  "pageCategories": [ # The categories associated with a category page. Required for category navigation queries to achieve good search quality. The format should be the same as UserEvent.page_categories; To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"].
     "A String",
   ],
   "pageSize": 42, # Maximum number of Products to return. If unspecified, defaults to a reasonable value. The maximum allowed value is 120. Values above 120 will be coerced to 120. If this field is negative, an INVALID_ARGUMENT is returned.
   "pageToken": "A String", # A page token SearchResponse.next_page_token, received from a previous SearchService.Search call. Provide this to retrieve the subsequent page. When paginating, all other parameters provided to SearchService.Search must match the call that provided the page token. Otherwise, an INVALID_ARGUMENT error is returned.
-  "personalizationSpec": { # The specification for personalization. # The specification for personalization.
+  "personalizationSpec": { # The specification for personalization. # The specification for personalization. Notice that if both ServingConfig.personalization_spec and SearchRequest.personalization_spec are set. SearchRequest.personalization_spec will override ServingConfig.personalization_spec.
     "mode": "A String", # Defaults to Mode.AUTO.
   },
   "query": "A String", # Raw search query. If this field is empty, the request is considered a category browsing request and returned results are based on filter and page_categories.
@@ -492,7 +534,7 @@ 
Method Details

         "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
           "A String",
         ],
-        "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+        "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
           "A String",
         ],
         "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -529,6 +571,48 @@ 
Method Details

           },
         ],
         "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+        "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+          { # The inventory information at a place (e.g. a store) identified by a place ID.
+            "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+              "a_key": { # A custom attribute that is not explicitly modeled in Product.
+                "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+                "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                  3.14,
+                ],
+                "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+                "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                  "A String",
+                ],
+              },
+            },
+            "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+              "A String",
+            ],
+            "placeId": "A String", # The place ID for the current set of inventory information.
+            "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+              "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+              "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+              "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+              "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+              "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+              "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+              "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+                "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+                  "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                  "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                  "maximum": 3.14, # Inclusive upper bound.
+                  "minimum": 3.14, # Inclusive lower bound.
+                },
+                "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+                  "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                  "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                  "maximum": 3.14, # Inclusive upper bound.
+                  "minimum": 3.14, # Inclusive lower bound.
+                },
+              },
+            },
+          },
+        ],
         "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
           "A String",
         ],
diff --git a/docs/dyn/retail_v2beta.projects.locations.catalogs.servingConfigs.html b/docs/dyn/retail_v2beta.projects.locations.catalogs.servingConfigs.html
index 231a769a3af..c7699d5464a 100644
--- a/docs/dyn/retail_v2beta.projects.locations.catalogs.servingConfigs.html
+++ b/docs/dyn/retail_v2beta.projects.locations.catalogs.servingConfigs.html
@@ -106,7 +106,7 @@ 
Instance Methods

 
Disables a Control on the specified ServingConfig. The control is removed from the ServingConfig. Returns a NOT_FOUND error if the Control is not enabled for the ServingConfig.

 

   search(placement, body=None, x__xgafv=None)

-
Performs a search. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.

+
Performs a search. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.

 

   search_next()

 
Retrieves the next page of results.

@@ -116,7 +116,7 @@ 
Method Details

   
Enables a Control on the specified ServingConfig. The control is added in the last position of the list of controls it belongs to (e.g. if it's a facet spec control it will be applied in the last position of servingConfig.facetSpecIds) Returns a ALREADY_EXISTS error if the control has already been applied. Returns a FAILED_PRECONDITION error if the addition could exceed maximum number of control allowed for that type of control.
 
 Args:
-  servingConfig: string, Required. The source ServingConfig resource name . Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/servingConfigs/{serving_config_id} (required)
+  servingConfig: string, Required. The source ServingConfig resource name . Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/servingConfigs/{serving_config_id}` (required)
   body: object, The request body.
     The object takes the form of:
 
@@ -132,19 +132,20 @@ 
Method Details

 Returns:
   An object of the form:
 
-    { # Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions). The ServingConfig is passed in the search and predict request and together with the Catalog.default_branch, generates results.
+    { # Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions).
   "boostControlIds": [ # Condition boost specifications. If a product matches multiple conditions in the specifications, boost scores from these specifications are all applied and combined in a non-linear way. Maximum number of specifications is 100. Notice that if both ServingConfig.boost_control_ids and SearchRequest.boost_spec are set, the boost conditions from both places are evaluated. If a search request matches multiple boost conditions, the final boost score is equal to the sum of the boost scores from all matched boost conditions. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
   "displayName": "A String", # Required. The human readable serving config display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is returned.
-  "diversityLevel": "A String", # How much diversity to use in recommendation model results e.g. 'medium-diversity' or 'high-diversity'. Currently supported values: * 'no-diversity' * 'low-diversity' * 'medium-diversity' * 'high-diversity' * 'auto-diversity' If not specified, we choose default based on recommendation model type. Default value: 'no-diversity'. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "diversityLevel": "A String", # How much diversity to use in recommendation model results e.g. `medium-diversity` or `high-diversity`. Currently supported values: * `no-diversity` * `low-diversity` * `medium-diversity` * `high-diversity` * `auto-diversity` If not specified, we choose default based on recommendation model type. Default value: `no-diversity`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "diversityType": "A String", # What kind of diversity to use - data driven or rule based.
   "doNotAssociateControlIds": [ # Condition do not associate specifications. If multiple do not associate conditions match, all matching do not associate controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
   "dynamicFacetSpec": { # The specifications of dynamically generated facets. # The specification for dynamically generated facets. Notice that only textual facets can be dynamically generated. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "mode": "A String", # Mode of the DynamicFacet feature. Defaults to Mode.DISABLED if it's unset.
   },
-  "enableCategoryFilterLevel": "A String", # Whether to add additional category filters on the 'similar-items' model. If not specified, we enable it by default. Allowed values are: * 'no-category-match': No additional filtering of original results from the model and the customer's filters. * 'relaxed-category-match': Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "enableCategoryFilterLevel": "A String", # Whether to add additional category filters on the `similar-items` model. If not specified, we enable it by default. Allowed values are: * `no-category-match`: No additional filtering of original results from the model and the customer's filters. * `relaxed-category-match`: Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
   "facetControlIds": [ # Facet specifications for faceted search. If empty, no facets are returned. The ids refer to the ids of Control resources with only the Facet control set. These controls are assumed to be in the same Catalog as the ServingConfig. A maximum of 100 values are allowed. Otherwise, an INVALID_ARGUMENT error is returned. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
@@ -154,12 +155,15 @@ 
Method Details

   "ignoreControlIds": [ # Condition ignore specifications. If multiple ignore conditions match, all matching ignore controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
-  "modelId": "A String", # The id of the model to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "modelId": "A String", # The id of the model in the same Catalog to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.
   "name": "A String", # Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/servingConfig/*`
   "onewaySynonymsControlIds": [ # Condition oneway synonyms specifications. If multiple oneway synonyms conditions match, all matching oneway synonyms controls in the list will execute. Order of controls in the list will not matter. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
-  "priceRerankingLevel": "A String", # How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * 'no-price-reranking' * 'low-price-raranking' * 'medium-price-reranking' * 'high-price-reranking' If not specified, we choose default based on model type. Default value: 'no-price-reranking'. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "personalizationSpec": { # The specification for personalization. # The specification for personalization spec. Can only be set if solution_types is SOLUTION_TYPE_SEARCH. Notice that if both ServingConfig.personalization_spec and SearchRequest.personalization_spec are set. SearchRequest.personalization_spec will override ServingConfig.personalization_spec.
+    "mode": "A String", # Defaults to Mode.AUTO.
+  },
+  "priceRerankingLevel": "A String", # How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * `no-price-reranking` * `low-price-raranking` * `medium-price-reranking` * `high-price-reranking` If not specified, we choose default based on model type. Default value: `no-price-reranking`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
   "redirectControlIds": [ # Condition redirect specifications. Only the first triggered redirect action is applied, even if multiple apply. Maximum number of specifications is 1000. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
@@ -189,19 +193,20 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions). The ServingConfig is passed in the search and predict request and together with the Catalog.default_branch, generates results.
+{ # Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions).
   "boostControlIds": [ # Condition boost specifications. If a product matches multiple conditions in the specifications, boost scores from these specifications are all applied and combined in a non-linear way. Maximum number of specifications is 100. Notice that if both ServingConfig.boost_control_ids and SearchRequest.boost_spec are set, the boost conditions from both places are evaluated. If a search request matches multiple boost conditions, the final boost score is equal to the sum of the boost scores from all matched boost conditions. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
   "displayName": "A String", # Required. The human readable serving config display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is returned.
-  "diversityLevel": "A String", # How much diversity to use in recommendation model results e.g. 'medium-diversity' or 'high-diversity'. Currently supported values: * 'no-diversity' * 'low-diversity' * 'medium-diversity' * 'high-diversity' * 'auto-diversity' If not specified, we choose default based on recommendation model type. Default value: 'no-diversity'. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "diversityLevel": "A String", # How much diversity to use in recommendation model results e.g. `medium-diversity` or `high-diversity`. Currently supported values: * `no-diversity` * `low-diversity` * `medium-diversity` * `high-diversity` * `auto-diversity` If not specified, we choose default based on recommendation model type. Default value: `no-diversity`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "diversityType": "A String", # What kind of diversity to use - data driven or rule based.
   "doNotAssociateControlIds": [ # Condition do not associate specifications. If multiple do not associate conditions match, all matching do not associate controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
   "dynamicFacetSpec": { # The specifications of dynamically generated facets. # The specification for dynamically generated facets. Notice that only textual facets can be dynamically generated. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "mode": "A String", # Mode of the DynamicFacet feature. Defaults to Mode.DISABLED if it's unset.
   },
-  "enableCategoryFilterLevel": "A String", # Whether to add additional category filters on the 'similar-items' model. If not specified, we enable it by default. Allowed values are: * 'no-category-match': No additional filtering of original results from the model and the customer's filters. * 'relaxed-category-match': Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "enableCategoryFilterLevel": "A String", # Whether to add additional category filters on the `similar-items` model. If not specified, we enable it by default. Allowed values are: * `no-category-match`: No additional filtering of original results from the model and the customer's filters. * `relaxed-category-match`: Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
   "facetControlIds": [ # Facet specifications for faceted search. If empty, no facets are returned. The ids refer to the ids of Control resources with only the Facet control set. These controls are assumed to be in the same Catalog as the ServingConfig. A maximum of 100 values are allowed. Otherwise, an INVALID_ARGUMENT error is returned. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
@@ -211,12 +216,15 @@ 
Method Details

   "ignoreControlIds": [ # Condition ignore specifications. If multiple ignore conditions match, all matching ignore controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
-  "modelId": "A String", # The id of the model to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "modelId": "A String", # The id of the model in the same Catalog to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.
   "name": "A String", # Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/servingConfig/*`
   "onewaySynonymsControlIds": [ # Condition oneway synonyms specifications. If multiple oneway synonyms conditions match, all matching oneway synonyms controls in the list will execute. Order of controls in the list will not matter. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
-  "priceRerankingLevel": "A String", # How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * 'no-price-reranking' * 'low-price-raranking' * 'medium-price-reranking' * 'high-price-reranking' If not specified, we choose default based on model type. Default value: 'no-price-reranking'. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "personalizationSpec": { # The specification for personalization. # The specification for personalization spec. Can only be set if solution_types is SOLUTION_TYPE_SEARCH. Notice that if both ServingConfig.personalization_spec and SearchRequest.personalization_spec are set. SearchRequest.personalization_spec will override ServingConfig.personalization_spec.
+    "mode": "A String", # Defaults to Mode.AUTO.
+  },
+  "priceRerankingLevel": "A String", # How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * `no-price-reranking` * `low-price-raranking` * `medium-price-reranking` * `high-price-reranking` If not specified, we choose default based on model type. Default value: `no-price-reranking`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
   "redirectControlIds": [ # Condition redirect specifications. Only the first triggered redirect action is applied, even if multiple apply. Maximum number of specifications is 1000. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
@@ -240,19 +248,20 @@ 
Method Details

 Returns:
   An object of the form:
 
-    { # Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions). The ServingConfig is passed in the search and predict request and together with the Catalog.default_branch, generates results.
+    { # Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions).
   "boostControlIds": [ # Condition boost specifications. If a product matches multiple conditions in the specifications, boost scores from these specifications are all applied and combined in a non-linear way. Maximum number of specifications is 100. Notice that if both ServingConfig.boost_control_ids and SearchRequest.boost_spec are set, the boost conditions from both places are evaluated. If a search request matches multiple boost conditions, the final boost score is equal to the sum of the boost scores from all matched boost conditions. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
   "displayName": "A String", # Required. The human readable serving config display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is returned.
-  "diversityLevel": "A String", # How much diversity to use in recommendation model results e.g. 'medium-diversity' or 'high-diversity'. Currently supported values: * 'no-diversity' * 'low-diversity' * 'medium-diversity' * 'high-diversity' * 'auto-diversity' If not specified, we choose default based on recommendation model type. Default value: 'no-diversity'. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "diversityLevel": "A String", # How much diversity to use in recommendation model results e.g. `medium-diversity` or `high-diversity`. Currently supported values: * `no-diversity` * `low-diversity` * `medium-diversity` * `high-diversity` * `auto-diversity` If not specified, we choose default based on recommendation model type. Default value: `no-diversity`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "diversityType": "A String", # What kind of diversity to use - data driven or rule based.
   "doNotAssociateControlIds": [ # Condition do not associate specifications. If multiple do not associate conditions match, all matching do not associate controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
   "dynamicFacetSpec": { # The specifications of dynamically generated facets. # The specification for dynamically generated facets. Notice that only textual facets can be dynamically generated. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "mode": "A String", # Mode of the DynamicFacet feature. Defaults to Mode.DISABLED if it's unset.
   },
-  "enableCategoryFilterLevel": "A String", # Whether to add additional category filters on the 'similar-items' model. If not specified, we enable it by default. Allowed values are: * 'no-category-match': No additional filtering of original results from the model and the customer's filters. * 'relaxed-category-match': Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "enableCategoryFilterLevel": "A String", # Whether to add additional category filters on the `similar-items` model. If not specified, we enable it by default. Allowed values are: * `no-category-match`: No additional filtering of original results from the model and the customer's filters. * `relaxed-category-match`: Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
   "facetControlIds": [ # Facet specifications for faceted search. If empty, no facets are returned. The ids refer to the ids of Control resources with only the Facet control set. These controls are assumed to be in the same Catalog as the ServingConfig. A maximum of 100 values are allowed. Otherwise, an INVALID_ARGUMENT error is returned. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
@@ -262,12 +271,15 @@ 
Method Details

   "ignoreControlIds": [ # Condition ignore specifications. If multiple ignore conditions match, all matching ignore controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
-  "modelId": "A String", # The id of the model to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "modelId": "A String", # The id of the model in the same Catalog to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.
   "name": "A String", # Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/servingConfig/*`
   "onewaySynonymsControlIds": [ # Condition oneway synonyms specifications. If multiple oneway synonyms conditions match, all matching oneway synonyms controls in the list will execute. Order of controls in the list will not matter. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
-  "priceRerankingLevel": "A String", # How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * 'no-price-reranking' * 'low-price-raranking' * 'medium-price-reranking' * 'high-price-reranking' If not specified, we choose default based on model type. Default value: 'no-price-reranking'. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "personalizationSpec": { # The specification for personalization. # The specification for personalization spec. Can only be set if solution_types is SOLUTION_TYPE_SEARCH. Notice that if both ServingConfig.personalization_spec and SearchRequest.personalization_spec are set. SearchRequest.personalization_spec will override ServingConfig.personalization_spec.
+    "mode": "A String", # Defaults to Mode.AUTO.
+  },
+  "priceRerankingLevel": "A String", # How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * `no-price-reranking` * `low-price-raranking` * `medium-price-reranking` * `high-price-reranking` If not specified, we choose default based on model type. Default value: `no-price-reranking`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
   "redirectControlIds": [ # Condition redirect specifications. Only the first triggered redirect action is applied, even if multiple apply. Maximum number of specifications is 1000. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
@@ -288,7 +300,7 @@ 
Method Details

   
Deletes a ServingConfig. Returns a NotFound error if the ServingConfig does not exist.
 
 Args:
-  name: string, Required. The resource name of the ServingConfig to delete. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/servingConfigs/{serving_config_id} (required)
+  name: string, Required. The resource name of the ServingConfig to delete. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/servingConfigs/{serving_config_id}` (required)
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -306,7 +318,7 @@ 
Method Details

   
Gets a ServingConfig. Returns a NotFound error if the ServingConfig does not exist.
 
 Args:
-  name: string, Required. The resource name of the ServingConfig to get. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/servingConfigs/{serving_config_id} (required)
+  name: string, Required. The resource name of the ServingConfig to get. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/servingConfigs/{serving_config_id}` (required)
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -315,19 +327,20 @@ 
Method Details

 Returns:
   An object of the form:
 
-    { # Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions). The ServingConfig is passed in the search and predict request and together with the Catalog.default_branch, generates results.
+    { # Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions).
   "boostControlIds": [ # Condition boost specifications. If a product matches multiple conditions in the specifications, boost scores from these specifications are all applied and combined in a non-linear way. Maximum number of specifications is 100. Notice that if both ServingConfig.boost_control_ids and SearchRequest.boost_spec are set, the boost conditions from both places are evaluated. If a search request matches multiple boost conditions, the final boost score is equal to the sum of the boost scores from all matched boost conditions. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
   "displayName": "A String", # Required. The human readable serving config display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is returned.
-  "diversityLevel": "A String", # How much diversity to use in recommendation model results e.g. 'medium-diversity' or 'high-diversity'. Currently supported values: * 'no-diversity' * 'low-diversity' * 'medium-diversity' * 'high-diversity' * 'auto-diversity' If not specified, we choose default based on recommendation model type. Default value: 'no-diversity'. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "diversityLevel": "A String", # How much diversity to use in recommendation model results e.g. `medium-diversity` or `high-diversity`. Currently supported values: * `no-diversity` * `low-diversity` * `medium-diversity` * `high-diversity` * `auto-diversity` If not specified, we choose default based on recommendation model type. Default value: `no-diversity`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "diversityType": "A String", # What kind of diversity to use - data driven or rule based.
   "doNotAssociateControlIds": [ # Condition do not associate specifications. If multiple do not associate conditions match, all matching do not associate controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
   "dynamicFacetSpec": { # The specifications of dynamically generated facets. # The specification for dynamically generated facets. Notice that only textual facets can be dynamically generated. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "mode": "A String", # Mode of the DynamicFacet feature. Defaults to Mode.DISABLED if it's unset.
   },
-  "enableCategoryFilterLevel": "A String", # Whether to add additional category filters on the 'similar-items' model. If not specified, we enable it by default. Allowed values are: * 'no-category-match': No additional filtering of original results from the model and the customer's filters. * 'relaxed-category-match': Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "enableCategoryFilterLevel": "A String", # Whether to add additional category filters on the `similar-items` model. If not specified, we enable it by default. Allowed values are: * `no-category-match`: No additional filtering of original results from the model and the customer's filters. * `relaxed-category-match`: Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
   "facetControlIds": [ # Facet specifications for faceted search. If empty, no facets are returned. The ids refer to the ids of Control resources with only the Facet control set. These controls are assumed to be in the same Catalog as the ServingConfig. A maximum of 100 values are allowed. Otherwise, an INVALID_ARGUMENT error is returned. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
@@ -337,12 +350,15 @@ 
Method Details

   "ignoreControlIds": [ # Condition ignore specifications. If multiple ignore conditions match, all matching ignore controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
-  "modelId": "A String", # The id of the model to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "modelId": "A String", # The id of the model in the same Catalog to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.
   "name": "A String", # Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/servingConfig/*`
   "onewaySynonymsControlIds": [ # Condition oneway synonyms specifications. If multiple oneway synonyms conditions match, all matching oneway synonyms controls in the list will execute. Order of controls in the list will not matter. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
-  "priceRerankingLevel": "A String", # How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * 'no-price-reranking' * 'low-price-raranking' * 'medium-price-reranking' * 'high-price-reranking' If not specified, we choose default based on model type. Default value: 'no-price-reranking'. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "personalizationSpec": { # The specification for personalization. # The specification for personalization spec. Can only be set if solution_types is SOLUTION_TYPE_SEARCH. Notice that if both ServingConfig.personalization_spec and SearchRequest.personalization_spec are set. SearchRequest.personalization_spec will override ServingConfig.personalization_spec.
+    "mode": "A String", # Defaults to Mode.AUTO.
+  },
+  "priceRerankingLevel": "A String", # How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * `no-price-reranking` * `low-price-raranking` * `medium-price-reranking` * `high-price-reranking` If not specified, we choose default based on model type. Default value: `no-price-reranking`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
   "redirectControlIds": [ # Condition redirect specifications. Only the first triggered redirect action is applied, even if multiple apply. Maximum number of specifications is 1000. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
@@ -363,7 +379,7 @@ 
Method Details

   
Lists all ServingConfigs linked to this catalog.
 
 Args:
-  parent: string, Required. The catalog resource name. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id} (required)
+  parent: string, Required. The catalog resource name. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}` (required)
   pageSize: integer, Optional. Maximum number of results to return. If unspecified, defaults to 100. If a value greater than 100 is provided, at most 100 results are returned.
   pageToken: string, Optional. A page token, received from a previous `ListServingConfigs` call. Provide this to retrieve the subsequent page.
   x__xgafv: string, V1 error format.
@@ -377,19 +393,20 @@ 
Method Details

     { # Response for ListServingConfigs method.
   "nextPageToken": "A String", # Pagination token, if not returned indicates the last page.
   "servingConfigs": [ # All the ServingConfigs for a given catalog.
-    { # Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions). The ServingConfig is passed in the search and predict request and together with the Catalog.default_branch, generates results.
+    { # Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions).
       "boostControlIds": [ # Condition boost specifications. If a product matches multiple conditions in the specifications, boost scores from these specifications are all applied and combined in a non-linear way. Maximum number of specifications is 100. Notice that if both ServingConfig.boost_control_ids and SearchRequest.boost_spec are set, the boost conditions from both places are evaluated. If a search request matches multiple boost conditions, the final boost score is equal to the sum of the boost scores from all matched boost conditions. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
         "A String",
       ],
       "displayName": "A String", # Required. The human readable serving config display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is returned.
-      "diversityLevel": "A String", # How much diversity to use in recommendation model results e.g. 'medium-diversity' or 'high-diversity'. Currently supported values: * 'no-diversity' * 'low-diversity' * 'medium-diversity' * 'high-diversity' * 'auto-diversity' If not specified, we choose default based on recommendation model type. Default value: 'no-diversity'. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+      "diversityLevel": "A String", # How much diversity to use in recommendation model results e.g. `medium-diversity` or `high-diversity`. Currently supported values: * `no-diversity` * `low-diversity` * `medium-diversity` * `high-diversity` * `auto-diversity` If not specified, we choose default based on recommendation model type. Default value: `no-diversity`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+      "diversityType": "A String", # What kind of diversity to use - data driven or rule based.
       "doNotAssociateControlIds": [ # Condition do not associate specifications. If multiple do not associate conditions match, all matching do not associate controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
         "A String",
       ],
       "dynamicFacetSpec": { # The specifications of dynamically generated facets. # The specification for dynamically generated facets. Notice that only textual facets can be dynamically generated. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
         "mode": "A String", # Mode of the DynamicFacet feature. Defaults to Mode.DISABLED if it's unset.
       },
-      "enableCategoryFilterLevel": "A String", # Whether to add additional category filters on the 'similar-items' model. If not specified, we enable it by default. Allowed values are: * 'no-category-match': No additional filtering of original results from the model and the customer's filters. * 'relaxed-category-match': Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+      "enableCategoryFilterLevel": "A String", # Whether to add additional category filters on the `similar-items` model. If not specified, we enable it by default. Allowed values are: * `no-category-match`: No additional filtering of original results from the model and the customer's filters. * `relaxed-category-match`: Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
       "facetControlIds": [ # Facet specifications for faceted search. If empty, no facets are returned. The ids refer to the ids of Control resources with only the Facet control set. These controls are assumed to be in the same Catalog as the ServingConfig. A maximum of 100 values are allowed. Otherwise, an INVALID_ARGUMENT error is returned. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
         "A String",
       ],
@@ -399,12 +416,15 @@ 
Method Details

       "ignoreControlIds": [ # Condition ignore specifications. If multiple ignore conditions match, all matching ignore controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
         "A String",
       ],
-      "modelId": "A String", # The id of the model to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.
+      "modelId": "A String", # The id of the model in the same Catalog to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.
       "name": "A String", # Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/servingConfig/*`
       "onewaySynonymsControlIds": [ # Condition oneway synonyms specifications. If multiple oneway synonyms conditions match, all matching oneway synonyms controls in the list will execute. Order of controls in the list will not matter. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
         "A String",
       ],
-      "priceRerankingLevel": "A String", # How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * 'no-price-reranking' * 'low-price-raranking' * 'medium-price-reranking' * 'high-price-reranking' If not specified, we choose default based on model type. Default value: 'no-price-reranking'. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+      "personalizationSpec": { # The specification for personalization. # The specification for personalization spec. Can only be set if solution_types is SOLUTION_TYPE_SEARCH. Notice that if both ServingConfig.personalization_spec and SearchRequest.personalization_spec are set. SearchRequest.personalization_spec will override ServingConfig.personalization_spec.
+        "mode": "A String", # Defaults to Mode.AUTO.
+      },
+      "priceRerankingLevel": "A String", # How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * `no-price-reranking` * `low-price-raranking` * `medium-price-reranking` * `high-price-reranking` If not specified, we choose default based on model type. Default value: `no-price-reranking`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
       "redirectControlIds": [ # Condition redirect specifications. Only the first triggered redirect action is applied, even if multiple apply. Maximum number of specifications is 1000. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
         "A String",
       ],
@@ -445,19 +465,20 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions). The ServingConfig is passed in the search and predict request and together with the Catalog.default_branch, generates results.
+{ # Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions).
   "boostControlIds": [ # Condition boost specifications. If a product matches multiple conditions in the specifications, boost scores from these specifications are all applied and combined in a non-linear way. Maximum number of specifications is 100. Notice that if both ServingConfig.boost_control_ids and SearchRequest.boost_spec are set, the boost conditions from both places are evaluated. If a search request matches multiple boost conditions, the final boost score is equal to the sum of the boost scores from all matched boost conditions. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
   "displayName": "A String", # Required. The human readable serving config display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is returned.
-  "diversityLevel": "A String", # How much diversity to use in recommendation model results e.g. 'medium-diversity' or 'high-diversity'. Currently supported values: * 'no-diversity' * 'low-diversity' * 'medium-diversity' * 'high-diversity' * 'auto-diversity' If not specified, we choose default based on recommendation model type. Default value: 'no-diversity'. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "diversityLevel": "A String", # How much diversity to use in recommendation model results e.g. `medium-diversity` or `high-diversity`. Currently supported values: * `no-diversity` * `low-diversity` * `medium-diversity` * `high-diversity` * `auto-diversity` If not specified, we choose default based on recommendation model type. Default value: `no-diversity`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "diversityType": "A String", # What kind of diversity to use - data driven or rule based.
   "doNotAssociateControlIds": [ # Condition do not associate specifications. If multiple do not associate conditions match, all matching do not associate controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
   "dynamicFacetSpec": { # The specifications of dynamically generated facets. # The specification for dynamically generated facets. Notice that only textual facets can be dynamically generated. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "mode": "A String", # Mode of the DynamicFacet feature. Defaults to Mode.DISABLED if it's unset.
   },
-  "enableCategoryFilterLevel": "A String", # Whether to add additional category filters on the 'similar-items' model. If not specified, we enable it by default. Allowed values are: * 'no-category-match': No additional filtering of original results from the model and the customer's filters. * 'relaxed-category-match': Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "enableCategoryFilterLevel": "A String", # Whether to add additional category filters on the `similar-items` model. If not specified, we enable it by default. Allowed values are: * `no-category-match`: No additional filtering of original results from the model and the customer's filters. * `relaxed-category-match`: Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
   "facetControlIds": [ # Facet specifications for faceted search. If empty, no facets are returned. The ids refer to the ids of Control resources with only the Facet control set. These controls are assumed to be in the same Catalog as the ServingConfig. A maximum of 100 values are allowed. Otherwise, an INVALID_ARGUMENT error is returned. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
@@ -467,12 +488,15 @@ 
Method Details

   "ignoreControlIds": [ # Condition ignore specifications. If multiple ignore conditions match, all matching ignore controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
-  "modelId": "A String", # The id of the model to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "modelId": "A String", # The id of the model in the same Catalog to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.
   "name": "A String", # Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/servingConfig/*`
   "onewaySynonymsControlIds": [ # Condition oneway synonyms specifications. If multiple oneway synonyms conditions match, all matching oneway synonyms controls in the list will execute. Order of controls in the list will not matter. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
-  "priceRerankingLevel": "A String", # How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * 'no-price-reranking' * 'low-price-raranking' * 'medium-price-reranking' * 'high-price-reranking' If not specified, we choose default based on model type. Default value: 'no-price-reranking'. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "personalizationSpec": { # The specification for personalization. # The specification for personalization spec. Can only be set if solution_types is SOLUTION_TYPE_SEARCH. Notice that if both ServingConfig.personalization_spec and SearchRequest.personalization_spec are set. SearchRequest.personalization_spec will override ServingConfig.personalization_spec.
+    "mode": "A String", # Defaults to Mode.AUTO.
+  },
+  "priceRerankingLevel": "A String", # How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * `no-price-reranking` * `low-price-raranking` * `medium-price-reranking` * `high-price-reranking` If not specified, we choose default based on model type. Default value: `no-price-reranking`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
   "redirectControlIds": [ # Condition redirect specifications. Only the first triggered redirect action is applied, even if multiple apply. Maximum number of specifications is 1000. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
@@ -496,19 +520,20 @@ 
Method Details

 Returns:
   An object of the form:
 
-    { # Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions). The ServingConfig is passed in the search and predict request and together with the Catalog.default_branch, generates results.
+    { # Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions).
   "boostControlIds": [ # Condition boost specifications. If a product matches multiple conditions in the specifications, boost scores from these specifications are all applied and combined in a non-linear way. Maximum number of specifications is 100. Notice that if both ServingConfig.boost_control_ids and SearchRequest.boost_spec are set, the boost conditions from both places are evaluated. If a search request matches multiple boost conditions, the final boost score is equal to the sum of the boost scores from all matched boost conditions. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
   "displayName": "A String", # Required. The human readable serving config display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is returned.
-  "diversityLevel": "A String", # How much diversity to use in recommendation model results e.g. 'medium-diversity' or 'high-diversity'. Currently supported values: * 'no-diversity' * 'low-diversity' * 'medium-diversity' * 'high-diversity' * 'auto-diversity' If not specified, we choose default based on recommendation model type. Default value: 'no-diversity'. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "diversityLevel": "A String", # How much diversity to use in recommendation model results e.g. `medium-diversity` or `high-diversity`. Currently supported values: * `no-diversity` * `low-diversity` * `medium-diversity` * `high-diversity` * `auto-diversity` If not specified, we choose default based on recommendation model type. Default value: `no-diversity`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "diversityType": "A String", # What kind of diversity to use - data driven or rule based.
   "doNotAssociateControlIds": [ # Condition do not associate specifications. If multiple do not associate conditions match, all matching do not associate controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
   "dynamicFacetSpec": { # The specifications of dynamically generated facets. # The specification for dynamically generated facets. Notice that only textual facets can be dynamically generated. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "mode": "A String", # Mode of the DynamicFacet feature. Defaults to Mode.DISABLED if it's unset.
   },
-  "enableCategoryFilterLevel": "A String", # Whether to add additional category filters on the 'similar-items' model. If not specified, we enable it by default. Allowed values are: * 'no-category-match': No additional filtering of original results from the model and the customer's filters. * 'relaxed-category-match': Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "enableCategoryFilterLevel": "A String", # Whether to add additional category filters on the `similar-items` model. If not specified, we enable it by default. Allowed values are: * `no-category-match`: No additional filtering of original results from the model and the customer's filters. * `relaxed-category-match`: Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
   "facetControlIds": [ # Facet specifications for faceted search. If empty, no facets are returned. The ids refer to the ids of Control resources with only the Facet control set. These controls are assumed to be in the same Catalog as the ServingConfig. A maximum of 100 values are allowed. Otherwise, an INVALID_ARGUMENT error is returned. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
@@ -518,12 +543,15 @@ 
Method Details

   "ignoreControlIds": [ # Condition ignore specifications. If multiple ignore conditions match, all matching ignore controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
-  "modelId": "A String", # The id of the model to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "modelId": "A String", # The id of the model in the same Catalog to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.
   "name": "A String", # Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/servingConfig/*`
   "onewaySynonymsControlIds": [ # Condition oneway synonyms specifications. If multiple oneway synonyms conditions match, all matching oneway synonyms controls in the list will execute. Order of controls in the list will not matter. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
-  "priceRerankingLevel": "A String", # How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * 'no-price-reranking' * 'low-price-raranking' * 'medium-price-reranking' * 'high-price-reranking' If not specified, we choose default based on model type. Default value: 'no-price-reranking'. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "personalizationSpec": { # The specification for personalization. # The specification for personalization spec. Can only be set if solution_types is SOLUTION_TYPE_SEARCH. Notice that if both ServingConfig.personalization_spec and SearchRequest.personalization_spec are set. SearchRequest.personalization_spec will override ServingConfig.personalization_spec.
+    "mode": "A String", # Defaults to Mode.AUTO.
+  },
+  "priceRerankingLevel": "A String", # How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * `no-price-reranking` * `low-price-raranking` * `medium-price-reranking` * `high-price-reranking` If not specified, we choose default based on model type. Default value: `no-price-reranking`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
   "redirectControlIds": [ # Condition redirect specifications. Only the first triggered redirect action is applied, even if multiple apply. Maximum number of specifications is 1000. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
@@ -586,7 +614,7 @@ 
Method Details

     "filter": "A String", # The filter syntax consists of an expression language for constructing a predicate from one or more fields of the products being filtered. See SearchRequest.filter for definition and syntax. The value must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned.
     "offset": 42, # An integer that specifies the current offset for pagination (the 0-indexed starting location, amongst the products deemed by the API as relevant). See SearchRequest.offset for definition. If this field is negative, an INVALID_ARGUMENT is returned. This can only be set for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
     "orderBy": "A String", # The order in which products are returned. See SearchRequest.order_by for definition and syntax. The value must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. This can only be set for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
-    "pageCategories": [ # The categories associated with a category page. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"]. Required for `category-page-view` events. At least one of search_query or page_categories is required for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
+    "pageCategories": [ # The categories associated with a category page. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"]. Required for `category-page-view` events. At least one of search_query or page_categories is required for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
       "A String",
     ],
     "pageViewId": "A String", # A unique ID of a web page view. This should be kept the same for all user events triggered from the same pageview. For example, an item detail page view could trigger multiple events as the user is browsing the page. The `pageViewId` property should be kept the same for all these events so that they can be grouped together properly. When using the client side event reporting with JavaScript pixel and Google Tag Manager, this value is filled in automatically.
@@ -619,7 +647,7 @@ 
Method Details

           "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
             "A String",
           ],
-          "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+          "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
             "A String",
           ],
           "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -656,6 +684,48 @@ 
Method Details

             },
           ],
           "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+          "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+            { # The inventory information at a place (e.g. a store) identified by a place ID.
+              "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+                "a_key": { # A custom attribute that is not explicitly modeled in Product.
+                  "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+                  "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                    3.14,
+                  ],
+                  "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+                  "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                    "A String",
+                  ],
+                },
+              },
+              "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+                "A String",
+              ],
+              "placeId": "A String", # The place ID for the current set of inventory information.
+              "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+                "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+                "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+                "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+                "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+                "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+                "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+                "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+                  "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+                    "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                    "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                    "maximum": 3.14, # Inclusive upper bound.
+                    "minimum": 3.14, # Inclusive lower bound.
+                  },
+                  "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+                    "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                    "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                    "maximum": 3.14, # Inclusive upper bound.
+                    "minimum": 3.14, # Inclusive lower bound.
+                  },
+                },
+              },
+            },
+          ],
           "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
             "A String",
           ],
@@ -769,7 +839,7 @@ 
Method Details

   
Disables a Control on the specified ServingConfig. The control is removed from the ServingConfig. Returns a NOT_FOUND error if the Control is not enabled for the ServingConfig.
 
 Args:
-  servingConfig: string, Required. The source ServingConfig resource name . Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/servingConfigs/{serving_config_id} (required)
+  servingConfig: string, Required. The source ServingConfig resource name . Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/servingConfigs/{serving_config_id}` (required)
   body: object, The request body.
     The object takes the form of:
 
@@ -785,19 +855,20 @@ 
Method Details

 Returns:
   An object of the form:
 
-    { # Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions). The ServingConfig is passed in the search and predict request and together with the Catalog.default_branch, generates results.
+    { # Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions).
   "boostControlIds": [ # Condition boost specifications. If a product matches multiple conditions in the specifications, boost scores from these specifications are all applied and combined in a non-linear way. Maximum number of specifications is 100. Notice that if both ServingConfig.boost_control_ids and SearchRequest.boost_spec are set, the boost conditions from both places are evaluated. If a search request matches multiple boost conditions, the final boost score is equal to the sum of the boost scores from all matched boost conditions. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
   "displayName": "A String", # Required. The human readable serving config display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is returned.
-  "diversityLevel": "A String", # How much diversity to use in recommendation model results e.g. 'medium-diversity' or 'high-diversity'. Currently supported values: * 'no-diversity' * 'low-diversity' * 'medium-diversity' * 'high-diversity' * 'auto-diversity' If not specified, we choose default based on recommendation model type. Default value: 'no-diversity'. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "diversityLevel": "A String", # How much diversity to use in recommendation model results e.g. `medium-diversity` or `high-diversity`. Currently supported values: * `no-diversity` * `low-diversity` * `medium-diversity` * `high-diversity` * `auto-diversity` If not specified, we choose default based on recommendation model type. Default value: `no-diversity`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "diversityType": "A String", # What kind of diversity to use - data driven or rule based.
   "doNotAssociateControlIds": [ # Condition do not associate specifications. If multiple do not associate conditions match, all matching do not associate controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
   "dynamicFacetSpec": { # The specifications of dynamically generated facets. # The specification for dynamically generated facets. Notice that only textual facets can be dynamically generated. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "mode": "A String", # Mode of the DynamicFacet feature. Defaults to Mode.DISABLED if it's unset.
   },
-  "enableCategoryFilterLevel": "A String", # Whether to add additional category filters on the 'similar-items' model. If not specified, we enable it by default. Allowed values are: * 'no-category-match': No additional filtering of original results from the model and the customer's filters. * 'relaxed-category-match': Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "enableCategoryFilterLevel": "A String", # Whether to add additional category filters on the `similar-items` model. If not specified, we enable it by default. Allowed values are: * `no-category-match`: No additional filtering of original results from the model and the customer's filters. * `relaxed-category-match`: Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
   "facetControlIds": [ # Facet specifications for faceted search. If empty, no facets are returned. The ids refer to the ids of Control resources with only the Facet control set. These controls are assumed to be in the same Catalog as the ServingConfig. A maximum of 100 values are allowed. Otherwise, an INVALID_ARGUMENT error is returned. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
@@ -807,12 +878,15 @@ 
Method Details

   "ignoreControlIds": [ # Condition ignore specifications. If multiple ignore conditions match, all matching ignore controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
-  "modelId": "A String", # The id of the model to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "modelId": "A String", # The id of the model in the same Catalog to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.
   "name": "A String", # Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/servingConfig/*`
   "onewaySynonymsControlIds": [ # Condition oneway synonyms specifications. If multiple oneway synonyms conditions match, all matching oneway synonyms controls in the list will execute. Order of controls in the list will not matter. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
-  "priceRerankingLevel": "A String", # How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * 'no-price-reranking' * 'low-price-raranking' * 'medium-price-reranking' * 'high-price-reranking' If not specified, we choose default based on model type. Default value: 'no-price-reranking'. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
+  "personalizationSpec": { # The specification for personalization. # The specification for personalization spec. Can only be set if solution_types is SOLUTION_TYPE_SEARCH. Notice that if both ServingConfig.personalization_spec and SearchRequest.personalization_spec are set. SearchRequest.personalization_spec will override ServingConfig.personalization_spec.
+    "mode": "A String", # Defaults to Mode.AUTO.
+  },
+  "priceRerankingLevel": "A String", # How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * `no-price-reranking` * `low-price-raranking` * `medium-price-reranking` * `high-price-reranking` If not specified, we choose default based on model type. Default value: `no-price-reranking`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.
   "redirectControlIds": [ # Condition redirect specifications. Only the first triggered redirect action is applied, even if multiple apply. Maximum number of specifications is 1000. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.
     "A String",
   ],
@@ -830,7 +904,7 @@ 
Method Details

 
 

     search(placement, body=None, x__xgafv=None)
-  
Performs a search. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.
+  
Performs a search. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.
 
 Args:
   placement: string, Required. The resource name of the Retail Search serving config, such as `projects/*/locations/global/catalogs/default_catalog/servingConfigs/default_serving_config` or the name of the legacy placement resource, such as `projects/*/locations/global/catalogs/default_catalog/placements/default_search`. This field is used to identify the serving configuration name and the set of models that will be used to make the search. (required)
@@ -891,12 +965,12 @@ 
Method Details

   },
   "offset": 42, # A 0-indexed integer that specifies the current offset (that is, starting result location, amongst the Products deemed by the API as relevant) in search results. This field is only considered if page_token is unset. If this field is negative, an INVALID_ARGUMENT is returned.
   "orderBy": "A String", # The order in which products are returned. Products can be ordered by a field in an Product object. Leave it unset if ordered by relevance. OrderBy expression is case-sensitive. See more details at this [user guide](https://cloud.google.com/retail/docs/filter-and-order#order). If this field is unrecognizable, an INVALID_ARGUMENT is returned.
-  "pageCategories": [ # The categories associated with a category page. Required for category navigation queries to achieve good search quality. The format should be the same as UserEvent.page_categories; To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"].
+  "pageCategories": [ # The categories associated with a category page. Required for category navigation queries to achieve good search quality. The format should be the same as UserEvent.page_categories; To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"].
     "A String",
   ],
   "pageSize": 42, # Maximum number of Products to return. If unspecified, defaults to a reasonable value. The maximum allowed value is 120. Values above 120 will be coerced to 120. If this field is negative, an INVALID_ARGUMENT is returned.
   "pageToken": "A String", # A page token SearchResponse.next_page_token, received from a previous SearchService.Search call. Provide this to retrieve the subsequent page. When paginating, all other parameters provided to SearchService.Search must match the call that provided the page token. Otherwise, an INVALID_ARGUMENT error is returned.
-  "personalizationSpec": { # The specification for personalization. # The specification for personalization.
+  "personalizationSpec": { # The specification for personalization. # The specification for personalization. Notice that if both ServingConfig.personalization_spec and SearchRequest.personalization_spec are set. SearchRequest.personalization_spec will override ServingConfig.personalization_spec.
     "mode": "A String", # Defaults to Mode.AUTO.
   },
   "query": "A String", # Raw search query. If this field is empty, the request is considered a category browsing request and returned results are based on filter and page_categories.
@@ -1003,7 +1077,7 @@ 
Method Details

         "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
           "A String",
         ],
-        "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+        "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
           "A String",
         ],
         "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -1040,6 +1114,48 @@ 
Method Details

           },
         ],
         "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+        "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+          { # The inventory information at a place (e.g. a store) identified by a place ID.
+            "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+              "a_key": { # A custom attribute that is not explicitly modeled in Product.
+                "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+                "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                  3.14,
+                ],
+                "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+                "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                  "A String",
+                ],
+              },
+            },
+            "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+              "A String",
+            ],
+            "placeId": "A String", # The place ID for the current set of inventory information.
+            "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+              "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+              "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+              "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+              "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+              "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+              "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+              "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+                "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+                  "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                  "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                  "maximum": 3.14, # Inclusive upper bound.
+                  "minimum": 3.14, # Inclusive lower bound.
+                },
+                "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+                  "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                  "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                  "maximum": 3.14, # Inclusive upper bound.
+                  "minimum": 3.14, # Inclusive lower bound.
+                },
+              },
+            },
+          },
+        ],
         "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
           "A String",
         ],
diff --git a/docs/dyn/retail_v2beta.projects.locations.catalogs.userEvents.html b/docs/dyn/retail_v2beta.projects.locations.catalogs.userEvents.html
index f444cc4f2d9..7ffc284c283 100644
--- a/docs/dyn/retail_v2beta.projects.locations.catalogs.userEvents.html
+++ b/docs/dyn/retail_v2beta.projects.locations.catalogs.userEvents.html
@@ -82,13 +82,13 @@ 
Instance Methods

 
Writes a single user event from the browser. This uses a GET request to due to browser restriction of POST-ing to a 3rd party domain. This method is used only by the Retail API JavaScript pixel and Google Tag Manager. Users should not call this method directly.

 

   import_(parent, body=None, x__xgafv=None)

-
Bulk import of User events. Request processing might be synchronous. Events that already exist are skipped. Use this method for backfilling historical user events. Operation.response is of type ImportResponse. Note that it is possible for a subset of the items to be successfully inserted. Operation.metadata is of type ImportMetadata.

+
Bulk import of User events. Request processing might be synchronous. Events that already exist are skipped. Use this method for backfilling historical user events. `Operation.response` is of type `ImportResponse`. Note that it is possible for a subset of the items to be successfully inserted. `Operation.metadata` is of type `ImportMetadata`.

 

   purge(parent, body=None, x__xgafv=None)

 
Deletes permanently all user events specified by the filter provided. Depending on the number of events specified by the filter, this operation could take hours or days to complete. To test a filter, use the list command first.

 

   rejoin(parent, body=None, x__xgafv=None)

-
Starts a user event rejoin operation with latest product catalog. Events will not be annotated with detailed product information if product is missing from the catalog at the time the user event is ingested, and these events are stored as unjoined events with a limited usage on training and serving. This method can be used to start a join operation on specified events with latest version of product catalog. It can also be used to correct events joined with the wrong product catalog. A rejoin operation can take hours or days to complete.

+
Starts a user-event rejoin operation with latest product catalog. Events are not annotated with detailed product information for products that are missing from the catalog when the user event is ingested. These events are stored as unjoined events with limited usage on training and serving. You can use this method to start a join operation on specified events with the latest version of product catalog. You can also use this method to correct events joined with the wrong product catalog. A rejoin operation can take hours or days to complete.

 

   write(parent, body=None, x__xgafv=None)

 
Writes a single user event.

@@ -128,7 +128,7 @@ 
Method Details

 
 

     import_(parent, body=None, x__xgafv=None)
-  
Bulk import of User events. Request processing might be synchronous. Events that already exist are skipped. Use this method for backfilling historical user events. Operation.response is of type ImportResponse. Note that it is possible for a subset of the items to be successfully inserted. Operation.metadata is of type ImportMetadata.
+  
Bulk import of User events. Request processing might be synchronous. Events that already exist are skipped. Use this method for backfilling historical user events. `Operation.response` is of type `ImportResponse`. Note that it is possible for a subset of the items to be successfully inserted. `Operation.metadata` is of type `ImportMetadata`.
 
 Args:
   parent: string, Required. `projects/1234/locations/global/catalogs/default_catalog` (required)
@@ -137,7 +137,7 @@ 
Method Details

 
 { # Request message for the ImportUserEvents request.
   "errorsConfig": { # Configuration of destination for Import related errors. # The desired location of errors incurred during the Import. Cannot be set for inline user event imports.
-    "gcsPrefix": "A String", # Google Cloud Storage prefix for import errors. This must be an empty, existing Cloud Storage directory. Import errors will be written to sharded files in this directory, one per line, as a JSON-encoded `google.rpc.Status` message.
+    "gcsPrefix": "A String", # Google Cloud Storage prefix for import errors. This must be an empty, existing Cloud Storage directory. Import errors are written to sharded files in this directory, one per line, as a JSON-encoded `google.rpc.Status` message.
   },
   "inputConfig": { # The input config source for user events. # Required. The desired input location of the data.
     "bigQuerySource": { # BigQuery source import data from. # Required. BigQuery input source.
@@ -152,8 +152,8 @@ 
Method Details

       "projectId": "A String", # The project ID (can be project # or ID) that the BigQuery source is in with a length limit of 128 characters. If not specified, inherits the project ID from the parent request.
       "tableId": "A String", # Required. The BigQuery table to copy the data from with a length limit of 1,024 characters.
     },
-    "gcsSource": { # Google Cloud Storage location for input content. format. # Required. Google Cloud Storage location for the input content.
-      "dataSchema": "A String", # The schema to use when parsing the data from the source. Supported values for product imports: * `product` (default): One JSON Product per line. Each product must have a valid Product.id. * `product_merchant_center`: See [Importing catalog data from Merchant Center](https://cloud.google.com/retail/recommendations-ai/docs/upload-catalog#mc). Supported values for user events imports: * `user_event` (default): One JSON UserEvent per line. * `user_event_ga360`: Using https://support.google.com/analytics/answer/3437719. Supported values for control imports: * 'control' (default): One JSON Control per line. Supported values for catalog attribute imports: * 'catalog_attribute' (default): One CSV CatalogAttribute per line.
+    "gcsSource": { # Google Cloud Storage location for input content. # Required. Google Cloud Storage location for the input content.
+      "dataSchema": "A String", # The schema to use when parsing the data from the source. Supported values for product imports: * `product` (default): One JSON Product per line. Each product must have a valid Product.id. * `product_merchant_center`: See [Importing catalog data from Merchant Center](https://cloud.google.com/retail/recommendations-ai/docs/upload-catalog#mc). Supported values for user events imports: * `user_event` (default): One JSON UserEvent per line. * `user_event_ga360`: Using https://support.google.com/analytics/answer/3437719. Supported values for control imports: * `control` (default): One JSON Control per line. Supported values for catalog attribute imports: * `catalog_attribute` (default): One CSV CatalogAttribute per line.
       "inputUris": [ # Required. Google Cloud Storage URIs to input files. URI can be up to 2000 characters long. URIs can match the full object path (for example, `gs://bucket/directory/object.json`) or a pattern matching one or more files, such as `gs://bucket/directory/*.json`. A request can contain at most 100 files, and each file can be up to 2 GB. See [Importing product information](https://cloud.google.com/retail/recommendations-ai/docs/upload-catalog) for the expected file format and setup instructions.
         "A String",
       ],
@@ -188,7 +188,7 @@ 
Method Details

           "filter": "A String", # The filter syntax consists of an expression language for constructing a predicate from one or more fields of the products being filtered. See SearchRequest.filter for definition and syntax. The value must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned.
           "offset": 42, # An integer that specifies the current offset for pagination (the 0-indexed starting location, amongst the products deemed by the API as relevant). See SearchRequest.offset for definition. If this field is negative, an INVALID_ARGUMENT is returned. This can only be set for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
           "orderBy": "A String", # The order in which products are returned. See SearchRequest.order_by for definition and syntax. The value must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. This can only be set for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
-          "pageCategories": [ # The categories associated with a category page. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"]. Required for `category-page-view` events. At least one of search_query or page_categories is required for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
+          "pageCategories": [ # The categories associated with a category page. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"]. Required for `category-page-view` events. At least one of search_query or page_categories is required for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
             "A String",
           ],
           "pageViewId": "A String", # A unique ID of a web page view. This should be kept the same for all user events triggered from the same pageview. For example, an item detail page view could trigger multiple events as the user is browsing the page. The `pageViewId` property should be kept the same for all these events so that they can be grouped together properly. When using the client side event reporting with JavaScript pixel and Google Tag Manager, this value is filled in automatically.
@@ -221,7 +221,7 @@ 
Method Details

                 "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
                   "A String",
                 ],
-                "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+                "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
                   "A String",
                 ],
                 "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -258,6 +258,48 @@ 
Method Details

                   },
                 ],
                 "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+                "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+                  { # The inventory information at a place (e.g. a store) identified by a place ID.
+                    "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+                      "a_key": { # A custom attribute that is not explicitly modeled in Product.
+                        "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+                        "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                          3.14,
+                        ],
+                        "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+                        "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                          "A String",
+                        ],
+                      },
+                    },
+                    "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+                      "A String",
+                    ],
+                    "placeId": "A String", # The place ID for the current set of inventory information.
+                    "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+                      "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+                      "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+                      "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+                      "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+                      "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+                      "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+                      "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+                        "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+                          "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                          "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                          "maximum": 3.14, # Inclusive upper bound.
+                          "minimum": 3.14, # Inclusive lower bound.
+                        },
+                        "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+                          "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                          "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                          "maximum": 3.14, # Inclusive upper bound.
+                          "minimum": 3.14, # Inclusive lower bound.
+                        },
+                      },
+                    },
+                  },
+                ],
                 "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
                   "A String",
                 ],
@@ -417,7 +459,7 @@ 
Method Details

 
 

     rejoin(parent, body=None, x__xgafv=None)
-  
Starts a user event rejoin operation with latest product catalog. Events will not be annotated with detailed product information if product is missing from the catalog at the time the user event is ingested, and these events are stored as unjoined events with a limited usage on training and serving. This method can be used to start a join operation on specified events with latest version of product catalog. It can also be used to correct events joined with the wrong product catalog. A rejoin operation can take hours or days to complete.
+  
Starts a user-event rejoin operation with latest product catalog. Events are not annotated with detailed product information for products that are missing from the catalog when the user event is ingested. These events are stored as unjoined events with limited usage on training and serving. You can use this method to start a join operation on specified events with the latest version of product catalog. You can also use this method to correct events joined with the wrong product catalog. A rejoin operation can take hours or days to complete.
 
 Args:
   parent: string, Required. The parent catalog resource name, such as `projects/1234/locations/global/catalogs/default_catalog`. (required)
@@ -425,7 +467,7 @@ 
Method Details

     The object takes the form of:
 
 { # Request message for RejoinUserEvents method.
-  "userEventRejoinScope": "A String", # The type of the user event rejoin to define the scope and range of the user events to be rejoined with the latest product catalog. Defaults to USER_EVENT_REJOIN_SCOPE_UNSPECIFIED if this field is not set, or set to an invalid integer value.
+  "userEventRejoinScope": "A String", # The type of the user event rejoin to define the scope and range of the user events to be rejoined with the latest product catalog. Defaults to `USER_EVENT_REJOIN_SCOPE_UNSPECIFIED` if this field is not set, or set to an invalid integer value.
 }
 
   x__xgafv: string, V1 error format.
@@ -494,7 +536,7 @@ 
Method Details

   "filter": "A String", # The filter syntax consists of an expression language for constructing a predicate from one or more fields of the products being filtered. See SearchRequest.filter for definition and syntax. The value must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned.
   "offset": 42, # An integer that specifies the current offset for pagination (the 0-indexed starting location, amongst the products deemed by the API as relevant). See SearchRequest.offset for definition. If this field is negative, an INVALID_ARGUMENT is returned. This can only be set for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
   "orderBy": "A String", # The order in which products are returned. See SearchRequest.order_by for definition and syntax. The value must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. This can only be set for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
-  "pageCategories": [ # The categories associated with a category page. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"]. Required for `category-page-view` events. At least one of search_query or page_categories is required for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
+  "pageCategories": [ # The categories associated with a category page. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"]. Required for `category-page-view` events. At least one of search_query or page_categories is required for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
     "A String",
   ],
   "pageViewId": "A String", # A unique ID of a web page view. This should be kept the same for all user events triggered from the same pageview. For example, an item detail page view could trigger multiple events as the user is browsing the page. The `pageViewId` property should be kept the same for all these events so that they can be grouped together properly. When using the client side event reporting with JavaScript pixel and Google Tag Manager, this value is filled in automatically.
@@ -527,7 +569,7 @@ 
Method Details

         "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
           "A String",
         ],
-        "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+        "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
           "A String",
         ],
         "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -564,6 +606,48 @@ 
Method Details

           },
         ],
         "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+        "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+          { # The inventory information at a place (e.g. a store) identified by a place ID.
+            "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+              "a_key": { # A custom attribute that is not explicitly modeled in Product.
+                "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+                "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                  3.14,
+                ],
+                "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+                "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                  "A String",
+                ],
+              },
+            },
+            "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+              "A String",
+            ],
+            "placeId": "A String", # The place ID for the current set of inventory information.
+            "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+              "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+              "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+              "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+              "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+              "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+              "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+              "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+                "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+                  "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                  "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                  "maximum": 3.14, # Inclusive upper bound.
+                  "minimum": 3.14, # Inclusive lower bound.
+                },
+                "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+                  "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                  "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                  "maximum": 3.14, # Inclusive upper bound.
+                  "minimum": 3.14, # Inclusive lower bound.
+                },
+              },
+            },
+          },
+        ],
         "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
           "A String",
         ],
@@ -681,7 +765,7 @@ 
Method Details

   "filter": "A String", # The filter syntax consists of an expression language for constructing a predicate from one or more fields of the products being filtered. See SearchRequest.filter for definition and syntax. The value must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned.
   "offset": 42, # An integer that specifies the current offset for pagination (the 0-indexed starting location, amongst the products deemed by the API as relevant). See SearchRequest.offset for definition. If this field is negative, an INVALID_ARGUMENT is returned. This can only be set for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
   "orderBy": "A String", # The order in which products are returned. See SearchRequest.order_by for definition and syntax. The value must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. This can only be set for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
-  "pageCategories": [ # The categories associated with a category page. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"]. Required for `category-page-view` events. At least one of search_query or page_categories is required for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
+  "pageCategories": [ # The categories associated with a category page. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"]. Required for `category-page-view` events. At least one of search_query or page_categories is required for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.
     "A String",
   ],
   "pageViewId": "A String", # A unique ID of a web page view. This should be kept the same for all user events triggered from the same pageview. For example, an item detail page view could trigger multiple events as the user is browsing the page. The `pageViewId` property should be kept the same for all these events so that they can be grouped together properly. When using the client side event reporting with JavaScript pixel and Google Tag Manager, this value is filled in automatically.
@@ -714,7 +798,7 @@ 
Method Details

         "brands": [ # The brands of the product. A maximum of 30 brands are allowed. Each brand must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand).
           "A String",
         ],
-        "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
+        "categories": [ # Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436
           "A String",
         ],
         "collectionMemberIds": [ # The id of the collection members when type is Type.COLLECTION. Non-existent product ids are allowed. The type of the members must be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT error is thrown. Should not set it for other types. A maximum of 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is return.
@@ -751,6 +835,48 @@ 
Method Details

           },
         ],
         "languageCode": "A String", # Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset.
+        "localInventories": [ # Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.
+          { # The inventory information at a place (e.g. a store) identified by a place ID.
+            "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. This field needs to pass all below criteria, otherwise an INVALID_ARGUMENT error is returned: * At most 30 attributes are allowed. * The key must be a UTF-8 encoded string with a length limit of 32 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * Only 1 value is allowed for each attribute. * For text values, the length limit is 256 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false. * The max summed total bytes of custom attribute keys and values per product is 5MiB.
+              "a_key": { # A custom attribute that is not explicitly modeled in Product.
+                "indexable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are indexed, so that they can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
+                "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                  3.14,
+                ],
+                "searchable": True or False, # This field is normally ignored unless AttributesConfig.attribute_config_level of the Catalog is set to the deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information about product-level attribute configuration, see [Configuration modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). If true, custom attribute values are searchable by text queries in SearchService.Search. This field is ignored in a UserEvent. Only set if type text is set. Otherwise, a INVALID_ARGUMENT error is returned.
+                "text": [ # The textual values of this custom attribute. For example, `["yellow", "green"]` when the key is "color". Empty string is not allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.
+                  "A String",
+                ],
+              },
+            },
+            "fulfillmentTypes": [ # Input only. Supported fulfillment types. Valid fulfillment type values include commonly used types (such as pickup in store and same day delivery), and custom types. Customers have to map custom types to their display names before rendering UI. Supported values: * "pickup-in-store" * "ship-to-store" * "same-day-delivery" * "next-day-delivery" * "custom-type-1" * "custom-type-2" * "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. All the elements must be distinct. Otherwise, an INVALID_ARGUMENT error is returned.
+              "A String",
+            ],
+            "placeId": "A String", # The place ID for the current set of inventory information.
+            "priceInfo": { # The price information of a Product. # Product price and cost information. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371).
+              "cost": 3.14, # The costs associated with the sale of a particular product. Used for gross profit reporting. * Profit = price - cost Google Merchant Center property [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895).
+              "currencyCode": "A String", # The 3-letter currency code defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html). If this field is an unrecognizable currency code, an INVALID_ARGUMENT error is returned. The Product.Type.VARIANT Products with the same Product.primary_product_id must share the same currency_code. Otherwise, a FAILED_PRECONDITION error is returned.
+              "originalPrice": 3.14, # Price of the product without any discount. If zero, by default set to be the price. If set, original_price should be greater than or equal to price, otherwise an INVALID_ARGUMENT error is thrown.
+              "price": 3.14, # Price of the product. Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). Schema.org property [Offer.price](https://schema.org/price).
+              "priceEffectiveTime": "A String", # The timestamp when the price starts to be effective. This can be set as a future timestamp, and the price is only used for search after price_effective_time. If so, the original_price must be set and original_price is used before price_effective_time. Do not set if price is always effective because it will cause additional latency during search.
+              "priceExpireTime": "A String", # The timestamp when the price stops to be effective. The price is used for search before price_expire_time. If this field is set, the original_price must be set and original_price is used after price_expire_time. Do not set if price is always effective because it will cause additional latency during search.
+              "priceRange": { # The price range of all variant Product having the same Product.primary_product_id. # Output only. The price range of all the child Product.Type.VARIANT Products grouped together on the Product.Type.PRIMARY Product. Only populated for Product.Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in API requests.
+                "originalPrice": { # A floating point interval. # The inclusive Product.pricing_info.original_price internal of all variant Product having the same Product.primary_product_id.
+                  "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                  "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                  "maximum": 3.14, # Inclusive upper bound.
+                  "minimum": 3.14, # Inclusive lower bound.
+                },
+                "price": { # A floating point interval. # The inclusive Product.pricing_info.price interval of all variant Product having the same Product.primary_product_id.
+                  "exclusiveMaximum": 3.14, # Exclusive upper bound.
+                  "exclusiveMinimum": 3.14, # Exclusive lower bound.
+                  "maximum": 3.14, # Inclusive upper bound.
+                  "minimum": 3.14, # Inclusive lower bound.
+                },
+              },
+            },
+          },
+        ],
         "materials": [ # The material of the product. For example, "leather", "wooden". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).
           "A String",
         ],
diff --git a/docs/dyn/run_v1.namespaces.configurations.html b/docs/dyn/run_v1.namespaces.configurations.html
index 3807d0266fa..3861f764b55 100644
--- a/docs/dyn/run_v1.namespaces.configurations.html
+++ b/docs/dyn/run_v1.namespaces.configurations.html
@@ -94,7 +94,7 @@ 
Method Details

   
Get information about a configuration.
 
 Args:
-  name: string, The name of the configuration to retrieve. For Cloud Run (fully managed), replace {namespace_id} with the project ID or number. (required)
+  name: string, The name of the configuration to retrieve. For Cloud Run, replace {namespace_id} with the project ID or number. (required)
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -103,266 +103,266 @@ 
Method Details

 Returns:
   An object of the form:
 
-    { # Configuration represents the "floating HEAD" of a linear history of Revisions, and optionally how the containers those revisions reference are built. Users create new Revisions by updating the Configuration's spec. The "latest created" revision's name is available under status, as is the "latest ready" revision's name. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#configuration
+    { # Configuration represents the "floating HEAD" of a linear history of Revisions, and optionally how the containers those revisions reference are built. Users create new Revisions by updating the Configuration's spec. The "latest created" revision's name is available under status, as is the "latest ready" revision's name. See also: https://github.com/knative/specs/blob/main/specs/serving/overview.md#configuration
   "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1".
   "kind": "A String", # The kind of resource, in this case always "Configuration".
   "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Configuration, including name, namespace, labels, and annotations.
-    "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+    "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
       "a_key": "A String",
     },
-    "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-    "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-    "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+    "clusterName": "A String", # Not supported by Cloud Run
+    "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+    "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+    "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+    "finalizers": [ # Not supported by Cloud Run
       "A String",
     ],
-    "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-    "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-    "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+    "generateName": "A String", # Not supported by Cloud Run
+    "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+    "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
       "a_key": "A String",
     },
-    "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-    "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-    "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-      { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-        "apiVersion": "A String", # API version of the referent.
-        "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-        "controller": True or False, # If true, this reference points to the managing controller. +optional
-        "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-        "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+    "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+    "ownerReferences": [ # Not supported by Cloud Run
+      { # This is not supported or used by Cloud Run.
+        "apiVersion": "A String", # This is not supported or used by Cloud Run.
+        "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+        "controller": True or False, # This is not supported or used by Cloud Run.
+        "kind": "A String", # This is not supported or used by Cloud Run.
+        "name": "A String", # This is not supported or used by Cloud Run.
+        "uid": "A String", # This is not supported or used by Cloud Run.
       },
     ],
-    "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-    "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-    "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
+    "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
   },
   "spec": { # ConfigurationSpec holds the desired state of the Configuration (from the client). # Spec holds the desired state of the Configuration (from the client).
     "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out.
       "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. The following annotation keys set properties of the created revision: * `autoscaling.knative.dev/minScale` sets the minimum number of instances. * `autoscaling.knative.dev/maxScale` sets the maximum number of instances. * `run.googleapis.com/cloudsql-instances` sets Cloud SQL connections. Multiple values should be comma separated. * `run.googleapis.com/vpc-access-connector` sets a Serverless VPC Access connector. * `run.googleapis.com/vpc-access-egress` sets VPC egress. Supported values are `all-traffic`, `all` (deprecated), and `private-ranges-only`. `all-traffic` and `all` provide the same functionality. `all` is deprecated but will continue to be supported. Prefer `all-traffic`.
-        "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+        "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
           "a_key": "A String",
         },
-        "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-        "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-        "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+        "clusterName": "A String", # Not supported by Cloud Run
+        "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+        "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+        "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+        "finalizers": [ # Not supported by Cloud Run
           "A String",
         ],
-        "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-        "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-        "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+        "generateName": "A String", # Not supported by Cloud Run
+        "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+        "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
           "a_key": "A String",
         },
-        "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-        "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-        "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-          { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-            "apiVersion": "A String", # API version of the referent.
-            "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-            "controller": True or False, # If true, this reference points to the managing controller. +optional
-            "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-            "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+        "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+        "ownerReferences": [ # Not supported by Cloud Run
+          { # This is not supported or used by Cloud Run.
+            "apiVersion": "A String", # This is not supported or used by Cloud Run.
+            "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+            "controller": True or False, # This is not supported or used by Cloud Run.
+            "kind": "A String", # This is not supported or used by Cloud Run.
+            "name": "A String", # This is not supported or used by Cloud Run.
+            "uid": "A String", # This is not supported or used by Cloud Run.
           },
         ],
-        "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-        "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-        "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+        "selfLink": "A String", # URL representing this object.
+        "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
       },
       "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
-        "containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run for Anthos: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler.
-        "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/serving/blob/main/docs/runtime-contract.md
+        "containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run: supported, defaults to 80
+        "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/specs/blob/main/specs/serving/runtime-contract.md
           { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime.
-            "args": [ # (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+            "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
               "A String",
             ],
-            "command": [
+            "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
               "A String",
             ],
-            "env": [ # (Optional) List of environment variables to set in the container.
+            "env": [ # List of environment variables to set in the container.
               { # EnvVar represents an environment variable present in a Container.
-                "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
-                "value": "A String", # (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
-                "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # (Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty.
-                  "configMapKeyRef": { # Not supported by Cloud Run Selects a key from a ConfigMap. # (Optional) Not supported by Cloud Run Selects a key of a ConfigMap.
-                    "key": "A String", # The key to select.
-                    "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                      "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "name": "A String", # Required. Name of the environment variable. Must be a C_IDENTIFIER.
+                "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
+                "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # Source for the environment variable's value. Only supports secret_key_ref. Cannot be used if value is not empty.
+                  "configMapKeyRef": { # Not supported by Cloud Run. Selects a key from a ConfigMap. # Not supported by Cloud Run. Selects a key of a ConfigMap.
+                    "key": "A String", # Required. The key to select.
+                    "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                      "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                     },
-                    "name": "A String", # The ConfigMap to select from.
-                    "optional": True or False, # (Optional) Specify whether the ConfigMap or its key must be defined
+                    "name": "A String", # Required. The ConfigMap to select from.
+                    "optional": True or False, # Specify whether the ConfigMap or its key must be defined
                   },
-                  "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # (Optional) Selects a key (version) of a secret in Secret Manager.
-                    "key": "A String", # A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
-                    "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                      "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                  "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # Selects a key (version) of a secret in Secret Manager.
+                    "key": "A String", # Required. A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
+                    "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                      "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                     },
                     "name": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from.
-                    "optional": True or False, # (Optional) Specify whether the Secret or its key must be defined
+                    "optional": True or False, # Specify whether the Secret or its key must be defined.
                   },
                 },
               },
             ],
-            "envFrom": [ # (Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
-              { # Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps
-                "configMapRef": { # Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # (Optional) The ConfigMap to select from
-                  "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                    "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+            "envFrom": [ # Not supported by Cloud Run.
+              { # Not supported by Cloud Run. EnvFromSource represents the source of a set of ConfigMaps
+                "configMapRef": { # Not supported by Cloud Run. ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from
+                  "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                    "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                   },
                   "name": "A String", # The ConfigMap to select from.
-                  "optional": True or False, # (Optional) Specify whether the ConfigMap must be defined
+                  "optional": True or False, # Specify whether the ConfigMap must be defined.
                 },
-                "prefix": "A String", # (Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
-                "secretRef": { # Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # (Optional) The Secret to select from
-                  "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                    "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
+                "secretRef": { # Not supported by Cloud Run. SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from
+                  "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                    "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                   },
                   "name": "A String", # The Secret to select from.
-                  "optional": True or False, # (Optional) Specify whether the Secret must be defined
+                  "optional": True or False, # Specify whether the Secret must be defined
                 },
               },
             ],
-            "image": "A String", # Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images
-            "imagePullPolicy": "A String", # (Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
-            "livenessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "image": "A String", # Required. URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images
+            "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
+            "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "name": "A String", # (Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
-            "ports": [ # (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
+            "name": "A String", # Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
+            "ports": [ # List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
               { # ContainerPort represents a network port in a single container.
-                "containerPort": 42, # (Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536.
-                "name": "A String", # (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
-                "protocol": "A String", # (Optional) Protocol for port. Must be "TCP". Defaults to "TCP".
+                "containerPort": 42, # Port number the container listens on. This must be a valid port number, 0 < x < 65536.
+                "name": "A String", # If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
+                "protocol": "A String", # Protocol for port. Must be "TCP". Defaults to "TCP".
               },
             ],
-            "readinessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Not supported by Cloud Run.
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "resources": { # ResourceRequirements describes the compute resource requirements. # (Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
-              "limits": { # (Optional) Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+            "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+              "limits": { # Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                 "a_key": "A String",
               },
-              "requests": { # (Optional) Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+              "requests": { # Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                 "a_key": "A String",
               },
             },
-            "securityContext": { # Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # (Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
-              "runAsUser": 42, # (Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+            "securityContext": { # Not supported by Cloud Run. SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Not supported by Cloud Run.
+              "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
             },
-            "startupProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "startupProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not receive traffic if the probe fails. If not provided, a default startup probe with TCP socket action is used. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "terminationMessagePath": "A String", # (Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
-            "terminationMessagePolicy": "A String", # (Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
-            "volumeMounts": [ # (Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
+            "terminationMessagePath": "A String", # Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
+            "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
+            "volumeMounts": [ # Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
               { # VolumeMount describes a mounting of a Volume within a container.
-                "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'.
-                "name": "A String", # The name of the volume. There must be a corresponding Volume with the same name.
-                "readOnly": True or False, # (Optional) Only true is accepted. Defaults to true.
-                "subPath": "A String", # (Optional) Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
+                "mountPath": "A String", # Required. Path within the container at which the volume should be mounted. Must not contain ':'.
+                "name": "A String", # Required. The name of the volume. There must be a corresponding Volume with the same name.
+                "readOnly": True or False, # Only true is accepted for Secret Volumes. Defaults to true for Secrets Volumes.
+                "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
               },
             ],
-            "workingDir": "A String", # (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
+            "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
           },
         ],
-        "enableServiceLinks": True or False, # Indicates whether information about services should be injected into pod's environment variables, matching the syntax of Docker links. Cloud Run fully managed: Not supported. Cloud Run for Anthos: supported, defaults to true.
-        "imagePullSecrets": [ # ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet. More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod Cloud Run fully managed: Not supported. Cloud Run for Anthos: supported.
-          { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
-            "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+        "enableServiceLinks": True or False, # Not supported by Cloud Run.
+        "imagePullSecrets": [ # Not supported by Cloud Run.
+          { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
+            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
           },
         ],
         "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account.
-        "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run fully managed: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour). Cloud Run for Anthos: defaults to 300 seconds (5 minutes). Maximum allowed value is configurable by the cluster operator.
+        "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour).
         "volumes": [
           { # Volume represents a named volume in a container.
-            "configMap": { # Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
+            "configMap": { # Not supported by Cloud Run. Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
               "defaultMode": 42, # (Optional) Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
               "items": [ # (Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
                 { # Maps a string key to a path within a volume.
@@ -375,16 +375,16 @@ 
Method Details

               "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
             },
             "name": "A String", # Volume's name. In Cloud Run Fully Managed, the name 'cloudsql' is reserved.
-            "secret": { # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names.
+            "secret": { # A volume representing a secret stored in Google Secret Manager. The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secretName.
               "defaultMode": 42, # Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0444. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
-              "items": [ # (Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
+              "items": [ # A list of secret versions to mount in the volume. If no items are specified, the volume will expose a file with the same name as the secret name. The contents of the file will be the data in the latest version of the secret. If items are specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify both a key and a path.
                 { # Maps a string key to a path within a volume.
                   "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project.
                   "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                   "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                 },
               ],
-              "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
+              "optional": True or False, # Not supported by Cloud Run.
               "secretName": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use.
             },
           },
@@ -393,17 +393,17 @@ 
Method Details

     },
   },
   "status": { # ConfigurationStatus communicates the observed state of the Configuration (from the controller). # Status communicates the observed state of the Configuration (from the controller).
-    "conditions": [ # Conditions communicates information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world.
-      { # Condition defines a generic condition for a Resource.
+    "conditions": [ # Conditions communicate information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world.
+      { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
         "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
         "message": "A String", # Optional. Human readable message indicating details about the current status.
-        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-        "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+        "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
         "status": "A String", # Status of the condition, one of True, False, Unknown.
-        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
       },
     ],
-    "latestCreatedRevisionName": "A String", # LatestCreatedRevisionName is the last revision that was created from this Configuration. It might not be ready yet, for that use LatestReadyRevisionName.
+    "latestCreatedRevisionName": "A String", # LatestCreatedRevisionName is the last revision that was created from this Configuration. It might not be ready yet, so for the latest ready revision, use LatestReadyRevisionName.
     "latestReadyRevisionName": "A String", # LatestReadyRevisionName holds the name of the latest Revision stamped out from this Configuration that has had its "Ready" condition become "True".
     "observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Configuration that was last processed by the controller. The observed generation is updated even if the controller failed to process the spec and create the Revision. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation, and the Ready condition's status is True or False.
   },
@@ -415,14 +415,14 @@ 
Method Details

   
List configurations.
 
 Args:
-  parent: string, The namespace from which the configurations should be listed. For Cloud Run (fully managed), replace {namespace_id} with the project ID or number. (required)
+  parent: string, The namespace from which the configurations should be listed. For Cloud Run, replace {namespace_id} with the project ID or number. (required)
   continue: string, Optional. Encoded string to continue paging.
-  fieldSelector: string, Allows to filter resources based on a specific value for a field name. Send this in a query string format. i.e. 'metadata.name%3Dlorem'. Not currently used by Cloud Run.
-  includeUninitialized: boolean, Not currently used by Cloud Run.
+  fieldSelector: string, Not supported by Cloud Run.
+  includeUninitialized: boolean, Not supported by Cloud Run.
   labelSelector: string, Allows to filter resources based on a label. Supported operations are =, !=, exists, in, and notIn.
-  limit: integer, Optional. The maximum number of records that should be returned.
-  resourceVersion: string, The baseline resource version from which the list or watch operation should start. Not currently used by Cloud Run.
-  watch: boolean, Flag that indicates that the client expects to watch this resource as well. Not currently used by Cloud Run.
+  limit: integer, Optional. The maximum number of the records that should be returned.
+  resourceVersion: string, Not supported by Cloud Run.
+  watch: boolean, Not supported by Cloud Run.
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -434,266 +434,266 @@ 
Method Details

     { # ListConfigurationsResponse is a list of Configuration resources.
   "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1".
   "items": [ # List of Configurations.
-    { # Configuration represents the "floating HEAD" of a linear history of Revisions, and optionally how the containers those revisions reference are built. Users create new Revisions by updating the Configuration's spec. The "latest created" revision's name is available under status, as is the "latest ready" revision's name. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#configuration
+    { # Configuration represents the "floating HEAD" of a linear history of Revisions, and optionally how the containers those revisions reference are built. Users create new Revisions by updating the Configuration's spec. The "latest created" revision's name is available under status, as is the "latest ready" revision's name. See also: https://github.com/knative/specs/blob/main/specs/serving/overview.md#configuration
       "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1".
       "kind": "A String", # The kind of resource, in this case always "Configuration".
       "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Configuration, including name, namespace, labels, and annotations.
-        "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+        "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
           "a_key": "A String",
         },
-        "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-        "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-        "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+        "clusterName": "A String", # Not supported by Cloud Run
+        "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+        "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+        "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+        "finalizers": [ # Not supported by Cloud Run
           "A String",
         ],
-        "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-        "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-        "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+        "generateName": "A String", # Not supported by Cloud Run
+        "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+        "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
           "a_key": "A String",
         },
-        "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-        "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-        "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-          { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-            "apiVersion": "A String", # API version of the referent.
-            "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-            "controller": True or False, # If true, this reference points to the managing controller. +optional
-            "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-            "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+        "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+        "ownerReferences": [ # Not supported by Cloud Run
+          { # This is not supported or used by Cloud Run.
+            "apiVersion": "A String", # This is not supported or used by Cloud Run.
+            "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+            "controller": True or False, # This is not supported or used by Cloud Run.
+            "kind": "A String", # This is not supported or used by Cloud Run.
+            "name": "A String", # This is not supported or used by Cloud Run.
+            "uid": "A String", # This is not supported or used by Cloud Run.
           },
         ],
-        "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-        "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-        "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+        "selfLink": "A String", # URL representing this object.
+        "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
       },
       "spec": { # ConfigurationSpec holds the desired state of the Configuration (from the client). # Spec holds the desired state of the Configuration (from the client).
         "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out.
           "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. The following annotation keys set properties of the created revision: * `autoscaling.knative.dev/minScale` sets the minimum number of instances. * `autoscaling.knative.dev/maxScale` sets the maximum number of instances. * `run.googleapis.com/cloudsql-instances` sets Cloud SQL connections. Multiple values should be comma separated. * `run.googleapis.com/vpc-access-connector` sets a Serverless VPC Access connector. * `run.googleapis.com/vpc-access-egress` sets VPC egress. Supported values are `all-traffic`, `all` (deprecated), and `private-ranges-only`. `all-traffic` and `all` provide the same functionality. `all` is deprecated but will continue to be supported. Prefer `all-traffic`.
-            "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+            "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
               "a_key": "A String",
             },
-            "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-            "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-            "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-            "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-            "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+            "clusterName": "A String", # Not supported by Cloud Run
+            "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+            "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+            "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+            "finalizers": [ # Not supported by Cloud Run
               "A String",
             ],
-            "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-            "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-            "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+            "generateName": "A String", # Not supported by Cloud Run
+            "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+            "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
               "a_key": "A String",
             },
-            "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-            "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-            "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-              { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-                "apiVersion": "A String", # API version of the referent.
-                "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-                "controller": True or False, # If true, this reference points to the managing controller. +optional
-                "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-                "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-                "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+            "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+            "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+            "ownerReferences": [ # Not supported by Cloud Run
+              { # This is not supported or used by Cloud Run.
+                "apiVersion": "A String", # This is not supported or used by Cloud Run.
+                "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+                "controller": True or False, # This is not supported or used by Cloud Run.
+                "kind": "A String", # This is not supported or used by Cloud Run.
+                "name": "A String", # This is not supported or used by Cloud Run.
+                "uid": "A String", # This is not supported or used by Cloud Run.
               },
             ],
-            "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-            "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-            "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+            "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+            "selfLink": "A String", # URL representing this object.
+            "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
           },
           "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
-            "containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run for Anthos: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler.
-            "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/serving/blob/main/docs/runtime-contract.md
+            "containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run: supported, defaults to 80
+            "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/specs/blob/main/specs/serving/runtime-contract.md
               { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime.
-                "args": [ # (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+                "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
                   "A String",
                 ],
-                "command": [
+                "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
                   "A String",
                 ],
-                "env": [ # (Optional) List of environment variables to set in the container.
+                "env": [ # List of environment variables to set in the container.
                   { # EnvVar represents an environment variable present in a Container.
-                    "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
-                    "value": "A String", # (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
-                    "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # (Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty.
-                      "configMapKeyRef": { # Not supported by Cloud Run Selects a key from a ConfigMap. # (Optional) Not supported by Cloud Run Selects a key of a ConfigMap.
-                        "key": "A String", # The key to select.
-                        "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                          "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                    "name": "A String", # Required. Name of the environment variable. Must be a C_IDENTIFIER.
+                    "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
+                    "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # Source for the environment variable's value. Only supports secret_key_ref. Cannot be used if value is not empty.
+                      "configMapKeyRef": { # Not supported by Cloud Run. Selects a key from a ConfigMap. # Not supported by Cloud Run. Selects a key of a ConfigMap.
+                        "key": "A String", # Required. The key to select.
+                        "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                          "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                         },
-                        "name": "A String", # The ConfigMap to select from.
-                        "optional": True or False, # (Optional) Specify whether the ConfigMap or its key must be defined
+                        "name": "A String", # Required. The ConfigMap to select from.
+                        "optional": True or False, # Specify whether the ConfigMap or its key must be defined
                       },
-                      "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # (Optional) Selects a key (version) of a secret in Secret Manager.
-                        "key": "A String", # A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
-                        "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                          "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                      "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # Selects a key (version) of a secret in Secret Manager.
+                        "key": "A String", # Required. A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
+                        "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                          "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                         },
                         "name": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from.
-                        "optional": True or False, # (Optional) Specify whether the Secret or its key must be defined
+                        "optional": True or False, # Specify whether the Secret or its key must be defined.
                       },
                     },
                   },
                 ],
-                "envFrom": [ # (Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
-                  { # Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps
-                    "configMapRef": { # Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # (Optional) The ConfigMap to select from
-                      "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                        "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "envFrom": [ # Not supported by Cloud Run.
+                  { # Not supported by Cloud Run. EnvFromSource represents the source of a set of ConfigMaps
+                    "configMapRef": { # Not supported by Cloud Run. ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from
+                      "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                       },
                       "name": "A String", # The ConfigMap to select from.
-                      "optional": True or False, # (Optional) Specify whether the ConfigMap must be defined
+                      "optional": True or False, # Specify whether the ConfigMap must be defined.
                     },
-                    "prefix": "A String", # (Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
-                    "secretRef": { # Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # (Optional) The Secret to select from
-                      "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                        "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                    "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
+                    "secretRef": { # Not supported by Cloud Run. SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from
+                      "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                       },
                       "name": "A String", # The Secret to select from.
-                      "optional": True or False, # (Optional) Specify whether the Secret must be defined
+                      "optional": True or False, # Specify whether the Secret must be defined
                     },
                   },
                 ],
-                "image": "A String", # Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images
-                "imagePullPolicy": "A String", # (Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
-                "livenessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                    "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+                "image": "A String", # Required. URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images
+                "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
+                "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                    "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                       "A String",
                     ],
                   },
-                  "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-                  "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+                  "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+                  "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                     "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                     "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
                   },
-                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                    "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                       { # HTTPHeader describes a custom header to be used in HTTP probes
                         "name": "A String", # The header field name
                         "value": "A String", # The header field value
                       },
                     ],
-                    "path": "A String", # (Optional) Path to access on the HTTP server.
-                    "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                    "path": "A String", # Path to access on the HTTP server.
+                    "scheme": "A String", # Not supported by Cloud Run.
                   },
-                  "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-                  "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                    "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+                  "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+                  "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
                   },
-                  "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
                 },
-                "name": "A String", # (Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
-                "ports": [ # (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
+                "name": "A String", # Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
+                "ports": [ # List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
                   { # ContainerPort represents a network port in a single container.
-                    "containerPort": 42, # (Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536.
-                    "name": "A String", # (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
-                    "protocol": "A String", # (Optional) Protocol for port. Must be "TCP". Defaults to "TCP".
+                    "containerPort": 42, # Port number the container listens on. This must be a valid port number, 0 < x < 65536.
+                    "name": "A String", # If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
+                    "protocol": "A String", # Protocol for port. Must be "TCP". Defaults to "TCP".
                   },
                 ],
-                "readinessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                    "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+                "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Not supported by Cloud Run.
+                  "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                    "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                       "A String",
                     ],
                   },
-                  "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-                  "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+                  "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+                  "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                     "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                     "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
                   },
-                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                    "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                       { # HTTPHeader describes a custom header to be used in HTTP probes
                         "name": "A String", # The header field name
                         "value": "A String", # The header field value
                       },
                     ],
-                    "path": "A String", # (Optional) Path to access on the HTTP server.
-                    "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                    "path": "A String", # Path to access on the HTTP server.
+                    "scheme": "A String", # Not supported by Cloud Run.
                   },
-                  "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-                  "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                    "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+                  "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+                  "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
                   },
-                  "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
                 },
-                "resources": { # ResourceRequirements describes the compute resource requirements. # (Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
-                  "limits": { # (Optional) Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+                "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+                  "limits": { # Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                     "a_key": "A String",
                   },
-                  "requests": { # (Optional) Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+                  "requests": { # Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                     "a_key": "A String",
                   },
                 },
-                "securityContext": { # Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # (Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
-                  "runAsUser": 42, # (Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+                "securityContext": { # Not supported by Cloud Run. SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Not supported by Cloud Run.
+                  "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
                 },
-                "startupProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                    "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+                "startupProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not receive traffic if the probe fails. If not provided, a default startup probe with TCP socket action is used. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                    "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                       "A String",
                     ],
                   },
-                  "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-                  "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+                  "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+                  "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                     "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                     "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
                   },
-                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                    "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                       { # HTTPHeader describes a custom header to be used in HTTP probes
                         "name": "A String", # The header field name
                         "value": "A String", # The header field value
                       },
                     ],
-                    "path": "A String", # (Optional) Path to access on the HTTP server.
-                    "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                    "path": "A String", # Path to access on the HTTP server.
+                    "scheme": "A String", # Not supported by Cloud Run.
                   },
-                  "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-                  "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                    "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+                  "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+                  "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
                   },
-                  "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
                 },
-                "terminationMessagePath": "A String", # (Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
-                "terminationMessagePolicy": "A String", # (Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
-                "volumeMounts": [ # (Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
+                "terminationMessagePath": "A String", # Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
+                "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
+                "volumeMounts": [ # Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
                   { # VolumeMount describes a mounting of a Volume within a container.
-                    "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'.
-                    "name": "A String", # The name of the volume. There must be a corresponding Volume with the same name.
-                    "readOnly": True or False, # (Optional) Only true is accepted. Defaults to true.
-                    "subPath": "A String", # (Optional) Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
+                    "mountPath": "A String", # Required. Path within the container at which the volume should be mounted. Must not contain ':'.
+                    "name": "A String", # Required. The name of the volume. There must be a corresponding Volume with the same name.
+                    "readOnly": True or False, # Only true is accepted for Secret Volumes. Defaults to true for Secrets Volumes.
+                    "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
                   },
                 ],
-                "workingDir": "A String", # (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
+                "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
               },
             ],
-            "enableServiceLinks": True or False, # Indicates whether information about services should be injected into pod's environment variables, matching the syntax of Docker links. Cloud Run fully managed: Not supported. Cloud Run for Anthos: supported, defaults to true.
-            "imagePullSecrets": [ # ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet. More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod Cloud Run fully managed: Not supported. Cloud Run for Anthos: supported.
-              { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
-                "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+            "enableServiceLinks": True or False, # Not supported by Cloud Run.
+            "imagePullSecrets": [ # Not supported by Cloud Run.
+              { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
+                "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
               },
             ],
             "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account.
-            "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run fully managed: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour). Cloud Run for Anthos: defaults to 300 seconds (5 minutes). Maximum allowed value is configurable by the cluster operator.
+            "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour).
             "volumes": [
               { # Volume represents a named volume in a container.
-                "configMap": { # Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
+                "configMap": { # Not supported by Cloud Run. Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
                   "defaultMode": 42, # (Optional) Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                   "items": [ # (Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
                     { # Maps a string key to a path within a volume.
@@ -706,16 +706,16 @@ 
Method Details

                   "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
                 },
                 "name": "A String", # Volume's name. In Cloud Run Fully Managed, the name 'cloudsql' is reserved.
-                "secret": { # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names.
+                "secret": { # A volume representing a secret stored in Google Secret Manager. The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secretName.
                   "defaultMode": 42, # Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0444. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
-                  "items": [ # (Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
+                  "items": [ # A list of secret versions to mount in the volume. If no items are specified, the volume will expose a file with the same name as the secret name. The contents of the file will be the data in the latest version of the secret. If items are specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify both a key and a path.
                     { # Maps a string key to a path within a volume.
                       "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project.
                       "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                       "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                     },
                   ],
-                  "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
+                  "optional": True or False, # Not supported by Cloud Run.
                   "secretName": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use.
                 },
               },
@@ -724,27 +724,27 @@ 
Method Details

         },
       },
       "status": { # ConfigurationStatus communicates the observed state of the Configuration (from the controller). # Status communicates the observed state of the Configuration (from the controller).
-        "conditions": [ # Conditions communicates information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world.
-          { # Condition defines a generic condition for a Resource.
+        "conditions": [ # Conditions communicate information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world.
+          { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
             "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
             "message": "A String", # Optional. Human readable message indicating details about the current status.
-            "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-            "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+            "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+            "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
             "status": "A String", # Status of the condition, one of True, False, Unknown.
-            "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+            "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
           },
         ],
-        "latestCreatedRevisionName": "A String", # LatestCreatedRevisionName is the last revision that was created from this Configuration. It might not be ready yet, for that use LatestReadyRevisionName.
+        "latestCreatedRevisionName": "A String", # LatestCreatedRevisionName is the last revision that was created from this Configuration. It might not be ready yet, so for the latest ready revision, use LatestReadyRevisionName.
         "latestReadyRevisionName": "A String", # LatestReadyRevisionName holds the name of the latest Revision stamped out from this Configuration that has had its "Ready" condition become "True".
         "observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Configuration that was last processed by the controller. The observed generation is updated even if the controller failed to process the spec and create the Revision. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation, and the Ready condition's status is True or False.
       },
     },
   ],
   "kind": "A String", # The kind of this resource, in this case "ConfigurationList".
-  "metadata": { # ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}. # Metadata associated with this Configuration list.
-    "continue": "A String", # continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response.
-    "resourceVersion": "A String", # String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional
-    "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional
+  "metadata": { # Metadata for synthetic resources like List. In Cloud Run, all List Resources Responses will have a ListMeta instead of ObjectMeta. # Metadata associated with this Configuration list.
+    "continue": "A String", # Continuation token is a value emitted when the count of items is larger than the user/system limit. To retrieve the next page of items, pass the value of `continue` as the next request's `page_token`.
+    "resourceVersion": "A String", # Opaque string that identifies the server's internal version of this object. It can be used by clients to determine when objects have changed. If the message is passed back to the server, it must be left unmodified. https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
   },
   "unreachable": [ # Locations that could not be reached.
     "A String",
diff --git a/docs/dyn/run_v1.namespaces.domainmappings.html b/docs/dyn/run_v1.namespaces.domainmappings.html
index 2e1009b2f2e..a5f78c116df 100644
--- a/docs/dyn/run_v1.namespaces.domainmappings.html
+++ b/docs/dyn/run_v1.namespaces.domainmappings.html
@@ -88,7 +88,7 @@ 
Instance Methods

 
Get information about a domain mapping.

 

   list(parent, continue=None, fieldSelector=None, includeUninitialized=None, labelSelector=None, limit=None, resourceVersion=None, watch=None, x__xgafv=None)

-
List domain mappings.

+
List all domain mappings.

 
Method Details

 

     close()
@@ -108,36 +108,36 @@ 
Method Details

   "apiVersion": "A String", # The API version for this call such as "domains.cloudrun.com/v1".
   "kind": "A String", # The kind of resource, in this case "DomainMapping".
   "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this BuildTemplate.
-    "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+    "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
       "a_key": "A String",
     },
-    "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-    "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-    "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+    "clusterName": "A String", # Not supported by Cloud Run
+    "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+    "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+    "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+    "finalizers": [ # Not supported by Cloud Run
       "A String",
     ],
-    "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-    "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-    "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+    "generateName": "A String", # Not supported by Cloud Run
+    "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+    "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
       "a_key": "A String",
     },
-    "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-    "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-    "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-      { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-        "apiVersion": "A String", # API version of the referent.
-        "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-        "controller": True or False, # If true, this reference points to the managing controller. +optional
-        "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-        "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+    "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+    "ownerReferences": [ # Not supported by Cloud Run
+      { # This is not supported or used by Cloud Run.
+        "apiVersion": "A String", # This is not supported or used by Cloud Run.
+        "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+        "controller": True or False, # This is not supported or used by Cloud Run.
+        "kind": "A String", # This is not supported or used by Cloud Run.
+        "name": "A String", # This is not supported or used by Cloud Run.
+        "uid": "A String", # This is not supported or used by Cloud Run.
       },
     ],
-    "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-    "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-    "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
+    "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
   },
   "spec": { # The desired state of the Domain Mapping. # The spec for this DomainMapping.
     "certificateMode": "A String", # The mode of the certificate.
@@ -146,13 +146,13 @@ 
Method Details

   },
   "status": { # The current state of the Domain Mapping. # The current status of the DomainMapping.
     "conditions": [ # Array of observed DomainMappingConditions, indicating the current state of the DomainMapping.
-      { # Condition defines a generic condition for a Resource.
+      { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
         "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
         "message": "A String", # Optional. Human readable message indicating details about the current status.
-        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-        "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+        "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
         "status": "A String", # Status of the condition, one of True, False, Unknown.
-        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
       },
     ],
     "mappedRouteName": "A String", # The name of the route that the mapping currently points to.
@@ -164,7 +164,7 @@ 
Method Details

         "type": "A String", # Resource record type. Example: `AAAA`.
       },
     ],
-    "url": "A String", # Optional. Cloud Run fully managed: not supported Cloud Run on GKE: supported Holds the URL that will serve the traffic of the DomainMapping.
+    "url": "A String", # Optional. Not supported by Cloud Run.
   },
 }
 
@@ -181,36 +181,36 @@ 
Method Details

   "apiVersion": "A String", # The API version for this call such as "domains.cloudrun.com/v1".
   "kind": "A String", # The kind of resource, in this case "DomainMapping".
   "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this BuildTemplate.
-    "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+    "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
       "a_key": "A String",
     },
-    "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-    "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-    "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+    "clusterName": "A String", # Not supported by Cloud Run
+    "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+    "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+    "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+    "finalizers": [ # Not supported by Cloud Run
       "A String",
     ],
-    "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-    "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-    "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+    "generateName": "A String", # Not supported by Cloud Run
+    "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+    "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
       "a_key": "A String",
     },
-    "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-    "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-    "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-      { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-        "apiVersion": "A String", # API version of the referent.
-        "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-        "controller": True or False, # If true, this reference points to the managing controller. +optional
-        "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-        "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+    "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+    "ownerReferences": [ # Not supported by Cloud Run
+      { # This is not supported or used by Cloud Run.
+        "apiVersion": "A String", # This is not supported or used by Cloud Run.
+        "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+        "controller": True or False, # This is not supported or used by Cloud Run.
+        "kind": "A String", # This is not supported or used by Cloud Run.
+        "name": "A String", # This is not supported or used by Cloud Run.
+        "uid": "A String", # This is not supported or used by Cloud Run.
       },
     ],
-    "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-    "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-    "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
+    "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
   },
   "spec": { # The desired state of the Domain Mapping. # The spec for this DomainMapping.
     "certificateMode": "A String", # The mode of the certificate.
@@ -219,13 +219,13 @@ 
Method Details

   },
   "status": { # The current state of the Domain Mapping. # The current status of the DomainMapping.
     "conditions": [ # Array of observed DomainMappingConditions, indicating the current state of the DomainMapping.
-      { # Condition defines a generic condition for a Resource.
+      { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
         "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
         "message": "A String", # Optional. Human readable message indicating details about the current status.
-        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-        "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+        "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
         "status": "A String", # Status of the condition, one of True, False, Unknown.
-        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
       },
     ],
     "mappedRouteName": "A String", # The name of the route that the mapping currently points to.
@@ -237,7 +237,7 @@ 
Method Details

         "type": "A String", # Resource record type. Example: `AAAA`.
       },
     ],
-    "url": "A String", # Optional. Cloud Run fully managed: not supported Cloud Run on GKE: supported Holds the URL that will serve the traffic of the DomainMapping.
+    "url": "A String", # Optional. Not supported by Cloud Run.
   },
 }

 

@@ -251,7 +251,7 @@ 
Method Details

   apiVersion: string, Cloud Run currently ignores this parameter.
   dryRun: string, Indicates that the server should validate the request and populate default values without persisting the request. Supported values: `all`
   kind: string, Cloud Run currently ignores this parameter.
-  propagationPolicy: string, Specifies the propagation policy of delete. Cloud Run currently ignores this setting, and deletes in the background. Please see kubernetes.io/docs/concepts/workloads/controllers/garbage-collection/ for more information.
+  propagationPolicy: string, Specifies the propagation policy of delete. Cloud Run currently ignores this setting, and deletes in the background. Please see kubernetes.io/docs/concepts/architecture/garbage-collection/ for more information.
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -260,30 +260,30 @@ 
Method Details

 Returns:
   An object of the form:
 
-    { # Status is a return value for calls that don't return other objects
-  "code": 42, # Suggested HTTP return code for this status, 0 if not set. +optional
-  "details": { # StatusDetails is a set of additional properties that MAY be set by the server to provide additional information about a response. The Reason field of a Status object defines what attributes will be set. Clients must ignore fields that do not match the defined type of each attribute, and should assume that any attribute may be empty, invalid, or under defined. # Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type. +optional
-    "causes": [ # The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes. +optional
+    { # Status is a return value for calls that don't return other objects.
+  "code": 42, # Suggested HTTP return code for this status, 0 if not set.
+  "details": { # StatusDetails is a set of additional properties that MAY be set by the server to provide additional information about a response. The Reason field of a Status object defines what attributes will be set. Clients must ignore fields that do not match the defined type of each attribute, and should assume that any attribute may be empty, invalid, or under defined. # Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type.
+    "causes": [ # The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes.
       { # StatusCause provides more information about an api.Status failure, including cases when multiple errors are encountered.
-        "field": "A String", # The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. Examples: "name" - the field "name" on the current resource "items[0].name" - the field "name" on the first array entry in "items" +optional
-        "message": "A String", # A human-readable description of the cause of the error. This field may be presented as-is to a reader. +optional
-        "reason": "A String", # A machine-readable description of the cause of the error. If this value is empty there is no information available. +optional
+        "field": "A String", # The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Examples: "name" - the field "name" on the current resource "items[0].name" - the field "name" on the first array entry in "items"
+        "message": "A String", # A human-readable description of the cause of the error. This field may be presented as-is to a reader.
+        "reason": "A String", # A machine-readable description of the cause of the error. If this value is empty there is no information available.
       },
     ],
-    "group": "A String", # The group attribute of the resource associated with the status StatusReason. +optional
-    "kind": "A String", # The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +optional
-    "name": "A String", # The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described). +optional
-    "retryAfterSeconds": 42, # If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action. +optional
-    "uid": "A String", # UID of the resource. (when there is a single resource which can be described). More info: https://kubernetes.io/docs/user-guide/identifiers#uids +optional
+    "group": "A String", # The group attribute of the resource associated with the status StatusReason.
+    "kind": "A String", # The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+    "name": "A String", # The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described).
+    "retryAfterSeconds": 42, # If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action.
+    "uid": "A String", # UID of the resource. (when there is a single resource which can be described). More info: https://kubernetes.io/docs/user-guide/identifiers#uids
   },
-  "message": "A String", # A human-readable description of the status of this operation. +optional
-  "metadata": { # ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}. # Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +optional
-    "continue": "A String", # continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response.
-    "resourceVersion": "A String", # String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional
-    "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional
+  "message": "A String", # A human-readable description of the status of this operation.
+  "metadata": { # Metadata for synthetic resources like List. In Cloud Run, all List Resources Responses will have a ListMeta instead of ObjectMeta. # Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+    "continue": "A String", # Continuation token is a value emitted when the count of items is larger than the user/system limit. To retrieve the next page of items, pass the value of `continue` as the next request's `page_token`.
+    "resourceVersion": "A String", # Opaque string that identifies the server's internal version of this object. It can be used by clients to determine when objects have changed. If the message is passed back to the server, it must be left unmodified. https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
   },
-  "reason": "A String", # A machine-readable description of why this operation is in the "Failure" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it. +optional
-  "status": "A String", # Status of the operation. One of: "Success" or "Failure". More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status +optional
+  "reason": "A String", # A machine-readable description of why this operation is in the "Failure" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it.
+  "status": "A String", # Status of the operation. One of: "Success" or "Failure". More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
 }

 

 
@@ -305,36 +305,36 @@ 
Method Details

   "apiVersion": "A String", # The API version for this call such as "domains.cloudrun.com/v1".
   "kind": "A String", # The kind of resource, in this case "DomainMapping".
   "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this BuildTemplate.
-    "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+    "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
       "a_key": "A String",
     },
-    "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-    "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-    "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+    "clusterName": "A String", # Not supported by Cloud Run
+    "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+    "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+    "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+    "finalizers": [ # Not supported by Cloud Run
       "A String",
     ],
-    "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-    "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-    "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+    "generateName": "A String", # Not supported by Cloud Run
+    "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+    "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
       "a_key": "A String",
     },
-    "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-    "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-    "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-      { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-        "apiVersion": "A String", # API version of the referent.
-        "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-        "controller": True or False, # If true, this reference points to the managing controller. +optional
-        "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-        "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+    "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+    "ownerReferences": [ # Not supported by Cloud Run
+      { # This is not supported or used by Cloud Run.
+        "apiVersion": "A String", # This is not supported or used by Cloud Run.
+        "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+        "controller": True or False, # This is not supported or used by Cloud Run.
+        "kind": "A String", # This is not supported or used by Cloud Run.
+        "name": "A String", # This is not supported or used by Cloud Run.
+        "uid": "A String", # This is not supported or used by Cloud Run.
       },
     ],
-    "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-    "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-    "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
+    "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
   },
   "spec": { # The desired state of the Domain Mapping. # The spec for this DomainMapping.
     "certificateMode": "A String", # The mode of the certificate.
@@ -343,13 +343,13 @@ 
Method Details

   },
   "status": { # The current state of the Domain Mapping. # The current status of the DomainMapping.
     "conditions": [ # Array of observed DomainMappingConditions, indicating the current state of the DomainMapping.
-      { # Condition defines a generic condition for a Resource.
+      { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
         "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
         "message": "A String", # Optional. Human readable message indicating details about the current status.
-        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-        "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+        "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
         "status": "A String", # Status of the condition, one of True, False, Unknown.
-        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
       },
     ],
     "mappedRouteName": "A String", # The name of the route that the mapping currently points to.
@@ -361,14 +361,14 @@ 
Method Details

         "type": "A String", # Resource record type. Example: `AAAA`.
       },
     ],
-    "url": "A String", # Optional. Cloud Run fully managed: not supported Cloud Run on GKE: supported Holds the URL that will serve the traffic of the DomainMapping.
+    "url": "A String", # Optional. Not supported by Cloud Run.
   },
 }

 

 
 

     list(parent, continue=None, fieldSelector=None, includeUninitialized=None, labelSelector=None, limit=None, resourceVersion=None, watch=None, x__xgafv=None)
-  
List domain mappings.
+  
List all domain mappings.
 
 Args:
   parent: string, The namespace from which the domain mappings should be listed. For Cloud Run (fully managed), replace {namespace} with the project ID or number. It takes the form namespaces/{namespace}. For example: namespaces/PROJECT_ID (required)
@@ -394,36 +394,36 @@ 
Method Details

       "apiVersion": "A String", # The API version for this call such as "domains.cloudrun.com/v1".
       "kind": "A String", # The kind of resource, in this case "DomainMapping".
       "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this BuildTemplate.
-        "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+        "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
           "a_key": "A String",
         },
-        "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-        "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-        "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+        "clusterName": "A String", # Not supported by Cloud Run
+        "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+        "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+        "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+        "finalizers": [ # Not supported by Cloud Run
           "A String",
         ],
-        "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-        "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-        "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+        "generateName": "A String", # Not supported by Cloud Run
+        "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+        "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
           "a_key": "A String",
         },
-        "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-        "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-        "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-          { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-            "apiVersion": "A String", # API version of the referent.
-            "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-            "controller": True or False, # If true, this reference points to the managing controller. +optional
-            "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-            "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+        "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+        "ownerReferences": [ # Not supported by Cloud Run
+          { # This is not supported or used by Cloud Run.
+            "apiVersion": "A String", # This is not supported or used by Cloud Run.
+            "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+            "controller": True or False, # This is not supported or used by Cloud Run.
+            "kind": "A String", # This is not supported or used by Cloud Run.
+            "name": "A String", # This is not supported or used by Cloud Run.
+            "uid": "A String", # This is not supported or used by Cloud Run.
           },
         ],
-        "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-        "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-        "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+        "selfLink": "A String", # URL representing this object.
+        "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
       },
       "spec": { # The desired state of the Domain Mapping. # The spec for this DomainMapping.
         "certificateMode": "A String", # The mode of the certificate.
@@ -432,13 +432,13 @@ 
Method Details

       },
       "status": { # The current state of the Domain Mapping. # The current status of the DomainMapping.
         "conditions": [ # Array of observed DomainMappingConditions, indicating the current state of the DomainMapping.
-          { # Condition defines a generic condition for a Resource.
+          { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
             "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
             "message": "A String", # Optional. Human readable message indicating details about the current status.
-            "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-            "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+            "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+            "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
             "status": "A String", # Status of the condition, one of True, False, Unknown.
-            "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+            "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
           },
         ],
         "mappedRouteName": "A String", # The name of the route that the mapping currently points to.
@@ -450,15 +450,15 @@ 
Method Details

             "type": "A String", # Resource record type. Example: `AAAA`.
           },
         ],
-        "url": "A String", # Optional. Cloud Run fully managed: not supported Cloud Run on GKE: supported Holds the URL that will serve the traffic of the DomainMapping.
+        "url": "A String", # Optional. Not supported by Cloud Run.
       },
     },
   ],
   "kind": "A String", # The kind of this resource, in this case "DomainMappingList".
-  "metadata": { # ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}. # Metadata associated with this DomainMapping list.
-    "continue": "A String", # continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response.
-    "resourceVersion": "A String", # String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional
-    "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional
+  "metadata": { # Metadata for synthetic resources like List. In Cloud Run, all List Resources Responses will have a ListMeta instead of ObjectMeta. # Metadata associated with this DomainMapping list.
+    "continue": "A String", # Continuation token is a value emitted when the count of items is larger than the user/system limit. To retrieve the next page of items, pass the value of `continue` as the next request's `page_token`.
+    "resourceVersion": "A String", # Opaque string that identifies the server's internal version of this object. It can be used by clients to determine when objects have changed. If the message is passed back to the server, it must be left unmodified. https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
   },
   "unreachable": [ # Locations that could not be reached.
     "A String",
diff --git a/docs/dyn/run_v1.namespaces.executions.html b/docs/dyn/run_v1.namespaces.executions.html
index b1d6a813b07..82e51daf182 100644
--- a/docs/dyn/run_v1.namespaces.executions.html
+++ b/docs/dyn/run_v1.namespaces.executions.html
@@ -110,230 +110,230 @@ 
Method Details

 Returns:
   An object of the form:
 
-    { # Execution represents the configuration of a single execution. A execution an immutable resource that references a container image which is run to completion.
-  "apiVersion": "A String", # Optional. APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources +optional
-  "kind": "A String", # Optional. Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +optional
-  "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional
-    "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+    { # Execution represents the configuration of a single execution. An execution is an immutable resource that references a container image which is run to completion.
+  "apiVersion": "A String", # Optional. APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+  "kind": "A String", # Optional. Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+  "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+    "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
       "a_key": "A String",
     },
-    "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-    "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-    "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+    "clusterName": "A String", # Not supported by Cloud Run
+    "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+    "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+    "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+    "finalizers": [ # Not supported by Cloud Run
       "A String",
     ],
-    "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-    "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-    "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+    "generateName": "A String", # Not supported by Cloud Run
+    "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+    "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
       "a_key": "A String",
     },
-    "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-    "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-    "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-      { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-        "apiVersion": "A String", # API version of the referent.
-        "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-        "controller": True or False, # If true, this reference points to the managing controller. +optional
-        "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-        "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+    "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+    "ownerReferences": [ # Not supported by Cloud Run
+      { # This is not supported or used by Cloud Run.
+        "apiVersion": "A String", # This is not supported or used by Cloud Run.
+        "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+        "controller": True or False, # This is not supported or used by Cloud Run.
+        "kind": "A String", # This is not supported or used by Cloud Run.
+        "name": "A String", # This is not supported or used by Cloud Run.
+        "uid": "A String", # This is not supported or used by Cloud Run.
       },
     ],
-    "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-    "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-    "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
+    "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
   },
-  "spec": { # ExecutionSpec describes how the execution will look. # Optional. Specification of the desired behavior of an execution. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status +optional
-    "parallelism": 42, # Optional. Specifies the maximum desired number of tasks the execution should run at given time. Must be <= task_count. When the job is run, if this field is 0 or unset, the maximum possible value will be used for that execution. The actual number of tasks running in steady state will be less than this number when there are fewer tasks waiting to be completed remaining, i.e. when the work left to do is less than max parallelism. +optional
-    "taskCount": 42, # Optional. Specifies the desired number of tasks the execution should run. Setting to 1 means that parallelism is limited to 1 and the success of that task signals the success of the execution. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/ +optional
+  "spec": { # ExecutionSpec describes how the execution will look. # Optional. Specification of the desired behavior of an execution. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+    "parallelism": 42, # Optional. Specifies the maximum desired number of tasks the execution should run at given time. Must be <= task_count. When the job is run, if this field is 0 or unset, the maximum possible value will be used for that execution. The actual number of tasks running in steady state will be less than this number when there are fewer tasks waiting to be completed, i.e. when the work left to do is less than max parallelism.
+    "taskCount": 42, # Optional. Specifies the desired number of tasks the execution should run. Setting to 1 means that parallelism is limited to 1 and the success of that task signals the success of the execution.
     "template": { # TaskTemplateSpec describes the data a task should have when created from a template. # Optional. Describes the task(s) that will be created when executing an execution.
-      "spec": { # TaskSpec is a description of a task. # Optional. Specification of the desired behavior of the task. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status +optional
+      "spec": { # TaskSpec is a description of a task. # Optional. Specification of the desired behavior of the task. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
         "containers": [ # Optional. List of containers belonging to the task. We disallow a number of fields on this Container. Only a single container may be provided.
           { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime.
-            "args": [ # (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+            "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
               "A String",
             ],
-            "command": [
+            "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
               "A String",
             ],
-            "env": [ # (Optional) List of environment variables to set in the container.
+            "env": [ # List of environment variables to set in the container.
               { # EnvVar represents an environment variable present in a Container.
-                "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
-                "value": "A String", # (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
-                "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # (Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty.
-                  "configMapKeyRef": { # Not supported by Cloud Run Selects a key from a ConfigMap. # (Optional) Not supported by Cloud Run Selects a key of a ConfigMap.
-                    "key": "A String", # The key to select.
-                    "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                      "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "name": "A String", # Required. Name of the environment variable. Must be a C_IDENTIFIER.
+                "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
+                "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # Source for the environment variable's value. Only supports secret_key_ref. Cannot be used if value is not empty.
+                  "configMapKeyRef": { # Not supported by Cloud Run. Selects a key from a ConfigMap. # Not supported by Cloud Run. Selects a key of a ConfigMap.
+                    "key": "A String", # Required. The key to select.
+                    "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                      "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                     },
-                    "name": "A String", # The ConfigMap to select from.
-                    "optional": True or False, # (Optional) Specify whether the ConfigMap or its key must be defined
+                    "name": "A String", # Required. The ConfigMap to select from.
+                    "optional": True or False, # Specify whether the ConfigMap or its key must be defined
                   },
-                  "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # (Optional) Selects a key (version) of a secret in Secret Manager.
-                    "key": "A String", # A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
-                    "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                      "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                  "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # Selects a key (version) of a secret in Secret Manager.
+                    "key": "A String", # Required. A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
+                    "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                      "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                     },
                     "name": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from.
-                    "optional": True or False, # (Optional) Specify whether the Secret or its key must be defined
+                    "optional": True or False, # Specify whether the Secret or its key must be defined.
                   },
                 },
               },
             ],
-            "envFrom": [ # (Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
-              { # Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps
-                "configMapRef": { # Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # (Optional) The ConfigMap to select from
-                  "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                    "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+            "envFrom": [ # Not supported by Cloud Run.
+              { # Not supported by Cloud Run. EnvFromSource represents the source of a set of ConfigMaps
+                "configMapRef": { # Not supported by Cloud Run. ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from
+                  "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                    "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                   },
                   "name": "A String", # The ConfigMap to select from.
-                  "optional": True or False, # (Optional) Specify whether the ConfigMap must be defined
+                  "optional": True or False, # Specify whether the ConfigMap must be defined.
                 },
-                "prefix": "A String", # (Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
-                "secretRef": { # Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # (Optional) The Secret to select from
-                  "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                    "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
+                "secretRef": { # Not supported by Cloud Run. SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from
+                  "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                    "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                   },
                   "name": "A String", # The Secret to select from.
-                  "optional": True or False, # (Optional) Specify whether the Secret must be defined
+                  "optional": True or False, # Specify whether the Secret must be defined
                 },
               },
             ],
-            "image": "A String", # Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images
-            "imagePullPolicy": "A String", # (Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
-            "livenessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "image": "A String", # Required. URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images
+            "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
+            "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "name": "A String", # (Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
-            "ports": [ # (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
+            "name": "A String", # Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
+            "ports": [ # List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
               { # ContainerPort represents a network port in a single container.
-                "containerPort": 42, # (Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536.
-                "name": "A String", # (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
-                "protocol": "A String", # (Optional) Protocol for port. Must be "TCP". Defaults to "TCP".
+                "containerPort": 42, # Port number the container listens on. This must be a valid port number, 0 < x < 65536.
+                "name": "A String", # If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
+                "protocol": "A String", # Protocol for port. Must be "TCP". Defaults to "TCP".
               },
             ],
-            "readinessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Not supported by Cloud Run.
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "resources": { # ResourceRequirements describes the compute resource requirements. # (Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
-              "limits": { # (Optional) Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+            "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+              "limits": { # Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                 "a_key": "A String",
               },
-              "requests": { # (Optional) Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+              "requests": { # Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                 "a_key": "A String",
               },
             },
-            "securityContext": { # Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # (Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
-              "runAsUser": 42, # (Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+            "securityContext": { # Not supported by Cloud Run. SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Not supported by Cloud Run.
+              "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
             },
-            "startupProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "startupProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not receive traffic if the probe fails. If not provided, a default startup probe with TCP socket action is used. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "terminationMessagePath": "A String", # (Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
-            "terminationMessagePolicy": "A String", # (Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
-            "volumeMounts": [ # (Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
+            "terminationMessagePath": "A String", # Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
+            "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
+            "volumeMounts": [ # Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
               { # VolumeMount describes a mounting of a Volume within a container.
-                "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'.
-                "name": "A String", # The name of the volume. There must be a corresponding Volume with the same name.
-                "readOnly": True or False, # (Optional) Only true is accepted. Defaults to true.
-                "subPath": "A String", # (Optional) Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
+                "mountPath": "A String", # Required. Path within the container at which the volume should be mounted. Must not contain ':'.
+                "name": "A String", # Required. The name of the volume. There must be a corresponding Volume with the same name.
+                "readOnly": True or False, # Only true is accepted for Secret Volumes. Defaults to true for Secrets Volumes.
+                "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
               },
             ],
-            "workingDir": "A String", # (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
+            "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
           },
         ],
         "maxRetries": 42, # Optional. Number of retries allowed per task, before marking this job failed.
-        "serviceAccountName": "A String", # Optional. Email address of the IAM service account associated with the task of a job execution. The service account represents the identity of the running task, and determines what permissions the task has. If not provided, the task will use the project's default service account. +optional
-        "timeoutSeconds": "A String", # Optional. Optional duration in seconds the task may be active before the system will actively try to mark it failed and kill associated containers. This applies per attempt of a task, meaning each retry can run for the full timeout. +optional
-        "volumes": [ # Optional. List of volumes that can be mounted by containers belonging to the task. More info: https://kubernetes.io/docs/concepts/storage/volumes +optional
+        "serviceAccountName": "A String", # Optional. Email address of the IAM service account associated with the task of a job execution. The service account represents the identity of the running task, and determines what permissions the task has. If not provided, the task will use the project's default service account.
+        "timeoutSeconds": "A String", # Optional. Duration in seconds the task may be active before the system will actively try to mark it failed and kill associated containers. This applies per attempt of a task, meaning each retry can run for the full timeout.
+        "volumes": [ # Optional. List of volumes that can be mounted by containers belonging to the task. More info: https://kubernetes.io/docs/concepts/storage/volumes
           { # Volume represents a named volume in a container.
-            "configMap": { # Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
+            "configMap": { # Not supported by Cloud Run. Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
               "defaultMode": 42, # (Optional) Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
               "items": [ # (Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
                 { # Maps a string key to a path within a volume.
@@ -346,16 +346,16 @@ 
Method Details

               "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
             },
             "name": "A String", # Volume's name. In Cloud Run Fully Managed, the name 'cloudsql' is reserved.
-            "secret": { # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names.
+            "secret": { # A volume representing a secret stored in Google Secret Manager. The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secretName.
               "defaultMode": 42, # Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0444. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
-              "items": [ # (Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
+              "items": [ # A list of secret versions to mount in the volume. If no items are specified, the volume will expose a file with the same name as the secret name. The contents of the file will be the data in the latest version of the secret. If items are specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify both a key and a path.
                 { # Maps a string key to a path within a volume.
                   "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project.
                   "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                   "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                 },
               ],
-              "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
+              "optional": True or False, # Not supported by Cloud Run.
               "secretName": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use.
             },
           },
@@ -363,26 +363,26 @@ 
Method Details

       },
     },
   },
-  "status": { # ExecutionStatus represents the current state of a Execution. # Output only. Current status of an execution. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status +optional
-    "cancelledCount": 42, # Optional. The number of tasks which reached phase Cancelled. +optional
-    "completionTime": "A String", # Optional. Represents time when the execution was completed. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC. +optional
-    "conditions": [ # Optional. The latest available observations of an execution's current state. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/ +optional
-      { # Condition defines a generic condition for a Resource.
+  "status": { # ExecutionStatus represents the current state of an Execution. # Output only. Current status of an execution. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+    "cancelledCount": 42, # Optional. The number of tasks which reached phase Cancelled.
+    "completionTime": "A String", # Optional. Represents the time that the execution was completed. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC. +optional
+    "conditions": [ # Optional. The latest available observations of an execution's current state.
+      { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
         "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
         "message": "A String", # Optional. Human readable message indicating details about the current status.
-        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-        "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+        "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
         "status": "A String", # Status of the condition, one of True, False, Unknown.
-        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
       },
     ],
-    "failedCount": 42, # Optional. The number of tasks which reached phase Failed. +optional
+    "failedCount": 42, # Optional. The number of tasks which reached phase Failed.
     "logUri": "A String", # Optional. URI where logs for this execution can be found in Cloud Console.
     "observedGeneration": 42, # Optional. The 'generation' of the execution that was last processed by the controller.
-    "retriedCount": 42, # Optional. The number of tasks which have retried at least once. +optional
-    "runningCount": 42, # Optional. The number of actively running tasks. +optional
-    "startTime": "A String", # Optional. Represents time when the execution started to run. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC. +optional
-    "succeededCount": 42, # Optional. The number of tasks which reached phase Succeeded. +optional
+    "retriedCount": 42, # Optional. The number of tasks which have retried at least once.
+    "runningCount": 42, # Optional. The number of actively running tasks.
+    "startTime": "A String", # Optional. Represents the time that the execution started to run. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC.
+    "succeededCount": 42, # Optional. The number of tasks which reached phase Succeeded.
   },
 }

 

@@ -400,7 +400,7 @@ 
Method Details

   name: string, Required. The name of the execution to delete. Replace {namespace} with the project ID or number. It takes the form namespaces/{namespace}. For example: namespaces/PROJECT_ID (required)
   apiVersion: string, Optional. Cloud Run currently ignores this parameter.
   kind: string, Optional. Cloud Run currently ignores this parameter.
-  propagationPolicy: string, Optional. Specifies the propagation policy of delete. Cloud Run currently ignores this setting, and deletes in the background. Please see kubernetes.io/docs/concepts/workloads/controllers/garbage-collection/ for more information.
+  propagationPolicy: string, Optional. Specifies the propagation policy of delete. Cloud Run currently ignores this setting, and deletes in the background. Please see http://kubernetes.io/docs/concepts/workloads/controllers/garbage-collection/ for more information.
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -409,30 +409,30 @@ 
Method Details

 Returns:
   An object of the form:
 
-    { # Status is a return value for calls that don't return other objects
-  "code": 42, # Suggested HTTP return code for this status, 0 if not set. +optional
-  "details": { # StatusDetails is a set of additional properties that MAY be set by the server to provide additional information about a response. The Reason field of a Status object defines what attributes will be set. Clients must ignore fields that do not match the defined type of each attribute, and should assume that any attribute may be empty, invalid, or under defined. # Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type. +optional
-    "causes": [ # The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes. +optional
+    { # Status is a return value for calls that don't return other objects.
+  "code": 42, # Suggested HTTP return code for this status, 0 if not set.
+  "details": { # StatusDetails is a set of additional properties that MAY be set by the server to provide additional information about a response. The Reason field of a Status object defines what attributes will be set. Clients must ignore fields that do not match the defined type of each attribute, and should assume that any attribute may be empty, invalid, or under defined. # Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type.
+    "causes": [ # The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes.
       { # StatusCause provides more information about an api.Status failure, including cases when multiple errors are encountered.
-        "field": "A String", # The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. Examples: "name" - the field "name" on the current resource "items[0].name" - the field "name" on the first array entry in "items" +optional
-        "message": "A String", # A human-readable description of the cause of the error. This field may be presented as-is to a reader. +optional
-        "reason": "A String", # A machine-readable description of the cause of the error. If this value is empty there is no information available. +optional
+        "field": "A String", # The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Examples: "name" - the field "name" on the current resource "items[0].name" - the field "name" on the first array entry in "items"
+        "message": "A String", # A human-readable description of the cause of the error. This field may be presented as-is to a reader.
+        "reason": "A String", # A machine-readable description of the cause of the error. If this value is empty there is no information available.
       },
     ],
-    "group": "A String", # The group attribute of the resource associated with the status StatusReason. +optional
-    "kind": "A String", # The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +optional
-    "name": "A String", # The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described). +optional
-    "retryAfterSeconds": 42, # If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action. +optional
-    "uid": "A String", # UID of the resource. (when there is a single resource which can be described). More info: https://kubernetes.io/docs/user-guide/identifiers#uids +optional
+    "group": "A String", # The group attribute of the resource associated with the status StatusReason.
+    "kind": "A String", # The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+    "name": "A String", # The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described).
+    "retryAfterSeconds": 42, # If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action.
+    "uid": "A String", # UID of the resource. (when there is a single resource which can be described). More info: https://kubernetes.io/docs/user-guide/identifiers#uids
   },
-  "message": "A String", # A human-readable description of the status of this operation. +optional
-  "metadata": { # ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}. # Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +optional
-    "continue": "A String", # continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response.
-    "resourceVersion": "A String", # String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional
-    "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional
+  "message": "A String", # A human-readable description of the status of this operation.
+  "metadata": { # Metadata for synthetic resources like List. In Cloud Run, all List Resources Responses will have a ListMeta instead of ObjectMeta. # Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+    "continue": "A String", # Continuation token is a value emitted when the count of items is larger than the user/system limit. To retrieve the next page of items, pass the value of `continue` as the next request's `page_token`.
+    "resourceVersion": "A String", # Opaque string that identifies the server's internal version of this object. It can be used by clients to determine when objects have changed. If the message is passed back to the server, it must be left unmodified. https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
   },
-  "reason": "A String", # A machine-readable description of why this operation is in the "Failure" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it. +optional
-  "status": "A String", # Status of the operation. One of: "Success" or "Failure". More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status +optional
+  "reason": "A String", # A machine-readable description of why this operation is in the "Failure" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it.
+  "status": "A String", # Status of the operation. One of: "Success" or "Failure". More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
 }

 

 
@@ -450,230 +450,230 @@ 
Method Details

 Returns:
   An object of the form:
 
-    { # Execution represents the configuration of a single execution. A execution an immutable resource that references a container image which is run to completion.
-  "apiVersion": "A String", # Optional. APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources +optional
-  "kind": "A String", # Optional. Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +optional
-  "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional
-    "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+    { # Execution represents the configuration of a single execution. An execution is an immutable resource that references a container image which is run to completion.
+  "apiVersion": "A String", # Optional. APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+  "kind": "A String", # Optional. Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+  "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+    "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
       "a_key": "A String",
     },
-    "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-    "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-    "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+    "clusterName": "A String", # Not supported by Cloud Run
+    "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+    "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+    "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+    "finalizers": [ # Not supported by Cloud Run
       "A String",
     ],
-    "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-    "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-    "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+    "generateName": "A String", # Not supported by Cloud Run
+    "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+    "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
       "a_key": "A String",
     },
-    "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-    "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-    "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-      { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-        "apiVersion": "A String", # API version of the referent.
-        "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-        "controller": True or False, # If true, this reference points to the managing controller. +optional
-        "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-        "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+    "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+    "ownerReferences": [ # Not supported by Cloud Run
+      { # This is not supported or used by Cloud Run.
+        "apiVersion": "A String", # This is not supported or used by Cloud Run.
+        "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+        "controller": True or False, # This is not supported or used by Cloud Run.
+        "kind": "A String", # This is not supported or used by Cloud Run.
+        "name": "A String", # This is not supported or used by Cloud Run.
+        "uid": "A String", # This is not supported or used by Cloud Run.
       },
     ],
-    "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-    "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-    "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
+    "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
   },
-  "spec": { # ExecutionSpec describes how the execution will look. # Optional. Specification of the desired behavior of an execution. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status +optional
-    "parallelism": 42, # Optional. Specifies the maximum desired number of tasks the execution should run at given time. Must be <= task_count. When the job is run, if this field is 0 or unset, the maximum possible value will be used for that execution. The actual number of tasks running in steady state will be less than this number when there are fewer tasks waiting to be completed remaining, i.e. when the work left to do is less than max parallelism. +optional
-    "taskCount": 42, # Optional. Specifies the desired number of tasks the execution should run. Setting to 1 means that parallelism is limited to 1 and the success of that task signals the success of the execution. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/ +optional
+  "spec": { # ExecutionSpec describes how the execution will look. # Optional. Specification of the desired behavior of an execution. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+    "parallelism": 42, # Optional. Specifies the maximum desired number of tasks the execution should run at given time. Must be <= task_count. When the job is run, if this field is 0 or unset, the maximum possible value will be used for that execution. The actual number of tasks running in steady state will be less than this number when there are fewer tasks waiting to be completed, i.e. when the work left to do is less than max parallelism.
+    "taskCount": 42, # Optional. Specifies the desired number of tasks the execution should run. Setting to 1 means that parallelism is limited to 1 and the success of that task signals the success of the execution.
     "template": { # TaskTemplateSpec describes the data a task should have when created from a template. # Optional. Describes the task(s) that will be created when executing an execution.
-      "spec": { # TaskSpec is a description of a task. # Optional. Specification of the desired behavior of the task. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status +optional
+      "spec": { # TaskSpec is a description of a task. # Optional. Specification of the desired behavior of the task. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
         "containers": [ # Optional. List of containers belonging to the task. We disallow a number of fields on this Container. Only a single container may be provided.
           { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime.
-            "args": [ # (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+            "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
               "A String",
             ],
-            "command": [
+            "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
               "A String",
             ],
-            "env": [ # (Optional) List of environment variables to set in the container.
+            "env": [ # List of environment variables to set in the container.
               { # EnvVar represents an environment variable present in a Container.
-                "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
-                "value": "A String", # (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
-                "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # (Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty.
-                  "configMapKeyRef": { # Not supported by Cloud Run Selects a key from a ConfigMap. # (Optional) Not supported by Cloud Run Selects a key of a ConfigMap.
-                    "key": "A String", # The key to select.
-                    "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                      "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "name": "A String", # Required. Name of the environment variable. Must be a C_IDENTIFIER.
+                "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
+                "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # Source for the environment variable's value. Only supports secret_key_ref. Cannot be used if value is not empty.
+                  "configMapKeyRef": { # Not supported by Cloud Run. Selects a key from a ConfigMap. # Not supported by Cloud Run. Selects a key of a ConfigMap.
+                    "key": "A String", # Required. The key to select.
+                    "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                      "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                     },
-                    "name": "A String", # The ConfigMap to select from.
-                    "optional": True or False, # (Optional) Specify whether the ConfigMap or its key must be defined
+                    "name": "A String", # Required. The ConfigMap to select from.
+                    "optional": True or False, # Specify whether the ConfigMap or its key must be defined
                   },
-                  "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # (Optional) Selects a key (version) of a secret in Secret Manager.
-                    "key": "A String", # A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
-                    "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                      "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                  "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # Selects a key (version) of a secret in Secret Manager.
+                    "key": "A String", # Required. A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
+                    "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                      "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                     },
                     "name": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from.
-                    "optional": True or False, # (Optional) Specify whether the Secret or its key must be defined
+                    "optional": True or False, # Specify whether the Secret or its key must be defined.
                   },
                 },
               },
             ],
-            "envFrom": [ # (Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
-              { # Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps
-                "configMapRef": { # Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # (Optional) The ConfigMap to select from
-                  "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                    "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+            "envFrom": [ # Not supported by Cloud Run.
+              { # Not supported by Cloud Run. EnvFromSource represents the source of a set of ConfigMaps
+                "configMapRef": { # Not supported by Cloud Run. ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from
+                  "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                    "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                   },
                   "name": "A String", # The ConfigMap to select from.
-                  "optional": True or False, # (Optional) Specify whether the ConfigMap must be defined
+                  "optional": True or False, # Specify whether the ConfigMap must be defined.
                 },
-                "prefix": "A String", # (Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
-                "secretRef": { # Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # (Optional) The Secret to select from
-                  "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                    "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
+                "secretRef": { # Not supported by Cloud Run. SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from
+                  "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                    "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                   },
                   "name": "A String", # The Secret to select from.
-                  "optional": True or False, # (Optional) Specify whether the Secret must be defined
+                  "optional": True or False, # Specify whether the Secret must be defined
                 },
               },
             ],
-            "image": "A String", # Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images
-            "imagePullPolicy": "A String", # (Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
-            "livenessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "image": "A String", # Required. URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images
+            "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
+            "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "name": "A String", # (Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
-            "ports": [ # (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
+            "name": "A String", # Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
+            "ports": [ # List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
               { # ContainerPort represents a network port in a single container.
-                "containerPort": 42, # (Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536.
-                "name": "A String", # (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
-                "protocol": "A String", # (Optional) Protocol for port. Must be "TCP". Defaults to "TCP".
+                "containerPort": 42, # Port number the container listens on. This must be a valid port number, 0 < x < 65536.
+                "name": "A String", # If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
+                "protocol": "A String", # Protocol for port. Must be "TCP". Defaults to "TCP".
               },
             ],
-            "readinessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Not supported by Cloud Run.
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "resources": { # ResourceRequirements describes the compute resource requirements. # (Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
-              "limits": { # (Optional) Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+            "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+              "limits": { # Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                 "a_key": "A String",
               },
-              "requests": { # (Optional) Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+              "requests": { # Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                 "a_key": "A String",
               },
             },
-            "securityContext": { # Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # (Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
-              "runAsUser": 42, # (Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+            "securityContext": { # Not supported by Cloud Run. SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Not supported by Cloud Run.
+              "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
             },
-            "startupProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "startupProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not receive traffic if the probe fails. If not provided, a default startup probe with TCP socket action is used. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "terminationMessagePath": "A String", # (Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
-            "terminationMessagePolicy": "A String", # (Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
-            "volumeMounts": [ # (Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
+            "terminationMessagePath": "A String", # Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
+            "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
+            "volumeMounts": [ # Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
               { # VolumeMount describes a mounting of a Volume within a container.
-                "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'.
-                "name": "A String", # The name of the volume. There must be a corresponding Volume with the same name.
-                "readOnly": True or False, # (Optional) Only true is accepted. Defaults to true.
-                "subPath": "A String", # (Optional) Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
+                "mountPath": "A String", # Required. Path within the container at which the volume should be mounted. Must not contain ':'.
+                "name": "A String", # Required. The name of the volume. There must be a corresponding Volume with the same name.
+                "readOnly": True or False, # Only true is accepted for Secret Volumes. Defaults to true for Secrets Volumes.
+                "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
               },
             ],
-            "workingDir": "A String", # (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
+            "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
           },
         ],
         "maxRetries": 42, # Optional. Number of retries allowed per task, before marking this job failed.
-        "serviceAccountName": "A String", # Optional. Email address of the IAM service account associated with the task of a job execution. The service account represents the identity of the running task, and determines what permissions the task has. If not provided, the task will use the project's default service account. +optional
-        "timeoutSeconds": "A String", # Optional. Optional duration in seconds the task may be active before the system will actively try to mark it failed and kill associated containers. This applies per attempt of a task, meaning each retry can run for the full timeout. +optional
-        "volumes": [ # Optional. List of volumes that can be mounted by containers belonging to the task. More info: https://kubernetes.io/docs/concepts/storage/volumes +optional
+        "serviceAccountName": "A String", # Optional. Email address of the IAM service account associated with the task of a job execution. The service account represents the identity of the running task, and determines what permissions the task has. If not provided, the task will use the project's default service account.
+        "timeoutSeconds": "A String", # Optional. Duration in seconds the task may be active before the system will actively try to mark it failed and kill associated containers. This applies per attempt of a task, meaning each retry can run for the full timeout.
+        "volumes": [ # Optional. List of volumes that can be mounted by containers belonging to the task. More info: https://kubernetes.io/docs/concepts/storage/volumes
           { # Volume represents a named volume in a container.
-            "configMap": { # Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
+            "configMap": { # Not supported by Cloud Run. Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
               "defaultMode": 42, # (Optional) Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
               "items": [ # (Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
                 { # Maps a string key to a path within a volume.
@@ -686,16 +686,16 @@ 
Method Details

               "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
             },
             "name": "A String", # Volume's name. In Cloud Run Fully Managed, the name 'cloudsql' is reserved.
-            "secret": { # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names.
+            "secret": { # A volume representing a secret stored in Google Secret Manager. The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secretName.
               "defaultMode": 42, # Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0444. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
-              "items": [ # (Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
+              "items": [ # A list of secret versions to mount in the volume. If no items are specified, the volume will expose a file with the same name as the secret name. The contents of the file will be the data in the latest version of the secret. If items are specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify both a key and a path.
                 { # Maps a string key to a path within a volume.
                   "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project.
                   "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                   "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                 },
               ],
-              "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
+              "optional": True or False, # Not supported by Cloud Run.
               "secretName": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use.
             },
           },
@@ -703,26 +703,26 @@ 
Method Details

       },
     },
   },
-  "status": { # ExecutionStatus represents the current state of a Execution. # Output only. Current status of an execution. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status +optional
-    "cancelledCount": 42, # Optional. The number of tasks which reached phase Cancelled. +optional
-    "completionTime": "A String", # Optional. Represents time when the execution was completed. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC. +optional
-    "conditions": [ # Optional. The latest available observations of an execution's current state. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/ +optional
-      { # Condition defines a generic condition for a Resource.
+  "status": { # ExecutionStatus represents the current state of an Execution. # Output only. Current status of an execution. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+    "cancelledCount": 42, # Optional. The number of tasks which reached phase Cancelled.
+    "completionTime": "A String", # Optional. Represents the time that the execution was completed. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC. +optional
+    "conditions": [ # Optional. The latest available observations of an execution's current state.
+      { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
         "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
         "message": "A String", # Optional. Human readable message indicating details about the current status.
-        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-        "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+        "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
         "status": "A String", # Status of the condition, one of True, False, Unknown.
-        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
       },
     ],
-    "failedCount": 42, # Optional. The number of tasks which reached phase Failed. +optional
+    "failedCount": 42, # Optional. The number of tasks which reached phase Failed.
     "logUri": "A String", # Optional. URI where logs for this execution can be found in Cloud Console.
     "observedGeneration": 42, # Optional. The 'generation' of the execution that was last processed by the controller.
-    "retriedCount": 42, # Optional. The number of tasks which have retried at least once. +optional
-    "runningCount": 42, # Optional. The number of actively running tasks. +optional
-    "startTime": "A String", # Optional. Represents time when the execution started to run. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC. +optional
-    "succeededCount": 42, # Optional. The number of tasks which reached phase Succeeded. +optional
+    "retriedCount": 42, # Optional. The number of tasks which have retried at least once.
+    "runningCount": 42, # Optional. The number of actively running tasks.
+    "startTime": "A String", # Optional. Represents the time that the execution started to run. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC.
+    "succeededCount": 42, # Optional. The number of tasks which reached phase Succeeded.
   },
 }

 

@@ -734,12 +734,12 @@ 
Method Details

 Args:
   parent: string, Required. The namespace from which the executions should be listed. Replace {namespace} with the project ID or number. It takes the form namespaces/{namespace}. For example: namespaces/PROJECT_ID (required)
   continue: string, Optional. Optional encoded string to continue paging.
-  fieldSelector: string, Optional. Allows to filter resources based on a specific value for a field name. Send this in a query string format. i.e. 'metadata.name%3Dlorem'. Not currently used by Cloud Run.
-  includeUninitialized: boolean, Optional. Not currently used by Cloud Run.
+  fieldSelector: string, Optional. Not supported by Cloud Run.
+  includeUninitialized: boolean, Optional. Not supported by Cloud Run.
   labelSelector: string, Optional. Allows to filter resources based on a label. Supported operations are =, !=, exists, in, and notIn.
-  limit: integer, Optional. The maximum number of records that should be returned.
-  resourceVersion: string, Optional. The baseline resource version from which the list or watch operation should start. Not currently used by Cloud Run.
-  watch: boolean, Optional. Flag that indicates that the client expects to watch this resource as well. Not currently used by Cloud Run.
+  limit: integer, Optional. The maximum number of the records that should be returned.
+  resourceVersion: string, Optional. Not supported by Cloud Run.
+  watch: boolean, Optional. Not supported by Cloud Run.
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -751,230 +751,230 @@ 
Method Details

     { # ListExecutionsResponse is a list of Executions resources.
   "apiVersion": "A String", # The API version for this call such as "run.googleapis.com/v1".
   "items": [ # List of Executions.
-    { # Execution represents the configuration of a single execution. A execution an immutable resource that references a container image which is run to completion.
-      "apiVersion": "A String", # Optional. APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources +optional
-      "kind": "A String", # Optional. Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +optional
-      "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional
-        "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+    { # Execution represents the configuration of a single execution. An execution is an immutable resource that references a container image which is run to completion.
+      "apiVersion": "A String", # Optional. APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+      "kind": "A String", # Optional. Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+      "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+        "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
           "a_key": "A String",
         },
-        "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-        "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-        "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+        "clusterName": "A String", # Not supported by Cloud Run
+        "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+        "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+        "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+        "finalizers": [ # Not supported by Cloud Run
           "A String",
         ],
-        "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-        "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-        "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+        "generateName": "A String", # Not supported by Cloud Run
+        "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+        "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
           "a_key": "A String",
         },
-        "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-        "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-        "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-          { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-            "apiVersion": "A String", # API version of the referent.
-            "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-            "controller": True or False, # If true, this reference points to the managing controller. +optional
-            "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-            "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+        "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+        "ownerReferences": [ # Not supported by Cloud Run
+          { # This is not supported or used by Cloud Run.
+            "apiVersion": "A String", # This is not supported or used by Cloud Run.
+            "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+            "controller": True or False, # This is not supported or used by Cloud Run.
+            "kind": "A String", # This is not supported or used by Cloud Run.
+            "name": "A String", # This is not supported or used by Cloud Run.
+            "uid": "A String", # This is not supported or used by Cloud Run.
           },
         ],
-        "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-        "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-        "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+        "selfLink": "A String", # URL representing this object.
+        "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
       },
-      "spec": { # ExecutionSpec describes how the execution will look. # Optional. Specification of the desired behavior of an execution. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status +optional
-        "parallelism": 42, # Optional. Specifies the maximum desired number of tasks the execution should run at given time. Must be <= task_count. When the job is run, if this field is 0 or unset, the maximum possible value will be used for that execution. The actual number of tasks running in steady state will be less than this number when there are fewer tasks waiting to be completed remaining, i.e. when the work left to do is less than max parallelism. +optional
-        "taskCount": 42, # Optional. Specifies the desired number of tasks the execution should run. Setting to 1 means that parallelism is limited to 1 and the success of that task signals the success of the execution. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/ +optional
+      "spec": { # ExecutionSpec describes how the execution will look. # Optional. Specification of the desired behavior of an execution. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+        "parallelism": 42, # Optional. Specifies the maximum desired number of tasks the execution should run at given time. Must be <= task_count. When the job is run, if this field is 0 or unset, the maximum possible value will be used for that execution. The actual number of tasks running in steady state will be less than this number when there are fewer tasks waiting to be completed, i.e. when the work left to do is less than max parallelism.
+        "taskCount": 42, # Optional. Specifies the desired number of tasks the execution should run. Setting to 1 means that parallelism is limited to 1 and the success of that task signals the success of the execution.
         "template": { # TaskTemplateSpec describes the data a task should have when created from a template. # Optional. Describes the task(s) that will be created when executing an execution.
-          "spec": { # TaskSpec is a description of a task. # Optional. Specification of the desired behavior of the task. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status +optional
+          "spec": { # TaskSpec is a description of a task. # Optional. Specification of the desired behavior of the task. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
             "containers": [ # Optional. List of containers belonging to the task. We disallow a number of fields on this Container. Only a single container may be provided.
               { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime.
-                "args": [ # (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+                "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
                   "A String",
                 ],
-                "command": [
+                "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
                   "A String",
                 ],
-                "env": [ # (Optional) List of environment variables to set in the container.
+                "env": [ # List of environment variables to set in the container.
                   { # EnvVar represents an environment variable present in a Container.
-                    "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
-                    "value": "A String", # (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
-                    "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # (Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty.
-                      "configMapKeyRef": { # Not supported by Cloud Run Selects a key from a ConfigMap. # (Optional) Not supported by Cloud Run Selects a key of a ConfigMap.
-                        "key": "A String", # The key to select.
-                        "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                          "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                    "name": "A String", # Required. Name of the environment variable. Must be a C_IDENTIFIER.
+                    "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
+                    "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # Source for the environment variable's value. Only supports secret_key_ref. Cannot be used if value is not empty.
+                      "configMapKeyRef": { # Not supported by Cloud Run. Selects a key from a ConfigMap. # Not supported by Cloud Run. Selects a key of a ConfigMap.
+                        "key": "A String", # Required. The key to select.
+                        "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                          "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                         },
-                        "name": "A String", # The ConfigMap to select from.
-                        "optional": True or False, # (Optional) Specify whether the ConfigMap or its key must be defined
+                        "name": "A String", # Required. The ConfigMap to select from.
+                        "optional": True or False, # Specify whether the ConfigMap or its key must be defined
                       },
-                      "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # (Optional) Selects a key (version) of a secret in Secret Manager.
-                        "key": "A String", # A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
-                        "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                          "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                      "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # Selects a key (version) of a secret in Secret Manager.
+                        "key": "A String", # Required. A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
+                        "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                          "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                         },
                         "name": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from.
-                        "optional": True or False, # (Optional) Specify whether the Secret or its key must be defined
+                        "optional": True or False, # Specify whether the Secret or its key must be defined.
                       },
                     },
                   },
                 ],
-                "envFrom": [ # (Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
-                  { # Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps
-                    "configMapRef": { # Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # (Optional) The ConfigMap to select from
-                      "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                        "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "envFrom": [ # Not supported by Cloud Run.
+                  { # Not supported by Cloud Run. EnvFromSource represents the source of a set of ConfigMaps
+                    "configMapRef": { # Not supported by Cloud Run. ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from
+                      "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                       },
                       "name": "A String", # The ConfigMap to select from.
-                      "optional": True or False, # (Optional) Specify whether the ConfigMap must be defined
+                      "optional": True or False, # Specify whether the ConfigMap must be defined.
                     },
-                    "prefix": "A String", # (Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
-                    "secretRef": { # Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # (Optional) The Secret to select from
-                      "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                        "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                    "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
+                    "secretRef": { # Not supported by Cloud Run. SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from
+                      "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                       },
                       "name": "A String", # The Secret to select from.
-                      "optional": True or False, # (Optional) Specify whether the Secret must be defined
+                      "optional": True or False, # Specify whether the Secret must be defined
                     },
                   },
                 ],
-                "image": "A String", # Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images
-                "imagePullPolicy": "A String", # (Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
-                "livenessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                    "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+                "image": "A String", # Required. URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images
+                "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
+                "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                    "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                       "A String",
                     ],
                   },
-                  "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-                  "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+                  "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+                  "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                     "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                     "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
                   },
-                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                    "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                       { # HTTPHeader describes a custom header to be used in HTTP probes
                         "name": "A String", # The header field name
                         "value": "A String", # The header field value
                       },
                     ],
-                    "path": "A String", # (Optional) Path to access on the HTTP server.
-                    "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                    "path": "A String", # Path to access on the HTTP server.
+                    "scheme": "A String", # Not supported by Cloud Run.
                   },
-                  "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-                  "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                    "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+                  "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+                  "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
                   },
-                  "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
                 },
-                "name": "A String", # (Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
-                "ports": [ # (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
+                "name": "A String", # Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
+                "ports": [ # List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
                   { # ContainerPort represents a network port in a single container.
-                    "containerPort": 42, # (Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536.
-                    "name": "A String", # (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
-                    "protocol": "A String", # (Optional) Protocol for port. Must be "TCP". Defaults to "TCP".
+                    "containerPort": 42, # Port number the container listens on. This must be a valid port number, 0 < x < 65536.
+                    "name": "A String", # If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
+                    "protocol": "A String", # Protocol for port. Must be "TCP". Defaults to "TCP".
                   },
                 ],
-                "readinessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                    "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+                "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Not supported by Cloud Run.
+                  "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                    "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                       "A String",
                     ],
                   },
-                  "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-                  "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+                  "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+                  "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                     "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                     "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
                   },
-                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                    "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                       { # HTTPHeader describes a custom header to be used in HTTP probes
                         "name": "A String", # The header field name
                         "value": "A String", # The header field value
                       },
                     ],
-                    "path": "A String", # (Optional) Path to access on the HTTP server.
-                    "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                    "path": "A String", # Path to access on the HTTP server.
+                    "scheme": "A String", # Not supported by Cloud Run.
                   },
-                  "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-                  "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                    "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+                  "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+                  "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
                   },
-                  "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
                 },
-                "resources": { # ResourceRequirements describes the compute resource requirements. # (Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
-                  "limits": { # (Optional) Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+                "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+                  "limits": { # Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                     "a_key": "A String",
                   },
-                  "requests": { # (Optional) Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+                  "requests": { # Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                     "a_key": "A String",
                   },
                 },
-                "securityContext": { # Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # (Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
-                  "runAsUser": 42, # (Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+                "securityContext": { # Not supported by Cloud Run. SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Not supported by Cloud Run.
+                  "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
                 },
-                "startupProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                    "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+                "startupProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not receive traffic if the probe fails. If not provided, a default startup probe with TCP socket action is used. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                    "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                       "A String",
                     ],
                   },
-                  "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-                  "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+                  "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+                  "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                     "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                     "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
                   },
-                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                    "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                       { # HTTPHeader describes a custom header to be used in HTTP probes
                         "name": "A String", # The header field name
                         "value": "A String", # The header field value
                       },
                     ],
-                    "path": "A String", # (Optional) Path to access on the HTTP server.
-                    "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                    "path": "A String", # Path to access on the HTTP server.
+                    "scheme": "A String", # Not supported by Cloud Run.
                   },
-                  "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-                  "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                    "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+                  "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+                  "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
                   },
-                  "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
                 },
-                "terminationMessagePath": "A String", # (Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
-                "terminationMessagePolicy": "A String", # (Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
-                "volumeMounts": [ # (Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
+                "terminationMessagePath": "A String", # Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
+                "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
+                "volumeMounts": [ # Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
                   { # VolumeMount describes a mounting of a Volume within a container.
-                    "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'.
-                    "name": "A String", # The name of the volume. There must be a corresponding Volume with the same name.
-                    "readOnly": True or False, # (Optional) Only true is accepted. Defaults to true.
-                    "subPath": "A String", # (Optional) Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
+                    "mountPath": "A String", # Required. Path within the container at which the volume should be mounted. Must not contain ':'.
+                    "name": "A String", # Required. The name of the volume. There must be a corresponding Volume with the same name.
+                    "readOnly": True or False, # Only true is accepted for Secret Volumes. Defaults to true for Secrets Volumes.
+                    "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
                   },
                 ],
-                "workingDir": "A String", # (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
+                "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
               },
             ],
             "maxRetries": 42, # Optional. Number of retries allowed per task, before marking this job failed.
-            "serviceAccountName": "A String", # Optional. Email address of the IAM service account associated with the task of a job execution. The service account represents the identity of the running task, and determines what permissions the task has. If not provided, the task will use the project's default service account. +optional
-            "timeoutSeconds": "A String", # Optional. Optional duration in seconds the task may be active before the system will actively try to mark it failed and kill associated containers. This applies per attempt of a task, meaning each retry can run for the full timeout. +optional
-            "volumes": [ # Optional. List of volumes that can be mounted by containers belonging to the task. More info: https://kubernetes.io/docs/concepts/storage/volumes +optional
+            "serviceAccountName": "A String", # Optional. Email address of the IAM service account associated with the task of a job execution. The service account represents the identity of the running task, and determines what permissions the task has. If not provided, the task will use the project's default service account.
+            "timeoutSeconds": "A String", # Optional. Duration in seconds the task may be active before the system will actively try to mark it failed and kill associated containers. This applies per attempt of a task, meaning each retry can run for the full timeout.
+            "volumes": [ # Optional. List of volumes that can be mounted by containers belonging to the task. More info: https://kubernetes.io/docs/concepts/storage/volumes
               { # Volume represents a named volume in a container.
-                "configMap": { # Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
+                "configMap": { # Not supported by Cloud Run. Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
                   "defaultMode": 42, # (Optional) Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                   "items": [ # (Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
                     { # Maps a string key to a path within a volume.
@@ -987,16 +987,16 @@ 
Method Details

                   "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
                 },
                 "name": "A String", # Volume's name. In Cloud Run Fully Managed, the name 'cloudsql' is reserved.
-                "secret": { # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names.
+                "secret": { # A volume representing a secret stored in Google Secret Manager. The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secretName.
                   "defaultMode": 42, # Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0444. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
-                  "items": [ # (Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
+                  "items": [ # A list of secret versions to mount in the volume. If no items are specified, the volume will expose a file with the same name as the secret name. The contents of the file will be the data in the latest version of the secret. If items are specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify both a key and a path.
                     { # Maps a string key to a path within a volume.
                       "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project.
                       "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                       "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                     },
                   ],
-                  "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
+                  "optional": True or False, # Not supported by Cloud Run.
                   "secretName": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use.
                 },
               },
@@ -1004,34 +1004,34 @@ 
Method Details

           },
         },
       },
-      "status": { # ExecutionStatus represents the current state of a Execution. # Output only. Current status of an execution. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status +optional
-        "cancelledCount": 42, # Optional. The number of tasks which reached phase Cancelled. +optional
-        "completionTime": "A String", # Optional. Represents time when the execution was completed. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC. +optional
-        "conditions": [ # Optional. The latest available observations of an execution's current state. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/ +optional
-          { # Condition defines a generic condition for a Resource.
+      "status": { # ExecutionStatus represents the current state of an Execution. # Output only. Current status of an execution. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+        "cancelledCount": 42, # Optional. The number of tasks which reached phase Cancelled.
+        "completionTime": "A String", # Optional. Represents the time that the execution was completed. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC. +optional
+        "conditions": [ # Optional. The latest available observations of an execution's current state.
+          { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
             "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
             "message": "A String", # Optional. Human readable message indicating details about the current status.
-            "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-            "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+            "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+            "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
             "status": "A String", # Status of the condition, one of True, False, Unknown.
-            "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+            "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
           },
         ],
-        "failedCount": 42, # Optional. The number of tasks which reached phase Failed. +optional
+        "failedCount": 42, # Optional. The number of tasks which reached phase Failed.
         "logUri": "A String", # Optional. URI where logs for this execution can be found in Cloud Console.
         "observedGeneration": 42, # Optional. The 'generation' of the execution that was last processed by the controller.
-        "retriedCount": 42, # Optional. The number of tasks which have retried at least once. +optional
-        "runningCount": 42, # Optional. The number of actively running tasks. +optional
-        "startTime": "A String", # Optional. Represents time when the execution started to run. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC. +optional
-        "succeededCount": 42, # Optional. The number of tasks which reached phase Succeeded. +optional
+        "retriedCount": 42, # Optional. The number of tasks which have retried at least once.
+        "runningCount": 42, # Optional. The number of actively running tasks.
+        "startTime": "A String", # Optional. Represents the time that the execution started to run. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC.
+        "succeededCount": 42, # Optional. The number of tasks which reached phase Succeeded.
       },
     },
   ],
   "kind": "A String", # The kind of this resource, in this case "ExecutionsList".
-  "metadata": { # ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}. # Metadata associated with this executions list.
-    "continue": "A String", # continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response.
-    "resourceVersion": "A String", # String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional
-    "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional
+  "metadata": { # Metadata for synthetic resources like List. In Cloud Run, all List Resources Responses will have a ListMeta instead of ObjectMeta. # Metadata associated with this executions list.
+    "continue": "A String", # Continuation token is a value emitted when the count of items is larger than the user/system limit. To retrieve the next page of items, pass the value of `continue` as the next request's `page_token`.
+    "resourceVersion": "A String", # Opaque string that identifies the server's internal version of this object. It can be used by clients to determine when objects have changed. If the message is passed back to the server, it must be left unmodified. https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
   },
   "unreachable": [ # Locations that could not be reached.
     "A String",
diff --git a/docs/dyn/run_v1.namespaces.jobs.html b/docs/dyn/run_v1.namespaces.jobs.html
index 351e7ca691f..d3ed96bcc5a 100644
--- a/docs/dyn/run_v1.namespaces.jobs.html
+++ b/docs/dyn/run_v1.namespaces.jobs.html
@@ -110,264 +110,264 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Job represents the configuration of a single job. A job an immutable resource that references a container image which is run to completion.
-  "apiVersion": "A String", # Optional. APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources +optional
-  "kind": "A String", # Optional. Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +optional
-  "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional
-    "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+{ # Job represents the configuration of a single job, which references a container image which is run to completion.
+  "apiVersion": "A String", # Optional. APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+  "kind": "A String", # Optional. Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+  "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+    "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
       "a_key": "A String",
     },
-    "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-    "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-    "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+    "clusterName": "A String", # Not supported by Cloud Run
+    "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+    "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+    "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+    "finalizers": [ # Not supported by Cloud Run
       "A String",
     ],
-    "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-    "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-    "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+    "generateName": "A String", # Not supported by Cloud Run
+    "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+    "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
       "a_key": "A String",
     },
-    "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-    "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-    "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-      { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-        "apiVersion": "A String", # API version of the referent.
-        "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-        "controller": True or False, # If true, this reference points to the managing controller. +optional
-        "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-        "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+    "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+    "ownerReferences": [ # Not supported by Cloud Run
+      { # This is not supported or used by Cloud Run.
+        "apiVersion": "A String", # This is not supported or used by Cloud Run.
+        "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+        "controller": True or False, # This is not supported or used by Cloud Run.
+        "kind": "A String", # This is not supported or used by Cloud Run.
+        "name": "A String", # This is not supported or used by Cloud Run.
+        "uid": "A String", # This is not supported or used by Cloud Run.
       },
     ],
-    "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-    "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-    "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
+    "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
   },
-  "spec": { # JobSpec describes how the job will look. # Optional. Specification of the desired behavior of a job. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status +optional
+  "spec": { # JobSpec describes how the job will look. # Optional. Specification of the desired behavior of a job. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
     "template": { # ExecutionTemplateSpec describes the metadata and spec an Execution should have when created from a job. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Optional. Describes the execution that will be created when running a job.
       "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional. Optional metadata for this Execution, including labels and annotations. The following annotation keys set properties of the created execution: * `run.googleapis.com/cloudsql-instances` sets Cloud SQL connections. Multiple values should be comma separated. * `run.googleapis.com/vpc-access-connector` sets a Serverless VPC Access connector. * `run.googleapis.com/vpc-access-egress` sets VPC egress. Supported values are `all-traffic`, `all` (deprecated), and `private-ranges-only`. `all-traffic` and `all` provide the same functionality. `all` is deprecated but will continue to be supported. Prefer `all-traffic`.
-        "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+        "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
           "a_key": "A String",
         },
-        "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-        "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-        "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+        "clusterName": "A String", # Not supported by Cloud Run
+        "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+        "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+        "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+        "finalizers": [ # Not supported by Cloud Run
           "A String",
         ],
-        "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-        "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-        "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+        "generateName": "A String", # Not supported by Cloud Run
+        "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+        "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
           "a_key": "A String",
         },
-        "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-        "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-        "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-          { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-            "apiVersion": "A String", # API version of the referent.
-            "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-            "controller": True or False, # If true, this reference points to the managing controller. +optional
-            "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-            "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+        "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+        "ownerReferences": [ # Not supported by Cloud Run
+          { # This is not supported or used by Cloud Run.
+            "apiVersion": "A String", # This is not supported or used by Cloud Run.
+            "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+            "controller": True or False, # This is not supported or used by Cloud Run.
+            "kind": "A String", # This is not supported or used by Cloud Run.
+            "name": "A String", # This is not supported or used by Cloud Run.
+            "uid": "A String", # This is not supported or used by Cloud Run.
           },
         ],
-        "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-        "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-        "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+        "selfLink": "A String", # URL representing this object.
+        "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
       },
       "spec": { # ExecutionSpec describes how the execution will look. # Required. ExecutionSpec holds the desired configuration for executions of this job.
-        "parallelism": 42, # Optional. Specifies the maximum desired number of tasks the execution should run at given time. Must be <= task_count. When the job is run, if this field is 0 or unset, the maximum possible value will be used for that execution. The actual number of tasks running in steady state will be less than this number when there are fewer tasks waiting to be completed remaining, i.e. when the work left to do is less than max parallelism. +optional
-        "taskCount": 42, # Optional. Specifies the desired number of tasks the execution should run. Setting to 1 means that parallelism is limited to 1 and the success of that task signals the success of the execution. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/ +optional
+        "parallelism": 42, # Optional. Specifies the maximum desired number of tasks the execution should run at given time. Must be <= task_count. When the job is run, if this field is 0 or unset, the maximum possible value will be used for that execution. The actual number of tasks running in steady state will be less than this number when there are fewer tasks waiting to be completed, i.e. when the work left to do is less than max parallelism.
+        "taskCount": 42, # Optional. Specifies the desired number of tasks the execution should run. Setting to 1 means that parallelism is limited to 1 and the success of that task signals the success of the execution.
         "template": { # TaskTemplateSpec describes the data a task should have when created from a template. # Optional. Describes the task(s) that will be created when executing an execution.
-          "spec": { # TaskSpec is a description of a task. # Optional. Specification of the desired behavior of the task. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status +optional
+          "spec": { # TaskSpec is a description of a task. # Optional. Specification of the desired behavior of the task. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
             "containers": [ # Optional. List of containers belonging to the task. We disallow a number of fields on this Container. Only a single container may be provided.
               { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime.
-                "args": [ # (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+                "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
                   "A String",
                 ],
-                "command": [
+                "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
                   "A String",
                 ],
-                "env": [ # (Optional) List of environment variables to set in the container.
+                "env": [ # List of environment variables to set in the container.
                   { # EnvVar represents an environment variable present in a Container.
-                    "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
-                    "value": "A String", # (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
-                    "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # (Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty.
-                      "configMapKeyRef": { # Not supported by Cloud Run Selects a key from a ConfigMap. # (Optional) Not supported by Cloud Run Selects a key of a ConfigMap.
-                        "key": "A String", # The key to select.
-                        "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                          "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                    "name": "A String", # Required. Name of the environment variable. Must be a C_IDENTIFIER.
+                    "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
+                    "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # Source for the environment variable's value. Only supports secret_key_ref. Cannot be used if value is not empty.
+                      "configMapKeyRef": { # Not supported by Cloud Run. Selects a key from a ConfigMap. # Not supported by Cloud Run. Selects a key of a ConfigMap.
+                        "key": "A String", # Required. The key to select.
+                        "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                          "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                         },
-                        "name": "A String", # The ConfigMap to select from.
-                        "optional": True or False, # (Optional) Specify whether the ConfigMap or its key must be defined
+                        "name": "A String", # Required. The ConfigMap to select from.
+                        "optional": True or False, # Specify whether the ConfigMap or its key must be defined
                       },
-                      "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # (Optional) Selects a key (version) of a secret in Secret Manager.
-                        "key": "A String", # A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
-                        "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                          "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                      "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # Selects a key (version) of a secret in Secret Manager.
+                        "key": "A String", # Required. A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
+                        "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                          "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                         },
                         "name": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from.
-                        "optional": True or False, # (Optional) Specify whether the Secret or its key must be defined
+                        "optional": True or False, # Specify whether the Secret or its key must be defined.
                       },
                     },
                   },
                 ],
-                "envFrom": [ # (Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
-                  { # Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps
-                    "configMapRef": { # Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # (Optional) The ConfigMap to select from
-                      "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                        "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "envFrom": [ # Not supported by Cloud Run.
+                  { # Not supported by Cloud Run. EnvFromSource represents the source of a set of ConfigMaps
+                    "configMapRef": { # Not supported by Cloud Run. ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from
+                      "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                       },
                       "name": "A String", # The ConfigMap to select from.
-                      "optional": True or False, # (Optional) Specify whether the ConfigMap must be defined
+                      "optional": True or False, # Specify whether the ConfigMap must be defined.
                     },
-                    "prefix": "A String", # (Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
-                    "secretRef": { # Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # (Optional) The Secret to select from
-                      "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                        "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                    "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
+                    "secretRef": { # Not supported by Cloud Run. SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from
+                      "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                       },
                       "name": "A String", # The Secret to select from.
-                      "optional": True or False, # (Optional) Specify whether the Secret must be defined
+                      "optional": True or False, # Specify whether the Secret must be defined
                     },
                   },
                 ],
-                "image": "A String", # Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images
-                "imagePullPolicy": "A String", # (Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
-                "livenessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                    "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+                "image": "A String", # Required. URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images
+                "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
+                "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                    "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                       "A String",
                     ],
                   },
-                  "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-                  "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+                  "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+                  "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                     "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                     "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
                   },
-                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                    "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                       { # HTTPHeader describes a custom header to be used in HTTP probes
                         "name": "A String", # The header field name
                         "value": "A String", # The header field value
                       },
                     ],
-                    "path": "A String", # (Optional) Path to access on the HTTP server.
-                    "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                    "path": "A String", # Path to access on the HTTP server.
+                    "scheme": "A String", # Not supported by Cloud Run.
                   },
-                  "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-                  "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                    "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+                  "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+                  "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
                   },
-                  "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
                 },
-                "name": "A String", # (Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
-                "ports": [ # (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
+                "name": "A String", # Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
+                "ports": [ # List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
                   { # ContainerPort represents a network port in a single container.
-                    "containerPort": 42, # (Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536.
-                    "name": "A String", # (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
-                    "protocol": "A String", # (Optional) Protocol for port. Must be "TCP". Defaults to "TCP".
+                    "containerPort": 42, # Port number the container listens on. This must be a valid port number, 0 < x < 65536.
+                    "name": "A String", # If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
+                    "protocol": "A String", # Protocol for port. Must be "TCP". Defaults to "TCP".
                   },
                 ],
-                "readinessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                    "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+                "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Not supported by Cloud Run.
+                  "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                    "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                       "A String",
                     ],
                   },
-                  "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-                  "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+                  "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+                  "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                     "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                     "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
                   },
-                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                    "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                       { # HTTPHeader describes a custom header to be used in HTTP probes
                         "name": "A String", # The header field name
                         "value": "A String", # The header field value
                       },
                     ],
-                    "path": "A String", # (Optional) Path to access on the HTTP server.
-                    "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                    "path": "A String", # Path to access on the HTTP server.
+                    "scheme": "A String", # Not supported by Cloud Run.
                   },
-                  "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-                  "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                    "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+                  "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+                  "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
                   },
-                  "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
                 },
-                "resources": { # ResourceRequirements describes the compute resource requirements. # (Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
-                  "limits": { # (Optional) Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+                "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+                  "limits": { # Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                     "a_key": "A String",
                   },
-                  "requests": { # (Optional) Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+                  "requests": { # Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                     "a_key": "A String",
                   },
                 },
-                "securityContext": { # Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # (Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
-                  "runAsUser": 42, # (Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+                "securityContext": { # Not supported by Cloud Run. SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Not supported by Cloud Run.
+                  "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
                 },
-                "startupProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                    "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+                "startupProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not receive traffic if the probe fails. If not provided, a default startup probe with TCP socket action is used. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                    "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                       "A String",
                     ],
                   },
-                  "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-                  "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+                  "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+                  "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                     "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                     "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
                   },
-                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                    "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                       { # HTTPHeader describes a custom header to be used in HTTP probes
                         "name": "A String", # The header field name
                         "value": "A String", # The header field value
                       },
                     ],
-                    "path": "A String", # (Optional) Path to access on the HTTP server.
-                    "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                    "path": "A String", # Path to access on the HTTP server.
+                    "scheme": "A String", # Not supported by Cloud Run.
                   },
-                  "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-                  "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                    "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+                  "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+                  "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
                   },
-                  "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
                 },
-                "terminationMessagePath": "A String", # (Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
-                "terminationMessagePolicy": "A String", # (Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
-                "volumeMounts": [ # (Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
+                "terminationMessagePath": "A String", # Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
+                "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
+                "volumeMounts": [ # Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
                   { # VolumeMount describes a mounting of a Volume within a container.
-                    "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'.
-                    "name": "A String", # The name of the volume. There must be a corresponding Volume with the same name.
-                    "readOnly": True or False, # (Optional) Only true is accepted. Defaults to true.
-                    "subPath": "A String", # (Optional) Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
+                    "mountPath": "A String", # Required. Path within the container at which the volume should be mounted. Must not contain ':'.
+                    "name": "A String", # Required. The name of the volume. There must be a corresponding Volume with the same name.
+                    "readOnly": True or False, # Only true is accepted for Secret Volumes. Defaults to true for Secrets Volumes.
+                    "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
                   },
                 ],
-                "workingDir": "A String", # (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
+                "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
               },
             ],
             "maxRetries": 42, # Optional. Number of retries allowed per task, before marking this job failed.
-            "serviceAccountName": "A String", # Optional. Email address of the IAM service account associated with the task of a job execution. The service account represents the identity of the running task, and determines what permissions the task has. If not provided, the task will use the project's default service account. +optional
-            "timeoutSeconds": "A String", # Optional. Optional duration in seconds the task may be active before the system will actively try to mark it failed and kill associated containers. This applies per attempt of a task, meaning each retry can run for the full timeout. +optional
-            "volumes": [ # Optional. List of volumes that can be mounted by containers belonging to the task. More info: https://kubernetes.io/docs/concepts/storage/volumes +optional
+            "serviceAccountName": "A String", # Optional. Email address of the IAM service account associated with the task of a job execution. The service account represents the identity of the running task, and determines what permissions the task has. If not provided, the task will use the project's default service account.
+            "timeoutSeconds": "A String", # Optional. Duration in seconds the task may be active before the system will actively try to mark it failed and kill associated containers. This applies per attempt of a task, meaning each retry can run for the full timeout.
+            "volumes": [ # Optional. List of volumes that can be mounted by containers belonging to the task. More info: https://kubernetes.io/docs/concepts/storage/volumes
               { # Volume represents a named volume in a container.
-                "configMap": { # Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
+                "configMap": { # Not supported by Cloud Run. Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
                   "defaultMode": 42, # (Optional) Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                   "items": [ # (Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
                     { # Maps a string key to a path within a volume.
@@ -380,16 +380,16 @@ 
Method Details

                   "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
                 },
                 "name": "A String", # Volume's name. In Cloud Run Fully Managed, the name 'cloudsql' is reserved.
-                "secret": { # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names.
+                "secret": { # A volume representing a secret stored in Google Secret Manager. The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secretName.
                   "defaultMode": 42, # Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0444. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
-                  "items": [ # (Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
+                  "items": [ # A list of secret versions to mount in the volume. If no items are specified, the volume will expose a file with the same name as the secret name. The contents of the file will be the data in the latest version of the secret. If items are specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify both a key and a path.
                     { # Maps a string key to a path within a volume.
                       "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project.
                       "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                       "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                     },
                   ],
-                  "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
+                  "optional": True or False, # Not supported by Cloud Run.
                   "secretName": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use.
                 },
               },
@@ -399,15 +399,15 @@ 
Method Details

       },
     },
   },
-  "status": { # JobStatus represents the current state of a Job. # Output only. Current status of a job. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status +optional
-    "conditions": [ # The latest available observations of a job's current state. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/
-      { # Condition defines a generic condition for a Resource.
+  "status": { # JobStatus represents the current state of a Job. # Output only. Current status of a job. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+    "conditions": [ # The latest available observations of a job's current state. More info: https://kubernetes.io/docs/concepts/workloads/controllers/job/
+      { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
         "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
         "message": "A String", # Optional. Human readable message indicating details about the current status.
-        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-        "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+        "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
         "status": "A String", # Status of the condition, one of True, False, Unknown.
-        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
       },
     ],
     "executionCount": 42, # Number of executions created for this job.
@@ -428,264 +428,264 @@ 
Method Details

 Returns:
   An object of the form:
 
-    { # Job represents the configuration of a single job. A job an immutable resource that references a container image which is run to completion.
-  "apiVersion": "A String", # Optional. APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources +optional
-  "kind": "A String", # Optional. Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +optional
-  "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional
-    "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+    { # Job represents the configuration of a single job, which references a container image which is run to completion.
+  "apiVersion": "A String", # Optional. APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+  "kind": "A String", # Optional. Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+  "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+    "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
       "a_key": "A String",
     },
-    "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-    "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-    "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+    "clusterName": "A String", # Not supported by Cloud Run
+    "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+    "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+    "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+    "finalizers": [ # Not supported by Cloud Run
       "A String",
     ],
-    "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-    "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-    "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+    "generateName": "A String", # Not supported by Cloud Run
+    "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+    "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
       "a_key": "A String",
     },
-    "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-    "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-    "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-      { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-        "apiVersion": "A String", # API version of the referent.
-        "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-        "controller": True or False, # If true, this reference points to the managing controller. +optional
-        "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-        "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+    "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+    "ownerReferences": [ # Not supported by Cloud Run
+      { # This is not supported or used by Cloud Run.
+        "apiVersion": "A String", # This is not supported or used by Cloud Run.
+        "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+        "controller": True or False, # This is not supported or used by Cloud Run.
+        "kind": "A String", # This is not supported or used by Cloud Run.
+        "name": "A String", # This is not supported or used by Cloud Run.
+        "uid": "A String", # This is not supported or used by Cloud Run.
       },
     ],
-    "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-    "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-    "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
+    "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
   },
-  "spec": { # JobSpec describes how the job will look. # Optional. Specification of the desired behavior of a job. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status +optional
+  "spec": { # JobSpec describes how the job will look. # Optional. Specification of the desired behavior of a job. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
     "template": { # ExecutionTemplateSpec describes the metadata and spec an Execution should have when created from a job. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Optional. Describes the execution that will be created when running a job.
       "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional. Optional metadata for this Execution, including labels and annotations. The following annotation keys set properties of the created execution: * `run.googleapis.com/cloudsql-instances` sets Cloud SQL connections. Multiple values should be comma separated. * `run.googleapis.com/vpc-access-connector` sets a Serverless VPC Access connector. * `run.googleapis.com/vpc-access-egress` sets VPC egress. Supported values are `all-traffic`, `all` (deprecated), and `private-ranges-only`. `all-traffic` and `all` provide the same functionality. `all` is deprecated but will continue to be supported. Prefer `all-traffic`.
-        "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+        "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
           "a_key": "A String",
         },
-        "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-        "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-        "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+        "clusterName": "A String", # Not supported by Cloud Run
+        "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+        "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+        "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+        "finalizers": [ # Not supported by Cloud Run
           "A String",
         ],
-        "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-        "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-        "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+        "generateName": "A String", # Not supported by Cloud Run
+        "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+        "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
           "a_key": "A String",
         },
-        "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-        "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-        "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-          { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-            "apiVersion": "A String", # API version of the referent.
-            "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-            "controller": True or False, # If true, this reference points to the managing controller. +optional
-            "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-            "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+        "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+        "ownerReferences": [ # Not supported by Cloud Run
+          { # This is not supported or used by Cloud Run.
+            "apiVersion": "A String", # This is not supported or used by Cloud Run.
+            "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+            "controller": True or False, # This is not supported or used by Cloud Run.
+            "kind": "A String", # This is not supported or used by Cloud Run.
+            "name": "A String", # This is not supported or used by Cloud Run.
+            "uid": "A String", # This is not supported or used by Cloud Run.
           },
         ],
-        "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-        "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-        "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+        "selfLink": "A String", # URL representing this object.
+        "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
       },
       "spec": { # ExecutionSpec describes how the execution will look. # Required. ExecutionSpec holds the desired configuration for executions of this job.
-        "parallelism": 42, # Optional. Specifies the maximum desired number of tasks the execution should run at given time. Must be <= task_count. When the job is run, if this field is 0 or unset, the maximum possible value will be used for that execution. The actual number of tasks running in steady state will be less than this number when there are fewer tasks waiting to be completed remaining, i.e. when the work left to do is less than max parallelism. +optional
-        "taskCount": 42, # Optional. Specifies the desired number of tasks the execution should run. Setting to 1 means that parallelism is limited to 1 and the success of that task signals the success of the execution. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/ +optional
+        "parallelism": 42, # Optional. Specifies the maximum desired number of tasks the execution should run at given time. Must be <= task_count. When the job is run, if this field is 0 or unset, the maximum possible value will be used for that execution. The actual number of tasks running in steady state will be less than this number when there are fewer tasks waiting to be completed, i.e. when the work left to do is less than max parallelism.
+        "taskCount": 42, # Optional. Specifies the desired number of tasks the execution should run. Setting to 1 means that parallelism is limited to 1 and the success of that task signals the success of the execution.
         "template": { # TaskTemplateSpec describes the data a task should have when created from a template. # Optional. Describes the task(s) that will be created when executing an execution.
-          "spec": { # TaskSpec is a description of a task. # Optional. Specification of the desired behavior of the task. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status +optional
+          "spec": { # TaskSpec is a description of a task. # Optional. Specification of the desired behavior of the task. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
             "containers": [ # Optional. List of containers belonging to the task. We disallow a number of fields on this Container. Only a single container may be provided.
               { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime.
-                "args": [ # (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+                "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
                   "A String",
                 ],
-                "command": [
+                "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
                   "A String",
                 ],
-                "env": [ # (Optional) List of environment variables to set in the container.
+                "env": [ # List of environment variables to set in the container.
                   { # EnvVar represents an environment variable present in a Container.
-                    "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
-                    "value": "A String", # (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
-                    "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # (Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty.
-                      "configMapKeyRef": { # Not supported by Cloud Run Selects a key from a ConfigMap. # (Optional) Not supported by Cloud Run Selects a key of a ConfigMap.
-                        "key": "A String", # The key to select.
-                        "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                          "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                    "name": "A String", # Required. Name of the environment variable. Must be a C_IDENTIFIER.
+                    "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
+                    "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # Source for the environment variable's value. Only supports secret_key_ref. Cannot be used if value is not empty.
+                      "configMapKeyRef": { # Not supported by Cloud Run. Selects a key from a ConfigMap. # Not supported by Cloud Run. Selects a key of a ConfigMap.
+                        "key": "A String", # Required. The key to select.
+                        "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                          "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                         },
-                        "name": "A String", # The ConfigMap to select from.
-                        "optional": True or False, # (Optional) Specify whether the ConfigMap or its key must be defined
+                        "name": "A String", # Required. The ConfigMap to select from.
+                        "optional": True or False, # Specify whether the ConfigMap or its key must be defined
                       },
-                      "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # (Optional) Selects a key (version) of a secret in Secret Manager.
-                        "key": "A String", # A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
-                        "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                          "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                      "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # Selects a key (version) of a secret in Secret Manager.
+                        "key": "A String", # Required. A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
+                        "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                          "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                         },
                         "name": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from.
-                        "optional": True or False, # (Optional) Specify whether the Secret or its key must be defined
+                        "optional": True or False, # Specify whether the Secret or its key must be defined.
                       },
                     },
                   },
                 ],
-                "envFrom": [ # (Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
-                  { # Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps
-                    "configMapRef": { # Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # (Optional) The ConfigMap to select from
-                      "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                        "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "envFrom": [ # Not supported by Cloud Run.
+                  { # Not supported by Cloud Run. EnvFromSource represents the source of a set of ConfigMaps
+                    "configMapRef": { # Not supported by Cloud Run. ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from
+                      "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                       },
                       "name": "A String", # The ConfigMap to select from.
-                      "optional": True or False, # (Optional) Specify whether the ConfigMap must be defined
+                      "optional": True or False, # Specify whether the ConfigMap must be defined.
                     },
-                    "prefix": "A String", # (Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
-                    "secretRef": { # Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # (Optional) The Secret to select from
-                      "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                        "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                    "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
+                    "secretRef": { # Not supported by Cloud Run. SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from
+                      "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                       },
                       "name": "A String", # The Secret to select from.
-                      "optional": True or False, # (Optional) Specify whether the Secret must be defined
+                      "optional": True or False, # Specify whether the Secret must be defined
                     },
                   },
                 ],
-                "image": "A String", # Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images
-                "imagePullPolicy": "A String", # (Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
-                "livenessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                    "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+                "image": "A String", # Required. URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images
+                "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
+                "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                    "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                       "A String",
                     ],
                   },
-                  "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-                  "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+                  "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+                  "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                     "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                     "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
                   },
-                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                    "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                       { # HTTPHeader describes a custom header to be used in HTTP probes
                         "name": "A String", # The header field name
                         "value": "A String", # The header field value
                       },
                     ],
-                    "path": "A String", # (Optional) Path to access on the HTTP server.
-                    "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                    "path": "A String", # Path to access on the HTTP server.
+                    "scheme": "A String", # Not supported by Cloud Run.
                   },
-                  "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-                  "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                    "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+                  "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+                  "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
                   },
-                  "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
                 },
-                "name": "A String", # (Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
-                "ports": [ # (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
+                "name": "A String", # Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
+                "ports": [ # List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
                   { # ContainerPort represents a network port in a single container.
-                    "containerPort": 42, # (Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536.
-                    "name": "A String", # (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
-                    "protocol": "A String", # (Optional) Protocol for port. Must be "TCP". Defaults to "TCP".
+                    "containerPort": 42, # Port number the container listens on. This must be a valid port number, 0 < x < 65536.
+                    "name": "A String", # If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
+                    "protocol": "A String", # Protocol for port. Must be "TCP". Defaults to "TCP".
                   },
                 ],
-                "readinessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                    "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+                "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Not supported by Cloud Run.
+                  "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                    "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                       "A String",
                     ],
                   },
-                  "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-                  "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+                  "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+                  "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                     "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                     "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
                   },
-                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                    "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                       { # HTTPHeader describes a custom header to be used in HTTP probes
                         "name": "A String", # The header field name
                         "value": "A String", # The header field value
                       },
                     ],
-                    "path": "A String", # (Optional) Path to access on the HTTP server.
-                    "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                    "path": "A String", # Path to access on the HTTP server.
+                    "scheme": "A String", # Not supported by Cloud Run.
                   },
-                  "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-                  "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                    "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+                  "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+                  "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
                   },
-                  "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
                 },
-                "resources": { # ResourceRequirements describes the compute resource requirements. # (Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
-                  "limits": { # (Optional) Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+                "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+                  "limits": { # Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                     "a_key": "A String",
                   },
-                  "requests": { # (Optional) Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+                  "requests": { # Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                     "a_key": "A String",
                   },
                 },
-                "securityContext": { # Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # (Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
-                  "runAsUser": 42, # (Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+                "securityContext": { # Not supported by Cloud Run. SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Not supported by Cloud Run.
+                  "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
                 },
-                "startupProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                    "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+                "startupProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not receive traffic if the probe fails. If not provided, a default startup probe with TCP socket action is used. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                    "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                       "A String",
                     ],
                   },
-                  "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-                  "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+                  "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+                  "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                     "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                     "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
                   },
-                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                    "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                       { # HTTPHeader describes a custom header to be used in HTTP probes
                         "name": "A String", # The header field name
                         "value": "A String", # The header field value
                       },
                     ],
-                    "path": "A String", # (Optional) Path to access on the HTTP server.
-                    "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                    "path": "A String", # Path to access on the HTTP server.
+                    "scheme": "A String", # Not supported by Cloud Run.
                   },
-                  "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-                  "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                    "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+                  "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+                  "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
                   },
-                  "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
                 },
-                "terminationMessagePath": "A String", # (Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
-                "terminationMessagePolicy": "A String", # (Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
-                "volumeMounts": [ # (Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
+                "terminationMessagePath": "A String", # Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
+                "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
+                "volumeMounts": [ # Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
                   { # VolumeMount describes a mounting of a Volume within a container.
-                    "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'.
-                    "name": "A String", # The name of the volume. There must be a corresponding Volume with the same name.
-                    "readOnly": True or False, # (Optional) Only true is accepted. Defaults to true.
-                    "subPath": "A String", # (Optional) Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
+                    "mountPath": "A String", # Required. Path within the container at which the volume should be mounted. Must not contain ':'.
+                    "name": "A String", # Required. The name of the volume. There must be a corresponding Volume with the same name.
+                    "readOnly": True or False, # Only true is accepted for Secret Volumes. Defaults to true for Secrets Volumes.
+                    "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
                   },
                 ],
-                "workingDir": "A String", # (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
+                "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
               },
             ],
             "maxRetries": 42, # Optional. Number of retries allowed per task, before marking this job failed.
-            "serviceAccountName": "A String", # Optional. Email address of the IAM service account associated with the task of a job execution. The service account represents the identity of the running task, and determines what permissions the task has. If not provided, the task will use the project's default service account. +optional
-            "timeoutSeconds": "A String", # Optional. Optional duration in seconds the task may be active before the system will actively try to mark it failed and kill associated containers. This applies per attempt of a task, meaning each retry can run for the full timeout. +optional
-            "volumes": [ # Optional. List of volumes that can be mounted by containers belonging to the task. More info: https://kubernetes.io/docs/concepts/storage/volumes +optional
+            "serviceAccountName": "A String", # Optional. Email address of the IAM service account associated with the task of a job execution. The service account represents the identity of the running task, and determines what permissions the task has. If not provided, the task will use the project's default service account.
+            "timeoutSeconds": "A String", # Optional. Duration in seconds the task may be active before the system will actively try to mark it failed and kill associated containers. This applies per attempt of a task, meaning each retry can run for the full timeout.
+            "volumes": [ # Optional. List of volumes that can be mounted by containers belonging to the task. More info: https://kubernetes.io/docs/concepts/storage/volumes
               { # Volume represents a named volume in a container.
-                "configMap": { # Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
+                "configMap": { # Not supported by Cloud Run. Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
                   "defaultMode": 42, # (Optional) Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                   "items": [ # (Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
                     { # Maps a string key to a path within a volume.
@@ -698,16 +698,16 @@ 
Method Details

                   "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
                 },
                 "name": "A String", # Volume's name. In Cloud Run Fully Managed, the name 'cloudsql' is reserved.
-                "secret": { # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names.
+                "secret": { # A volume representing a secret stored in Google Secret Manager. The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secretName.
                   "defaultMode": 42, # Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0444. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
-                  "items": [ # (Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
+                  "items": [ # A list of secret versions to mount in the volume. If no items are specified, the volume will expose a file with the same name as the secret name. The contents of the file will be the data in the latest version of the secret. If items are specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify both a key and a path.
                     { # Maps a string key to a path within a volume.
                       "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project.
                       "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                       "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                     },
                   ],
-                  "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
+                  "optional": True or False, # Not supported by Cloud Run.
                   "secretName": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use.
                 },
               },
@@ -717,15 +717,15 @@ 
Method Details

       },
     },
   },
-  "status": { # JobStatus represents the current state of a Job. # Output only. Current status of a job. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status +optional
-    "conditions": [ # The latest available observations of a job's current state. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/
-      { # Condition defines a generic condition for a Resource.
+  "status": { # JobStatus represents the current state of a Job. # Output only. Current status of a job. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+    "conditions": [ # The latest available observations of a job's current state. More info: https://kubernetes.io/docs/concepts/workloads/controllers/job/
+      { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
         "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
         "message": "A String", # Optional. Human readable message indicating details about the current status.
-        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-        "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+        "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
         "status": "A String", # Status of the condition, one of True, False, Unknown.
-        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
       },
     ],
     "executionCount": 42, # Number of executions created for this job.
@@ -756,30 +756,30 @@ 
Method Details

 Returns:
   An object of the form:
 
-    { # Status is a return value for calls that don't return other objects
-  "code": 42, # Suggested HTTP return code for this status, 0 if not set. +optional
-  "details": { # StatusDetails is a set of additional properties that MAY be set by the server to provide additional information about a response. The Reason field of a Status object defines what attributes will be set. Clients must ignore fields that do not match the defined type of each attribute, and should assume that any attribute may be empty, invalid, or under defined. # Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type. +optional
-    "causes": [ # The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes. +optional
+    { # Status is a return value for calls that don't return other objects.
+  "code": 42, # Suggested HTTP return code for this status, 0 if not set.
+  "details": { # StatusDetails is a set of additional properties that MAY be set by the server to provide additional information about a response. The Reason field of a Status object defines what attributes will be set. Clients must ignore fields that do not match the defined type of each attribute, and should assume that any attribute may be empty, invalid, or under defined. # Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type.
+    "causes": [ # The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes.
       { # StatusCause provides more information about an api.Status failure, including cases when multiple errors are encountered.
-        "field": "A String", # The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. Examples: "name" - the field "name" on the current resource "items[0].name" - the field "name" on the first array entry in "items" +optional
-        "message": "A String", # A human-readable description of the cause of the error. This field may be presented as-is to a reader. +optional
-        "reason": "A String", # A machine-readable description of the cause of the error. If this value is empty there is no information available. +optional
+        "field": "A String", # The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Examples: "name" - the field "name" on the current resource "items[0].name" - the field "name" on the first array entry in "items"
+        "message": "A String", # A human-readable description of the cause of the error. This field may be presented as-is to a reader.
+        "reason": "A String", # A machine-readable description of the cause of the error. If this value is empty there is no information available.
       },
     ],
-    "group": "A String", # The group attribute of the resource associated with the status StatusReason. +optional
-    "kind": "A String", # The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +optional
-    "name": "A String", # The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described). +optional
-    "retryAfterSeconds": 42, # If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action. +optional
-    "uid": "A String", # UID of the resource. (when there is a single resource which can be described). More info: https://kubernetes.io/docs/user-guide/identifiers#uids +optional
+    "group": "A String", # The group attribute of the resource associated with the status StatusReason.
+    "kind": "A String", # The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+    "name": "A String", # The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described).
+    "retryAfterSeconds": 42, # If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action.
+    "uid": "A String", # UID of the resource. (when there is a single resource which can be described). More info: https://kubernetes.io/docs/user-guide/identifiers#uids
   },
-  "message": "A String", # A human-readable description of the status of this operation. +optional
-  "metadata": { # ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}. # Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +optional
-    "continue": "A String", # continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response.
-    "resourceVersion": "A String", # String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional
-    "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional
+  "message": "A String", # A human-readable description of the status of this operation.
+  "metadata": { # Metadata for synthetic resources like List. In Cloud Run, all List Resources Responses will have a ListMeta instead of ObjectMeta. # Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+    "continue": "A String", # Continuation token is a value emitted when the count of items is larger than the user/system limit. To retrieve the next page of items, pass the value of `continue` as the next request's `page_token`.
+    "resourceVersion": "A String", # Opaque string that identifies the server's internal version of this object. It can be used by clients to determine when objects have changed. If the message is passed back to the server, it must be left unmodified. https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
   },
-  "reason": "A String", # A machine-readable description of why this operation is in the "Failure" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it. +optional
-  "status": "A String", # Status of the operation. One of: "Success" or "Failure". More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status +optional
+  "reason": "A String", # A machine-readable description of why this operation is in the "Failure" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it.
+  "status": "A String", # Status of the operation. One of: "Success" or "Failure". More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
 }

 

 
@@ -797,264 +797,264 @@ 
Method Details

 Returns:
   An object of the form:
 
-    { # Job represents the configuration of a single job. A job an immutable resource that references a container image which is run to completion.
-  "apiVersion": "A String", # Optional. APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources +optional
-  "kind": "A String", # Optional. Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +optional
-  "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional
-    "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+    { # Job represents the configuration of a single job, which references a container image which is run to completion.
+  "apiVersion": "A String", # Optional. APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+  "kind": "A String", # Optional. Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+  "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+    "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
       "a_key": "A String",
     },
-    "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-    "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-    "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+    "clusterName": "A String", # Not supported by Cloud Run
+    "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+    "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+    "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+    "finalizers": [ # Not supported by Cloud Run
       "A String",
     ],
-    "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-    "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-    "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+    "generateName": "A String", # Not supported by Cloud Run
+    "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+    "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
       "a_key": "A String",
     },
-    "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-    "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-    "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-      { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-        "apiVersion": "A String", # API version of the referent.
-        "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-        "controller": True or False, # If true, this reference points to the managing controller. +optional
-        "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-        "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+    "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+    "ownerReferences": [ # Not supported by Cloud Run
+      { # This is not supported or used by Cloud Run.
+        "apiVersion": "A String", # This is not supported or used by Cloud Run.
+        "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+        "controller": True or False, # This is not supported or used by Cloud Run.
+        "kind": "A String", # This is not supported or used by Cloud Run.
+        "name": "A String", # This is not supported or used by Cloud Run.
+        "uid": "A String", # This is not supported or used by Cloud Run.
       },
     ],
-    "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-    "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-    "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
+    "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
   },
-  "spec": { # JobSpec describes how the job will look. # Optional. Specification of the desired behavior of a job. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status +optional
+  "spec": { # JobSpec describes how the job will look. # Optional. Specification of the desired behavior of a job. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
     "template": { # ExecutionTemplateSpec describes the metadata and spec an Execution should have when created from a job. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Optional. Describes the execution that will be created when running a job.
       "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional. Optional metadata for this Execution, including labels and annotations. The following annotation keys set properties of the created execution: * `run.googleapis.com/cloudsql-instances` sets Cloud SQL connections. Multiple values should be comma separated. * `run.googleapis.com/vpc-access-connector` sets a Serverless VPC Access connector. * `run.googleapis.com/vpc-access-egress` sets VPC egress. Supported values are `all-traffic`, `all` (deprecated), and `private-ranges-only`. `all-traffic` and `all` provide the same functionality. `all` is deprecated but will continue to be supported. Prefer `all-traffic`.
-        "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+        "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
           "a_key": "A String",
         },
-        "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-        "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-        "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+        "clusterName": "A String", # Not supported by Cloud Run
+        "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+        "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+        "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+        "finalizers": [ # Not supported by Cloud Run
           "A String",
         ],
-        "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-        "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-        "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+        "generateName": "A String", # Not supported by Cloud Run
+        "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+        "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
           "a_key": "A String",
         },
-        "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-        "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-        "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-          { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-            "apiVersion": "A String", # API version of the referent.
-            "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-            "controller": True or False, # If true, this reference points to the managing controller. +optional
-            "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-            "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+        "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+        "ownerReferences": [ # Not supported by Cloud Run
+          { # This is not supported or used by Cloud Run.
+            "apiVersion": "A String", # This is not supported or used by Cloud Run.
+            "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+            "controller": True or False, # This is not supported or used by Cloud Run.
+            "kind": "A String", # This is not supported or used by Cloud Run.
+            "name": "A String", # This is not supported or used by Cloud Run.
+            "uid": "A String", # This is not supported or used by Cloud Run.
           },
         ],
-        "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-        "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-        "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+        "selfLink": "A String", # URL representing this object.
+        "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
       },
       "spec": { # ExecutionSpec describes how the execution will look. # Required. ExecutionSpec holds the desired configuration for executions of this job.
-        "parallelism": 42, # Optional. Specifies the maximum desired number of tasks the execution should run at given time. Must be <= task_count. When the job is run, if this field is 0 or unset, the maximum possible value will be used for that execution. The actual number of tasks running in steady state will be less than this number when there are fewer tasks waiting to be completed remaining, i.e. when the work left to do is less than max parallelism. +optional
-        "taskCount": 42, # Optional. Specifies the desired number of tasks the execution should run. Setting to 1 means that parallelism is limited to 1 and the success of that task signals the success of the execution. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/ +optional
+        "parallelism": 42, # Optional. Specifies the maximum desired number of tasks the execution should run at given time. Must be <= task_count. When the job is run, if this field is 0 or unset, the maximum possible value will be used for that execution. The actual number of tasks running in steady state will be less than this number when there are fewer tasks waiting to be completed, i.e. when the work left to do is less than max parallelism.
+        "taskCount": 42, # Optional. Specifies the desired number of tasks the execution should run. Setting to 1 means that parallelism is limited to 1 and the success of that task signals the success of the execution.
         "template": { # TaskTemplateSpec describes the data a task should have when created from a template. # Optional. Describes the task(s) that will be created when executing an execution.
-          "spec": { # TaskSpec is a description of a task. # Optional. Specification of the desired behavior of the task. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status +optional
+          "spec": { # TaskSpec is a description of a task. # Optional. Specification of the desired behavior of the task. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
             "containers": [ # Optional. List of containers belonging to the task. We disallow a number of fields on this Container. Only a single container may be provided.
               { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime.
-                "args": [ # (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+                "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
                   "A String",
                 ],
-                "command": [
+                "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
                   "A String",
                 ],
-                "env": [ # (Optional) List of environment variables to set in the container.
+                "env": [ # List of environment variables to set in the container.
                   { # EnvVar represents an environment variable present in a Container.
-                    "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
-                    "value": "A String", # (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
-                    "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # (Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty.
-                      "configMapKeyRef": { # Not supported by Cloud Run Selects a key from a ConfigMap. # (Optional) Not supported by Cloud Run Selects a key of a ConfigMap.
-                        "key": "A String", # The key to select.
-                        "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                          "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                    "name": "A String", # Required. Name of the environment variable. Must be a C_IDENTIFIER.
+                    "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
+                    "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # Source for the environment variable's value. Only supports secret_key_ref. Cannot be used if value is not empty.
+                      "configMapKeyRef": { # Not supported by Cloud Run. Selects a key from a ConfigMap. # Not supported by Cloud Run. Selects a key of a ConfigMap.
+                        "key": "A String", # Required. The key to select.
+                        "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                          "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                         },
-                        "name": "A String", # The ConfigMap to select from.
-                        "optional": True or False, # (Optional) Specify whether the ConfigMap or its key must be defined
+                        "name": "A String", # Required. The ConfigMap to select from.
+                        "optional": True or False, # Specify whether the ConfigMap or its key must be defined
                       },
-                      "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # (Optional) Selects a key (version) of a secret in Secret Manager.
-                        "key": "A String", # A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
-                        "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                          "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                      "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # Selects a key (version) of a secret in Secret Manager.
+                        "key": "A String", # Required. A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
+                        "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                          "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                         },
                         "name": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from.
-                        "optional": True or False, # (Optional) Specify whether the Secret or its key must be defined
+                        "optional": True or False, # Specify whether the Secret or its key must be defined.
                       },
                     },
                   },
                 ],
-                "envFrom": [ # (Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
-                  { # Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps
-                    "configMapRef": { # Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # (Optional) The ConfigMap to select from
-                      "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                        "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "envFrom": [ # Not supported by Cloud Run.
+                  { # Not supported by Cloud Run. EnvFromSource represents the source of a set of ConfigMaps
+                    "configMapRef": { # Not supported by Cloud Run. ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from
+                      "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                       },
                       "name": "A String", # The ConfigMap to select from.
-                      "optional": True or False, # (Optional) Specify whether the ConfigMap must be defined
+                      "optional": True or False, # Specify whether the ConfigMap must be defined.
                     },
-                    "prefix": "A String", # (Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
-                    "secretRef": { # Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # (Optional) The Secret to select from
-                      "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                        "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                    "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
+                    "secretRef": { # Not supported by Cloud Run. SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from
+                      "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                       },
                       "name": "A String", # The Secret to select from.
-                      "optional": True or False, # (Optional) Specify whether the Secret must be defined
+                      "optional": True or False, # Specify whether the Secret must be defined
                     },
                   },
                 ],
-                "image": "A String", # Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images
-                "imagePullPolicy": "A String", # (Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
-                "livenessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                    "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+                "image": "A String", # Required. URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images
+                "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
+                "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                    "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                       "A String",
                     ],
                   },
-                  "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-                  "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+                  "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+                  "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                     "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                     "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
                   },
-                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                    "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                       { # HTTPHeader describes a custom header to be used in HTTP probes
                         "name": "A String", # The header field name
                         "value": "A String", # The header field value
                       },
                     ],
-                    "path": "A String", # (Optional) Path to access on the HTTP server.
-                    "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                    "path": "A String", # Path to access on the HTTP server.
+                    "scheme": "A String", # Not supported by Cloud Run.
                   },
-                  "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-                  "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                    "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+                  "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+                  "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
                   },
-                  "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
                 },
-                "name": "A String", # (Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
-                "ports": [ # (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
+                "name": "A String", # Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
+                "ports": [ # List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
                   { # ContainerPort represents a network port in a single container.
-                    "containerPort": 42, # (Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536.
-                    "name": "A String", # (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
-                    "protocol": "A String", # (Optional) Protocol for port. Must be "TCP". Defaults to "TCP".
+                    "containerPort": 42, # Port number the container listens on. This must be a valid port number, 0 < x < 65536.
+                    "name": "A String", # If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
+                    "protocol": "A String", # Protocol for port. Must be "TCP". Defaults to "TCP".
                   },
                 ],
-                "readinessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                    "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+                "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Not supported by Cloud Run.
+                  "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                    "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                       "A String",
                     ],
                   },
-                  "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-                  "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+                  "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+                  "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                     "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                     "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
                   },
-                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                    "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                       { # HTTPHeader describes a custom header to be used in HTTP probes
                         "name": "A String", # The header field name
                         "value": "A String", # The header field value
                       },
                     ],
-                    "path": "A String", # (Optional) Path to access on the HTTP server.
-                    "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                    "path": "A String", # Path to access on the HTTP server.
+                    "scheme": "A String", # Not supported by Cloud Run.
                   },
-                  "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-                  "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                    "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+                  "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+                  "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
                   },
-                  "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
                 },
-                "resources": { # ResourceRequirements describes the compute resource requirements. # (Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
-                  "limits": { # (Optional) Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+                "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+                  "limits": { # Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                     "a_key": "A String",
                   },
-                  "requests": { # (Optional) Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+                  "requests": { # Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                     "a_key": "A String",
                   },
                 },
-                "securityContext": { # Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # (Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
-                  "runAsUser": 42, # (Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+                "securityContext": { # Not supported by Cloud Run. SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Not supported by Cloud Run.
+                  "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
                 },
-                "startupProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                    "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+                "startupProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not receive traffic if the probe fails. If not provided, a default startup probe with TCP socket action is used. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                    "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                       "A String",
                     ],
                   },
-                  "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-                  "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+                  "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+                  "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                     "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                     "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
                   },
-                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                    "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                       { # HTTPHeader describes a custom header to be used in HTTP probes
                         "name": "A String", # The header field name
                         "value": "A String", # The header field value
                       },
                     ],
-                    "path": "A String", # (Optional) Path to access on the HTTP server.
-                    "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                    "path": "A String", # Path to access on the HTTP server.
+                    "scheme": "A String", # Not supported by Cloud Run.
                   },
-                  "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-                  "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                    "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+                  "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+                  "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
                   },
-                  "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
                 },
-                "terminationMessagePath": "A String", # (Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
-                "terminationMessagePolicy": "A String", # (Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
-                "volumeMounts": [ # (Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
+                "terminationMessagePath": "A String", # Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
+                "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
+                "volumeMounts": [ # Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
                   { # VolumeMount describes a mounting of a Volume within a container.
-                    "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'.
-                    "name": "A String", # The name of the volume. There must be a corresponding Volume with the same name.
-                    "readOnly": True or False, # (Optional) Only true is accepted. Defaults to true.
-                    "subPath": "A String", # (Optional) Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
+                    "mountPath": "A String", # Required. Path within the container at which the volume should be mounted. Must not contain ':'.
+                    "name": "A String", # Required. The name of the volume. There must be a corresponding Volume with the same name.
+                    "readOnly": True or False, # Only true is accepted for Secret Volumes. Defaults to true for Secrets Volumes.
+                    "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
                   },
                 ],
-                "workingDir": "A String", # (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
+                "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
               },
             ],
             "maxRetries": 42, # Optional. Number of retries allowed per task, before marking this job failed.
-            "serviceAccountName": "A String", # Optional. Email address of the IAM service account associated with the task of a job execution. The service account represents the identity of the running task, and determines what permissions the task has. If not provided, the task will use the project's default service account. +optional
-            "timeoutSeconds": "A String", # Optional. Optional duration in seconds the task may be active before the system will actively try to mark it failed and kill associated containers. This applies per attempt of a task, meaning each retry can run for the full timeout. +optional
-            "volumes": [ # Optional. List of volumes that can be mounted by containers belonging to the task. More info: https://kubernetes.io/docs/concepts/storage/volumes +optional
+            "serviceAccountName": "A String", # Optional. Email address of the IAM service account associated with the task of a job execution. The service account represents the identity of the running task, and determines what permissions the task has. If not provided, the task will use the project's default service account.
+            "timeoutSeconds": "A String", # Optional. Duration in seconds the task may be active before the system will actively try to mark it failed and kill associated containers. This applies per attempt of a task, meaning each retry can run for the full timeout.
+            "volumes": [ # Optional. List of volumes that can be mounted by containers belonging to the task. More info: https://kubernetes.io/docs/concepts/storage/volumes
               { # Volume represents a named volume in a container.
-                "configMap": { # Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
+                "configMap": { # Not supported by Cloud Run. Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
                   "defaultMode": 42, # (Optional) Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                   "items": [ # (Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
                     { # Maps a string key to a path within a volume.
@@ -1067,16 +1067,16 @@ 
Method Details

                   "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
                 },
                 "name": "A String", # Volume's name. In Cloud Run Fully Managed, the name 'cloudsql' is reserved.
-                "secret": { # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names.
+                "secret": { # A volume representing a secret stored in Google Secret Manager. The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secretName.
                   "defaultMode": 42, # Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0444. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
-                  "items": [ # (Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
+                  "items": [ # A list of secret versions to mount in the volume. If no items are specified, the volume will expose a file with the same name as the secret name. The contents of the file will be the data in the latest version of the secret. If items are specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify both a key and a path.
                     { # Maps a string key to a path within a volume.
                       "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project.
                       "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                       "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                     },
                   ],
-                  "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
+                  "optional": True or False, # Not supported by Cloud Run.
                   "secretName": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use.
                 },
               },
@@ -1086,15 +1086,15 @@ 
Method Details

       },
     },
   },
-  "status": { # JobStatus represents the current state of a Job. # Output only. Current status of a job. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status +optional
-    "conditions": [ # The latest available observations of a job's current state. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/
-      { # Condition defines a generic condition for a Resource.
+  "status": { # JobStatus represents the current state of a Job. # Output only. Current status of a job. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+    "conditions": [ # The latest available observations of a job's current state. More info: https://kubernetes.io/docs/concepts/workloads/controllers/job/
+      { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
         "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
         "message": "A String", # Optional. Human readable message indicating details about the current status.
-        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-        "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+        "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
         "status": "A String", # Status of the condition, one of True, False, Unknown.
-        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
       },
     ],
     "executionCount": 42, # Number of executions created for this job.
@@ -1115,12 +1115,12 @@ 
Method Details

 Args:
   parent: string, Required. The namespace from which the jobs should be listed. Replace {namespace} with the project ID or number. It takes the form namespaces/{namespace}. For example: namespaces/PROJECT_ID (required)
   continue: string, Optional. Optional encoded string to continue paging.
-  fieldSelector: string, Optional. Allows to filter resources based on a specific value for a field name. Send this in a query string format. i.e. 'metadata.name%3Dlorem'. Not currently used by Cloud Run.
-  includeUninitialized: boolean, Optional. Not currently used by Cloud Run.
+  fieldSelector: string, Optional. Not supported by Cloud Run.
+  includeUninitialized: boolean, Optional. Not supported by Cloud Run.
   labelSelector: string, Optional. Allows to filter resources based on a label. Supported operations are =, !=, exists, in, and notIn.
   limit: integer, Optional. The maximum number of records that should be returned.
-  resourceVersion: string, Optional. The baseline resource version from which the list or watch operation should start. Not currently used by Cloud Run.
-  watch: boolean, Optional. Flag that indicates that the client expects to watch this resource as well. Not currently used by Cloud Run.
+  resourceVersion: string, Optional. Not supported by Cloud Run.
+  watch: boolean, Optional. Not supported by Cloud Run.
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -1132,264 +1132,264 @@ 
Method Details

     { # ListJobsResponse is a list of Jobs resources.
   "apiVersion": "A String", # The API version for this call such as "run.googleapis.com/v1".
   "items": [ # List of Jobs.
-    { # Job represents the configuration of a single job. A job an immutable resource that references a container image which is run to completion.
-      "apiVersion": "A String", # Optional. APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources +optional
-      "kind": "A String", # Optional. Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +optional
-      "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional
-        "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+    { # Job represents the configuration of a single job, which references a container image which is run to completion.
+      "apiVersion": "A String", # Optional. APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+      "kind": "A String", # Optional. Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+      "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+        "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
           "a_key": "A String",
         },
-        "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-        "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-        "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+        "clusterName": "A String", # Not supported by Cloud Run
+        "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+        "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+        "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+        "finalizers": [ # Not supported by Cloud Run
           "A String",
         ],
-        "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-        "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-        "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+        "generateName": "A String", # Not supported by Cloud Run
+        "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+        "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
           "a_key": "A String",
         },
-        "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-        "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-        "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-          { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-            "apiVersion": "A String", # API version of the referent.
-            "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-            "controller": True or False, # If true, this reference points to the managing controller. +optional
-            "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-            "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+        "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+        "ownerReferences": [ # Not supported by Cloud Run
+          { # This is not supported or used by Cloud Run.
+            "apiVersion": "A String", # This is not supported or used by Cloud Run.
+            "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+            "controller": True or False, # This is not supported or used by Cloud Run.
+            "kind": "A String", # This is not supported or used by Cloud Run.
+            "name": "A String", # This is not supported or used by Cloud Run.
+            "uid": "A String", # This is not supported or used by Cloud Run.
           },
         ],
-        "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-        "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-        "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+        "selfLink": "A String", # URL representing this object.
+        "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
       },
-      "spec": { # JobSpec describes how the job will look. # Optional. Specification of the desired behavior of a job. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status +optional
+      "spec": { # JobSpec describes how the job will look. # Optional. Specification of the desired behavior of a job. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
         "template": { # ExecutionTemplateSpec describes the metadata and spec an Execution should have when created from a job. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Optional. Describes the execution that will be created when running a job.
           "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional. Optional metadata for this Execution, including labels and annotations. The following annotation keys set properties of the created execution: * `run.googleapis.com/cloudsql-instances` sets Cloud SQL connections. Multiple values should be comma separated. * `run.googleapis.com/vpc-access-connector` sets a Serverless VPC Access connector. * `run.googleapis.com/vpc-access-egress` sets VPC egress. Supported values are `all-traffic`, `all` (deprecated), and `private-ranges-only`. `all-traffic` and `all` provide the same functionality. `all` is deprecated but will continue to be supported. Prefer `all-traffic`.
-            "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+            "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
               "a_key": "A String",
             },
-            "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-            "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-            "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-            "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-            "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+            "clusterName": "A String", # Not supported by Cloud Run
+            "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+            "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+            "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+            "finalizers": [ # Not supported by Cloud Run
               "A String",
             ],
-            "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-            "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-            "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+            "generateName": "A String", # Not supported by Cloud Run
+            "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+            "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
               "a_key": "A String",
             },
-            "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-            "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-            "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-              { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-                "apiVersion": "A String", # API version of the referent.
-                "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-                "controller": True or False, # If true, this reference points to the managing controller. +optional
-                "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-                "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-                "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+            "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+            "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+            "ownerReferences": [ # Not supported by Cloud Run
+              { # This is not supported or used by Cloud Run.
+                "apiVersion": "A String", # This is not supported or used by Cloud Run.
+                "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+                "controller": True or False, # This is not supported or used by Cloud Run.
+                "kind": "A String", # This is not supported or used by Cloud Run.
+                "name": "A String", # This is not supported or used by Cloud Run.
+                "uid": "A String", # This is not supported or used by Cloud Run.
               },
             ],
-            "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-            "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-            "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+            "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+            "selfLink": "A String", # URL representing this object.
+            "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
           },
           "spec": { # ExecutionSpec describes how the execution will look. # Required. ExecutionSpec holds the desired configuration for executions of this job.
-            "parallelism": 42, # Optional. Specifies the maximum desired number of tasks the execution should run at given time. Must be <= task_count. When the job is run, if this field is 0 or unset, the maximum possible value will be used for that execution. The actual number of tasks running in steady state will be less than this number when there are fewer tasks waiting to be completed remaining, i.e. when the work left to do is less than max parallelism. +optional
-            "taskCount": 42, # Optional. Specifies the desired number of tasks the execution should run. Setting to 1 means that parallelism is limited to 1 and the success of that task signals the success of the execution. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/ +optional
+            "parallelism": 42, # Optional. Specifies the maximum desired number of tasks the execution should run at given time. Must be <= task_count. When the job is run, if this field is 0 or unset, the maximum possible value will be used for that execution. The actual number of tasks running in steady state will be less than this number when there are fewer tasks waiting to be completed, i.e. when the work left to do is less than max parallelism.
+            "taskCount": 42, # Optional. Specifies the desired number of tasks the execution should run. Setting to 1 means that parallelism is limited to 1 and the success of that task signals the success of the execution.
             "template": { # TaskTemplateSpec describes the data a task should have when created from a template. # Optional. Describes the task(s) that will be created when executing an execution.
-              "spec": { # TaskSpec is a description of a task. # Optional. Specification of the desired behavior of the task. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status +optional
+              "spec": { # TaskSpec is a description of a task. # Optional. Specification of the desired behavior of the task. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
                 "containers": [ # Optional. List of containers belonging to the task. We disallow a number of fields on this Container. Only a single container may be provided.
                   { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime.
-                    "args": [ # (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+                    "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
                       "A String",
                     ],
-                    "command": [
+                    "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
                       "A String",
                     ],
-                    "env": [ # (Optional) List of environment variables to set in the container.
+                    "env": [ # List of environment variables to set in the container.
                       { # EnvVar represents an environment variable present in a Container.
-                        "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
-                        "value": "A String", # (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
-                        "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # (Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty.
-                          "configMapKeyRef": { # Not supported by Cloud Run Selects a key from a ConfigMap. # (Optional) Not supported by Cloud Run Selects a key of a ConfigMap.
-                            "key": "A String", # The key to select.
-                            "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                              "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                        "name": "A String", # Required. Name of the environment variable. Must be a C_IDENTIFIER.
+                        "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
+                        "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # Source for the environment variable's value. Only supports secret_key_ref. Cannot be used if value is not empty.
+                          "configMapKeyRef": { # Not supported by Cloud Run. Selects a key from a ConfigMap. # Not supported by Cloud Run. Selects a key of a ConfigMap.
+                            "key": "A String", # Required. The key to select.
+                            "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                              "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                             },
-                            "name": "A String", # The ConfigMap to select from.
-                            "optional": True or False, # (Optional) Specify whether the ConfigMap or its key must be defined
+                            "name": "A String", # Required. The ConfigMap to select from.
+                            "optional": True or False, # Specify whether the ConfigMap or its key must be defined
                           },
-                          "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # (Optional) Selects a key (version) of a secret in Secret Manager.
-                            "key": "A String", # A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
-                            "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                              "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                          "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # Selects a key (version) of a secret in Secret Manager.
+                            "key": "A String", # Required. A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
+                            "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                              "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                             },
                             "name": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from.
-                            "optional": True or False, # (Optional) Specify whether the Secret or its key must be defined
+                            "optional": True or False, # Specify whether the Secret or its key must be defined.
                           },
                         },
                       },
                     ],
-                    "envFrom": [ # (Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
-                      { # Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps
-                        "configMapRef": { # Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # (Optional) The ConfigMap to select from
-                          "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                            "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                    "envFrom": [ # Not supported by Cloud Run.
+                      { # Not supported by Cloud Run. EnvFromSource represents the source of a set of ConfigMaps
+                        "configMapRef": { # Not supported by Cloud Run. ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from
+                          "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                           },
                           "name": "A String", # The ConfigMap to select from.
-                          "optional": True or False, # (Optional) Specify whether the ConfigMap must be defined
+                          "optional": True or False, # Specify whether the ConfigMap must be defined.
                         },
-                        "prefix": "A String", # (Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
-                        "secretRef": { # Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # (Optional) The Secret to select from
-                          "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                            "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                        "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
+                        "secretRef": { # Not supported by Cloud Run. SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from
+                          "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                           },
                           "name": "A String", # The Secret to select from.
-                          "optional": True or False, # (Optional) Specify whether the Secret must be defined
+                          "optional": True or False, # Specify whether the Secret must be defined
                         },
                       },
                     ],
-                    "image": "A String", # Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images
-                    "imagePullPolicy": "A String", # (Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
-                    "livenessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                      "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                        "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+                    "image": "A String", # Required. URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images
+                    "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
+                    "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                      "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                        "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                           "A String",
                         ],
                       },
-                      "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-                      "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+                      "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+                      "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                         "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                         "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
                       },
-                      "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                        "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                        "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+                      "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                        "host": "A String", # Not supported by Cloud Run.
+                        "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                           { # HTTPHeader describes a custom header to be used in HTTP probes
                             "name": "A String", # The header field name
                             "value": "A String", # The header field value
                           },
                         ],
-                        "path": "A String", # (Optional) Path to access on the HTTP server.
-                        "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                        "path": "A String", # Path to access on the HTTP server.
+                        "scheme": "A String", # Not supported by Cloud Run.
                       },
-                      "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                      "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-                      "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-                      "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                        "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                        "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+                      "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                      "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+                      "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+                      "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                        "host": "A String", # Not supported by Cloud Run.
+                        "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
                       },
-                      "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                      "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
                     },
-                    "name": "A String", # (Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
-                    "ports": [ # (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
+                    "name": "A String", # Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
+                    "ports": [ # List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
                       { # ContainerPort represents a network port in a single container.
-                        "containerPort": 42, # (Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536.
-                        "name": "A String", # (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
-                        "protocol": "A String", # (Optional) Protocol for port. Must be "TCP". Defaults to "TCP".
+                        "containerPort": 42, # Port number the container listens on. This must be a valid port number, 0 < x < 65536.
+                        "name": "A String", # If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
+                        "protocol": "A String", # Protocol for port. Must be "TCP". Defaults to "TCP".
                       },
                     ],
-                    "readinessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                      "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                        "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+                    "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Not supported by Cloud Run.
+                      "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                        "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                           "A String",
                         ],
                       },
-                      "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-                      "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+                      "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+                      "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                         "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                         "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
                       },
-                      "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                        "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                        "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+                      "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                        "host": "A String", # Not supported by Cloud Run.
+                        "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                           { # HTTPHeader describes a custom header to be used in HTTP probes
                             "name": "A String", # The header field name
                             "value": "A String", # The header field value
                           },
                         ],
-                        "path": "A String", # (Optional) Path to access on the HTTP server.
-                        "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                        "path": "A String", # Path to access on the HTTP server.
+                        "scheme": "A String", # Not supported by Cloud Run.
                       },
-                      "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                      "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-                      "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-                      "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                        "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                        "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+                      "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                      "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+                      "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+                      "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                        "host": "A String", # Not supported by Cloud Run.
+                        "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
                       },
-                      "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                      "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
                     },
-                    "resources": { # ResourceRequirements describes the compute resource requirements. # (Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
-                      "limits": { # (Optional) Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+                    "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+                      "limits": { # Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                         "a_key": "A String",
                       },
-                      "requests": { # (Optional) Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+                      "requests": { # Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                         "a_key": "A String",
                       },
                     },
-                    "securityContext": { # Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # (Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
-                      "runAsUser": 42, # (Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+                    "securityContext": { # Not supported by Cloud Run. SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Not supported by Cloud Run.
+                      "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
                     },
-                    "startupProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                      "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                        "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+                    "startupProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not receive traffic if the probe fails. If not provided, a default startup probe with TCP socket action is used. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                      "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                        "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                           "A String",
                         ],
                       },
-                      "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-                      "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+                      "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+                      "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                         "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                         "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
                       },
-                      "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                        "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                        "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+                      "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                        "host": "A String", # Not supported by Cloud Run.
+                        "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                           { # HTTPHeader describes a custom header to be used in HTTP probes
                             "name": "A String", # The header field name
                             "value": "A String", # The header field value
                           },
                         ],
-                        "path": "A String", # (Optional) Path to access on the HTTP server.
-                        "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                        "path": "A String", # Path to access on the HTTP server.
+                        "scheme": "A String", # Not supported by Cloud Run.
                       },
-                      "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                      "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-                      "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-                      "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                        "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                        "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+                      "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                      "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+                      "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+                      "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                        "host": "A String", # Not supported by Cloud Run.
+                        "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
                       },
-                      "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                      "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
                     },
-                    "terminationMessagePath": "A String", # (Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
-                    "terminationMessagePolicy": "A String", # (Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
-                    "volumeMounts": [ # (Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
+                    "terminationMessagePath": "A String", # Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
+                    "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
+                    "volumeMounts": [ # Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
                       { # VolumeMount describes a mounting of a Volume within a container.
-                        "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'.
-                        "name": "A String", # The name of the volume. There must be a corresponding Volume with the same name.
-                        "readOnly": True or False, # (Optional) Only true is accepted. Defaults to true.
-                        "subPath": "A String", # (Optional) Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
+                        "mountPath": "A String", # Required. Path within the container at which the volume should be mounted. Must not contain ':'.
+                        "name": "A String", # Required. The name of the volume. There must be a corresponding Volume with the same name.
+                        "readOnly": True or False, # Only true is accepted for Secret Volumes. Defaults to true for Secrets Volumes.
+                        "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
                       },
                     ],
-                    "workingDir": "A String", # (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
+                    "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
                   },
                 ],
                 "maxRetries": 42, # Optional. Number of retries allowed per task, before marking this job failed.
-                "serviceAccountName": "A String", # Optional. Email address of the IAM service account associated with the task of a job execution. The service account represents the identity of the running task, and determines what permissions the task has. If not provided, the task will use the project's default service account. +optional
-                "timeoutSeconds": "A String", # Optional. Optional duration in seconds the task may be active before the system will actively try to mark it failed and kill associated containers. This applies per attempt of a task, meaning each retry can run for the full timeout. +optional
-                "volumes": [ # Optional. List of volumes that can be mounted by containers belonging to the task. More info: https://kubernetes.io/docs/concepts/storage/volumes +optional
+                "serviceAccountName": "A String", # Optional. Email address of the IAM service account associated with the task of a job execution. The service account represents the identity of the running task, and determines what permissions the task has. If not provided, the task will use the project's default service account.
+                "timeoutSeconds": "A String", # Optional. Duration in seconds the task may be active before the system will actively try to mark it failed and kill associated containers. This applies per attempt of a task, meaning each retry can run for the full timeout.
+                "volumes": [ # Optional. List of volumes that can be mounted by containers belonging to the task. More info: https://kubernetes.io/docs/concepts/storage/volumes
                   { # Volume represents a named volume in a container.
-                    "configMap": { # Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
+                    "configMap": { # Not supported by Cloud Run. Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
                       "defaultMode": 42, # (Optional) Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                       "items": [ # (Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
                         { # Maps a string key to a path within a volume.
@@ -1402,16 +1402,16 @@ 
Method Details

                       "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
                     },
                     "name": "A String", # Volume's name. In Cloud Run Fully Managed, the name 'cloudsql' is reserved.
-                    "secret": { # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names.
+                    "secret": { # A volume representing a secret stored in Google Secret Manager. The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secretName.
                       "defaultMode": 42, # Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0444. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
-                      "items": [ # (Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
+                      "items": [ # A list of secret versions to mount in the volume. If no items are specified, the volume will expose a file with the same name as the secret name. The contents of the file will be the data in the latest version of the secret. If items are specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify both a key and a path.
                         { # Maps a string key to a path within a volume.
                           "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project.
                           "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                           "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                         },
                       ],
-                      "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
+                      "optional": True or False, # Not supported by Cloud Run.
                       "secretName": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use.
                     },
                   },
@@ -1421,15 +1421,15 @@ 
Method Details

           },
         },
       },
-      "status": { # JobStatus represents the current state of a Job. # Output only. Current status of a job. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status +optional
-        "conditions": [ # The latest available observations of a job's current state. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/
-          { # Condition defines a generic condition for a Resource.
+      "status": { # JobStatus represents the current state of a Job. # Output only. Current status of a job. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+        "conditions": [ # The latest available observations of a job's current state. More info: https://kubernetes.io/docs/concepts/workloads/controllers/job/
+          { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
             "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
             "message": "A String", # Optional. Human readable message indicating details about the current status.
-            "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-            "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+            "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+            "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
             "status": "A String", # Status of the condition, one of True, False, Unknown.
-            "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+            "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
           },
         ],
         "executionCount": 42, # Number of executions created for this job.
@@ -1443,10 +1443,10 @@ 
Method Details

     },
   ],
   "kind": "A String", # The kind of this resource, in this case "JobsList".
-  "metadata": { # ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}. # Metadata associated with this jobs list.
-    "continue": "A String", # continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response.
-    "resourceVersion": "A String", # String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional
-    "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional
+  "metadata": { # Metadata for synthetic resources like List. In Cloud Run, all List Resources Responses will have a ListMeta instead of ObjectMeta. # Metadata associated with this jobs list.
+    "continue": "A String", # Continuation token is a value emitted when the count of items is larger than the user/system limit. To retrieve the next page of items, pass the value of `continue` as the next request's `page_token`.
+    "resourceVersion": "A String", # Opaque string that identifies the server's internal version of this object. It can be used by clients to determine when objects have changed. If the message is passed back to the server, it must be left unmodified. https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
   },
   "unreachable": [ # Locations that could not be reached.
     "A String",
@@ -1459,268 +1459,268 @@ 
Method Details

   
Replace a job. Only the spec and metadata labels and annotations are modifiable. After the Replace request, Cloud Run will work to make the 'status' match the requested 'spec'. May provide metadata.resourceVersion to enforce update from last read for optimistic concurrency control.
 
 Args:
-  name: string, Required. The name of the service being replaced. Replace {namespace} with the project ID or number. It takes the form namespaces/{namespace}. For example: namespaces/PROJECT_ID (required)
+  name: string, Required. The name of the job being replaced. Replace {namespace} with the project ID or number. It takes the form namespaces/{namespace}. For example: namespaces/PROJECT_ID (required)
   body: object, The request body.
     The object takes the form of:
 
-{ # Job represents the configuration of a single job. A job an immutable resource that references a container image which is run to completion.
-  "apiVersion": "A String", # Optional. APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources +optional
-  "kind": "A String", # Optional. Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +optional
-  "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional
-    "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+{ # Job represents the configuration of a single job, which references a container image which is run to completion.
+  "apiVersion": "A String", # Optional. APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+  "kind": "A String", # Optional. Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+  "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+    "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
       "a_key": "A String",
     },
-    "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-    "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-    "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+    "clusterName": "A String", # Not supported by Cloud Run
+    "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+    "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+    "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+    "finalizers": [ # Not supported by Cloud Run
       "A String",
     ],
-    "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-    "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-    "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+    "generateName": "A String", # Not supported by Cloud Run
+    "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+    "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
       "a_key": "A String",
     },
-    "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-    "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-    "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-      { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-        "apiVersion": "A String", # API version of the referent.
-        "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-        "controller": True or False, # If true, this reference points to the managing controller. +optional
-        "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-        "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+    "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+    "ownerReferences": [ # Not supported by Cloud Run
+      { # This is not supported or used by Cloud Run.
+        "apiVersion": "A String", # This is not supported or used by Cloud Run.
+        "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+        "controller": True or False, # This is not supported or used by Cloud Run.
+        "kind": "A String", # This is not supported or used by Cloud Run.
+        "name": "A String", # This is not supported or used by Cloud Run.
+        "uid": "A String", # This is not supported or used by Cloud Run.
       },
     ],
-    "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-    "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-    "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
+    "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
   },
-  "spec": { # JobSpec describes how the job will look. # Optional. Specification of the desired behavior of a job. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status +optional
+  "spec": { # JobSpec describes how the job will look. # Optional. Specification of the desired behavior of a job. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
     "template": { # ExecutionTemplateSpec describes the metadata and spec an Execution should have when created from a job. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Optional. Describes the execution that will be created when running a job.
       "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional. Optional metadata for this Execution, including labels and annotations. The following annotation keys set properties of the created execution: * `run.googleapis.com/cloudsql-instances` sets Cloud SQL connections. Multiple values should be comma separated. * `run.googleapis.com/vpc-access-connector` sets a Serverless VPC Access connector. * `run.googleapis.com/vpc-access-egress` sets VPC egress. Supported values are `all-traffic`, `all` (deprecated), and `private-ranges-only`. `all-traffic` and `all` provide the same functionality. `all` is deprecated but will continue to be supported. Prefer `all-traffic`.
-        "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+        "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
           "a_key": "A String",
         },
-        "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-        "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-        "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+        "clusterName": "A String", # Not supported by Cloud Run
+        "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+        "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+        "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+        "finalizers": [ # Not supported by Cloud Run
           "A String",
         ],
-        "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-        "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-        "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+        "generateName": "A String", # Not supported by Cloud Run
+        "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+        "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
           "a_key": "A String",
         },
-        "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-        "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-        "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-          { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-            "apiVersion": "A String", # API version of the referent.
-            "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-            "controller": True or False, # If true, this reference points to the managing controller. +optional
-            "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-            "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+        "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+        "ownerReferences": [ # Not supported by Cloud Run
+          { # This is not supported or used by Cloud Run.
+            "apiVersion": "A String", # This is not supported or used by Cloud Run.
+            "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+            "controller": True or False, # This is not supported or used by Cloud Run.
+            "kind": "A String", # This is not supported or used by Cloud Run.
+            "name": "A String", # This is not supported or used by Cloud Run.
+            "uid": "A String", # This is not supported or used by Cloud Run.
           },
         ],
-        "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-        "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-        "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+        "selfLink": "A String", # URL representing this object.
+        "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
       },
       "spec": { # ExecutionSpec describes how the execution will look. # Required. ExecutionSpec holds the desired configuration for executions of this job.
-        "parallelism": 42, # Optional. Specifies the maximum desired number of tasks the execution should run at given time. Must be <= task_count. When the job is run, if this field is 0 or unset, the maximum possible value will be used for that execution. The actual number of tasks running in steady state will be less than this number when there are fewer tasks waiting to be completed remaining, i.e. when the work left to do is less than max parallelism. +optional
-        "taskCount": 42, # Optional. Specifies the desired number of tasks the execution should run. Setting to 1 means that parallelism is limited to 1 and the success of that task signals the success of the execution. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/ +optional
+        "parallelism": 42, # Optional. Specifies the maximum desired number of tasks the execution should run at given time. Must be <= task_count. When the job is run, if this field is 0 or unset, the maximum possible value will be used for that execution. The actual number of tasks running in steady state will be less than this number when there are fewer tasks waiting to be completed, i.e. when the work left to do is less than max parallelism.
+        "taskCount": 42, # Optional. Specifies the desired number of tasks the execution should run. Setting to 1 means that parallelism is limited to 1 and the success of that task signals the success of the execution.
         "template": { # TaskTemplateSpec describes the data a task should have when created from a template. # Optional. Describes the task(s) that will be created when executing an execution.
-          "spec": { # TaskSpec is a description of a task. # Optional. Specification of the desired behavior of the task. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status +optional
+          "spec": { # TaskSpec is a description of a task. # Optional. Specification of the desired behavior of the task. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
             "containers": [ # Optional. List of containers belonging to the task. We disallow a number of fields on this Container. Only a single container may be provided.
               { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime.
-                "args": [ # (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+                "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
                   "A String",
                 ],
-                "command": [
+                "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
                   "A String",
                 ],
-                "env": [ # (Optional) List of environment variables to set in the container.
+                "env": [ # List of environment variables to set in the container.
                   { # EnvVar represents an environment variable present in a Container.
-                    "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
-                    "value": "A String", # (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
-                    "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # (Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty.
-                      "configMapKeyRef": { # Not supported by Cloud Run Selects a key from a ConfigMap. # (Optional) Not supported by Cloud Run Selects a key of a ConfigMap.
-                        "key": "A String", # The key to select.
-                        "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                          "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                    "name": "A String", # Required. Name of the environment variable. Must be a C_IDENTIFIER.
+                    "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
+                    "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # Source for the environment variable's value. Only supports secret_key_ref. Cannot be used if value is not empty.
+                      "configMapKeyRef": { # Not supported by Cloud Run. Selects a key from a ConfigMap. # Not supported by Cloud Run. Selects a key of a ConfigMap.
+                        "key": "A String", # Required. The key to select.
+                        "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                          "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                         },
-                        "name": "A String", # The ConfigMap to select from.
-                        "optional": True or False, # (Optional) Specify whether the ConfigMap or its key must be defined
+                        "name": "A String", # Required. The ConfigMap to select from.
+                        "optional": True or False, # Specify whether the ConfigMap or its key must be defined
                       },
-                      "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # (Optional) Selects a key (version) of a secret in Secret Manager.
-                        "key": "A String", # A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
-                        "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                          "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                      "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # Selects a key (version) of a secret in Secret Manager.
+                        "key": "A String", # Required. A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
+                        "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                          "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                         },
                         "name": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from.
-                        "optional": True or False, # (Optional) Specify whether the Secret or its key must be defined
+                        "optional": True or False, # Specify whether the Secret or its key must be defined.
                       },
                     },
                   },
                 ],
-                "envFrom": [ # (Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
-                  { # Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps
-                    "configMapRef": { # Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # (Optional) The ConfigMap to select from
-                      "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                        "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "envFrom": [ # Not supported by Cloud Run.
+                  { # Not supported by Cloud Run. EnvFromSource represents the source of a set of ConfigMaps
+                    "configMapRef": { # Not supported by Cloud Run. ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from
+                      "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                       },
                       "name": "A String", # The ConfigMap to select from.
-                      "optional": True or False, # (Optional) Specify whether the ConfigMap must be defined
+                      "optional": True or False, # Specify whether the ConfigMap must be defined.
                     },
-                    "prefix": "A String", # (Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
-                    "secretRef": { # Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # (Optional) The Secret to select from
-                      "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                        "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                    "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
+                    "secretRef": { # Not supported by Cloud Run. SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from
+                      "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                       },
                       "name": "A String", # The Secret to select from.
-                      "optional": True or False, # (Optional) Specify whether the Secret must be defined
+                      "optional": True or False, # Specify whether the Secret must be defined
                     },
                   },
                 ],
-                "image": "A String", # Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images
-                "imagePullPolicy": "A String", # (Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
-                "livenessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                    "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+                "image": "A String", # Required. URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images
+                "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
+                "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                    "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                       "A String",
                     ],
                   },
-                  "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-                  "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+                  "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+                  "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                     "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                     "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
                   },
-                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                    "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                       { # HTTPHeader describes a custom header to be used in HTTP probes
                         "name": "A String", # The header field name
                         "value": "A String", # The header field value
                       },
                     ],
-                    "path": "A String", # (Optional) Path to access on the HTTP server.
-                    "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                    "path": "A String", # Path to access on the HTTP server.
+                    "scheme": "A String", # Not supported by Cloud Run.
                   },
-                  "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-                  "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                    "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+                  "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+                  "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
                   },
-                  "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
                 },
-                "name": "A String", # (Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
-                "ports": [ # (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
+                "name": "A String", # Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
+                "ports": [ # List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
                   { # ContainerPort represents a network port in a single container.
-                    "containerPort": 42, # (Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536.
-                    "name": "A String", # (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
-                    "protocol": "A String", # (Optional) Protocol for port. Must be "TCP". Defaults to "TCP".
+                    "containerPort": 42, # Port number the container listens on. This must be a valid port number, 0 < x < 65536.
+                    "name": "A String", # If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
+                    "protocol": "A String", # Protocol for port. Must be "TCP". Defaults to "TCP".
                   },
                 ],
-                "readinessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                    "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+                "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Not supported by Cloud Run.
+                  "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                    "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                       "A String",
                     ],
                   },
-                  "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-                  "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+                  "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+                  "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                     "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                     "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
                   },
-                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                    "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                       { # HTTPHeader describes a custom header to be used in HTTP probes
                         "name": "A String", # The header field name
                         "value": "A String", # The header field value
                       },
                     ],
-                    "path": "A String", # (Optional) Path to access on the HTTP server.
-                    "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                    "path": "A String", # Path to access on the HTTP server.
+                    "scheme": "A String", # Not supported by Cloud Run.
                   },
-                  "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-                  "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                    "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+                  "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+                  "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
                   },
-                  "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
                 },
-                "resources": { # ResourceRequirements describes the compute resource requirements. # (Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
-                  "limits": { # (Optional) Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+                "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+                  "limits": { # Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                     "a_key": "A String",
                   },
-                  "requests": { # (Optional) Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+                  "requests": { # Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                     "a_key": "A String",
                   },
                 },
-                "securityContext": { # Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # (Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
-                  "runAsUser": 42, # (Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+                "securityContext": { # Not supported by Cloud Run. SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Not supported by Cloud Run.
+                  "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
                 },
-                "startupProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                    "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+                "startupProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not receive traffic if the probe fails. If not provided, a default startup probe with TCP socket action is used. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                    "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                       "A String",
                     ],
                   },
-                  "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-                  "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+                  "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+                  "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                     "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                     "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
                   },
-                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                    "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                       { # HTTPHeader describes a custom header to be used in HTTP probes
                         "name": "A String", # The header field name
                         "value": "A String", # The header field value
                       },
                     ],
-                    "path": "A String", # (Optional) Path to access on the HTTP server.
-                    "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                    "path": "A String", # Path to access on the HTTP server.
+                    "scheme": "A String", # Not supported by Cloud Run.
                   },
-                  "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-                  "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                    "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+                  "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+                  "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
                   },
-                  "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
                 },
-                "terminationMessagePath": "A String", # (Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
-                "terminationMessagePolicy": "A String", # (Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
-                "volumeMounts": [ # (Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
+                "terminationMessagePath": "A String", # Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
+                "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
+                "volumeMounts": [ # Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
                   { # VolumeMount describes a mounting of a Volume within a container.
-                    "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'.
-                    "name": "A String", # The name of the volume. There must be a corresponding Volume with the same name.
-                    "readOnly": True or False, # (Optional) Only true is accepted. Defaults to true.
-                    "subPath": "A String", # (Optional) Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
+                    "mountPath": "A String", # Required. Path within the container at which the volume should be mounted. Must not contain ':'.
+                    "name": "A String", # Required. The name of the volume. There must be a corresponding Volume with the same name.
+                    "readOnly": True or False, # Only true is accepted for Secret Volumes. Defaults to true for Secrets Volumes.
+                    "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
                   },
                 ],
-                "workingDir": "A String", # (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
+                "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
               },
             ],
             "maxRetries": 42, # Optional. Number of retries allowed per task, before marking this job failed.
-            "serviceAccountName": "A String", # Optional. Email address of the IAM service account associated with the task of a job execution. The service account represents the identity of the running task, and determines what permissions the task has. If not provided, the task will use the project's default service account. +optional
-            "timeoutSeconds": "A String", # Optional. Optional duration in seconds the task may be active before the system will actively try to mark it failed and kill associated containers. This applies per attempt of a task, meaning each retry can run for the full timeout. +optional
-            "volumes": [ # Optional. List of volumes that can be mounted by containers belonging to the task. More info: https://kubernetes.io/docs/concepts/storage/volumes +optional
+            "serviceAccountName": "A String", # Optional. Email address of the IAM service account associated with the task of a job execution. The service account represents the identity of the running task, and determines what permissions the task has. If not provided, the task will use the project's default service account.
+            "timeoutSeconds": "A String", # Optional. Duration in seconds the task may be active before the system will actively try to mark it failed and kill associated containers. This applies per attempt of a task, meaning each retry can run for the full timeout.
+            "volumes": [ # Optional. List of volumes that can be mounted by containers belonging to the task. More info: https://kubernetes.io/docs/concepts/storage/volumes
               { # Volume represents a named volume in a container.
-                "configMap": { # Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
+                "configMap": { # Not supported by Cloud Run. Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
                   "defaultMode": 42, # (Optional) Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                   "items": [ # (Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
                     { # Maps a string key to a path within a volume.
@@ -1733,16 +1733,16 @@ 
Method Details

                   "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
                 },
                 "name": "A String", # Volume's name. In Cloud Run Fully Managed, the name 'cloudsql' is reserved.
-                "secret": { # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names.
+                "secret": { # A volume representing a secret stored in Google Secret Manager. The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secretName.
                   "defaultMode": 42, # Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0444. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
-                  "items": [ # (Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
+                  "items": [ # A list of secret versions to mount in the volume. If no items are specified, the volume will expose a file with the same name as the secret name. The contents of the file will be the data in the latest version of the secret. If items are specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify both a key and a path.
                     { # Maps a string key to a path within a volume.
                       "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project.
                       "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                       "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                     },
                   ],
-                  "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
+                  "optional": True or False, # Not supported by Cloud Run.
                   "secretName": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use.
                 },
               },
@@ -1752,15 +1752,15 @@ 
Method Details

       },
     },
   },
-  "status": { # JobStatus represents the current state of a Job. # Output only. Current status of a job. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status +optional
-    "conditions": [ # The latest available observations of a job's current state. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/
-      { # Condition defines a generic condition for a Resource.
+  "status": { # JobStatus represents the current state of a Job. # Output only. Current status of a job. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+    "conditions": [ # The latest available observations of a job's current state. More info: https://kubernetes.io/docs/concepts/workloads/controllers/job/
+      { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
         "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
         "message": "A String", # Optional. Human readable message indicating details about the current status.
-        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-        "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+        "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
         "status": "A String", # Status of the condition, one of True, False, Unknown.
-        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
       },
     ],
     "executionCount": 42, # Number of executions created for this job.
@@ -1781,264 +1781,264 @@ 
Method Details

 Returns:
   An object of the form:
 
-    { # Job represents the configuration of a single job. A job an immutable resource that references a container image which is run to completion.
-  "apiVersion": "A String", # Optional. APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources +optional
-  "kind": "A String", # Optional. Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +optional
-  "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional
-    "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+    { # Job represents the configuration of a single job, which references a container image which is run to completion.
+  "apiVersion": "A String", # Optional. APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+  "kind": "A String", # Optional. Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+  "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+    "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
       "a_key": "A String",
     },
-    "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-    "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-    "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+    "clusterName": "A String", # Not supported by Cloud Run
+    "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+    "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+    "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+    "finalizers": [ # Not supported by Cloud Run
       "A String",
     ],
-    "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-    "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-    "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+    "generateName": "A String", # Not supported by Cloud Run
+    "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+    "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
       "a_key": "A String",
     },
-    "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-    "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-    "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-      { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-        "apiVersion": "A String", # API version of the referent.
-        "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-        "controller": True or False, # If true, this reference points to the managing controller. +optional
-        "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-        "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+    "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+    "ownerReferences": [ # Not supported by Cloud Run
+      { # This is not supported or used by Cloud Run.
+        "apiVersion": "A String", # This is not supported or used by Cloud Run.
+        "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+        "controller": True or False, # This is not supported or used by Cloud Run.
+        "kind": "A String", # This is not supported or used by Cloud Run.
+        "name": "A String", # This is not supported or used by Cloud Run.
+        "uid": "A String", # This is not supported or used by Cloud Run.
       },
     ],
-    "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-    "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-    "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
+    "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
   },
-  "spec": { # JobSpec describes how the job will look. # Optional. Specification of the desired behavior of a job. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status +optional
+  "spec": { # JobSpec describes how the job will look. # Optional. Specification of the desired behavior of a job. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
     "template": { # ExecutionTemplateSpec describes the metadata and spec an Execution should have when created from a job. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Optional. Describes the execution that will be created when running a job.
       "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional. Optional metadata for this Execution, including labels and annotations. The following annotation keys set properties of the created execution: * `run.googleapis.com/cloudsql-instances` sets Cloud SQL connections. Multiple values should be comma separated. * `run.googleapis.com/vpc-access-connector` sets a Serverless VPC Access connector. * `run.googleapis.com/vpc-access-egress` sets VPC egress. Supported values are `all-traffic`, `all` (deprecated), and `private-ranges-only`. `all-traffic` and `all` provide the same functionality. `all` is deprecated but will continue to be supported. Prefer `all-traffic`.
-        "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+        "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
           "a_key": "A String",
         },
-        "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-        "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-        "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+        "clusterName": "A String", # Not supported by Cloud Run
+        "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+        "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+        "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+        "finalizers": [ # Not supported by Cloud Run
           "A String",
         ],
-        "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-        "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-        "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+        "generateName": "A String", # Not supported by Cloud Run
+        "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+        "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
           "a_key": "A String",
         },
-        "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-        "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-        "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-          { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-            "apiVersion": "A String", # API version of the referent.
-            "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-            "controller": True or False, # If true, this reference points to the managing controller. +optional
-            "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-            "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+        "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+        "ownerReferences": [ # Not supported by Cloud Run
+          { # This is not supported or used by Cloud Run.
+            "apiVersion": "A String", # This is not supported or used by Cloud Run.
+            "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+            "controller": True or False, # This is not supported or used by Cloud Run.
+            "kind": "A String", # This is not supported or used by Cloud Run.
+            "name": "A String", # This is not supported or used by Cloud Run.
+            "uid": "A String", # This is not supported or used by Cloud Run.
           },
         ],
-        "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-        "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-        "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+        "selfLink": "A String", # URL representing this object.
+        "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
       },
       "spec": { # ExecutionSpec describes how the execution will look. # Required. ExecutionSpec holds the desired configuration for executions of this job.
-        "parallelism": 42, # Optional. Specifies the maximum desired number of tasks the execution should run at given time. Must be <= task_count. When the job is run, if this field is 0 or unset, the maximum possible value will be used for that execution. The actual number of tasks running in steady state will be less than this number when there are fewer tasks waiting to be completed remaining, i.e. when the work left to do is less than max parallelism. +optional
-        "taskCount": 42, # Optional. Specifies the desired number of tasks the execution should run. Setting to 1 means that parallelism is limited to 1 and the success of that task signals the success of the execution. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/ +optional
+        "parallelism": 42, # Optional. Specifies the maximum desired number of tasks the execution should run at given time. Must be <= task_count. When the job is run, if this field is 0 or unset, the maximum possible value will be used for that execution. The actual number of tasks running in steady state will be less than this number when there are fewer tasks waiting to be completed, i.e. when the work left to do is less than max parallelism.
+        "taskCount": 42, # Optional. Specifies the desired number of tasks the execution should run. Setting to 1 means that parallelism is limited to 1 and the success of that task signals the success of the execution.
         "template": { # TaskTemplateSpec describes the data a task should have when created from a template. # Optional. Describes the task(s) that will be created when executing an execution.
-          "spec": { # TaskSpec is a description of a task. # Optional. Specification of the desired behavior of the task. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status +optional
+          "spec": { # TaskSpec is a description of a task. # Optional. Specification of the desired behavior of the task. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
             "containers": [ # Optional. List of containers belonging to the task. We disallow a number of fields on this Container. Only a single container may be provided.
               { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime.
-                "args": [ # (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+                "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
                   "A String",
                 ],
-                "command": [
+                "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
                   "A String",
                 ],
-                "env": [ # (Optional) List of environment variables to set in the container.
+                "env": [ # List of environment variables to set in the container.
                   { # EnvVar represents an environment variable present in a Container.
-                    "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
-                    "value": "A String", # (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
-                    "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # (Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty.
-                      "configMapKeyRef": { # Not supported by Cloud Run Selects a key from a ConfigMap. # (Optional) Not supported by Cloud Run Selects a key of a ConfigMap.
-                        "key": "A String", # The key to select.
-                        "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                          "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                    "name": "A String", # Required. Name of the environment variable. Must be a C_IDENTIFIER.
+                    "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
+                    "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # Source for the environment variable's value. Only supports secret_key_ref. Cannot be used if value is not empty.
+                      "configMapKeyRef": { # Not supported by Cloud Run. Selects a key from a ConfigMap. # Not supported by Cloud Run. Selects a key of a ConfigMap.
+                        "key": "A String", # Required. The key to select.
+                        "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                          "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                         },
-                        "name": "A String", # The ConfigMap to select from.
-                        "optional": True or False, # (Optional) Specify whether the ConfigMap or its key must be defined
+                        "name": "A String", # Required. The ConfigMap to select from.
+                        "optional": True or False, # Specify whether the ConfigMap or its key must be defined
                       },
-                      "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # (Optional) Selects a key (version) of a secret in Secret Manager.
-                        "key": "A String", # A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
-                        "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                          "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                      "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # Selects a key (version) of a secret in Secret Manager.
+                        "key": "A String", # Required. A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
+                        "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                          "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                         },
                         "name": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from.
-                        "optional": True or False, # (Optional) Specify whether the Secret or its key must be defined
+                        "optional": True or False, # Specify whether the Secret or its key must be defined.
                       },
                     },
                   },
                 ],
-                "envFrom": [ # (Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
-                  { # Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps
-                    "configMapRef": { # Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # (Optional) The ConfigMap to select from
-                      "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                        "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "envFrom": [ # Not supported by Cloud Run.
+                  { # Not supported by Cloud Run. EnvFromSource represents the source of a set of ConfigMaps
+                    "configMapRef": { # Not supported by Cloud Run. ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from
+                      "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                       },
                       "name": "A String", # The ConfigMap to select from.
-                      "optional": True or False, # (Optional) Specify whether the ConfigMap must be defined
+                      "optional": True or False, # Specify whether the ConfigMap must be defined.
                     },
-                    "prefix": "A String", # (Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
-                    "secretRef": { # Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # (Optional) The Secret to select from
-                      "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                        "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                    "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
+                    "secretRef": { # Not supported by Cloud Run. SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from
+                      "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                       },
                       "name": "A String", # The Secret to select from.
-                      "optional": True or False, # (Optional) Specify whether the Secret must be defined
+                      "optional": True or False, # Specify whether the Secret must be defined
                     },
                   },
                 ],
-                "image": "A String", # Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images
-                "imagePullPolicy": "A String", # (Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
-                "livenessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                    "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+                "image": "A String", # Required. URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images
+                "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
+                "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                    "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                       "A String",
                     ],
                   },
-                  "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-                  "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+                  "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+                  "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                     "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                     "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
                   },
-                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                    "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                       { # HTTPHeader describes a custom header to be used in HTTP probes
                         "name": "A String", # The header field name
                         "value": "A String", # The header field value
                       },
                     ],
-                    "path": "A String", # (Optional) Path to access on the HTTP server.
-                    "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                    "path": "A String", # Path to access on the HTTP server.
+                    "scheme": "A String", # Not supported by Cloud Run.
                   },
-                  "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-                  "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                    "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+                  "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+                  "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
                   },
-                  "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
                 },
-                "name": "A String", # (Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
-                "ports": [ # (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
+                "name": "A String", # Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
+                "ports": [ # List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
                   { # ContainerPort represents a network port in a single container.
-                    "containerPort": 42, # (Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536.
-                    "name": "A String", # (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
-                    "protocol": "A String", # (Optional) Protocol for port. Must be "TCP". Defaults to "TCP".
+                    "containerPort": 42, # Port number the container listens on. This must be a valid port number, 0 < x < 65536.
+                    "name": "A String", # If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
+                    "protocol": "A String", # Protocol for port. Must be "TCP". Defaults to "TCP".
                   },
                 ],
-                "readinessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                    "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+                "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Not supported by Cloud Run.
+                  "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                    "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                       "A String",
                     ],
                   },
-                  "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-                  "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+                  "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+                  "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                     "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                     "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
                   },
-                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                    "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                       { # HTTPHeader describes a custom header to be used in HTTP probes
                         "name": "A String", # The header field name
                         "value": "A String", # The header field value
                       },
                     ],
-                    "path": "A String", # (Optional) Path to access on the HTTP server.
-                    "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                    "path": "A String", # Path to access on the HTTP server.
+                    "scheme": "A String", # Not supported by Cloud Run.
                   },
-                  "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-                  "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                    "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+                  "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+                  "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
                   },
-                  "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
                 },
-                "resources": { # ResourceRequirements describes the compute resource requirements. # (Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
-                  "limits": { # (Optional) Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+                "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+                  "limits": { # Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                     "a_key": "A String",
                   },
-                  "requests": { # (Optional) Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+                  "requests": { # Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                     "a_key": "A String",
                   },
                 },
-                "securityContext": { # Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # (Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
-                  "runAsUser": 42, # (Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+                "securityContext": { # Not supported by Cloud Run. SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Not supported by Cloud Run.
+                  "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
                 },
-                "startupProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                    "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+                "startupProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not receive traffic if the probe fails. If not provided, a default startup probe with TCP socket action is used. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                    "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                       "A String",
                     ],
                   },
-                  "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-                  "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+                  "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+                  "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                     "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                     "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
                   },
-                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                    "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                       { # HTTPHeader describes a custom header to be used in HTTP probes
                         "name": "A String", # The header field name
                         "value": "A String", # The header field value
                       },
                     ],
-                    "path": "A String", # (Optional) Path to access on the HTTP server.
-                    "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                    "path": "A String", # Path to access on the HTTP server.
+                    "scheme": "A String", # Not supported by Cloud Run.
                   },
-                  "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-                  "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                    "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+                  "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+                  "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
                   },
-                  "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
                 },
-                "terminationMessagePath": "A String", # (Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
-                "terminationMessagePolicy": "A String", # (Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
-                "volumeMounts": [ # (Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
+                "terminationMessagePath": "A String", # Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
+                "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
+                "volumeMounts": [ # Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
                   { # VolumeMount describes a mounting of a Volume within a container.
-                    "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'.
-                    "name": "A String", # The name of the volume. There must be a corresponding Volume with the same name.
-                    "readOnly": True or False, # (Optional) Only true is accepted. Defaults to true.
-                    "subPath": "A String", # (Optional) Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
+                    "mountPath": "A String", # Required. Path within the container at which the volume should be mounted. Must not contain ':'.
+                    "name": "A String", # Required. The name of the volume. There must be a corresponding Volume with the same name.
+                    "readOnly": True or False, # Only true is accepted for Secret Volumes. Defaults to true for Secrets Volumes.
+                    "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
                   },
                 ],
-                "workingDir": "A String", # (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
+                "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
               },
             ],
             "maxRetries": 42, # Optional. Number of retries allowed per task, before marking this job failed.
-            "serviceAccountName": "A String", # Optional. Email address of the IAM service account associated with the task of a job execution. The service account represents the identity of the running task, and determines what permissions the task has. If not provided, the task will use the project's default service account. +optional
-            "timeoutSeconds": "A String", # Optional. Optional duration in seconds the task may be active before the system will actively try to mark it failed and kill associated containers. This applies per attempt of a task, meaning each retry can run for the full timeout. +optional
-            "volumes": [ # Optional. List of volumes that can be mounted by containers belonging to the task. More info: https://kubernetes.io/docs/concepts/storage/volumes +optional
+            "serviceAccountName": "A String", # Optional. Email address of the IAM service account associated with the task of a job execution. The service account represents the identity of the running task, and determines what permissions the task has. If not provided, the task will use the project's default service account.
+            "timeoutSeconds": "A String", # Optional. Duration in seconds the task may be active before the system will actively try to mark it failed and kill associated containers. This applies per attempt of a task, meaning each retry can run for the full timeout.
+            "volumes": [ # Optional. List of volumes that can be mounted by containers belonging to the task. More info: https://kubernetes.io/docs/concepts/storage/volumes
               { # Volume represents a named volume in a container.
-                "configMap": { # Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
+                "configMap": { # Not supported by Cloud Run. Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
                   "defaultMode": 42, # (Optional) Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                   "items": [ # (Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
                     { # Maps a string key to a path within a volume.
@@ -2051,16 +2051,16 @@ 
Method Details

                   "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
                 },
                 "name": "A String", # Volume's name. In Cloud Run Fully Managed, the name 'cloudsql' is reserved.
-                "secret": { # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names.
+                "secret": { # A volume representing a secret stored in Google Secret Manager. The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secretName.
                   "defaultMode": 42, # Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0444. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
-                  "items": [ # (Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
+                  "items": [ # A list of secret versions to mount in the volume. If no items are specified, the volume will expose a file with the same name as the secret name. The contents of the file will be the data in the latest version of the secret. If items are specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify both a key and a path.
                     { # Maps a string key to a path within a volume.
                       "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project.
                       "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                       "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                     },
                   ],
-                  "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
+                  "optional": True or False, # Not supported by Cloud Run.
                   "secretName": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use.
                 },
               },
@@ -2070,15 +2070,15 @@ 
Method Details

       },
     },
   },
-  "status": { # JobStatus represents the current state of a Job. # Output only. Current status of a job. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status +optional
-    "conditions": [ # The latest available observations of a job's current state. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/
-      { # Condition defines a generic condition for a Resource.
+  "status": { # JobStatus represents the current state of a Job. # Output only. Current status of a job. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+    "conditions": [ # The latest available observations of a job's current state. More info: https://kubernetes.io/docs/concepts/workloads/controllers/job/
+      { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
         "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
         "message": "A String", # Optional. Human readable message indicating details about the current status.
-        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-        "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+        "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
         "status": "A String", # Status of the condition, one of True, False, Unknown.
-        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
       },
     ],
     "executionCount": 42, # Number of executions created for this job.
@@ -2112,230 +2112,230 @@ 
Method Details

 Returns:
   An object of the form:
 
-    { # Execution represents the configuration of a single execution. A execution an immutable resource that references a container image which is run to completion.
-  "apiVersion": "A String", # Optional. APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources +optional
-  "kind": "A String", # Optional. Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +optional
-  "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional
-    "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+    { # Execution represents the configuration of a single execution. An execution is an immutable resource that references a container image which is run to completion.
+  "apiVersion": "A String", # Optional. APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+  "kind": "A String", # Optional. Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+  "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+    "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
       "a_key": "A String",
     },
-    "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-    "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-    "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+    "clusterName": "A String", # Not supported by Cloud Run
+    "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+    "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+    "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+    "finalizers": [ # Not supported by Cloud Run
       "A String",
     ],
-    "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-    "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-    "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+    "generateName": "A String", # Not supported by Cloud Run
+    "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+    "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
       "a_key": "A String",
     },
-    "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-    "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-    "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-      { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-        "apiVersion": "A String", # API version of the referent.
-        "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-        "controller": True or False, # If true, this reference points to the managing controller. +optional
-        "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-        "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+    "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+    "ownerReferences": [ # Not supported by Cloud Run
+      { # This is not supported or used by Cloud Run.
+        "apiVersion": "A String", # This is not supported or used by Cloud Run.
+        "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+        "controller": True or False, # This is not supported or used by Cloud Run.
+        "kind": "A String", # This is not supported or used by Cloud Run.
+        "name": "A String", # This is not supported or used by Cloud Run.
+        "uid": "A String", # This is not supported or used by Cloud Run.
       },
     ],
-    "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-    "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-    "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
+    "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
   },
-  "spec": { # ExecutionSpec describes how the execution will look. # Optional. Specification of the desired behavior of an execution. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status +optional
-    "parallelism": 42, # Optional. Specifies the maximum desired number of tasks the execution should run at given time. Must be <= task_count. When the job is run, if this field is 0 or unset, the maximum possible value will be used for that execution. The actual number of tasks running in steady state will be less than this number when there are fewer tasks waiting to be completed remaining, i.e. when the work left to do is less than max parallelism. +optional
-    "taskCount": 42, # Optional. Specifies the desired number of tasks the execution should run. Setting to 1 means that parallelism is limited to 1 and the success of that task signals the success of the execution. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/ +optional
+  "spec": { # ExecutionSpec describes how the execution will look. # Optional. Specification of the desired behavior of an execution. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+    "parallelism": 42, # Optional. Specifies the maximum desired number of tasks the execution should run at given time. Must be <= task_count. When the job is run, if this field is 0 or unset, the maximum possible value will be used for that execution. The actual number of tasks running in steady state will be less than this number when there are fewer tasks waiting to be completed, i.e. when the work left to do is less than max parallelism.
+    "taskCount": 42, # Optional. Specifies the desired number of tasks the execution should run. Setting to 1 means that parallelism is limited to 1 and the success of that task signals the success of the execution.
     "template": { # TaskTemplateSpec describes the data a task should have when created from a template. # Optional. Describes the task(s) that will be created when executing an execution.
-      "spec": { # TaskSpec is a description of a task. # Optional. Specification of the desired behavior of the task. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status +optional
+      "spec": { # TaskSpec is a description of a task. # Optional. Specification of the desired behavior of the task. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
         "containers": [ # Optional. List of containers belonging to the task. We disallow a number of fields on this Container. Only a single container may be provided.
           { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime.
-            "args": [ # (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+            "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
               "A String",
             ],
-            "command": [
+            "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
               "A String",
             ],
-            "env": [ # (Optional) List of environment variables to set in the container.
+            "env": [ # List of environment variables to set in the container.
               { # EnvVar represents an environment variable present in a Container.
-                "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
-                "value": "A String", # (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
-                "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # (Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty.
-                  "configMapKeyRef": { # Not supported by Cloud Run Selects a key from a ConfigMap. # (Optional) Not supported by Cloud Run Selects a key of a ConfigMap.
-                    "key": "A String", # The key to select.
-                    "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                      "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "name": "A String", # Required. Name of the environment variable. Must be a C_IDENTIFIER.
+                "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
+                "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # Source for the environment variable's value. Only supports secret_key_ref. Cannot be used if value is not empty.
+                  "configMapKeyRef": { # Not supported by Cloud Run. Selects a key from a ConfigMap. # Not supported by Cloud Run. Selects a key of a ConfigMap.
+                    "key": "A String", # Required. The key to select.
+                    "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                      "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                     },
-                    "name": "A String", # The ConfigMap to select from.
-                    "optional": True or False, # (Optional) Specify whether the ConfigMap or its key must be defined
+                    "name": "A String", # Required. The ConfigMap to select from.
+                    "optional": True or False, # Specify whether the ConfigMap or its key must be defined
                   },
-                  "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # (Optional) Selects a key (version) of a secret in Secret Manager.
-                    "key": "A String", # A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
-                    "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                      "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                  "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # Selects a key (version) of a secret in Secret Manager.
+                    "key": "A String", # Required. A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
+                    "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                      "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                     },
                     "name": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from.
-                    "optional": True or False, # (Optional) Specify whether the Secret or its key must be defined
+                    "optional": True or False, # Specify whether the Secret or its key must be defined.
                   },
                 },
               },
             ],
-            "envFrom": [ # (Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
-              { # Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps
-                "configMapRef": { # Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # (Optional) The ConfigMap to select from
-                  "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                    "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+            "envFrom": [ # Not supported by Cloud Run.
+              { # Not supported by Cloud Run. EnvFromSource represents the source of a set of ConfigMaps
+                "configMapRef": { # Not supported by Cloud Run. ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from
+                  "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                    "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                   },
                   "name": "A String", # The ConfigMap to select from.
-                  "optional": True or False, # (Optional) Specify whether the ConfigMap must be defined
+                  "optional": True or False, # Specify whether the ConfigMap must be defined.
                 },
-                "prefix": "A String", # (Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
-                "secretRef": { # Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # (Optional) The Secret to select from
-                  "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                    "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
+                "secretRef": { # Not supported by Cloud Run. SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from
+                  "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                    "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                   },
                   "name": "A String", # The Secret to select from.
-                  "optional": True or False, # (Optional) Specify whether the Secret must be defined
+                  "optional": True or False, # Specify whether the Secret must be defined
                 },
               },
             ],
-            "image": "A String", # Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images
-            "imagePullPolicy": "A String", # (Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
-            "livenessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "image": "A String", # Required. URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images
+            "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
+            "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "name": "A String", # (Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
-            "ports": [ # (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
+            "name": "A String", # Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
+            "ports": [ # List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
               { # ContainerPort represents a network port in a single container.
-                "containerPort": 42, # (Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536.
-                "name": "A String", # (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
-                "protocol": "A String", # (Optional) Protocol for port. Must be "TCP". Defaults to "TCP".
+                "containerPort": 42, # Port number the container listens on. This must be a valid port number, 0 < x < 65536.
+                "name": "A String", # If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
+                "protocol": "A String", # Protocol for port. Must be "TCP". Defaults to "TCP".
               },
             ],
-            "readinessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Not supported by Cloud Run.
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "resources": { # ResourceRequirements describes the compute resource requirements. # (Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
-              "limits": { # (Optional) Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+            "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+              "limits": { # Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                 "a_key": "A String",
               },
-              "requests": { # (Optional) Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+              "requests": { # Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                 "a_key": "A String",
               },
             },
-            "securityContext": { # Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # (Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
-              "runAsUser": 42, # (Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+            "securityContext": { # Not supported by Cloud Run. SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Not supported by Cloud Run.
+              "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
             },
-            "startupProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "startupProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not receive traffic if the probe fails. If not provided, a default startup probe with TCP socket action is used. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "terminationMessagePath": "A String", # (Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
-            "terminationMessagePolicy": "A String", # (Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
-            "volumeMounts": [ # (Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
+            "terminationMessagePath": "A String", # Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
+            "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
+            "volumeMounts": [ # Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
               { # VolumeMount describes a mounting of a Volume within a container.
-                "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'.
-                "name": "A String", # The name of the volume. There must be a corresponding Volume with the same name.
-                "readOnly": True or False, # (Optional) Only true is accepted. Defaults to true.
-                "subPath": "A String", # (Optional) Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
+                "mountPath": "A String", # Required. Path within the container at which the volume should be mounted. Must not contain ':'.
+                "name": "A String", # Required. The name of the volume. There must be a corresponding Volume with the same name.
+                "readOnly": True or False, # Only true is accepted for Secret Volumes. Defaults to true for Secrets Volumes.
+                "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
               },
             ],
-            "workingDir": "A String", # (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
+            "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
           },
         ],
         "maxRetries": 42, # Optional. Number of retries allowed per task, before marking this job failed.
-        "serviceAccountName": "A String", # Optional. Email address of the IAM service account associated with the task of a job execution. The service account represents the identity of the running task, and determines what permissions the task has. If not provided, the task will use the project's default service account. +optional
-        "timeoutSeconds": "A String", # Optional. Optional duration in seconds the task may be active before the system will actively try to mark it failed and kill associated containers. This applies per attempt of a task, meaning each retry can run for the full timeout. +optional
-        "volumes": [ # Optional. List of volumes that can be mounted by containers belonging to the task. More info: https://kubernetes.io/docs/concepts/storage/volumes +optional
+        "serviceAccountName": "A String", # Optional. Email address of the IAM service account associated with the task of a job execution. The service account represents the identity of the running task, and determines what permissions the task has. If not provided, the task will use the project's default service account.
+        "timeoutSeconds": "A String", # Optional. Duration in seconds the task may be active before the system will actively try to mark it failed and kill associated containers. This applies per attempt of a task, meaning each retry can run for the full timeout.
+        "volumes": [ # Optional. List of volumes that can be mounted by containers belonging to the task. More info: https://kubernetes.io/docs/concepts/storage/volumes
           { # Volume represents a named volume in a container.
-            "configMap": { # Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
+            "configMap": { # Not supported by Cloud Run. Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
               "defaultMode": 42, # (Optional) Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
               "items": [ # (Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
                 { # Maps a string key to a path within a volume.
@@ -2348,16 +2348,16 @@ 
Method Details

               "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
             },
             "name": "A String", # Volume's name. In Cloud Run Fully Managed, the name 'cloudsql' is reserved.
-            "secret": { # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names.
+            "secret": { # A volume representing a secret stored in Google Secret Manager. The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secretName.
               "defaultMode": 42, # Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0444. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
-              "items": [ # (Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
+              "items": [ # A list of secret versions to mount in the volume. If no items are specified, the volume will expose a file with the same name as the secret name. The contents of the file will be the data in the latest version of the secret. If items are specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify both a key and a path.
                 { # Maps a string key to a path within a volume.
                   "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project.
                   "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                   "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                 },
               ],
-              "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
+              "optional": True or False, # Not supported by Cloud Run.
               "secretName": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use.
             },
           },
@@ -2365,26 +2365,26 @@ 
Method Details

       },
     },
   },
-  "status": { # ExecutionStatus represents the current state of a Execution. # Output only. Current status of an execution. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status +optional
-    "cancelledCount": 42, # Optional. The number of tasks which reached phase Cancelled. +optional
-    "completionTime": "A String", # Optional. Represents time when the execution was completed. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC. +optional
-    "conditions": [ # Optional. The latest available observations of an execution's current state. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/ +optional
-      { # Condition defines a generic condition for a Resource.
+  "status": { # ExecutionStatus represents the current state of an Execution. # Output only. Current status of an execution. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+    "cancelledCount": 42, # Optional. The number of tasks which reached phase Cancelled.
+    "completionTime": "A String", # Optional. Represents the time that the execution was completed. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC. +optional
+    "conditions": [ # Optional. The latest available observations of an execution's current state.
+      { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
         "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
         "message": "A String", # Optional. Human readable message indicating details about the current status.
-        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-        "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+        "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
         "status": "A String", # Status of the condition, one of True, False, Unknown.
-        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
       },
     ],
-    "failedCount": 42, # Optional. The number of tasks which reached phase Failed. +optional
+    "failedCount": 42, # Optional. The number of tasks which reached phase Failed.
     "logUri": "A String", # Optional. URI where logs for this execution can be found in Cloud Console.
     "observedGeneration": 42, # Optional. The 'generation' of the execution that was last processed by the controller.
-    "retriedCount": 42, # Optional. The number of tasks which have retried at least once. +optional
-    "runningCount": 42, # Optional. The number of actively running tasks. +optional
-    "startTime": "A String", # Optional. Represents time when the execution started to run. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC. +optional
-    "succeededCount": 42, # Optional. The number of tasks which reached phase Succeeded. +optional
+    "retriedCount": 42, # Optional. The number of tasks which have retried at least once.
+    "runningCount": 42, # Optional. The number of actively running tasks.
+    "startTime": "A String", # Optional. Represents the time that the execution started to run. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC.
+    "succeededCount": 42, # Optional. The number of tasks which reached phase Succeeded.
   },
 }

 

diff --git a/docs/dyn/run_v1.namespaces.revisions.html b/docs/dyn/run_v1.namespaces.revisions.html
index 3e67ea06b0b..15487f83eb6 100644
--- a/docs/dyn/run_v1.namespaces.revisions.html
+++ b/docs/dyn/run_v1.namespaces.revisions.html
@@ -101,7 +101,7 @@ 
Method Details

   apiVersion: string, Cloud Run currently ignores this parameter.
   dryRun: string, Indicates that the server should validate the request and populate default values without persisting the request. Supported values: `all`
   kind: string, Cloud Run currently ignores this parameter.
-  propagationPolicy: string, Specifies the propagation policy of delete. Cloud Run currently ignores this setting, and deletes in the background. Please see kubernetes.io/docs/concepts/workloads/controllers/garbage-collection/ for more information.
+  propagationPolicy: string, Specifies the propagation policy of delete. Cloud Run currently ignores this setting, and deletes in the background. Please see https://kubernetes.io/docs/concepts/architecture/garbage-collection/ for more information.
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -110,30 +110,30 @@ 
Method Details

 Returns:
   An object of the form:
 
-    { # Status is a return value for calls that don't return other objects
-  "code": 42, # Suggested HTTP return code for this status, 0 if not set. +optional
-  "details": { # StatusDetails is a set of additional properties that MAY be set by the server to provide additional information about a response. The Reason field of a Status object defines what attributes will be set. Clients must ignore fields that do not match the defined type of each attribute, and should assume that any attribute may be empty, invalid, or under defined. # Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type. +optional
-    "causes": [ # The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes. +optional
+    { # Status is a return value for calls that don't return other objects.
+  "code": 42, # Suggested HTTP return code for this status, 0 if not set.
+  "details": { # StatusDetails is a set of additional properties that MAY be set by the server to provide additional information about a response. The Reason field of a Status object defines what attributes will be set. Clients must ignore fields that do not match the defined type of each attribute, and should assume that any attribute may be empty, invalid, or under defined. # Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type.
+    "causes": [ # The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes.
       { # StatusCause provides more information about an api.Status failure, including cases when multiple errors are encountered.
-        "field": "A String", # The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. Examples: "name" - the field "name" on the current resource "items[0].name" - the field "name" on the first array entry in "items" +optional
-        "message": "A String", # A human-readable description of the cause of the error. This field may be presented as-is to a reader. +optional
-        "reason": "A String", # A machine-readable description of the cause of the error. If this value is empty there is no information available. +optional
+        "field": "A String", # The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Examples: "name" - the field "name" on the current resource "items[0].name" - the field "name" on the first array entry in "items"
+        "message": "A String", # A human-readable description of the cause of the error. This field may be presented as-is to a reader.
+        "reason": "A String", # A machine-readable description of the cause of the error. If this value is empty there is no information available.
       },
     ],
-    "group": "A String", # The group attribute of the resource associated with the status StatusReason. +optional
-    "kind": "A String", # The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +optional
-    "name": "A String", # The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described). +optional
-    "retryAfterSeconds": 42, # If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action. +optional
-    "uid": "A String", # UID of the resource. (when there is a single resource which can be described). More info: https://kubernetes.io/docs/user-guide/identifiers#uids +optional
+    "group": "A String", # The group attribute of the resource associated with the status StatusReason.
+    "kind": "A String", # The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+    "name": "A String", # The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described).
+    "retryAfterSeconds": 42, # If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action.
+    "uid": "A String", # UID of the resource. (when there is a single resource which can be described). More info: https://kubernetes.io/docs/user-guide/identifiers#uids
   },
-  "message": "A String", # A human-readable description of the status of this operation. +optional
-  "metadata": { # ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}. # Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +optional
-    "continue": "A String", # continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response.
-    "resourceVersion": "A String", # String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional
-    "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional
+  "message": "A String", # A human-readable description of the status of this operation.
+  "metadata": { # Metadata for synthetic resources like List. In Cloud Run, all List Resources Responses will have a ListMeta instead of ObjectMeta. # Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+    "continue": "A String", # Continuation token is a value emitted when the count of items is larger than the user/system limit. To retrieve the next page of items, pass the value of `continue` as the next request's `page_token`.
+    "resourceVersion": "A String", # Opaque string that identifies the server's internal version of this object. It can be used by clients to determine when objects have changed. If the message is passed back to the server, it must be left unmodified. https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
   },
-  "reason": "A String", # A machine-readable description of why this operation is in the "Failure" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it. +optional
-  "status": "A String", # Status of the operation. One of: "Success" or "Failure". More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status +optional
+  "reason": "A String", # A machine-readable description of why this operation is in the "Failure" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it.
+  "status": "A String", # Status of the operation. One of: "Success" or "Failure". More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
 }

 

 
@@ -151,232 +151,232 @@ 
Method Details

 Returns:
   An object of the form:
 
-    { # Revision is an immutable snapshot of code and configuration. A revision references a container image. Revisions are created by updates to a Configuration. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#revision
+    { # Revision is an immutable snapshot of code and configuration. A revision references a container image. Revisions are created by updates to a Configuration. See also: https://github.com/knative/specs/blob/main/specs/serving/overview.md#revision
   "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1".
   "kind": "A String", # The kind of this resource, in this case "Revision".
   "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Revision, including name, namespace, labels, and annotations.
-    "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+    "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
       "a_key": "A String",
     },
-    "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-    "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-    "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+    "clusterName": "A String", # Not supported by Cloud Run
+    "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+    "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+    "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+    "finalizers": [ # Not supported by Cloud Run
       "A String",
     ],
-    "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-    "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-    "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+    "generateName": "A String", # Not supported by Cloud Run
+    "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+    "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
       "a_key": "A String",
     },
-    "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-    "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-    "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-      { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-        "apiVersion": "A String", # API version of the referent.
-        "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-        "controller": True or False, # If true, this reference points to the managing controller. +optional
-        "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-        "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+    "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+    "ownerReferences": [ # Not supported by Cloud Run
+      { # This is not supported or used by Cloud Run.
+        "apiVersion": "A String", # This is not supported or used by Cloud Run.
+        "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+        "controller": True or False, # This is not supported or used by Cloud Run.
+        "kind": "A String", # This is not supported or used by Cloud Run.
+        "name": "A String", # This is not supported or used by Cloud Run.
+        "uid": "A String", # This is not supported or used by Cloud Run.
       },
     ],
-    "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-    "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-    "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
+    "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
   },
   "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # Spec holds the desired state of the Revision (from the client).
-    "containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run for Anthos: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler.
-    "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/serving/blob/main/docs/runtime-contract.md
+    "containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run: supported, defaults to 80
+    "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/specs/blob/main/specs/serving/runtime-contract.md
       { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime.
-        "args": [ # (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+        "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
           "A String",
         ],
-        "command": [
+        "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
           "A String",
         ],
-        "env": [ # (Optional) List of environment variables to set in the container.
+        "env": [ # List of environment variables to set in the container.
           { # EnvVar represents an environment variable present in a Container.
-            "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
-            "value": "A String", # (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
-            "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # (Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty.
-              "configMapKeyRef": { # Not supported by Cloud Run Selects a key from a ConfigMap. # (Optional) Not supported by Cloud Run Selects a key of a ConfigMap.
-                "key": "A String", # The key to select.
-                "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                  "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+            "name": "A String", # Required. Name of the environment variable. Must be a C_IDENTIFIER.
+            "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
+            "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # Source for the environment variable's value. Only supports secret_key_ref. Cannot be used if value is not empty.
+              "configMapKeyRef": { # Not supported by Cloud Run. Selects a key from a ConfigMap. # Not supported by Cloud Run. Selects a key of a ConfigMap.
+                "key": "A String", # Required. The key to select.
+                "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                  "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                 },
-                "name": "A String", # The ConfigMap to select from.
-                "optional": True or False, # (Optional) Specify whether the ConfigMap or its key must be defined
+                "name": "A String", # Required. The ConfigMap to select from.
+                "optional": True or False, # Specify whether the ConfigMap or its key must be defined
               },
-              "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # (Optional) Selects a key (version) of a secret in Secret Manager.
-                "key": "A String", # A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
-                "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                  "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+              "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # Selects a key (version) of a secret in Secret Manager.
+                "key": "A String", # Required. A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
+                "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                  "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                 },
                 "name": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from.
-                "optional": True or False, # (Optional) Specify whether the Secret or its key must be defined
+                "optional": True or False, # Specify whether the Secret or its key must be defined.
               },
             },
           },
         ],
-        "envFrom": [ # (Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
-          { # Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps
-            "configMapRef": { # Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # (Optional) The ConfigMap to select from
-              "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+        "envFrom": [ # Not supported by Cloud Run.
+          { # Not supported by Cloud Run. EnvFromSource represents the source of a set of ConfigMaps
+            "configMapRef": { # Not supported by Cloud Run. ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from
+              "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
               },
               "name": "A String", # The ConfigMap to select from.
-              "optional": True or False, # (Optional) Specify whether the ConfigMap must be defined
+              "optional": True or False, # Specify whether the ConfigMap must be defined.
             },
-            "prefix": "A String", # (Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
-            "secretRef": { # Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # (Optional) The Secret to select from
-              "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+            "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
+            "secretRef": { # Not supported by Cloud Run. SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from
+              "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
               },
               "name": "A String", # The Secret to select from.
-              "optional": True or False, # (Optional) Specify whether the Secret must be defined
+              "optional": True or False, # Specify whether the Secret must be defined
             },
           },
         ],
-        "image": "A String", # Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images
-        "imagePullPolicy": "A String", # (Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
-        "livenessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-          "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-            "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+        "image": "A String", # Required. URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images
+        "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
+        "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+          "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+            "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
               "A String",
             ],
           },
-          "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-          "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+          "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+          "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
             "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
             "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
           },
-          "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-            "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-            "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+          "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+            "host": "A String", # Not supported by Cloud Run.
+            "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
               { # HTTPHeader describes a custom header to be used in HTTP probes
                 "name": "A String", # The header field name
                 "value": "A String", # The header field value
               },
             ],
-            "path": "A String", # (Optional) Path to access on the HTTP server.
-            "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+            "path": "A String", # Path to access on the HTTP server.
+            "scheme": "A String", # Not supported by Cloud Run.
           },
-          "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-          "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-          "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-          "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-            "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-            "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+          "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+          "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+          "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+          "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+            "host": "A String", # Not supported by Cloud Run.
+            "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
           },
-          "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+          "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
         },
-        "name": "A String", # (Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
-        "ports": [ # (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
+        "name": "A String", # Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
+        "ports": [ # List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
           { # ContainerPort represents a network port in a single container.
-            "containerPort": 42, # (Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536.
-            "name": "A String", # (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
-            "protocol": "A String", # (Optional) Protocol for port. Must be "TCP". Defaults to "TCP".
+            "containerPort": 42, # Port number the container listens on. This must be a valid port number, 0 < x < 65536.
+            "name": "A String", # If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
+            "protocol": "A String", # Protocol for port. Must be "TCP". Defaults to "TCP".
           },
         ],
-        "readinessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-          "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-            "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+        "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Not supported by Cloud Run.
+          "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+            "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
               "A String",
             ],
           },
-          "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-          "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+          "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+          "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
             "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
             "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
           },
-          "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-            "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-            "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+          "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+            "host": "A String", # Not supported by Cloud Run.
+            "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
               { # HTTPHeader describes a custom header to be used in HTTP probes
                 "name": "A String", # The header field name
                 "value": "A String", # The header field value
               },
             ],
-            "path": "A String", # (Optional) Path to access on the HTTP server.
-            "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+            "path": "A String", # Path to access on the HTTP server.
+            "scheme": "A String", # Not supported by Cloud Run.
           },
-          "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-          "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-          "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-          "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-            "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-            "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+          "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+          "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+          "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+          "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+            "host": "A String", # Not supported by Cloud Run.
+            "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
           },
-          "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+          "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
         },
-        "resources": { # ResourceRequirements describes the compute resource requirements. # (Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
-          "limits": { # (Optional) Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+        "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+          "limits": { # Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
             "a_key": "A String",
           },
-          "requests": { # (Optional) Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+          "requests": { # Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
             "a_key": "A String",
           },
         },
-        "securityContext": { # Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # (Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
-          "runAsUser": 42, # (Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+        "securityContext": { # Not supported by Cloud Run. SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Not supported by Cloud Run.
+          "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
         },
-        "startupProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-          "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-            "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+        "startupProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not receive traffic if the probe fails. If not provided, a default startup probe with TCP socket action is used. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+          "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+            "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
               "A String",
             ],
           },
-          "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-          "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+          "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+          "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
             "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
             "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
           },
-          "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-            "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-            "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+          "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+            "host": "A String", # Not supported by Cloud Run.
+            "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
               { # HTTPHeader describes a custom header to be used in HTTP probes
                 "name": "A String", # The header field name
                 "value": "A String", # The header field value
               },
             ],
-            "path": "A String", # (Optional) Path to access on the HTTP server.
-            "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+            "path": "A String", # Path to access on the HTTP server.
+            "scheme": "A String", # Not supported by Cloud Run.
           },
-          "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-          "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-          "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-          "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-            "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-            "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+          "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+          "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+          "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+          "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+            "host": "A String", # Not supported by Cloud Run.
+            "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
           },
-          "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+          "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
         },
-        "terminationMessagePath": "A String", # (Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
-        "terminationMessagePolicy": "A String", # (Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
-        "volumeMounts": [ # (Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
+        "terminationMessagePath": "A String", # Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
+        "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
+        "volumeMounts": [ # Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
           { # VolumeMount describes a mounting of a Volume within a container.
-            "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'.
-            "name": "A String", # The name of the volume. There must be a corresponding Volume with the same name.
-            "readOnly": True or False, # (Optional) Only true is accepted. Defaults to true.
-            "subPath": "A String", # (Optional) Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
+            "mountPath": "A String", # Required. Path within the container at which the volume should be mounted. Must not contain ':'.
+            "name": "A String", # Required. The name of the volume. There must be a corresponding Volume with the same name.
+            "readOnly": True or False, # Only true is accepted for Secret Volumes. Defaults to true for Secrets Volumes.
+            "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
           },
         ],
-        "workingDir": "A String", # (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
+        "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
       },
     ],
-    "enableServiceLinks": True or False, # Indicates whether information about services should be injected into pod's environment variables, matching the syntax of Docker links. Cloud Run fully managed: Not supported. Cloud Run for Anthos: supported, defaults to true.
-    "imagePullSecrets": [ # ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet. More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod Cloud Run fully managed: Not supported. Cloud Run for Anthos: supported.
-      { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
-        "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+    "enableServiceLinks": True or False, # Not supported by Cloud Run.
+    "imagePullSecrets": [ # Not supported by Cloud Run.
+      { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
+        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
       },
     ],
     "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account.
-    "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run fully managed: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour). Cloud Run for Anthos: defaults to 300 seconds (5 minutes). Maximum allowed value is configurable by the cluster operator.
+    "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour).
     "volumes": [
       { # Volume represents a named volume in a container.
-        "configMap": { # Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
+        "configMap": { # Not supported by Cloud Run. Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
           "defaultMode": 42, # (Optional) Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
           "items": [ # (Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
             { # Maps a string key to a path within a volume.
@@ -389,16 +389,16 @@ 
Method Details

           "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
         },
         "name": "A String", # Volume's name. In Cloud Run Fully Managed, the name 'cloudsql' is reserved.
-        "secret": { # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names.
+        "secret": { # A volume representing a secret stored in Google Secret Manager. The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secretName.
           "defaultMode": 42, # Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0444. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
-          "items": [ # (Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
+          "items": [ # A list of secret versions to mount in the volume. If no items are specified, the volume will expose a file with the same name as the secret name. The contents of the file will be the data in the latest version of the secret. If items are specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify both a key and a path.
             { # Maps a string key to a path within a volume.
               "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project.
               "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
               "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
             },
           ],
-          "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
+          "optional": True or False, # Not supported by Cloud Run.
           "secretName": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use.
         },
       },
@@ -406,13 +406,13 @@ 
Method Details

   },
   "status": { # RevisionStatus communicates the observed state of the Revision (from the controller). # Status communicates the observed state of the Revision (from the controller).
     "conditions": [ # Conditions communicates information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world. As a Revision is being prepared, it will incrementally update conditions. Revision-specific conditions include: * "ResourcesAvailable": True when underlying resources have been provisioned. * "ContainerHealthy": True when the Revision readiness check completes. * "Active": True when the Revision may receive traffic.
-      { # Condition defines a generic condition for a Resource.
+      { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
         "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
         "message": "A String", # Optional. Human readable message indicating details about the current status.
-        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-        "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+        "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
         "status": "A String", # Status of the condition, one of True, False, Unknown.
-        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
       },
     ],
     "imageDigest": "A String", # ImageDigest holds the resolved digest for the image specified within .Spec.Container.Image. The digest is resolved during the creation of Revision. This field holds the digest value regardless of whether a tag or digest was originally specified in the Container object.
@@ -447,232 +447,232 @@ 
Method Details

     { # ListRevisionsResponse is a list of Revision resources.
   "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1".
   "items": [ # List of Revisions.
-    { # Revision is an immutable snapshot of code and configuration. A revision references a container image. Revisions are created by updates to a Configuration. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#revision
+    { # Revision is an immutable snapshot of code and configuration. A revision references a container image. Revisions are created by updates to a Configuration. See also: https://github.com/knative/specs/blob/main/specs/serving/overview.md#revision
       "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1".
       "kind": "A String", # The kind of this resource, in this case "Revision".
       "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Revision, including name, namespace, labels, and annotations.
-        "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+        "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
           "a_key": "A String",
         },
-        "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-        "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-        "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+        "clusterName": "A String", # Not supported by Cloud Run
+        "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+        "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+        "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+        "finalizers": [ # Not supported by Cloud Run
           "A String",
         ],
-        "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-        "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-        "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+        "generateName": "A String", # Not supported by Cloud Run
+        "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+        "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
           "a_key": "A String",
         },
-        "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-        "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-        "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-          { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-            "apiVersion": "A String", # API version of the referent.
-            "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-            "controller": True or False, # If true, this reference points to the managing controller. +optional
-            "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-            "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+        "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+        "ownerReferences": [ # Not supported by Cloud Run
+          { # This is not supported or used by Cloud Run.
+            "apiVersion": "A String", # This is not supported or used by Cloud Run.
+            "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+            "controller": True or False, # This is not supported or used by Cloud Run.
+            "kind": "A String", # This is not supported or used by Cloud Run.
+            "name": "A String", # This is not supported or used by Cloud Run.
+            "uid": "A String", # This is not supported or used by Cloud Run.
           },
         ],
-        "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-        "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-        "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+        "selfLink": "A String", # URL representing this object.
+        "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
       },
       "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # Spec holds the desired state of the Revision (from the client).
-        "containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run for Anthos: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler.
-        "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/serving/blob/main/docs/runtime-contract.md
+        "containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run: supported, defaults to 80
+        "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/specs/blob/main/specs/serving/runtime-contract.md
           { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime.
-            "args": [ # (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+            "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
               "A String",
             ],
-            "command": [
+            "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
               "A String",
             ],
-            "env": [ # (Optional) List of environment variables to set in the container.
+            "env": [ # List of environment variables to set in the container.
               { # EnvVar represents an environment variable present in a Container.
-                "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
-                "value": "A String", # (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
-                "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # (Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty.
-                  "configMapKeyRef": { # Not supported by Cloud Run Selects a key from a ConfigMap. # (Optional) Not supported by Cloud Run Selects a key of a ConfigMap.
-                    "key": "A String", # The key to select.
-                    "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                      "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "name": "A String", # Required. Name of the environment variable. Must be a C_IDENTIFIER.
+                "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
+                "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # Source for the environment variable's value. Only supports secret_key_ref. Cannot be used if value is not empty.
+                  "configMapKeyRef": { # Not supported by Cloud Run. Selects a key from a ConfigMap. # Not supported by Cloud Run. Selects a key of a ConfigMap.
+                    "key": "A String", # Required. The key to select.
+                    "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                      "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                     },
-                    "name": "A String", # The ConfigMap to select from.
-                    "optional": True or False, # (Optional) Specify whether the ConfigMap or its key must be defined
+                    "name": "A String", # Required. The ConfigMap to select from.
+                    "optional": True or False, # Specify whether the ConfigMap or its key must be defined
                   },
-                  "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # (Optional) Selects a key (version) of a secret in Secret Manager.
-                    "key": "A String", # A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
-                    "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                      "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                  "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # Selects a key (version) of a secret in Secret Manager.
+                    "key": "A String", # Required. A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
+                    "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                      "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                     },
                     "name": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from.
-                    "optional": True or False, # (Optional) Specify whether the Secret or its key must be defined
+                    "optional": True or False, # Specify whether the Secret or its key must be defined.
                   },
                 },
               },
             ],
-            "envFrom": [ # (Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
-              { # Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps
-                "configMapRef": { # Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # (Optional) The ConfigMap to select from
-                  "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                    "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+            "envFrom": [ # Not supported by Cloud Run.
+              { # Not supported by Cloud Run. EnvFromSource represents the source of a set of ConfigMaps
+                "configMapRef": { # Not supported by Cloud Run. ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from
+                  "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                    "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                   },
                   "name": "A String", # The ConfigMap to select from.
-                  "optional": True or False, # (Optional) Specify whether the ConfigMap must be defined
+                  "optional": True or False, # Specify whether the ConfigMap must be defined.
                 },
-                "prefix": "A String", # (Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
-                "secretRef": { # Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # (Optional) The Secret to select from
-                  "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                    "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
+                "secretRef": { # Not supported by Cloud Run. SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from
+                  "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                    "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                   },
                   "name": "A String", # The Secret to select from.
-                  "optional": True or False, # (Optional) Specify whether the Secret must be defined
+                  "optional": True or False, # Specify whether the Secret must be defined
                 },
               },
             ],
-            "image": "A String", # Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images
-            "imagePullPolicy": "A String", # (Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
-            "livenessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "image": "A String", # Required. URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images
+            "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
+            "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "name": "A String", # (Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
-            "ports": [ # (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
+            "name": "A String", # Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
+            "ports": [ # List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
               { # ContainerPort represents a network port in a single container.
-                "containerPort": 42, # (Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536.
-                "name": "A String", # (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
-                "protocol": "A String", # (Optional) Protocol for port. Must be "TCP". Defaults to "TCP".
+                "containerPort": 42, # Port number the container listens on. This must be a valid port number, 0 < x < 65536.
+                "name": "A String", # If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
+                "protocol": "A String", # Protocol for port. Must be "TCP". Defaults to "TCP".
               },
             ],
-            "readinessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Not supported by Cloud Run.
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "resources": { # ResourceRequirements describes the compute resource requirements. # (Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
-              "limits": { # (Optional) Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+            "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+              "limits": { # Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                 "a_key": "A String",
               },
-              "requests": { # (Optional) Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+              "requests": { # Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                 "a_key": "A String",
               },
             },
-            "securityContext": { # Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # (Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
-              "runAsUser": 42, # (Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+            "securityContext": { # Not supported by Cloud Run. SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Not supported by Cloud Run.
+              "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
             },
-            "startupProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "startupProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not receive traffic if the probe fails. If not provided, a default startup probe with TCP socket action is used. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "terminationMessagePath": "A String", # (Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
-            "terminationMessagePolicy": "A String", # (Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
-            "volumeMounts": [ # (Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
+            "terminationMessagePath": "A String", # Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
+            "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
+            "volumeMounts": [ # Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
               { # VolumeMount describes a mounting of a Volume within a container.
-                "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'.
-                "name": "A String", # The name of the volume. There must be a corresponding Volume with the same name.
-                "readOnly": True or False, # (Optional) Only true is accepted. Defaults to true.
-                "subPath": "A String", # (Optional) Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
+                "mountPath": "A String", # Required. Path within the container at which the volume should be mounted. Must not contain ':'.
+                "name": "A String", # Required. The name of the volume. There must be a corresponding Volume with the same name.
+                "readOnly": True or False, # Only true is accepted for Secret Volumes. Defaults to true for Secrets Volumes.
+                "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
               },
             ],
-            "workingDir": "A String", # (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
+            "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
           },
         ],
-        "enableServiceLinks": True or False, # Indicates whether information about services should be injected into pod's environment variables, matching the syntax of Docker links. Cloud Run fully managed: Not supported. Cloud Run for Anthos: supported, defaults to true.
-        "imagePullSecrets": [ # ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet. More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod Cloud Run fully managed: Not supported. Cloud Run for Anthos: supported.
-          { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
-            "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+        "enableServiceLinks": True or False, # Not supported by Cloud Run.
+        "imagePullSecrets": [ # Not supported by Cloud Run.
+          { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
+            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
           },
         ],
         "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account.
-        "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run fully managed: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour). Cloud Run for Anthos: defaults to 300 seconds (5 minutes). Maximum allowed value is configurable by the cluster operator.
+        "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour).
         "volumes": [
           { # Volume represents a named volume in a container.
-            "configMap": { # Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
+            "configMap": { # Not supported by Cloud Run. Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
               "defaultMode": 42, # (Optional) Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
               "items": [ # (Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
                 { # Maps a string key to a path within a volume.
@@ -685,16 +685,16 @@ 
Method Details

               "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
             },
             "name": "A String", # Volume's name. In Cloud Run Fully Managed, the name 'cloudsql' is reserved.
-            "secret": { # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names.
+            "secret": { # A volume representing a secret stored in Google Secret Manager. The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secretName.
               "defaultMode": 42, # Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0444. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
-              "items": [ # (Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
+              "items": [ # A list of secret versions to mount in the volume. If no items are specified, the volume will expose a file with the same name as the secret name. The contents of the file will be the data in the latest version of the secret. If items are specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify both a key and a path.
                 { # Maps a string key to a path within a volume.
                   "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project.
                   "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                   "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                 },
               ],
-              "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
+              "optional": True or False, # Not supported by Cloud Run.
               "secretName": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use.
             },
           },
@@ -702,13 +702,13 @@ 
Method Details

       },
       "status": { # RevisionStatus communicates the observed state of the Revision (from the controller). # Status communicates the observed state of the Revision (from the controller).
         "conditions": [ # Conditions communicates information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world. As a Revision is being prepared, it will incrementally update conditions. Revision-specific conditions include: * "ResourcesAvailable": True when underlying resources have been provisioned. * "ContainerHealthy": True when the Revision readiness check completes. * "Active": True when the Revision may receive traffic.
-          { # Condition defines a generic condition for a Resource.
+          { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
             "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
             "message": "A String", # Optional. Human readable message indicating details about the current status.
-            "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-            "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+            "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+            "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
             "status": "A String", # Status of the condition, one of True, False, Unknown.
-            "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+            "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
           },
         ],
         "imageDigest": "A String", # ImageDigest holds the resolved digest for the image specified within .Spec.Container.Image. The digest is resolved during the creation of Revision. This field holds the digest value regardless of whether a tag or digest was originally specified in the Container object.
@@ -719,10 +719,10 @@ 
Method Details

     },
   ],
   "kind": "A String", # The kind of this resource, in this case "RevisionList".
-  "metadata": { # ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}. # Metadata associated with this revision list.
-    "continue": "A String", # continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response.
-    "resourceVersion": "A String", # String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional
-    "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional
+  "metadata": { # Metadata for synthetic resources like List. In Cloud Run, all List Resources Responses will have a ListMeta instead of ObjectMeta. # Metadata associated with this revision list.
+    "continue": "A String", # Continuation token is a value emitted when the count of items is larger than the user/system limit. To retrieve the next page of items, pass the value of `continue` as the next request's `page_token`.
+    "resourceVersion": "A String", # Opaque string that identifies the server's internal version of this object. It can be used by clients to determine when objects have changed. If the message is passed back to the server, it must be left unmodified. https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
   },
   "unreachable": [ # Locations that could not be reached.
     "A String",
diff --git a/docs/dyn/run_v1.namespaces.routes.html b/docs/dyn/run_v1.namespaces.routes.html
index 7a5bed5c5c2..4770f86461a 100644
--- a/docs/dyn/run_v1.namespaces.routes.html
+++ b/docs/dyn/run_v1.namespaces.routes.html
@@ -103,45 +103,45 @@ 
Method Details

 Returns:
   An object of the form:
 
-    { # Route is responsible for configuring ingress over a collection of Revisions. Some of the Revisions a Route distributes traffic over may be specified by referencing the Configuration responsible for creating them; in these cases the Route is additionally responsible for monitoring the Configuration for "latest ready" revision changes, and smoothly rolling out latest revisions. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#route Cloud Run currently supports referencing a single Configuration to automatically deploy the "latest ready" Revision from that Configuration.
+    { # Route is responsible for configuring ingress over a collection of Revisions. Some of the Revisions a Route distributes traffic over may be specified by referencing the Configuration responsible for creating them; in these cases the Route is additionally responsible for monitoring the Configuration for "latest ready" revision changes, and smoothly rolling out latest revisions. See also: https://github.com/knative/specs/blob/main/specs/serving/overview.md#route Cloud Run currently supports referencing a single Configuration to automatically deploy the "latest ready" Revision from that Configuration.
   "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1".
   "kind": "A String", # The kind of this resource, in this case always "Route".
   "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Route, including name, namespace, labels, and annotations.
-    "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+    "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
       "a_key": "A String",
     },
-    "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-    "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-    "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+    "clusterName": "A String", # Not supported by Cloud Run
+    "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+    "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+    "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+    "finalizers": [ # Not supported by Cloud Run
       "A String",
     ],
-    "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-    "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-    "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+    "generateName": "A String", # Not supported by Cloud Run
+    "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+    "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
       "a_key": "A String",
     },
-    "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-    "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-    "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-      { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-        "apiVersion": "A String", # API version of the referent.
-        "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-        "controller": True or False, # If true, this reference points to the managing controller. +optional
-        "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-        "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+    "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+    "ownerReferences": [ # Not supported by Cloud Run
+      { # This is not supported or used by Cloud Run.
+        "apiVersion": "A String", # This is not supported or used by Cloud Run.
+        "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+        "controller": True or False, # This is not supported or used by Cloud Run.
+        "kind": "A String", # This is not supported or used by Cloud Run.
+        "name": "A String", # This is not supported or used by Cloud Run.
+        "uid": "A String", # This is not supported or used by Cloud Run.
       },
     ],
-    "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-    "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-    "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
+    "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
   },
   "spec": { # RouteSpec holds the desired state of the Route (from the client). # Spec holds the desired state of the Route (from the client).
     "traffic": [ # Traffic specifies how to distribute traffic over a collection of Knative Revisions and Configurations. Cloud Run currently supports a single configurationName.
       { # TrafficTarget holds a single entry of the routing table for a Route.
-        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
+        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision which will be sent this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, traffic will automatically migrate from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
         "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty.
         "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified.
         "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName.
@@ -155,19 +155,19 @@ 
Method Details

       "url": "A String",
     },
     "conditions": [ # Conditions communicates information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world.
-      { # Condition defines a generic condition for a Resource.
+      { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
         "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
         "message": "A String", # Optional. Human readable message indicating details about the current status.
-        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-        "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+        "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
         "status": "A String", # Status of the condition, one of True, False, Unknown.
-        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
       },
     ],
     "observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Route that was last processed by the controller. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False. Note that providing a trafficTarget that only has a configurationName will result in a Route that does not increment either its metadata.generation or its observedGeneration, as new "latest ready" revisions from the Configuration are processed without an update to the Route's spec.
-    "traffic": [ # Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed.
+    "traffic": [ # Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that was last observed.
       { # TrafficTarget holds a single entry of the routing table for a Route.
-        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
+        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision which will be sent this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, traffic will automatically migrate from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
         "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty.
         "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified.
         "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName.
@@ -204,45 +204,45 @@ 
Method Details

     { # ListRoutesResponse is a list of Route resources.
   "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1".
   "items": [ # List of Routes.
-    { # Route is responsible for configuring ingress over a collection of Revisions. Some of the Revisions a Route distributes traffic over may be specified by referencing the Configuration responsible for creating them; in these cases the Route is additionally responsible for monitoring the Configuration for "latest ready" revision changes, and smoothly rolling out latest revisions. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#route Cloud Run currently supports referencing a single Configuration to automatically deploy the "latest ready" Revision from that Configuration.
+    { # Route is responsible for configuring ingress over a collection of Revisions. Some of the Revisions a Route distributes traffic over may be specified by referencing the Configuration responsible for creating them; in these cases the Route is additionally responsible for monitoring the Configuration for "latest ready" revision changes, and smoothly rolling out latest revisions. See also: https://github.com/knative/specs/blob/main/specs/serving/overview.md#route Cloud Run currently supports referencing a single Configuration to automatically deploy the "latest ready" Revision from that Configuration.
       "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1".
       "kind": "A String", # The kind of this resource, in this case always "Route".
       "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Route, including name, namespace, labels, and annotations.
-        "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+        "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
           "a_key": "A String",
         },
-        "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-        "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-        "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+        "clusterName": "A String", # Not supported by Cloud Run
+        "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+        "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+        "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+        "finalizers": [ # Not supported by Cloud Run
           "A String",
         ],
-        "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-        "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-        "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+        "generateName": "A String", # Not supported by Cloud Run
+        "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+        "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
           "a_key": "A String",
         },
-        "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-        "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-        "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-          { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-            "apiVersion": "A String", # API version of the referent.
-            "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-            "controller": True or False, # If true, this reference points to the managing controller. +optional
-            "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-            "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+        "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+        "ownerReferences": [ # Not supported by Cloud Run
+          { # This is not supported or used by Cloud Run.
+            "apiVersion": "A String", # This is not supported or used by Cloud Run.
+            "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+            "controller": True or False, # This is not supported or used by Cloud Run.
+            "kind": "A String", # This is not supported or used by Cloud Run.
+            "name": "A String", # This is not supported or used by Cloud Run.
+            "uid": "A String", # This is not supported or used by Cloud Run.
           },
         ],
-        "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-        "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-        "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+        "selfLink": "A String", # URL representing this object.
+        "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
       },
       "spec": { # RouteSpec holds the desired state of the Route (from the client). # Spec holds the desired state of the Route (from the client).
         "traffic": [ # Traffic specifies how to distribute traffic over a collection of Knative Revisions and Configurations. Cloud Run currently supports a single configurationName.
           { # TrafficTarget holds a single entry of the routing table for a Route.
-            "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
+            "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision which will be sent this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, traffic will automatically migrate from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
             "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty.
             "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified.
             "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName.
@@ -256,19 +256,19 @@ 
Method Details

           "url": "A String",
         },
         "conditions": [ # Conditions communicates information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world.
-          { # Condition defines a generic condition for a Resource.
+          { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
             "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
             "message": "A String", # Optional. Human readable message indicating details about the current status.
-            "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-            "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+            "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+            "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
             "status": "A String", # Status of the condition, one of True, False, Unknown.
-            "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+            "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
           },
         ],
         "observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Route that was last processed by the controller. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False. Note that providing a trafficTarget that only has a configurationName will result in a Route that does not increment either its metadata.generation or its observedGeneration, as new "latest ready" revisions from the Configuration are processed without an update to the Route's spec.
-        "traffic": [ # Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed.
+        "traffic": [ # Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that was last observed.
           { # TrafficTarget holds a single entry of the routing table for a Route.
-            "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
+            "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision which will be sent this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, traffic will automatically migrate from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
             "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty.
             "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified.
             "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName.
@@ -281,10 +281,10 @@ 
Method Details

     },
   ],
   "kind": "A String", # The kind of this resource, in this case always "RouteList".
-  "metadata": { # ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}. # Metadata associated with this Route list.
-    "continue": "A String", # continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response.
-    "resourceVersion": "A String", # String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional
-    "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional
+  "metadata": { # Metadata for synthetic resources like List. In Cloud Run, all List Resources Responses will have a ListMeta instead of ObjectMeta. # Metadata associated with this Route list.
+    "continue": "A String", # Continuation token is a value emitted when the count of items is larger than the user/system limit. To retrieve the next page of items, pass the value of `continue` as the next request's `page_token`.
+    "resourceVersion": "A String", # Opaque string that identifies the server's internal version of this object. It can be used by clients to determine when objects have changed. If the message is passed back to the server, it must be left unmodified. https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
   },
   "unreachable": [ # Locations that could not be reached.
     "A String",
diff --git a/docs/dyn/run_v1.namespaces.services.html b/docs/dyn/run_v1.namespaces.services.html
index 15cbedf736b..a97fd3d5b19 100644
--- a/docs/dyn/run_v1.namespaces.services.html
+++ b/docs/dyn/run_v1.namespaces.services.html
@@ -79,19 +79,19 @@ 
Instance Methods

 
Close httplib2 connections.

 

   create(parent, body=None, dryRun=None, x__xgafv=None)

-
Create a service.

+
Creates a new Service. Service creation will trigger a new deployment. Use GetService, and check service.status to determine if the Service is ready.

 

   delete(name, apiVersion=None, dryRun=None, kind=None, propagationPolicy=None, x__xgafv=None)

-
Delete a service. This will cause the Service to stop serving traffic and will delete the child entities like Routes, Configurations and Revisions.

+
Deletes the provided service. This will cause the Service to stop serving traffic and will delete all associated Revisions.

 

   get(name, x__xgafv=None)

-
Get information about a service.

+
Gets information about a service.

 

   list(parent, continue=None, fieldSelector=None, includeUninitialized=None, labelSelector=None, limit=None, resourceVersion=None, watch=None, x__xgafv=None)

-
List services.

+
Lists services for the given project and region.

 

   replaceService(name, body=None, dryRun=None, x__xgafv=None)

-
Replace a service. Only the spec and metadata labels and annotations are modifiable. After the Update request, Cloud Run will work to make the 'status' match the requested 'spec'. May provide metadata.resourceVersion to enforce update from last read for optimistic concurrency control.

+
Replaces a service. Only the spec and metadata labels and annotations are modifiable. After the Update request, Cloud Run will work to make the 'status' match the requested 'spec'. May provide metadata.resourceVersion to enforce update from last read for optimistic concurrency control.

 
Method Details

 

     close()
@@ -100,273 +100,273 @@ 
Method Details

 
 

     create(parent, body=None, dryRun=None, x__xgafv=None)
-  
Create a service.
+  
Creates a new Service. Service creation will trigger a new deployment. Use GetService, and check service.status to determine if the Service is ready.
 
 Args:
-  parent: string, The namespace in which the service should be created. For Cloud Run (fully managed), replace {namespace} with the project ID or number. It takes the form namespaces/{namespace}. For example: namespaces/PROJECT_ID (required)
+  parent: string, The resource's parent. In Cloud Run, it may be one of the following: * `namespaces/{project_id_or_number}` * `projects/{project_id_or_number}/locations/{region}` * `projects/{project_id_or_number}/regions/{region}` (required)
   body: object, The request body.
     The object takes the form of:
 
 { # Service acts as a top-level container that manages a set of Routes and Configurations which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets). The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#service
-  "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1".
-  "kind": "A String", # The kind of resource, in this case "Service".
-  "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Service, including name, namespace, labels, and annotations. Cloud Run (fully managed) uses the following annotation keys to configure features on a Service: * `run.googleapis.com/ingress` sets the ingress settings for the Service. See [the ingress settings documentation](/run/docs/securing/ingress) for details on configuring ingress settings. * `run.googleapis.com/ingress-status` is output-only and contains the currently active ingress settings for the Service. `run.googleapis.com/ingress-status` may differ from `run.googleapis.com/ingress` while the system is processing a change to `run.googleapis.com/ingress` or if the system failed to process a change to `run.googleapis.com/ingress`. When the system has processed all changes successfully `run.googleapis.com/ingress-status` and `run.googleapis.com/ingress` are equal.
-    "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+  "apiVersion": "A String", # The API version for this call. It must be "serving.knative.dev/v1".
+  "kind": "A String", # The kind of resource. It must be "Service".
+  "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Service, including name, namespace, labels, and annotations. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. The following Cloud Run-specific annotations are accepted in Service.metadata.annotations. * `run.googleapis.com/binary-authorization-breakglass` * `run.googleapis.com/binary-authorization` * `run.googleapis.com/client-name` * `run.googleapis.com/custom-audiences` * `run.googleapis.com/description` * `run.googleapis.com/gc-traffic-tags` * `run.googleapis.com/ingress` * `run.googleapis.com/ingress` sets the ingress settings for the Service. See [the ingress settings documentation](/run/docs/securing/ingress) for details on configuring ingress settings. * `run.googleapis.com/ingress-status` is output-only and contains the currently active ingress settings for the Service. `run.googleapis.com/ingress-status` may differ from `run.googleapis.com/ingress` while the system is processing a change to `run.googleapis.com/ingress` or if the system failed to process a change to `run.googleapis.com/ingress`. When the system has processed all changes successfully `run.googleapis.com/ingress-status` and `run.googleapis.com/ingress` are equal.
+    "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
       "a_key": "A String",
     },
-    "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-    "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-    "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+    "clusterName": "A String", # Not supported by Cloud Run
+    "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+    "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+    "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+    "finalizers": [ # Not supported by Cloud Run
       "A String",
     ],
-    "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-    "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-    "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+    "generateName": "A String", # Not supported by Cloud Run
+    "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+    "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
       "a_key": "A String",
     },
-    "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-    "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-    "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-      { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-        "apiVersion": "A String", # API version of the referent.
-        "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-        "controller": True or False, # If true, this reference points to the managing controller. +optional
-        "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-        "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+    "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+    "ownerReferences": [ # Not supported by Cloud Run
+      { # This is not supported or used by Cloud Run.
+        "apiVersion": "A String", # This is not supported or used by Cloud Run.
+        "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+        "controller": True or False, # This is not supported or used by Cloud Run.
+        "kind": "A String", # This is not supported or used by Cloud Run.
+        "name": "A String", # This is not supported or used by Cloud Run.
+        "uid": "A String", # This is not supported or used by Cloud Run.
       },
     ],
-    "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-    "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-    "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
+    "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
   },
-  "spec": { # ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s). # Spec holds the desired state of the Service (from the client).
-    "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out.
+  "spec": { # ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s). # Holds the desired state of the Service (from the client).
+    "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Holds the latest specification for the Revision to be stamped out.
       "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. The following annotation keys set properties of the created revision: * `autoscaling.knative.dev/minScale` sets the minimum number of instances. * `autoscaling.knative.dev/maxScale` sets the maximum number of instances. * `run.googleapis.com/cloudsql-instances` sets Cloud SQL connections. Multiple values should be comma separated. * `run.googleapis.com/vpc-access-connector` sets a Serverless VPC Access connector. * `run.googleapis.com/vpc-access-egress` sets VPC egress. Supported values are `all-traffic`, `all` (deprecated), and `private-ranges-only`. `all-traffic` and `all` provide the same functionality. `all` is deprecated but will continue to be supported. Prefer `all-traffic`.
-        "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+        "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
           "a_key": "A String",
         },
-        "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-        "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-        "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+        "clusterName": "A String", # Not supported by Cloud Run
+        "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+        "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+        "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+        "finalizers": [ # Not supported by Cloud Run
           "A String",
         ],
-        "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-        "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-        "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+        "generateName": "A String", # Not supported by Cloud Run
+        "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+        "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
           "a_key": "A String",
         },
-        "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-        "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-        "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-          { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-            "apiVersion": "A String", # API version of the referent.
-            "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-            "controller": True or False, # If true, this reference points to the managing controller. +optional
-            "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-            "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+        "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+        "ownerReferences": [ # Not supported by Cloud Run
+          { # This is not supported or used by Cloud Run.
+            "apiVersion": "A String", # This is not supported or used by Cloud Run.
+            "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+            "controller": True or False, # This is not supported or used by Cloud Run.
+            "kind": "A String", # This is not supported or used by Cloud Run.
+            "name": "A String", # This is not supported or used by Cloud Run.
+            "uid": "A String", # This is not supported or used by Cloud Run.
           },
         ],
-        "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-        "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-        "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+        "selfLink": "A String", # URL representing this object.
+        "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
       },
       "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
-        "containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run for Anthos: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler.
-        "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/serving/blob/main/docs/runtime-contract.md
+        "containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run: supported, defaults to 80
+        "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/specs/blob/main/specs/serving/runtime-contract.md
           { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime.
-            "args": [ # (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+            "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
               "A String",
             ],
-            "command": [
+            "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
               "A String",
             ],
-            "env": [ # (Optional) List of environment variables to set in the container.
+            "env": [ # List of environment variables to set in the container.
               { # EnvVar represents an environment variable present in a Container.
-                "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
-                "value": "A String", # (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
-                "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # (Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty.
-                  "configMapKeyRef": { # Not supported by Cloud Run Selects a key from a ConfigMap. # (Optional) Not supported by Cloud Run Selects a key of a ConfigMap.
-                    "key": "A String", # The key to select.
-                    "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                      "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "name": "A String", # Required. Name of the environment variable. Must be a C_IDENTIFIER.
+                "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
+                "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # Source for the environment variable's value. Only supports secret_key_ref. Cannot be used if value is not empty.
+                  "configMapKeyRef": { # Not supported by Cloud Run. Selects a key from a ConfigMap. # Not supported by Cloud Run. Selects a key of a ConfigMap.
+                    "key": "A String", # Required. The key to select.
+                    "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                      "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                     },
-                    "name": "A String", # The ConfigMap to select from.
-                    "optional": True or False, # (Optional) Specify whether the ConfigMap or its key must be defined
+                    "name": "A String", # Required. The ConfigMap to select from.
+                    "optional": True or False, # Specify whether the ConfigMap or its key must be defined
                   },
-                  "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # (Optional) Selects a key (version) of a secret in Secret Manager.
-                    "key": "A String", # A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
-                    "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                      "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                  "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # Selects a key (version) of a secret in Secret Manager.
+                    "key": "A String", # Required. A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
+                    "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                      "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                     },
                     "name": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from.
-                    "optional": True or False, # (Optional) Specify whether the Secret or its key must be defined
+                    "optional": True or False, # Specify whether the Secret or its key must be defined.
                   },
                 },
               },
             ],
-            "envFrom": [ # (Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
-              { # Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps
-                "configMapRef": { # Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # (Optional) The ConfigMap to select from
-                  "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                    "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+            "envFrom": [ # Not supported by Cloud Run.
+              { # Not supported by Cloud Run. EnvFromSource represents the source of a set of ConfigMaps
+                "configMapRef": { # Not supported by Cloud Run. ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from
+                  "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                    "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                   },
                   "name": "A String", # The ConfigMap to select from.
-                  "optional": True or False, # (Optional) Specify whether the ConfigMap must be defined
+                  "optional": True or False, # Specify whether the ConfigMap must be defined.
                 },
-                "prefix": "A String", # (Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
-                "secretRef": { # Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # (Optional) The Secret to select from
-                  "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                    "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
+                "secretRef": { # Not supported by Cloud Run. SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from
+                  "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                    "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                   },
                   "name": "A String", # The Secret to select from.
-                  "optional": True or False, # (Optional) Specify whether the Secret must be defined
+                  "optional": True or False, # Specify whether the Secret must be defined
                 },
               },
             ],
-            "image": "A String", # Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images
-            "imagePullPolicy": "A String", # (Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
-            "livenessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "image": "A String", # Required. URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images
+            "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
+            "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "name": "A String", # (Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
-            "ports": [ # (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
+            "name": "A String", # Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
+            "ports": [ # List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
               { # ContainerPort represents a network port in a single container.
-                "containerPort": 42, # (Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536.
-                "name": "A String", # (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
-                "protocol": "A String", # (Optional) Protocol for port. Must be "TCP". Defaults to "TCP".
+                "containerPort": 42, # Port number the container listens on. This must be a valid port number, 0 < x < 65536.
+                "name": "A String", # If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
+                "protocol": "A String", # Protocol for port. Must be "TCP". Defaults to "TCP".
               },
             ],
-            "readinessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Not supported by Cloud Run.
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "resources": { # ResourceRequirements describes the compute resource requirements. # (Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
-              "limits": { # (Optional) Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+            "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+              "limits": { # Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                 "a_key": "A String",
               },
-              "requests": { # (Optional) Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+              "requests": { # Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                 "a_key": "A String",
               },
             },
-            "securityContext": { # Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # (Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
-              "runAsUser": 42, # (Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+            "securityContext": { # Not supported by Cloud Run. SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Not supported by Cloud Run.
+              "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
             },
-            "startupProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "startupProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not receive traffic if the probe fails. If not provided, a default startup probe with TCP socket action is used. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "terminationMessagePath": "A String", # (Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
-            "terminationMessagePolicy": "A String", # (Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
-            "volumeMounts": [ # (Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
+            "terminationMessagePath": "A String", # Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
+            "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
+            "volumeMounts": [ # Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
               { # VolumeMount describes a mounting of a Volume within a container.
-                "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'.
-                "name": "A String", # The name of the volume. There must be a corresponding Volume with the same name.
-                "readOnly": True or False, # (Optional) Only true is accepted. Defaults to true.
-                "subPath": "A String", # (Optional) Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
+                "mountPath": "A String", # Required. Path within the container at which the volume should be mounted. Must not contain ':'.
+                "name": "A String", # Required. The name of the volume. There must be a corresponding Volume with the same name.
+                "readOnly": True or False, # Only true is accepted for Secret Volumes. Defaults to true for Secrets Volumes.
+                "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
               },
             ],
-            "workingDir": "A String", # (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
+            "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
           },
         ],
-        "enableServiceLinks": True or False, # Indicates whether information about services should be injected into pod's environment variables, matching the syntax of Docker links. Cloud Run fully managed: Not supported. Cloud Run for Anthos: supported, defaults to true.
-        "imagePullSecrets": [ # ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet. More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod Cloud Run fully managed: Not supported. Cloud Run for Anthos: supported.
-          { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
-            "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+        "enableServiceLinks": True or False, # Not supported by Cloud Run.
+        "imagePullSecrets": [ # Not supported by Cloud Run.
+          { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
+            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
           },
         ],
         "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account.
-        "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run fully managed: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour). Cloud Run for Anthos: defaults to 300 seconds (5 minutes). Maximum allowed value is configurable by the cluster operator.
+        "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour).
         "volumes": [
           { # Volume represents a named volume in a container.
-            "configMap": { # Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
+            "configMap": { # Not supported by Cloud Run. Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
               "defaultMode": 42, # (Optional) Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
               "items": [ # (Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
                 { # Maps a string key to a path within a volume.
@@ -379,25 +379,25 @@ 
Method Details

               "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
             },
             "name": "A String", # Volume's name. In Cloud Run Fully Managed, the name 'cloudsql' is reserved.
-            "secret": { # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names.
+            "secret": { # A volume representing a secret stored in Google Secret Manager. The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secretName.
               "defaultMode": 42, # Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0444. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
-              "items": [ # (Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
+              "items": [ # A list of secret versions to mount in the volume. If no items are specified, the volume will expose a file with the same name as the secret name. The contents of the file will be the data in the latest version of the secret. If items are specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify both a key and a path.
                 { # Maps a string key to a path within a volume.
                   "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project.
                   "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                   "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                 },
               ],
-              "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
+              "optional": True or False, # Not supported by Cloud Run.
               "secretName": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use.
             },
           },
         ],
       },
     },
-    "traffic": [ # Traffic specifies how to distribute traffic over a collection of Knative Revisions and Configurations.
+    "traffic": [ # Specifies how to distribute traffic over a collection of Knative Revisions and Configurations to the Service's main URL.
       { # TrafficTarget holds a single entry of the routing table for a Route.
-        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
+        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision which will be sent this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, traffic will automatically migrate from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
         "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty.
         "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified.
         "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName.
@@ -406,26 +406,26 @@ 
Method Details

       },
     ],
   },
-  "status": { # The current state of the Service. Output only. # Status communicates the observed state of the Service (from the controller).
-    "address": { # Information for connecting over HTTP(s). # From RouteStatus. Similar to url, information on where the service is available on HTTP.
+  "status": { # The current state of the Service. Output only. # Communicates the system-controlled state of the Service.
+    "address": { # Information for connecting over HTTP(s). # Similar to url, information on where the service is available on HTTP.
       "url": "A String",
     },
-    "conditions": [ # Conditions communicates information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world. Service-specific conditions include: * "ConfigurationsReady": true when the underlying Configuration is ready. * "RoutesReady": true when the underlying Route is ready. * "Ready": true when both the underlying Route and Configuration are ready.
-      { # Condition defines a generic condition for a Resource.
+    "conditions": [ # Communicates information about ongoing/complete reconciliation processes that bring the `spec` inline with the observed state of the world. Service-specific conditions include: * `ConfigurationsReady`: `True` when the underlying Configuration is ready. * `RoutesReady`: `True` when the underlying Route is ready. * `Ready`: `True` when all underlying resources are ready.
+      { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
         "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
         "message": "A String", # Optional. Human readable message indicating details about the current status.
-        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-        "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+        "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
         "status": "A String", # Status of the condition, one of True, False, Unknown.
-        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
       },
     ],
-    "latestCreatedRevisionName": "A String", # From ConfigurationStatus. LatestCreatedRevisionName is the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName.
-    "latestReadyRevisionName": "A String", # From ConfigurationStatus. LatestReadyRevisionName holds the name of the latest Revision stamped out from this Service's Configuration that has had its "Ready" condition become "True".
-    "observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Route that was last processed by the controller. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False.
-    "traffic": [ # From RouteStatus. Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed.
+    "latestCreatedRevisionName": "A String", # Name of the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName.
+    "latestReadyRevisionName": "A String", # Name of the latest Revision from this Service's Configuration that has had its `Ready` condition become `True`.
+    "observedGeneration": 42, # Returns the generation last fully processed by the system. This will only match metadata.generation when reconciliation is complete. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False.
+    "traffic": [ # Holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed.
       { # TrafficTarget holds a single entry of the routing table for a Route.
-        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
+        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision which will be sent this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, traffic will automatically migrate from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
         "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty.
         "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified.
         "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName.
@@ -433,7 +433,7 @@ 
Method Details

         "url": "A String", # Output only. URL displays the URL for accessing tagged traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. https://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.)
       },
     ],
-    "url": "A String", # From RouteStatus. URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app
+    "url": "A String", # URL that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app
   },
 }
 
@@ -447,265 +447,265 @@ 
Method Details

   An object of the form:
 
     { # Service acts as a top-level container that manages a set of Routes and Configurations which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets). The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#service
-  "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1".
-  "kind": "A String", # The kind of resource, in this case "Service".
-  "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Service, including name, namespace, labels, and annotations. Cloud Run (fully managed) uses the following annotation keys to configure features on a Service: * `run.googleapis.com/ingress` sets the ingress settings for the Service. See [the ingress settings documentation](/run/docs/securing/ingress) for details on configuring ingress settings. * `run.googleapis.com/ingress-status` is output-only and contains the currently active ingress settings for the Service. `run.googleapis.com/ingress-status` may differ from `run.googleapis.com/ingress` while the system is processing a change to `run.googleapis.com/ingress` or if the system failed to process a change to `run.googleapis.com/ingress`. When the system has processed all changes successfully `run.googleapis.com/ingress-status` and `run.googleapis.com/ingress` are equal.
-    "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+  "apiVersion": "A String", # The API version for this call. It must be "serving.knative.dev/v1".
+  "kind": "A String", # The kind of resource. It must be "Service".
+  "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Service, including name, namespace, labels, and annotations. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. The following Cloud Run-specific annotations are accepted in Service.metadata.annotations. * `run.googleapis.com/binary-authorization-breakglass` * `run.googleapis.com/binary-authorization` * `run.googleapis.com/client-name` * `run.googleapis.com/custom-audiences` * `run.googleapis.com/description` * `run.googleapis.com/gc-traffic-tags` * `run.googleapis.com/ingress` * `run.googleapis.com/ingress` sets the ingress settings for the Service. See [the ingress settings documentation](/run/docs/securing/ingress) for details on configuring ingress settings. * `run.googleapis.com/ingress-status` is output-only and contains the currently active ingress settings for the Service. `run.googleapis.com/ingress-status` may differ from `run.googleapis.com/ingress` while the system is processing a change to `run.googleapis.com/ingress` or if the system failed to process a change to `run.googleapis.com/ingress`. When the system has processed all changes successfully `run.googleapis.com/ingress-status` and `run.googleapis.com/ingress` are equal.
+    "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
       "a_key": "A String",
     },
-    "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-    "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-    "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+    "clusterName": "A String", # Not supported by Cloud Run
+    "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+    "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+    "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+    "finalizers": [ # Not supported by Cloud Run
       "A String",
     ],
-    "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-    "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-    "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+    "generateName": "A String", # Not supported by Cloud Run
+    "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+    "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
       "a_key": "A String",
     },
-    "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-    "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-    "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-      { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-        "apiVersion": "A String", # API version of the referent.
-        "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-        "controller": True or False, # If true, this reference points to the managing controller. +optional
-        "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-        "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+    "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+    "ownerReferences": [ # Not supported by Cloud Run
+      { # This is not supported or used by Cloud Run.
+        "apiVersion": "A String", # This is not supported or used by Cloud Run.
+        "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+        "controller": True or False, # This is not supported or used by Cloud Run.
+        "kind": "A String", # This is not supported or used by Cloud Run.
+        "name": "A String", # This is not supported or used by Cloud Run.
+        "uid": "A String", # This is not supported or used by Cloud Run.
       },
     ],
-    "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-    "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-    "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
+    "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
   },
-  "spec": { # ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s). # Spec holds the desired state of the Service (from the client).
-    "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out.
+  "spec": { # ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s). # Holds the desired state of the Service (from the client).
+    "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Holds the latest specification for the Revision to be stamped out.
       "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. The following annotation keys set properties of the created revision: * `autoscaling.knative.dev/minScale` sets the minimum number of instances. * `autoscaling.knative.dev/maxScale` sets the maximum number of instances. * `run.googleapis.com/cloudsql-instances` sets Cloud SQL connections. Multiple values should be comma separated. * `run.googleapis.com/vpc-access-connector` sets a Serverless VPC Access connector. * `run.googleapis.com/vpc-access-egress` sets VPC egress. Supported values are `all-traffic`, `all` (deprecated), and `private-ranges-only`. `all-traffic` and `all` provide the same functionality. `all` is deprecated but will continue to be supported. Prefer `all-traffic`.
-        "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+        "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
           "a_key": "A String",
         },
-        "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-        "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-        "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+        "clusterName": "A String", # Not supported by Cloud Run
+        "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+        "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+        "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+        "finalizers": [ # Not supported by Cloud Run
           "A String",
         ],
-        "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-        "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-        "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+        "generateName": "A String", # Not supported by Cloud Run
+        "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+        "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
           "a_key": "A String",
         },
-        "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-        "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-        "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-          { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-            "apiVersion": "A String", # API version of the referent.
-            "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-            "controller": True or False, # If true, this reference points to the managing controller. +optional
-            "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-            "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+        "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+        "ownerReferences": [ # Not supported by Cloud Run
+          { # This is not supported or used by Cloud Run.
+            "apiVersion": "A String", # This is not supported or used by Cloud Run.
+            "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+            "controller": True or False, # This is not supported or used by Cloud Run.
+            "kind": "A String", # This is not supported or used by Cloud Run.
+            "name": "A String", # This is not supported or used by Cloud Run.
+            "uid": "A String", # This is not supported or used by Cloud Run.
           },
         ],
-        "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-        "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-        "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+        "selfLink": "A String", # URL representing this object.
+        "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
       },
       "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
-        "containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run for Anthos: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler.
-        "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/serving/blob/main/docs/runtime-contract.md
+        "containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run: supported, defaults to 80
+        "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/specs/blob/main/specs/serving/runtime-contract.md
           { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime.
-            "args": [ # (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+            "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
               "A String",
             ],
-            "command": [
+            "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
               "A String",
             ],
-            "env": [ # (Optional) List of environment variables to set in the container.
+            "env": [ # List of environment variables to set in the container.
               { # EnvVar represents an environment variable present in a Container.
-                "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
-                "value": "A String", # (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
-                "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # (Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty.
-                  "configMapKeyRef": { # Not supported by Cloud Run Selects a key from a ConfigMap. # (Optional) Not supported by Cloud Run Selects a key of a ConfigMap.
-                    "key": "A String", # The key to select.
-                    "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                      "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "name": "A String", # Required. Name of the environment variable. Must be a C_IDENTIFIER.
+                "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
+                "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # Source for the environment variable's value. Only supports secret_key_ref. Cannot be used if value is not empty.
+                  "configMapKeyRef": { # Not supported by Cloud Run. Selects a key from a ConfigMap. # Not supported by Cloud Run. Selects a key of a ConfigMap.
+                    "key": "A String", # Required. The key to select.
+                    "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                      "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                     },
-                    "name": "A String", # The ConfigMap to select from.
-                    "optional": True or False, # (Optional) Specify whether the ConfigMap or its key must be defined
+                    "name": "A String", # Required. The ConfigMap to select from.
+                    "optional": True or False, # Specify whether the ConfigMap or its key must be defined
                   },
-                  "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # (Optional) Selects a key (version) of a secret in Secret Manager.
-                    "key": "A String", # A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
-                    "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                      "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                  "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # Selects a key (version) of a secret in Secret Manager.
+                    "key": "A String", # Required. A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
+                    "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                      "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                     },
                     "name": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from.
-                    "optional": True or False, # (Optional) Specify whether the Secret or its key must be defined
+                    "optional": True or False, # Specify whether the Secret or its key must be defined.
                   },
                 },
               },
             ],
-            "envFrom": [ # (Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
-              { # Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps
-                "configMapRef": { # Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # (Optional) The ConfigMap to select from
-                  "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                    "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+            "envFrom": [ # Not supported by Cloud Run.
+              { # Not supported by Cloud Run. EnvFromSource represents the source of a set of ConfigMaps
+                "configMapRef": { # Not supported by Cloud Run. ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from
+                  "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                    "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                   },
                   "name": "A String", # The ConfigMap to select from.
-                  "optional": True or False, # (Optional) Specify whether the ConfigMap must be defined
+                  "optional": True or False, # Specify whether the ConfigMap must be defined.
                 },
-                "prefix": "A String", # (Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
-                "secretRef": { # Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # (Optional) The Secret to select from
-                  "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                    "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
+                "secretRef": { # Not supported by Cloud Run. SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from
+                  "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                    "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                   },
                   "name": "A String", # The Secret to select from.
-                  "optional": True or False, # (Optional) Specify whether the Secret must be defined
+                  "optional": True or False, # Specify whether the Secret must be defined
                 },
               },
             ],
-            "image": "A String", # Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images
-            "imagePullPolicy": "A String", # (Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
-            "livenessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "image": "A String", # Required. URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images
+            "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
+            "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "name": "A String", # (Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
-            "ports": [ # (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
+            "name": "A String", # Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
+            "ports": [ # List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
               { # ContainerPort represents a network port in a single container.
-                "containerPort": 42, # (Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536.
-                "name": "A String", # (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
-                "protocol": "A String", # (Optional) Protocol for port. Must be "TCP". Defaults to "TCP".
+                "containerPort": 42, # Port number the container listens on. This must be a valid port number, 0 < x < 65536.
+                "name": "A String", # If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
+                "protocol": "A String", # Protocol for port. Must be "TCP". Defaults to "TCP".
               },
             ],
-            "readinessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Not supported by Cloud Run.
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "resources": { # ResourceRequirements describes the compute resource requirements. # (Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
-              "limits": { # (Optional) Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+            "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+              "limits": { # Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                 "a_key": "A String",
               },
-              "requests": { # (Optional) Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+              "requests": { # Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                 "a_key": "A String",
               },
             },
-            "securityContext": { # Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # (Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
-              "runAsUser": 42, # (Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+            "securityContext": { # Not supported by Cloud Run. SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Not supported by Cloud Run.
+              "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
             },
-            "startupProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "startupProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not receive traffic if the probe fails. If not provided, a default startup probe with TCP socket action is used. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "terminationMessagePath": "A String", # (Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
-            "terminationMessagePolicy": "A String", # (Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
-            "volumeMounts": [ # (Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
+            "terminationMessagePath": "A String", # Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
+            "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
+            "volumeMounts": [ # Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
               { # VolumeMount describes a mounting of a Volume within a container.
-                "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'.
-                "name": "A String", # The name of the volume. There must be a corresponding Volume with the same name.
-                "readOnly": True or False, # (Optional) Only true is accepted. Defaults to true.
-                "subPath": "A String", # (Optional) Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
+                "mountPath": "A String", # Required. Path within the container at which the volume should be mounted. Must not contain ':'.
+                "name": "A String", # Required. The name of the volume. There must be a corresponding Volume with the same name.
+                "readOnly": True or False, # Only true is accepted for Secret Volumes. Defaults to true for Secrets Volumes.
+                "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
               },
             ],
-            "workingDir": "A String", # (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
+            "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
           },
         ],
-        "enableServiceLinks": True or False, # Indicates whether information about services should be injected into pod's environment variables, matching the syntax of Docker links. Cloud Run fully managed: Not supported. Cloud Run for Anthos: supported, defaults to true.
-        "imagePullSecrets": [ # ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet. More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod Cloud Run fully managed: Not supported. Cloud Run for Anthos: supported.
-          { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
-            "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+        "enableServiceLinks": True or False, # Not supported by Cloud Run.
+        "imagePullSecrets": [ # Not supported by Cloud Run.
+          { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
+            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
           },
         ],
         "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account.
-        "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run fully managed: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour). Cloud Run for Anthos: defaults to 300 seconds (5 minutes). Maximum allowed value is configurable by the cluster operator.
+        "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour).
         "volumes": [
           { # Volume represents a named volume in a container.
-            "configMap": { # Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
+            "configMap": { # Not supported by Cloud Run. Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
               "defaultMode": 42, # (Optional) Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
               "items": [ # (Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
                 { # Maps a string key to a path within a volume.
@@ -718,25 +718,25 @@ 
Method Details

               "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
             },
             "name": "A String", # Volume's name. In Cloud Run Fully Managed, the name 'cloudsql' is reserved.
-            "secret": { # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names.
+            "secret": { # A volume representing a secret stored in Google Secret Manager. The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secretName.
               "defaultMode": 42, # Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0444. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
-              "items": [ # (Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
+              "items": [ # A list of secret versions to mount in the volume. If no items are specified, the volume will expose a file with the same name as the secret name. The contents of the file will be the data in the latest version of the secret. If items are specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify both a key and a path.
                 { # Maps a string key to a path within a volume.
                   "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project.
                   "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                   "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                 },
               ],
-              "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
+              "optional": True or False, # Not supported by Cloud Run.
               "secretName": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use.
             },
           },
         ],
       },
     },
-    "traffic": [ # Traffic specifies how to distribute traffic over a collection of Knative Revisions and Configurations.
+    "traffic": [ # Specifies how to distribute traffic over a collection of Knative Revisions and Configurations to the Service's main URL.
       { # TrafficTarget holds a single entry of the routing table for a Route.
-        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
+        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision which will be sent this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, traffic will automatically migrate from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
         "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty.
         "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified.
         "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName.
@@ -745,26 +745,26 @@ 
Method Details

       },
     ],
   },
-  "status": { # The current state of the Service. Output only. # Status communicates the observed state of the Service (from the controller).
-    "address": { # Information for connecting over HTTP(s). # From RouteStatus. Similar to url, information on where the service is available on HTTP.
+  "status": { # The current state of the Service. Output only. # Communicates the system-controlled state of the Service.
+    "address": { # Information for connecting over HTTP(s). # Similar to url, information on where the service is available on HTTP.
       "url": "A String",
     },
-    "conditions": [ # Conditions communicates information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world. Service-specific conditions include: * "ConfigurationsReady": true when the underlying Configuration is ready. * "RoutesReady": true when the underlying Route is ready. * "Ready": true when both the underlying Route and Configuration are ready.
-      { # Condition defines a generic condition for a Resource.
+    "conditions": [ # Communicates information about ongoing/complete reconciliation processes that bring the `spec` inline with the observed state of the world. Service-specific conditions include: * `ConfigurationsReady`: `True` when the underlying Configuration is ready. * `RoutesReady`: `True` when the underlying Route is ready. * `Ready`: `True` when all underlying resources are ready.
+      { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
         "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
         "message": "A String", # Optional. Human readable message indicating details about the current status.
-        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-        "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+        "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
         "status": "A String", # Status of the condition, one of True, False, Unknown.
-        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
       },
     ],
-    "latestCreatedRevisionName": "A String", # From ConfigurationStatus. LatestCreatedRevisionName is the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName.
-    "latestReadyRevisionName": "A String", # From ConfigurationStatus. LatestReadyRevisionName holds the name of the latest Revision stamped out from this Service's Configuration that has had its "Ready" condition become "True".
-    "observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Route that was last processed by the controller. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False.
-    "traffic": [ # From RouteStatus. Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed.
+    "latestCreatedRevisionName": "A String", # Name of the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName.
+    "latestReadyRevisionName": "A String", # Name of the latest Revision from this Service's Configuration that has had its `Ready` condition become `True`.
+    "observedGeneration": 42, # Returns the generation last fully processed by the system. This will only match metadata.generation when reconciliation is complete. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False.
+    "traffic": [ # Holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed.
       { # TrafficTarget holds a single entry of the routing table for a Route.
-        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
+        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision which will be sent this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, traffic will automatically migrate from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
         "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty.
         "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified.
         "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName.
@@ -772,21 +772,21 @@ 
Method Details

         "url": "A String", # Output only. URL displays the URL for accessing tagged traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. https://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.)
       },
     ],
-    "url": "A String", # From RouteStatus. URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app
+    "url": "A String", # URL that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app
   },
 }

 

 
 

     delete(name, apiVersion=None, dryRun=None, kind=None, propagationPolicy=None, x__xgafv=None)
-  
Delete a service. This will cause the Service to stop serving traffic and will delete the child entities like Routes, Configurations and Revisions.
+  
Deletes the provided service. This will cause the Service to stop serving traffic and will delete all associated Revisions.
 
 Args:
-  name: string, The name of the service to delete. For Cloud Run (fully managed), replace {namespace} with the project ID or number. It takes the form namespaces/{namespace}. For example: namespaces/PROJECT_ID (required)
-  apiVersion: string, Cloud Run currently ignores this parameter.
+  name: string, The fully qualified name of the service to delete. It can be any of the following forms: * `namespaces/{project_id_or_number}/services/{service_name}` * `projects/{project_id_or_number}/locations/{region}/services/{service_name}` * `projects/{project_id_or_number}/regions/{region}/services/{service_name}` (required)
+  apiVersion: string, Not supported, and ignored by Cloud Run.
   dryRun: string, Indicates that the server should validate the request and populate default values without persisting the request. Supported values: `all`
-  kind: string, Cloud Run currently ignores this parameter.
-  propagationPolicy: string, Specifies the propagation policy of delete. Cloud Run currently ignores this setting, and deletes in the background. Please see kubernetes.io/docs/concepts/workloads/controllers/garbage-collection/ for more information.
+  kind: string, Not supported, and ignored by Cloud Run.
+  propagationPolicy: string, Not supported, and ignored by Cloud Run.
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -795,39 +795,39 @@ 
Method Details

 Returns:
   An object of the form:
 
-    { # Status is a return value for calls that don't return other objects
-  "code": 42, # Suggested HTTP return code for this status, 0 if not set. +optional
-  "details": { # StatusDetails is a set of additional properties that MAY be set by the server to provide additional information about a response. The Reason field of a Status object defines what attributes will be set. Clients must ignore fields that do not match the defined type of each attribute, and should assume that any attribute may be empty, invalid, or under defined. # Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type. +optional
-    "causes": [ # The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes. +optional
+    { # Status is a return value for calls that don't return other objects.
+  "code": 42, # Suggested HTTP return code for this status, 0 if not set.
+  "details": { # StatusDetails is a set of additional properties that MAY be set by the server to provide additional information about a response. The Reason field of a Status object defines what attributes will be set. Clients must ignore fields that do not match the defined type of each attribute, and should assume that any attribute may be empty, invalid, or under defined. # Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type.
+    "causes": [ # The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes.
       { # StatusCause provides more information about an api.Status failure, including cases when multiple errors are encountered.
-        "field": "A String", # The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. Examples: "name" - the field "name" on the current resource "items[0].name" - the field "name" on the first array entry in "items" +optional
-        "message": "A String", # A human-readable description of the cause of the error. This field may be presented as-is to a reader. +optional
-        "reason": "A String", # A machine-readable description of the cause of the error. If this value is empty there is no information available. +optional
+        "field": "A String", # The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Examples: "name" - the field "name" on the current resource "items[0].name" - the field "name" on the first array entry in "items"
+        "message": "A String", # A human-readable description of the cause of the error. This field may be presented as-is to a reader.
+        "reason": "A String", # A machine-readable description of the cause of the error. If this value is empty there is no information available.
       },
     ],
-    "group": "A String", # The group attribute of the resource associated with the status StatusReason. +optional
-    "kind": "A String", # The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +optional
-    "name": "A String", # The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described). +optional
-    "retryAfterSeconds": 42, # If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action. +optional
-    "uid": "A String", # UID of the resource. (when there is a single resource which can be described). More info: https://kubernetes.io/docs/user-guide/identifiers#uids +optional
+    "group": "A String", # The group attribute of the resource associated with the status StatusReason.
+    "kind": "A String", # The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+    "name": "A String", # The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described).
+    "retryAfterSeconds": 42, # If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action.
+    "uid": "A String", # UID of the resource. (when there is a single resource which can be described). More info: https://kubernetes.io/docs/user-guide/identifiers#uids
   },
-  "message": "A String", # A human-readable description of the status of this operation. +optional
-  "metadata": { # ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}. # Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +optional
-    "continue": "A String", # continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response.
-    "resourceVersion": "A String", # String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional
-    "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional
+  "message": "A String", # A human-readable description of the status of this operation.
+  "metadata": { # Metadata for synthetic resources like List. In Cloud Run, all List Resources Responses will have a ListMeta instead of ObjectMeta. # Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+    "continue": "A String", # Continuation token is a value emitted when the count of items is larger than the user/system limit. To retrieve the next page of items, pass the value of `continue` as the next request's `page_token`.
+    "resourceVersion": "A String", # Opaque string that identifies the server's internal version of this object. It can be used by clients to determine when objects have changed. If the message is passed back to the server, it must be left unmodified. https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
   },
-  "reason": "A String", # A machine-readable description of why this operation is in the "Failure" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it. +optional
-  "status": "A String", # Status of the operation. One of: "Success" or "Failure". More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status +optional
+  "reason": "A String", # A machine-readable description of why this operation is in the "Failure" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it.
+  "status": "A String", # Status of the operation. One of: "Success" or "Failure". More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
 }

 

 
 

     get(name, x__xgafv=None)
-  
Get information about a service.
+  
Gets information about a service.
 
 Args:
-  name: string, The name of the service to retrieve. For Cloud Run (fully managed), replace {namespace} with the project ID or number. It takes the form namespaces/{namespace}. For example: namespaces/PROJECT_ID (required)
+  name: string, The fully qualified name of the service to retrieve. It can be any of the following forms: * `namespaces/{project_id_or_number}/services/{service_name}` * `projects/{project_id_or_number}/locations/{region}/services/{service_name}` * `projects/{project_id_or_number}/regions/{region}/services/{service_name}` (required)
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -837,265 +837,265 @@ 
Method Details

   An object of the form:
 
     { # Service acts as a top-level container that manages a set of Routes and Configurations which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets). The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#service
-  "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1".
-  "kind": "A String", # The kind of resource, in this case "Service".
-  "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Service, including name, namespace, labels, and annotations. Cloud Run (fully managed) uses the following annotation keys to configure features on a Service: * `run.googleapis.com/ingress` sets the ingress settings for the Service. See [the ingress settings documentation](/run/docs/securing/ingress) for details on configuring ingress settings. * `run.googleapis.com/ingress-status` is output-only and contains the currently active ingress settings for the Service. `run.googleapis.com/ingress-status` may differ from `run.googleapis.com/ingress` while the system is processing a change to `run.googleapis.com/ingress` or if the system failed to process a change to `run.googleapis.com/ingress`. When the system has processed all changes successfully `run.googleapis.com/ingress-status` and `run.googleapis.com/ingress` are equal.
-    "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+  "apiVersion": "A String", # The API version for this call. It must be "serving.knative.dev/v1".
+  "kind": "A String", # The kind of resource. It must be "Service".
+  "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Service, including name, namespace, labels, and annotations. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. The following Cloud Run-specific annotations are accepted in Service.metadata.annotations. * `run.googleapis.com/binary-authorization-breakglass` * `run.googleapis.com/binary-authorization` * `run.googleapis.com/client-name` * `run.googleapis.com/custom-audiences` * `run.googleapis.com/description` * `run.googleapis.com/gc-traffic-tags` * `run.googleapis.com/ingress` * `run.googleapis.com/ingress` sets the ingress settings for the Service. See [the ingress settings documentation](/run/docs/securing/ingress) for details on configuring ingress settings. * `run.googleapis.com/ingress-status` is output-only and contains the currently active ingress settings for the Service. `run.googleapis.com/ingress-status` may differ from `run.googleapis.com/ingress` while the system is processing a change to `run.googleapis.com/ingress` or if the system failed to process a change to `run.googleapis.com/ingress`. When the system has processed all changes successfully `run.googleapis.com/ingress-status` and `run.googleapis.com/ingress` are equal.
+    "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
       "a_key": "A String",
     },
-    "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-    "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-    "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+    "clusterName": "A String", # Not supported by Cloud Run
+    "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+    "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+    "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+    "finalizers": [ # Not supported by Cloud Run
       "A String",
     ],
-    "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-    "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-    "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+    "generateName": "A String", # Not supported by Cloud Run
+    "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+    "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
       "a_key": "A String",
     },
-    "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-    "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-    "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-      { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-        "apiVersion": "A String", # API version of the referent.
-        "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-        "controller": True or False, # If true, this reference points to the managing controller. +optional
-        "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-        "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+    "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+    "ownerReferences": [ # Not supported by Cloud Run
+      { # This is not supported or used by Cloud Run.
+        "apiVersion": "A String", # This is not supported or used by Cloud Run.
+        "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+        "controller": True or False, # This is not supported or used by Cloud Run.
+        "kind": "A String", # This is not supported or used by Cloud Run.
+        "name": "A String", # This is not supported or used by Cloud Run.
+        "uid": "A String", # This is not supported or used by Cloud Run.
       },
     ],
-    "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-    "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-    "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
+    "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
   },
-  "spec": { # ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s). # Spec holds the desired state of the Service (from the client).
-    "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out.
+  "spec": { # ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s). # Holds the desired state of the Service (from the client).
+    "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Holds the latest specification for the Revision to be stamped out.
       "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. The following annotation keys set properties of the created revision: * `autoscaling.knative.dev/minScale` sets the minimum number of instances. * `autoscaling.knative.dev/maxScale` sets the maximum number of instances. * `run.googleapis.com/cloudsql-instances` sets Cloud SQL connections. Multiple values should be comma separated. * `run.googleapis.com/vpc-access-connector` sets a Serverless VPC Access connector. * `run.googleapis.com/vpc-access-egress` sets VPC egress. Supported values are `all-traffic`, `all` (deprecated), and `private-ranges-only`. `all-traffic` and `all` provide the same functionality. `all` is deprecated but will continue to be supported. Prefer `all-traffic`.
-        "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+        "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
           "a_key": "A String",
         },
-        "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-        "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-        "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+        "clusterName": "A String", # Not supported by Cloud Run
+        "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+        "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+        "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+        "finalizers": [ # Not supported by Cloud Run
           "A String",
         ],
-        "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-        "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-        "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+        "generateName": "A String", # Not supported by Cloud Run
+        "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+        "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
           "a_key": "A String",
         },
-        "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-        "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-        "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-          { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-            "apiVersion": "A String", # API version of the referent.
-            "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-            "controller": True or False, # If true, this reference points to the managing controller. +optional
-            "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-            "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+        "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+        "ownerReferences": [ # Not supported by Cloud Run
+          { # This is not supported or used by Cloud Run.
+            "apiVersion": "A String", # This is not supported or used by Cloud Run.
+            "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+            "controller": True or False, # This is not supported or used by Cloud Run.
+            "kind": "A String", # This is not supported or used by Cloud Run.
+            "name": "A String", # This is not supported or used by Cloud Run.
+            "uid": "A String", # This is not supported or used by Cloud Run.
           },
         ],
-        "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-        "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-        "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+        "selfLink": "A String", # URL representing this object.
+        "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
       },
       "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
-        "containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run for Anthos: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler.
-        "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/serving/blob/main/docs/runtime-contract.md
+        "containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run: supported, defaults to 80
+        "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/specs/blob/main/specs/serving/runtime-contract.md
           { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime.
-            "args": [ # (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+            "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
               "A String",
             ],
-            "command": [
+            "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
               "A String",
             ],
-            "env": [ # (Optional) List of environment variables to set in the container.
+            "env": [ # List of environment variables to set in the container.
               { # EnvVar represents an environment variable present in a Container.
-                "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
-                "value": "A String", # (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
-                "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # (Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty.
-                  "configMapKeyRef": { # Not supported by Cloud Run Selects a key from a ConfigMap. # (Optional) Not supported by Cloud Run Selects a key of a ConfigMap.
-                    "key": "A String", # The key to select.
-                    "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                      "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "name": "A String", # Required. Name of the environment variable. Must be a C_IDENTIFIER.
+                "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
+                "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # Source for the environment variable's value. Only supports secret_key_ref. Cannot be used if value is not empty.
+                  "configMapKeyRef": { # Not supported by Cloud Run. Selects a key from a ConfigMap. # Not supported by Cloud Run. Selects a key of a ConfigMap.
+                    "key": "A String", # Required. The key to select.
+                    "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                      "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                     },
-                    "name": "A String", # The ConfigMap to select from.
-                    "optional": True or False, # (Optional) Specify whether the ConfigMap or its key must be defined
+                    "name": "A String", # Required. The ConfigMap to select from.
+                    "optional": True or False, # Specify whether the ConfigMap or its key must be defined
                   },
-                  "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # (Optional) Selects a key (version) of a secret in Secret Manager.
-                    "key": "A String", # A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
-                    "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                      "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                  "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # Selects a key (version) of a secret in Secret Manager.
+                    "key": "A String", # Required. A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
+                    "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                      "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                     },
                     "name": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from.
-                    "optional": True or False, # (Optional) Specify whether the Secret or its key must be defined
+                    "optional": True or False, # Specify whether the Secret or its key must be defined.
                   },
                 },
               },
             ],
-            "envFrom": [ # (Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
-              { # Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps
-                "configMapRef": { # Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # (Optional) The ConfigMap to select from
-                  "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                    "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+            "envFrom": [ # Not supported by Cloud Run.
+              { # Not supported by Cloud Run. EnvFromSource represents the source of a set of ConfigMaps
+                "configMapRef": { # Not supported by Cloud Run. ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from
+                  "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                    "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                   },
                   "name": "A String", # The ConfigMap to select from.
-                  "optional": True or False, # (Optional) Specify whether the ConfigMap must be defined
+                  "optional": True or False, # Specify whether the ConfigMap must be defined.
                 },
-                "prefix": "A String", # (Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
-                "secretRef": { # Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # (Optional) The Secret to select from
-                  "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                    "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
+                "secretRef": { # Not supported by Cloud Run. SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from
+                  "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                    "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                   },
                   "name": "A String", # The Secret to select from.
-                  "optional": True or False, # (Optional) Specify whether the Secret must be defined
+                  "optional": True or False, # Specify whether the Secret must be defined
                 },
               },
             ],
-            "image": "A String", # Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images
-            "imagePullPolicy": "A String", # (Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
-            "livenessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "image": "A String", # Required. URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images
+            "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
+            "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "name": "A String", # (Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
-            "ports": [ # (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
+            "name": "A String", # Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
+            "ports": [ # List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
               { # ContainerPort represents a network port in a single container.
-                "containerPort": 42, # (Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536.
-                "name": "A String", # (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
-                "protocol": "A String", # (Optional) Protocol for port. Must be "TCP". Defaults to "TCP".
+                "containerPort": 42, # Port number the container listens on. This must be a valid port number, 0 < x < 65536.
+                "name": "A String", # If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
+                "protocol": "A String", # Protocol for port. Must be "TCP". Defaults to "TCP".
               },
             ],
-            "readinessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Not supported by Cloud Run.
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "resources": { # ResourceRequirements describes the compute resource requirements. # (Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
-              "limits": { # (Optional) Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+            "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+              "limits": { # Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                 "a_key": "A String",
               },
-              "requests": { # (Optional) Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+              "requests": { # Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                 "a_key": "A String",
               },
             },
-            "securityContext": { # Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # (Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
-              "runAsUser": 42, # (Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+            "securityContext": { # Not supported by Cloud Run. SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Not supported by Cloud Run.
+              "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
             },
-            "startupProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "startupProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not receive traffic if the probe fails. If not provided, a default startup probe with TCP socket action is used. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "terminationMessagePath": "A String", # (Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
-            "terminationMessagePolicy": "A String", # (Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
-            "volumeMounts": [ # (Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
+            "terminationMessagePath": "A String", # Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
+            "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
+            "volumeMounts": [ # Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
               { # VolumeMount describes a mounting of a Volume within a container.
-                "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'.
-                "name": "A String", # The name of the volume. There must be a corresponding Volume with the same name.
-                "readOnly": True or False, # (Optional) Only true is accepted. Defaults to true.
-                "subPath": "A String", # (Optional) Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
+                "mountPath": "A String", # Required. Path within the container at which the volume should be mounted. Must not contain ':'.
+                "name": "A String", # Required. The name of the volume. There must be a corresponding Volume with the same name.
+                "readOnly": True or False, # Only true is accepted for Secret Volumes. Defaults to true for Secrets Volumes.
+                "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
               },
             ],
-            "workingDir": "A String", # (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
+            "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
           },
         ],
-        "enableServiceLinks": True or False, # Indicates whether information about services should be injected into pod's environment variables, matching the syntax of Docker links. Cloud Run fully managed: Not supported. Cloud Run for Anthos: supported, defaults to true.
-        "imagePullSecrets": [ # ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet. More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod Cloud Run fully managed: Not supported. Cloud Run for Anthos: supported.
-          { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
-            "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+        "enableServiceLinks": True or False, # Not supported by Cloud Run.
+        "imagePullSecrets": [ # Not supported by Cloud Run.
+          { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
+            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
           },
         ],
         "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account.
-        "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run fully managed: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour). Cloud Run for Anthos: defaults to 300 seconds (5 minutes). Maximum allowed value is configurable by the cluster operator.
+        "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour).
         "volumes": [
           { # Volume represents a named volume in a container.
-            "configMap": { # Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
+            "configMap": { # Not supported by Cloud Run. Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
               "defaultMode": 42, # (Optional) Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
               "items": [ # (Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
                 { # Maps a string key to a path within a volume.
@@ -1108,25 +1108,25 @@ 
Method Details

               "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
             },
             "name": "A String", # Volume's name. In Cloud Run Fully Managed, the name 'cloudsql' is reserved.
-            "secret": { # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names.
+            "secret": { # A volume representing a secret stored in Google Secret Manager. The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secretName.
               "defaultMode": 42, # Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0444. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
-              "items": [ # (Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
+              "items": [ # A list of secret versions to mount in the volume. If no items are specified, the volume will expose a file with the same name as the secret name. The contents of the file will be the data in the latest version of the secret. If items are specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify both a key and a path.
                 { # Maps a string key to a path within a volume.
                   "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project.
                   "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                   "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                 },
               ],
-              "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
+              "optional": True or False, # Not supported by Cloud Run.
               "secretName": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use.
             },
           },
         ],
       },
     },
-    "traffic": [ # Traffic specifies how to distribute traffic over a collection of Knative Revisions and Configurations.
+    "traffic": [ # Specifies how to distribute traffic over a collection of Knative Revisions and Configurations to the Service's main URL.
       { # TrafficTarget holds a single entry of the routing table for a Route.
-        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
+        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision which will be sent this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, traffic will automatically migrate from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
         "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty.
         "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified.
         "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName.
@@ -1135,26 +1135,26 @@ 
Method Details

       },
     ],
   },
-  "status": { # The current state of the Service. Output only. # Status communicates the observed state of the Service (from the controller).
-    "address": { # Information for connecting over HTTP(s). # From RouteStatus. Similar to url, information on where the service is available on HTTP.
+  "status": { # The current state of the Service. Output only. # Communicates the system-controlled state of the Service.
+    "address": { # Information for connecting over HTTP(s). # Similar to url, information on where the service is available on HTTP.
       "url": "A String",
     },
-    "conditions": [ # Conditions communicates information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world. Service-specific conditions include: * "ConfigurationsReady": true when the underlying Configuration is ready. * "RoutesReady": true when the underlying Route is ready. * "Ready": true when both the underlying Route and Configuration are ready.
-      { # Condition defines a generic condition for a Resource.
+    "conditions": [ # Communicates information about ongoing/complete reconciliation processes that bring the `spec` inline with the observed state of the world. Service-specific conditions include: * `ConfigurationsReady`: `True` when the underlying Configuration is ready. * `RoutesReady`: `True` when the underlying Route is ready. * `Ready`: `True` when all underlying resources are ready.
+      { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
         "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
         "message": "A String", # Optional. Human readable message indicating details about the current status.
-        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-        "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+        "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
         "status": "A String", # Status of the condition, one of True, False, Unknown.
-        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
       },
     ],
-    "latestCreatedRevisionName": "A String", # From ConfigurationStatus. LatestCreatedRevisionName is the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName.
-    "latestReadyRevisionName": "A String", # From ConfigurationStatus. LatestReadyRevisionName holds the name of the latest Revision stamped out from this Service's Configuration that has had its "Ready" condition become "True".
-    "observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Route that was last processed by the controller. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False.
-    "traffic": [ # From RouteStatus. Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed.
+    "latestCreatedRevisionName": "A String", # Name of the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName.
+    "latestReadyRevisionName": "A String", # Name of the latest Revision from this Service's Configuration that has had its `Ready` condition become `True`.
+    "observedGeneration": 42, # Returns the generation last fully processed by the system. This will only match metadata.generation when reconciliation is complete. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False.
+    "traffic": [ # Holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed.
       { # TrafficTarget holds a single entry of the routing table for a Route.
-        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
+        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision which will be sent this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, traffic will automatically migrate from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
         "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty.
         "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified.
         "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName.
@@ -1162,24 +1162,24 @@ 
Method Details

         "url": "A String", # Output only. URL displays the URL for accessing tagged traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. https://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.)
       },
     ],
-    "url": "A String", # From RouteStatus. URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app
+    "url": "A String", # URL that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app
   },
 }

 

 
 

     list(parent, continue=None, fieldSelector=None, includeUninitialized=None, labelSelector=None, limit=None, resourceVersion=None, watch=None, x__xgafv=None)
-  
List services.
+  
Lists services for the given project and region.
 
 Args:
-  parent: string, The namespace from which the services should be listed. For Cloud Run (fully managed), replace {namespace} with the project ID or number. It takes the form namespaces/{namespace}. For example: namespaces/PROJECT_ID (required)
+  parent: string, The parent from where the resources should be listed. In Cloud Run, it may be one of the following: * `namespaces/{project_id_or_number}` * `projects/{project_id_or_number}/locations/{region}` * `projects/{project_id_or_number}/regions/{region}` (required)
   continue: string, Optional. Encoded string to continue paging.
-  fieldSelector: string, Allows to filter resources based on a specific value for a field name. Send this in a query string format. i.e. 'metadata.name%3Dlorem'. Not currently used by Cloud Run.
-  includeUninitialized: boolean, Not currently used by Cloud Run.
+  fieldSelector: string, Not supported, and ignored by Cloud Run.
+  includeUninitialized: boolean, Not supported, and ignored by Cloud Run.
   labelSelector: string, Allows to filter resources based on a label. Supported operations are =, !=, exists, in, and notIn.
   limit: integer, Optional. The maximum number of records that should be returned.
-  resourceVersion: string, The baseline resource version from which the list or watch operation should start. Not currently used by Cloud Run.
-  watch: boolean, Flag that indicates that the client expects to watch this resource as well. Not currently used by Cloud Run.
+  resourceVersion: string, Not supported, and ignored by Cloud Run.
+  watch: boolean, Not supported, and ignored by Cloud Run.
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -1189,268 +1189,268 @@ 
Method Details

   An object of the form:
 
     { # A list of Service resources.
-  "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1".
+  "apiVersion": "A String", # The API version for this call; returns "serving.knative.dev/v1".
   "items": [ # List of Services.
     { # Service acts as a top-level container that manages a set of Routes and Configurations which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets). The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#service
-      "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1".
-      "kind": "A String", # The kind of resource, in this case "Service".
-      "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Service, including name, namespace, labels, and annotations. Cloud Run (fully managed) uses the following annotation keys to configure features on a Service: * `run.googleapis.com/ingress` sets the ingress settings for the Service. See [the ingress settings documentation](/run/docs/securing/ingress) for details on configuring ingress settings. * `run.googleapis.com/ingress-status` is output-only and contains the currently active ingress settings for the Service. `run.googleapis.com/ingress-status` may differ from `run.googleapis.com/ingress` while the system is processing a change to `run.googleapis.com/ingress` or if the system failed to process a change to `run.googleapis.com/ingress`. When the system has processed all changes successfully `run.googleapis.com/ingress-status` and `run.googleapis.com/ingress` are equal.
-        "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+      "apiVersion": "A String", # The API version for this call. It must be "serving.knative.dev/v1".
+      "kind": "A String", # The kind of resource. It must be "Service".
+      "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Service, including name, namespace, labels, and annotations. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. The following Cloud Run-specific annotations are accepted in Service.metadata.annotations. * `run.googleapis.com/binary-authorization-breakglass` * `run.googleapis.com/binary-authorization` * `run.googleapis.com/client-name` * `run.googleapis.com/custom-audiences` * `run.googleapis.com/description` * `run.googleapis.com/gc-traffic-tags` * `run.googleapis.com/ingress` * `run.googleapis.com/ingress` sets the ingress settings for the Service. See [the ingress settings documentation](/run/docs/securing/ingress) for details on configuring ingress settings. * `run.googleapis.com/ingress-status` is output-only and contains the currently active ingress settings for the Service. `run.googleapis.com/ingress-status` may differ from `run.googleapis.com/ingress` while the system is processing a change to `run.googleapis.com/ingress` or if the system failed to process a change to `run.googleapis.com/ingress`. When the system has processed all changes successfully `run.googleapis.com/ingress-status` and `run.googleapis.com/ingress` are equal.
+        "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
           "a_key": "A String",
         },
-        "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-        "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-        "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+        "clusterName": "A String", # Not supported by Cloud Run
+        "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+        "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+        "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+        "finalizers": [ # Not supported by Cloud Run
           "A String",
         ],
-        "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-        "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-        "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+        "generateName": "A String", # Not supported by Cloud Run
+        "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+        "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
           "a_key": "A String",
         },
-        "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-        "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-        "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-          { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-            "apiVersion": "A String", # API version of the referent.
-            "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-            "controller": True or False, # If true, this reference points to the managing controller. +optional
-            "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-            "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+        "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+        "ownerReferences": [ # Not supported by Cloud Run
+          { # This is not supported or used by Cloud Run.
+            "apiVersion": "A String", # This is not supported or used by Cloud Run.
+            "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+            "controller": True or False, # This is not supported or used by Cloud Run.
+            "kind": "A String", # This is not supported or used by Cloud Run.
+            "name": "A String", # This is not supported or used by Cloud Run.
+            "uid": "A String", # This is not supported or used by Cloud Run.
           },
         ],
-        "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-        "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-        "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+        "selfLink": "A String", # URL representing this object.
+        "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
       },
-      "spec": { # ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s). # Spec holds the desired state of the Service (from the client).
-        "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out.
+      "spec": { # ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s). # Holds the desired state of the Service (from the client).
+        "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Holds the latest specification for the Revision to be stamped out.
           "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. The following annotation keys set properties of the created revision: * `autoscaling.knative.dev/minScale` sets the minimum number of instances. * `autoscaling.knative.dev/maxScale` sets the maximum number of instances. * `run.googleapis.com/cloudsql-instances` sets Cloud SQL connections. Multiple values should be comma separated. * `run.googleapis.com/vpc-access-connector` sets a Serverless VPC Access connector. * `run.googleapis.com/vpc-access-egress` sets VPC egress. Supported values are `all-traffic`, `all` (deprecated), and `private-ranges-only`. `all-traffic` and `all` provide the same functionality. `all` is deprecated but will continue to be supported. Prefer `all-traffic`.
-            "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+            "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
               "a_key": "A String",
             },
-            "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-            "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-            "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-            "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-            "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+            "clusterName": "A String", # Not supported by Cloud Run
+            "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+            "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+            "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+            "finalizers": [ # Not supported by Cloud Run
               "A String",
             ],
-            "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-            "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-            "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+            "generateName": "A String", # Not supported by Cloud Run
+            "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+            "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
               "a_key": "A String",
             },
-            "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-            "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-            "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-              { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-                "apiVersion": "A String", # API version of the referent.
-                "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-                "controller": True or False, # If true, this reference points to the managing controller. +optional
-                "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-                "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-                "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+            "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+            "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+            "ownerReferences": [ # Not supported by Cloud Run
+              { # This is not supported or used by Cloud Run.
+                "apiVersion": "A String", # This is not supported or used by Cloud Run.
+                "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+                "controller": True or False, # This is not supported or used by Cloud Run.
+                "kind": "A String", # This is not supported or used by Cloud Run.
+                "name": "A String", # This is not supported or used by Cloud Run.
+                "uid": "A String", # This is not supported or used by Cloud Run.
               },
             ],
-            "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-            "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-            "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+            "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+            "selfLink": "A String", # URL representing this object.
+            "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
           },
           "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
-            "containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run for Anthos: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler.
-            "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/serving/blob/main/docs/runtime-contract.md
+            "containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run: supported, defaults to 80
+            "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/specs/blob/main/specs/serving/runtime-contract.md
               { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime.
-                "args": [ # (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+                "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
                   "A String",
                 ],
-                "command": [
+                "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
                   "A String",
                 ],
-                "env": [ # (Optional) List of environment variables to set in the container.
+                "env": [ # List of environment variables to set in the container.
                   { # EnvVar represents an environment variable present in a Container.
-                    "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
-                    "value": "A String", # (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
-                    "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # (Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty.
-                      "configMapKeyRef": { # Not supported by Cloud Run Selects a key from a ConfigMap. # (Optional) Not supported by Cloud Run Selects a key of a ConfigMap.
-                        "key": "A String", # The key to select.
-                        "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                          "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                    "name": "A String", # Required. Name of the environment variable. Must be a C_IDENTIFIER.
+                    "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
+                    "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # Source for the environment variable's value. Only supports secret_key_ref. Cannot be used if value is not empty.
+                      "configMapKeyRef": { # Not supported by Cloud Run. Selects a key from a ConfigMap. # Not supported by Cloud Run. Selects a key of a ConfigMap.
+                        "key": "A String", # Required. The key to select.
+                        "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                          "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                         },
-                        "name": "A String", # The ConfigMap to select from.
-                        "optional": True or False, # (Optional) Specify whether the ConfigMap or its key must be defined
+                        "name": "A String", # Required. The ConfigMap to select from.
+                        "optional": True or False, # Specify whether the ConfigMap or its key must be defined
                       },
-                      "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # (Optional) Selects a key (version) of a secret in Secret Manager.
-                        "key": "A String", # A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
-                        "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                          "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                      "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # Selects a key (version) of a secret in Secret Manager.
+                        "key": "A String", # Required. A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
+                        "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                          "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                         },
                         "name": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from.
-                        "optional": True or False, # (Optional) Specify whether the Secret or its key must be defined
+                        "optional": True or False, # Specify whether the Secret or its key must be defined.
                       },
                     },
                   },
                 ],
-                "envFrom": [ # (Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
-                  { # Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps
-                    "configMapRef": { # Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # (Optional) The ConfigMap to select from
-                      "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                        "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "envFrom": [ # Not supported by Cloud Run.
+                  { # Not supported by Cloud Run. EnvFromSource represents the source of a set of ConfigMaps
+                    "configMapRef": { # Not supported by Cloud Run. ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from
+                      "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                       },
                       "name": "A String", # The ConfigMap to select from.
-                      "optional": True or False, # (Optional) Specify whether the ConfigMap must be defined
+                      "optional": True or False, # Specify whether the ConfigMap must be defined.
                     },
-                    "prefix": "A String", # (Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
-                    "secretRef": { # Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # (Optional) The Secret to select from
-                      "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                        "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                    "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
+                    "secretRef": { # Not supported by Cloud Run. SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from
+                      "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                       },
                       "name": "A String", # The Secret to select from.
-                      "optional": True or False, # (Optional) Specify whether the Secret must be defined
+                      "optional": True or False, # Specify whether the Secret must be defined
                     },
                   },
                 ],
-                "image": "A String", # Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images
-                "imagePullPolicy": "A String", # (Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
-                "livenessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                    "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+                "image": "A String", # Required. URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images
+                "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
+                "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                    "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                       "A String",
                     ],
                   },
-                  "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-                  "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+                  "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+                  "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                     "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                     "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
                   },
-                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                    "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                       { # HTTPHeader describes a custom header to be used in HTTP probes
                         "name": "A String", # The header field name
                         "value": "A String", # The header field value
                       },
                     ],
-                    "path": "A String", # (Optional) Path to access on the HTTP server.
-                    "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                    "path": "A String", # Path to access on the HTTP server.
+                    "scheme": "A String", # Not supported by Cloud Run.
                   },
-                  "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-                  "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                    "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+                  "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+                  "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
                   },
-                  "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
                 },
-                "name": "A String", # (Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
-                "ports": [ # (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
+                "name": "A String", # Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
+                "ports": [ # List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
                   { # ContainerPort represents a network port in a single container.
-                    "containerPort": 42, # (Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536.
-                    "name": "A String", # (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
-                    "protocol": "A String", # (Optional) Protocol for port. Must be "TCP". Defaults to "TCP".
+                    "containerPort": 42, # Port number the container listens on. This must be a valid port number, 0 < x < 65536.
+                    "name": "A String", # If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
+                    "protocol": "A String", # Protocol for port. Must be "TCP". Defaults to "TCP".
                   },
                 ],
-                "readinessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                    "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+                "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Not supported by Cloud Run.
+                  "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                    "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                       "A String",
                     ],
                   },
-                  "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-                  "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+                  "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+                  "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                     "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                     "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
                   },
-                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                    "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                       { # HTTPHeader describes a custom header to be used in HTTP probes
                         "name": "A String", # The header field name
                         "value": "A String", # The header field value
                       },
                     ],
-                    "path": "A String", # (Optional) Path to access on the HTTP server.
-                    "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                    "path": "A String", # Path to access on the HTTP server.
+                    "scheme": "A String", # Not supported by Cloud Run.
                   },
-                  "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-                  "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                    "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+                  "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+                  "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
                   },
-                  "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
                 },
-                "resources": { # ResourceRequirements describes the compute resource requirements. # (Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
-                  "limits": { # (Optional) Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+                "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+                  "limits": { # Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                     "a_key": "A String",
                   },
-                  "requests": { # (Optional) Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+                  "requests": { # Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                     "a_key": "A String",
                   },
                 },
-                "securityContext": { # Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # (Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
-                  "runAsUser": 42, # (Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+                "securityContext": { # Not supported by Cloud Run. SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Not supported by Cloud Run.
+                  "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
                 },
-                "startupProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                    "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+                "startupProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not receive traffic if the probe fails. If not provided, a default startup probe with TCP socket action is used. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                    "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                       "A String",
                     ],
                   },
-                  "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-                  "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+                  "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+                  "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                     "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                     "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
                   },
-                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                    "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                       { # HTTPHeader describes a custom header to be used in HTTP probes
                         "name": "A String", # The header field name
                         "value": "A String", # The header field value
                       },
                     ],
-                    "path": "A String", # (Optional) Path to access on the HTTP server.
-                    "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                    "path": "A String", # Path to access on the HTTP server.
+                    "scheme": "A String", # Not supported by Cloud Run.
                   },
-                  "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-                  "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                    "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+                  "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+                  "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
                   },
-                  "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
                 },
-                "terminationMessagePath": "A String", # (Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
-                "terminationMessagePolicy": "A String", # (Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
-                "volumeMounts": [ # (Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
+                "terminationMessagePath": "A String", # Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
+                "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
+                "volumeMounts": [ # Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
                   { # VolumeMount describes a mounting of a Volume within a container.
-                    "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'.
-                    "name": "A String", # The name of the volume. There must be a corresponding Volume with the same name.
-                    "readOnly": True or False, # (Optional) Only true is accepted. Defaults to true.
-                    "subPath": "A String", # (Optional) Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
+                    "mountPath": "A String", # Required. Path within the container at which the volume should be mounted. Must not contain ':'.
+                    "name": "A String", # Required. The name of the volume. There must be a corresponding Volume with the same name.
+                    "readOnly": True or False, # Only true is accepted for Secret Volumes. Defaults to true for Secrets Volumes.
+                    "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
                   },
                 ],
-                "workingDir": "A String", # (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
+                "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
               },
             ],
-            "enableServiceLinks": True or False, # Indicates whether information about services should be injected into pod's environment variables, matching the syntax of Docker links. Cloud Run fully managed: Not supported. Cloud Run for Anthos: supported, defaults to true.
-            "imagePullSecrets": [ # ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet. More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod Cloud Run fully managed: Not supported. Cloud Run for Anthos: supported.
-              { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
-                "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+            "enableServiceLinks": True or False, # Not supported by Cloud Run.
+            "imagePullSecrets": [ # Not supported by Cloud Run.
+              { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
+                "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
               },
             ],
             "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account.
-            "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run fully managed: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour). Cloud Run for Anthos: defaults to 300 seconds (5 minutes). Maximum allowed value is configurable by the cluster operator.
+            "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour).
             "volumes": [
               { # Volume represents a named volume in a container.
-                "configMap": { # Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
+                "configMap": { # Not supported by Cloud Run. Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
                   "defaultMode": 42, # (Optional) Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                   "items": [ # (Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
                     { # Maps a string key to a path within a volume.
@@ -1463,25 +1463,25 @@ 
Method Details

                   "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
                 },
                 "name": "A String", # Volume's name. In Cloud Run Fully Managed, the name 'cloudsql' is reserved.
-                "secret": { # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names.
+                "secret": { # A volume representing a secret stored in Google Secret Manager. The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secretName.
                   "defaultMode": 42, # Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0444. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
-                  "items": [ # (Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
+                  "items": [ # A list of secret versions to mount in the volume. If no items are specified, the volume will expose a file with the same name as the secret name. The contents of the file will be the data in the latest version of the secret. If items are specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify both a key and a path.
                     { # Maps a string key to a path within a volume.
                       "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project.
                       "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                       "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                     },
                   ],
-                  "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
+                  "optional": True or False, # Not supported by Cloud Run.
                   "secretName": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use.
                 },
               },
             ],
           },
         },
-        "traffic": [ # Traffic specifies how to distribute traffic over a collection of Knative Revisions and Configurations.
+        "traffic": [ # Specifies how to distribute traffic over a collection of Knative Revisions and Configurations to the Service's main URL.
           { # TrafficTarget holds a single entry of the routing table for a Route.
-            "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
+            "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision which will be sent this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, traffic will automatically migrate from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
             "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty.
             "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified.
             "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName.
@@ -1490,26 +1490,26 @@ 
Method Details

           },
         ],
       },
-      "status": { # The current state of the Service. Output only. # Status communicates the observed state of the Service (from the controller).
-        "address": { # Information for connecting over HTTP(s). # From RouteStatus. Similar to url, information on where the service is available on HTTP.
+      "status": { # The current state of the Service. Output only. # Communicates the system-controlled state of the Service.
+        "address": { # Information for connecting over HTTP(s). # Similar to url, information on where the service is available on HTTP.
           "url": "A String",
         },
-        "conditions": [ # Conditions communicates information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world. Service-specific conditions include: * "ConfigurationsReady": true when the underlying Configuration is ready. * "RoutesReady": true when the underlying Route is ready. * "Ready": true when both the underlying Route and Configuration are ready.
-          { # Condition defines a generic condition for a Resource.
+        "conditions": [ # Communicates information about ongoing/complete reconciliation processes that bring the `spec` inline with the observed state of the world. Service-specific conditions include: * `ConfigurationsReady`: `True` when the underlying Configuration is ready. * `RoutesReady`: `True` when the underlying Route is ready. * `Ready`: `True` when all underlying resources are ready.
+          { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
             "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
             "message": "A String", # Optional. Human readable message indicating details about the current status.
-            "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-            "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+            "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+            "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
             "status": "A String", # Status of the condition, one of True, False, Unknown.
-            "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+            "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
           },
         ],
-        "latestCreatedRevisionName": "A String", # From ConfigurationStatus. LatestCreatedRevisionName is the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName.
-        "latestReadyRevisionName": "A String", # From ConfigurationStatus. LatestReadyRevisionName holds the name of the latest Revision stamped out from this Service's Configuration that has had its "Ready" condition become "True".
-        "observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Route that was last processed by the controller. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False.
-        "traffic": [ # From RouteStatus. Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed.
+        "latestCreatedRevisionName": "A String", # Name of the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName.
+        "latestReadyRevisionName": "A String", # Name of the latest Revision from this Service's Configuration that has had its `Ready` condition become `True`.
+        "observedGeneration": 42, # Returns the generation last fully processed by the system. This will only match metadata.generation when reconciliation is complete. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False.
+        "traffic": [ # Holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed.
           { # TrafficTarget holds a single entry of the routing table for a Route.
-            "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
+            "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision which will be sent this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, traffic will automatically migrate from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
             "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty.
             "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified.
             "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName.
@@ -1517,17 +1517,17 @@ 
Method Details

             "url": "A String", # Output only. URL displays the URL for accessing tagged traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. https://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.)
           },
         ],
-        "url": "A String", # From RouteStatus. URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app
+        "url": "A String", # URL that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app
       },
     },
   ],
-  "kind": "A String", # The kind of this resource, in this case "ServiceList".
-  "metadata": { # ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}. # Metadata associated with this Service list.
-    "continue": "A String", # continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response.
-    "resourceVersion": "A String", # String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional
-    "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional
+  "kind": "A String", # The kind of this resource; returns "ServiceList".
+  "metadata": { # Metadata for synthetic resources like List. In Cloud Run, all List Resources Responses will have a ListMeta instead of ObjectMeta. # Metadata associated with this Service list.
+    "continue": "A String", # Continuation token is a value emitted when the count of items is larger than the user/system limit. To retrieve the next page of items, pass the value of `continue` as the next request's `page_token`.
+    "resourceVersion": "A String", # Opaque string that identifies the server's internal version of this object. It can be used by clients to determine when objects have changed. If the message is passed back to the server, it must be left unmodified. https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
   },
-  "unreachable": [ # Locations that could not be reached.
+  "unreachable": [ # For calls against the global endpoint, returns the list of Cloud locations that could not be reached. For regional calls, this field is not used.
     "A String",
   ],
 }

@@ -1535,273 +1535,273 @@ 
Method Details

 
 

     replaceService(name, body=None, dryRun=None, x__xgafv=None)
-  
Replace a service. Only the spec and metadata labels and annotations are modifiable. After the Update request, Cloud Run will work to make the 'status' match the requested 'spec'. May provide metadata.resourceVersion to enforce update from last read for optimistic concurrency control.
+  
Replaces a service. Only the spec and metadata labels and annotations are modifiable. After the Update request, Cloud Run will work to make the 'status' match the requested 'spec'. May provide metadata.resourceVersion to enforce update from last read for optimistic concurrency control.
 
 Args:
-  name: string, The name of the service being replaced. For Cloud Run (fully managed), replace {namespace} with the project ID or number. It takes the form namespaces/{namespace}. For example: namespaces/PROJECT_ID (required)
+  name: string, The fully qualified name of the service to replace. It can be any of the following forms: * `namespaces/{project_id_or_number}/services/{service_name}` * `projects/{project_id_or_number}/locations/{region}/services/{service_name}` * `projects/{project_id_or_number}/regions/{region}/services/{service_name}` (required)
   body: object, The request body.
     The object takes the form of:
 
 { # Service acts as a top-level container that manages a set of Routes and Configurations which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets). The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#service
-  "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1".
-  "kind": "A String", # The kind of resource, in this case "Service".
-  "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Service, including name, namespace, labels, and annotations. Cloud Run (fully managed) uses the following annotation keys to configure features on a Service: * `run.googleapis.com/ingress` sets the ingress settings for the Service. See [the ingress settings documentation](/run/docs/securing/ingress) for details on configuring ingress settings. * `run.googleapis.com/ingress-status` is output-only and contains the currently active ingress settings for the Service. `run.googleapis.com/ingress-status` may differ from `run.googleapis.com/ingress` while the system is processing a change to `run.googleapis.com/ingress` or if the system failed to process a change to `run.googleapis.com/ingress`. When the system has processed all changes successfully `run.googleapis.com/ingress-status` and `run.googleapis.com/ingress` are equal.
-    "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+  "apiVersion": "A String", # The API version for this call. It must be "serving.knative.dev/v1".
+  "kind": "A String", # The kind of resource. It must be "Service".
+  "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Service, including name, namespace, labels, and annotations. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. The following Cloud Run-specific annotations are accepted in Service.metadata.annotations. * `run.googleapis.com/binary-authorization-breakglass` * `run.googleapis.com/binary-authorization` * `run.googleapis.com/client-name` * `run.googleapis.com/custom-audiences` * `run.googleapis.com/description` * `run.googleapis.com/gc-traffic-tags` * `run.googleapis.com/ingress` * `run.googleapis.com/ingress` sets the ingress settings for the Service. See [the ingress settings documentation](/run/docs/securing/ingress) for details on configuring ingress settings. * `run.googleapis.com/ingress-status` is output-only and contains the currently active ingress settings for the Service. `run.googleapis.com/ingress-status` may differ from `run.googleapis.com/ingress` while the system is processing a change to `run.googleapis.com/ingress` or if the system failed to process a change to `run.googleapis.com/ingress`. When the system has processed all changes successfully `run.googleapis.com/ingress-status` and `run.googleapis.com/ingress` are equal.
+    "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
       "a_key": "A String",
     },
-    "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-    "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-    "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+    "clusterName": "A String", # Not supported by Cloud Run
+    "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+    "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+    "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+    "finalizers": [ # Not supported by Cloud Run
       "A String",
     ],
-    "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-    "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-    "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+    "generateName": "A String", # Not supported by Cloud Run
+    "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+    "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
       "a_key": "A String",
     },
-    "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-    "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-    "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-      { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-        "apiVersion": "A String", # API version of the referent.
-        "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-        "controller": True or False, # If true, this reference points to the managing controller. +optional
-        "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-        "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+    "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+    "ownerReferences": [ # Not supported by Cloud Run
+      { # This is not supported or used by Cloud Run.
+        "apiVersion": "A String", # This is not supported or used by Cloud Run.
+        "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+        "controller": True or False, # This is not supported or used by Cloud Run.
+        "kind": "A String", # This is not supported or used by Cloud Run.
+        "name": "A String", # This is not supported or used by Cloud Run.
+        "uid": "A String", # This is not supported or used by Cloud Run.
       },
     ],
-    "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-    "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-    "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
+    "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
   },
-  "spec": { # ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s). # Spec holds the desired state of the Service (from the client).
-    "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out.
+  "spec": { # ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s). # Holds the desired state of the Service (from the client).
+    "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Holds the latest specification for the Revision to be stamped out.
       "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. The following annotation keys set properties of the created revision: * `autoscaling.knative.dev/minScale` sets the minimum number of instances. * `autoscaling.knative.dev/maxScale` sets the maximum number of instances. * `run.googleapis.com/cloudsql-instances` sets Cloud SQL connections. Multiple values should be comma separated. * `run.googleapis.com/vpc-access-connector` sets a Serverless VPC Access connector. * `run.googleapis.com/vpc-access-egress` sets VPC egress. Supported values are `all-traffic`, `all` (deprecated), and `private-ranges-only`. `all-traffic` and `all` provide the same functionality. `all` is deprecated but will continue to be supported. Prefer `all-traffic`.
-        "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+        "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
           "a_key": "A String",
         },
-        "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-        "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-        "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+        "clusterName": "A String", # Not supported by Cloud Run
+        "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+        "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+        "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+        "finalizers": [ # Not supported by Cloud Run
           "A String",
         ],
-        "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-        "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-        "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+        "generateName": "A String", # Not supported by Cloud Run
+        "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+        "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
           "a_key": "A String",
         },
-        "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-        "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-        "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-          { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-            "apiVersion": "A String", # API version of the referent.
-            "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-            "controller": True or False, # If true, this reference points to the managing controller. +optional
-            "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-            "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+        "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+        "ownerReferences": [ # Not supported by Cloud Run
+          { # This is not supported or used by Cloud Run.
+            "apiVersion": "A String", # This is not supported or used by Cloud Run.
+            "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+            "controller": True or False, # This is not supported or used by Cloud Run.
+            "kind": "A String", # This is not supported or used by Cloud Run.
+            "name": "A String", # This is not supported or used by Cloud Run.
+            "uid": "A String", # This is not supported or used by Cloud Run.
           },
         ],
-        "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-        "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-        "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+        "selfLink": "A String", # URL representing this object.
+        "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
       },
       "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
-        "containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run for Anthos: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler.
-        "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/serving/blob/main/docs/runtime-contract.md
+        "containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run: supported, defaults to 80
+        "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/specs/blob/main/specs/serving/runtime-contract.md
           { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime.
-            "args": [ # (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+            "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
               "A String",
             ],
-            "command": [
+            "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
               "A String",
             ],
-            "env": [ # (Optional) List of environment variables to set in the container.
+            "env": [ # List of environment variables to set in the container.
               { # EnvVar represents an environment variable present in a Container.
-                "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
-                "value": "A String", # (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
-                "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # (Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty.
-                  "configMapKeyRef": { # Not supported by Cloud Run Selects a key from a ConfigMap. # (Optional) Not supported by Cloud Run Selects a key of a ConfigMap.
-                    "key": "A String", # The key to select.
-                    "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                      "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "name": "A String", # Required. Name of the environment variable. Must be a C_IDENTIFIER.
+                "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
+                "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # Source for the environment variable's value. Only supports secret_key_ref. Cannot be used if value is not empty.
+                  "configMapKeyRef": { # Not supported by Cloud Run. Selects a key from a ConfigMap. # Not supported by Cloud Run. Selects a key of a ConfigMap.
+                    "key": "A String", # Required. The key to select.
+                    "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                      "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                     },
-                    "name": "A String", # The ConfigMap to select from.
-                    "optional": True or False, # (Optional) Specify whether the ConfigMap or its key must be defined
+                    "name": "A String", # Required. The ConfigMap to select from.
+                    "optional": True or False, # Specify whether the ConfigMap or its key must be defined
                   },
-                  "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # (Optional) Selects a key (version) of a secret in Secret Manager.
-                    "key": "A String", # A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
-                    "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                      "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                  "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # Selects a key (version) of a secret in Secret Manager.
+                    "key": "A String", # Required. A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
+                    "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                      "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                     },
                     "name": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from.
-                    "optional": True or False, # (Optional) Specify whether the Secret or its key must be defined
+                    "optional": True or False, # Specify whether the Secret or its key must be defined.
                   },
                 },
               },
             ],
-            "envFrom": [ # (Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
-              { # Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps
-                "configMapRef": { # Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # (Optional) The ConfigMap to select from
-                  "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                    "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+            "envFrom": [ # Not supported by Cloud Run.
+              { # Not supported by Cloud Run. EnvFromSource represents the source of a set of ConfigMaps
+                "configMapRef": { # Not supported by Cloud Run. ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from
+                  "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                    "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                   },
                   "name": "A String", # The ConfigMap to select from.
-                  "optional": True or False, # (Optional) Specify whether the ConfigMap must be defined
+                  "optional": True or False, # Specify whether the ConfigMap must be defined.
                 },
-                "prefix": "A String", # (Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
-                "secretRef": { # Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # (Optional) The Secret to select from
-                  "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                    "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
+                "secretRef": { # Not supported by Cloud Run. SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from
+                  "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                    "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                   },
                   "name": "A String", # The Secret to select from.
-                  "optional": True or False, # (Optional) Specify whether the Secret must be defined
+                  "optional": True or False, # Specify whether the Secret must be defined
                 },
               },
             ],
-            "image": "A String", # Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images
-            "imagePullPolicy": "A String", # (Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
-            "livenessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "image": "A String", # Required. URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images
+            "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
+            "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "name": "A String", # (Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
-            "ports": [ # (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
+            "name": "A String", # Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
+            "ports": [ # List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
               { # ContainerPort represents a network port in a single container.
-                "containerPort": 42, # (Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536.
-                "name": "A String", # (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
-                "protocol": "A String", # (Optional) Protocol for port. Must be "TCP". Defaults to "TCP".
+                "containerPort": 42, # Port number the container listens on. This must be a valid port number, 0 < x < 65536.
+                "name": "A String", # If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
+                "protocol": "A String", # Protocol for port. Must be "TCP". Defaults to "TCP".
               },
             ],
-            "readinessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Not supported by Cloud Run.
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "resources": { # ResourceRequirements describes the compute resource requirements. # (Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
-              "limits": { # (Optional) Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+            "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+              "limits": { # Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                 "a_key": "A String",
               },
-              "requests": { # (Optional) Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+              "requests": { # Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                 "a_key": "A String",
               },
             },
-            "securityContext": { # Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # (Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
-              "runAsUser": 42, # (Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+            "securityContext": { # Not supported by Cloud Run. SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Not supported by Cloud Run.
+              "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
             },
-            "startupProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "startupProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not receive traffic if the probe fails. If not provided, a default startup probe with TCP socket action is used. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "terminationMessagePath": "A String", # (Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
-            "terminationMessagePolicy": "A String", # (Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
-            "volumeMounts": [ # (Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
+            "terminationMessagePath": "A String", # Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
+            "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
+            "volumeMounts": [ # Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
               { # VolumeMount describes a mounting of a Volume within a container.
-                "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'.
-                "name": "A String", # The name of the volume. There must be a corresponding Volume with the same name.
-                "readOnly": True or False, # (Optional) Only true is accepted. Defaults to true.
-                "subPath": "A String", # (Optional) Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
+                "mountPath": "A String", # Required. Path within the container at which the volume should be mounted. Must not contain ':'.
+                "name": "A String", # Required. The name of the volume. There must be a corresponding Volume with the same name.
+                "readOnly": True or False, # Only true is accepted for Secret Volumes. Defaults to true for Secrets Volumes.
+                "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
               },
             ],
-            "workingDir": "A String", # (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
+            "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
           },
         ],
-        "enableServiceLinks": True or False, # Indicates whether information about services should be injected into pod's environment variables, matching the syntax of Docker links. Cloud Run fully managed: Not supported. Cloud Run for Anthos: supported, defaults to true.
-        "imagePullSecrets": [ # ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet. More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod Cloud Run fully managed: Not supported. Cloud Run for Anthos: supported.
-          { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
-            "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+        "enableServiceLinks": True or False, # Not supported by Cloud Run.
+        "imagePullSecrets": [ # Not supported by Cloud Run.
+          { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
+            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
           },
         ],
         "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account.
-        "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run fully managed: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour). Cloud Run for Anthos: defaults to 300 seconds (5 minutes). Maximum allowed value is configurable by the cluster operator.
+        "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour).
         "volumes": [
           { # Volume represents a named volume in a container.
-            "configMap": { # Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
+            "configMap": { # Not supported by Cloud Run. Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
               "defaultMode": 42, # (Optional) Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
               "items": [ # (Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
                 { # Maps a string key to a path within a volume.
@@ -1814,25 +1814,25 @@ 
Method Details

               "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
             },
             "name": "A String", # Volume's name. In Cloud Run Fully Managed, the name 'cloudsql' is reserved.
-            "secret": { # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names.
+            "secret": { # A volume representing a secret stored in Google Secret Manager. The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secretName.
               "defaultMode": 42, # Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0444. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
-              "items": [ # (Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
+              "items": [ # A list of secret versions to mount in the volume. If no items are specified, the volume will expose a file with the same name as the secret name. The contents of the file will be the data in the latest version of the secret. If items are specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify both a key and a path.
                 { # Maps a string key to a path within a volume.
                   "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project.
                   "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                   "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                 },
               ],
-              "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
+              "optional": True or False, # Not supported by Cloud Run.
               "secretName": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use.
             },
           },
         ],
       },
     },
-    "traffic": [ # Traffic specifies how to distribute traffic over a collection of Knative Revisions and Configurations.
+    "traffic": [ # Specifies how to distribute traffic over a collection of Knative Revisions and Configurations to the Service's main URL.
       { # TrafficTarget holds a single entry of the routing table for a Route.
-        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
+        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision which will be sent this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, traffic will automatically migrate from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
         "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty.
         "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified.
         "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName.
@@ -1841,26 +1841,26 @@ 
Method Details

       },
     ],
   },
-  "status": { # The current state of the Service. Output only. # Status communicates the observed state of the Service (from the controller).
-    "address": { # Information for connecting over HTTP(s). # From RouteStatus. Similar to url, information on where the service is available on HTTP.
+  "status": { # The current state of the Service. Output only. # Communicates the system-controlled state of the Service.
+    "address": { # Information for connecting over HTTP(s). # Similar to url, information on where the service is available on HTTP.
       "url": "A String",
     },
-    "conditions": [ # Conditions communicates information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world. Service-specific conditions include: * "ConfigurationsReady": true when the underlying Configuration is ready. * "RoutesReady": true when the underlying Route is ready. * "Ready": true when both the underlying Route and Configuration are ready.
-      { # Condition defines a generic condition for a Resource.
+    "conditions": [ # Communicates information about ongoing/complete reconciliation processes that bring the `spec` inline with the observed state of the world. Service-specific conditions include: * `ConfigurationsReady`: `True` when the underlying Configuration is ready. * `RoutesReady`: `True` when the underlying Route is ready. * `Ready`: `True` when all underlying resources are ready.
+      { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
         "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
         "message": "A String", # Optional. Human readable message indicating details about the current status.
-        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-        "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+        "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
         "status": "A String", # Status of the condition, one of True, False, Unknown.
-        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
       },
     ],
-    "latestCreatedRevisionName": "A String", # From ConfigurationStatus. LatestCreatedRevisionName is the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName.
-    "latestReadyRevisionName": "A String", # From ConfigurationStatus. LatestReadyRevisionName holds the name of the latest Revision stamped out from this Service's Configuration that has had its "Ready" condition become "True".
-    "observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Route that was last processed by the controller. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False.
-    "traffic": [ # From RouteStatus. Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed.
+    "latestCreatedRevisionName": "A String", # Name of the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName.
+    "latestReadyRevisionName": "A String", # Name of the latest Revision from this Service's Configuration that has had its `Ready` condition become `True`.
+    "observedGeneration": 42, # Returns the generation last fully processed by the system. This will only match metadata.generation when reconciliation is complete. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False.
+    "traffic": [ # Holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed.
       { # TrafficTarget holds a single entry of the routing table for a Route.
-        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
+        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision which will be sent this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, traffic will automatically migrate from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
         "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty.
         "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified.
         "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName.
@@ -1868,7 +1868,7 @@ 
Method Details

         "url": "A String", # Output only. URL displays the URL for accessing tagged traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. https://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.)
       },
     ],
-    "url": "A String", # From RouteStatus. URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app
+    "url": "A String", # URL that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app
   },
 }
 
@@ -1882,265 +1882,265 @@ 
Method Details

   An object of the form:
 
     { # Service acts as a top-level container that manages a set of Routes and Configurations which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets). The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#service
-  "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1".
-  "kind": "A String", # The kind of resource, in this case "Service".
-  "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Service, including name, namespace, labels, and annotations. Cloud Run (fully managed) uses the following annotation keys to configure features on a Service: * `run.googleapis.com/ingress` sets the ingress settings for the Service. See [the ingress settings documentation](/run/docs/securing/ingress) for details on configuring ingress settings. * `run.googleapis.com/ingress-status` is output-only and contains the currently active ingress settings for the Service. `run.googleapis.com/ingress-status` may differ from `run.googleapis.com/ingress` while the system is processing a change to `run.googleapis.com/ingress` or if the system failed to process a change to `run.googleapis.com/ingress`. When the system has processed all changes successfully `run.googleapis.com/ingress-status` and `run.googleapis.com/ingress` are equal.
-    "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+  "apiVersion": "A String", # The API version for this call. It must be "serving.knative.dev/v1".
+  "kind": "A String", # The kind of resource. It must be "Service".
+  "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Service, including name, namespace, labels, and annotations. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. The following Cloud Run-specific annotations are accepted in Service.metadata.annotations. * `run.googleapis.com/binary-authorization-breakglass` * `run.googleapis.com/binary-authorization` * `run.googleapis.com/client-name` * `run.googleapis.com/custom-audiences` * `run.googleapis.com/description` * `run.googleapis.com/gc-traffic-tags` * `run.googleapis.com/ingress` * `run.googleapis.com/ingress` sets the ingress settings for the Service. See [the ingress settings documentation](/run/docs/securing/ingress) for details on configuring ingress settings. * `run.googleapis.com/ingress-status` is output-only and contains the currently active ingress settings for the Service. `run.googleapis.com/ingress-status` may differ from `run.googleapis.com/ingress` while the system is processing a change to `run.googleapis.com/ingress` or if the system failed to process a change to `run.googleapis.com/ingress`. When the system has processed all changes successfully `run.googleapis.com/ingress-status` and `run.googleapis.com/ingress` are equal.
+    "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
       "a_key": "A String",
     },
-    "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-    "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-    "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+    "clusterName": "A String", # Not supported by Cloud Run
+    "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+    "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+    "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+    "finalizers": [ # Not supported by Cloud Run
       "A String",
     ],
-    "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-    "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-    "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+    "generateName": "A String", # Not supported by Cloud Run
+    "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+    "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
       "a_key": "A String",
     },
-    "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-    "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-    "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-      { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-        "apiVersion": "A String", # API version of the referent.
-        "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-        "controller": True or False, # If true, this reference points to the managing controller. +optional
-        "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-        "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+    "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+    "ownerReferences": [ # Not supported by Cloud Run
+      { # This is not supported or used by Cloud Run.
+        "apiVersion": "A String", # This is not supported or used by Cloud Run.
+        "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+        "controller": True or False, # This is not supported or used by Cloud Run.
+        "kind": "A String", # This is not supported or used by Cloud Run.
+        "name": "A String", # This is not supported or used by Cloud Run.
+        "uid": "A String", # This is not supported or used by Cloud Run.
       },
     ],
-    "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-    "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-    "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
+    "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
   },
-  "spec": { # ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s). # Spec holds the desired state of the Service (from the client).
-    "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out.
+  "spec": { # ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s). # Holds the desired state of the Service (from the client).
+    "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Holds the latest specification for the Revision to be stamped out.
       "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. The following annotation keys set properties of the created revision: * `autoscaling.knative.dev/minScale` sets the minimum number of instances. * `autoscaling.knative.dev/maxScale` sets the maximum number of instances. * `run.googleapis.com/cloudsql-instances` sets Cloud SQL connections. Multiple values should be comma separated. * `run.googleapis.com/vpc-access-connector` sets a Serverless VPC Access connector. * `run.googleapis.com/vpc-access-egress` sets VPC egress. Supported values are `all-traffic`, `all` (deprecated), and `private-ranges-only`. `all-traffic` and `all` provide the same functionality. `all` is deprecated but will continue to be supported. Prefer `all-traffic`.
-        "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+        "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
           "a_key": "A String",
         },
-        "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-        "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-        "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+        "clusterName": "A String", # Not supported by Cloud Run
+        "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+        "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+        "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+        "finalizers": [ # Not supported by Cloud Run
           "A String",
         ],
-        "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-        "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-        "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+        "generateName": "A String", # Not supported by Cloud Run
+        "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+        "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
           "a_key": "A String",
         },
-        "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-        "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-        "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-          { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-            "apiVersion": "A String", # API version of the referent.
-            "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-            "controller": True or False, # If true, this reference points to the managing controller. +optional
-            "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-            "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+        "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+        "ownerReferences": [ # Not supported by Cloud Run
+          { # This is not supported or used by Cloud Run.
+            "apiVersion": "A String", # This is not supported or used by Cloud Run.
+            "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+            "controller": True or False, # This is not supported or used by Cloud Run.
+            "kind": "A String", # This is not supported or used by Cloud Run.
+            "name": "A String", # This is not supported or used by Cloud Run.
+            "uid": "A String", # This is not supported or used by Cloud Run.
           },
         ],
-        "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-        "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-        "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+        "selfLink": "A String", # URL representing this object.
+        "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
       },
       "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
-        "containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run for Anthos: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler.
-        "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/serving/blob/main/docs/runtime-contract.md
+        "containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run: supported, defaults to 80
+        "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/specs/blob/main/specs/serving/runtime-contract.md
           { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime.
-            "args": [ # (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+            "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
               "A String",
             ],
-            "command": [
+            "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
               "A String",
             ],
-            "env": [ # (Optional) List of environment variables to set in the container.
+            "env": [ # List of environment variables to set in the container.
               { # EnvVar represents an environment variable present in a Container.
-                "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
-                "value": "A String", # (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
-                "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # (Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty.
-                  "configMapKeyRef": { # Not supported by Cloud Run Selects a key from a ConfigMap. # (Optional) Not supported by Cloud Run Selects a key of a ConfigMap.
-                    "key": "A String", # The key to select.
-                    "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                      "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "name": "A String", # Required. Name of the environment variable. Must be a C_IDENTIFIER.
+                "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
+                "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # Source for the environment variable's value. Only supports secret_key_ref. Cannot be used if value is not empty.
+                  "configMapKeyRef": { # Not supported by Cloud Run. Selects a key from a ConfigMap. # Not supported by Cloud Run. Selects a key of a ConfigMap.
+                    "key": "A String", # Required. The key to select.
+                    "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                      "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                     },
-                    "name": "A String", # The ConfigMap to select from.
-                    "optional": True or False, # (Optional) Specify whether the ConfigMap or its key must be defined
+                    "name": "A String", # Required. The ConfigMap to select from.
+                    "optional": True or False, # Specify whether the ConfigMap or its key must be defined
                   },
-                  "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # (Optional) Selects a key (version) of a secret in Secret Manager.
-                    "key": "A String", # A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
-                    "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                      "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                  "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # Selects a key (version) of a secret in Secret Manager.
+                    "key": "A String", # Required. A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
+                    "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                      "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                     },
                     "name": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from.
-                    "optional": True or False, # (Optional) Specify whether the Secret or its key must be defined
+                    "optional": True or False, # Specify whether the Secret or its key must be defined.
                   },
                 },
               },
             ],
-            "envFrom": [ # (Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
-              { # Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps
-                "configMapRef": { # Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # (Optional) The ConfigMap to select from
-                  "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                    "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+            "envFrom": [ # Not supported by Cloud Run.
+              { # Not supported by Cloud Run. EnvFromSource represents the source of a set of ConfigMaps
+                "configMapRef": { # Not supported by Cloud Run. ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from
+                  "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                    "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                   },
                   "name": "A String", # The ConfigMap to select from.
-                  "optional": True or False, # (Optional) Specify whether the ConfigMap must be defined
+                  "optional": True or False, # Specify whether the ConfigMap must be defined.
                 },
-                "prefix": "A String", # (Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
-                "secretRef": { # Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # (Optional) The Secret to select from
-                  "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                    "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
+                "secretRef": { # Not supported by Cloud Run. SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from
+                  "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                    "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                   },
                   "name": "A String", # The Secret to select from.
-                  "optional": True or False, # (Optional) Specify whether the Secret must be defined
+                  "optional": True or False, # Specify whether the Secret must be defined
                 },
               },
             ],
-            "image": "A String", # Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images
-            "imagePullPolicy": "A String", # (Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
-            "livenessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "image": "A String", # Required. URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images
+            "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
+            "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "name": "A String", # (Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
-            "ports": [ # (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
+            "name": "A String", # Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
+            "ports": [ # List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
               { # ContainerPort represents a network port in a single container.
-                "containerPort": 42, # (Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536.
-                "name": "A String", # (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
-                "protocol": "A String", # (Optional) Protocol for port. Must be "TCP". Defaults to "TCP".
+                "containerPort": 42, # Port number the container listens on. This must be a valid port number, 0 < x < 65536.
+                "name": "A String", # If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
+                "protocol": "A String", # Protocol for port. Must be "TCP". Defaults to "TCP".
               },
             ],
-            "readinessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Not supported by Cloud Run.
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "resources": { # ResourceRequirements describes the compute resource requirements. # (Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
-              "limits": { # (Optional) Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+            "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+              "limits": { # Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                 "a_key": "A String",
               },
-              "requests": { # (Optional) Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+              "requests": { # Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                 "a_key": "A String",
               },
             },
-            "securityContext": { # Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # (Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
-              "runAsUser": 42, # (Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+            "securityContext": { # Not supported by Cloud Run. SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Not supported by Cloud Run.
+              "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
             },
-            "startupProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "startupProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not receive traffic if the probe fails. If not provided, a default startup probe with TCP socket action is used. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "terminationMessagePath": "A String", # (Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
-            "terminationMessagePolicy": "A String", # (Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
-            "volumeMounts": [ # (Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
+            "terminationMessagePath": "A String", # Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
+            "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
+            "volumeMounts": [ # Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
               { # VolumeMount describes a mounting of a Volume within a container.
-                "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'.
-                "name": "A String", # The name of the volume. There must be a corresponding Volume with the same name.
-                "readOnly": True or False, # (Optional) Only true is accepted. Defaults to true.
-                "subPath": "A String", # (Optional) Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
+                "mountPath": "A String", # Required. Path within the container at which the volume should be mounted. Must not contain ':'.
+                "name": "A String", # Required. The name of the volume. There must be a corresponding Volume with the same name.
+                "readOnly": True or False, # Only true is accepted for Secret Volumes. Defaults to true for Secrets Volumes.
+                "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
               },
             ],
-            "workingDir": "A String", # (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
+            "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
           },
         ],
-        "enableServiceLinks": True or False, # Indicates whether information about services should be injected into pod's environment variables, matching the syntax of Docker links. Cloud Run fully managed: Not supported. Cloud Run for Anthos: supported, defaults to true.
-        "imagePullSecrets": [ # ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet. More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod Cloud Run fully managed: Not supported. Cloud Run for Anthos: supported.
-          { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
-            "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+        "enableServiceLinks": True or False, # Not supported by Cloud Run.
+        "imagePullSecrets": [ # Not supported by Cloud Run.
+          { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
+            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
           },
         ],
         "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account.
-        "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run fully managed: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour). Cloud Run for Anthos: defaults to 300 seconds (5 minutes). Maximum allowed value is configurable by the cluster operator.
+        "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour).
         "volumes": [
           { # Volume represents a named volume in a container.
-            "configMap": { # Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
+            "configMap": { # Not supported by Cloud Run. Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
               "defaultMode": 42, # (Optional) Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
               "items": [ # (Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
                 { # Maps a string key to a path within a volume.
@@ -2153,25 +2153,25 @@ 
Method Details

               "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
             },
             "name": "A String", # Volume's name. In Cloud Run Fully Managed, the name 'cloudsql' is reserved.
-            "secret": { # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names.
+            "secret": { # A volume representing a secret stored in Google Secret Manager. The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secretName.
               "defaultMode": 42, # Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0444. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
-              "items": [ # (Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
+              "items": [ # A list of secret versions to mount in the volume. If no items are specified, the volume will expose a file with the same name as the secret name. The contents of the file will be the data in the latest version of the secret. If items are specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify both a key and a path.
                 { # Maps a string key to a path within a volume.
                   "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project.
                   "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                   "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                 },
               ],
-              "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
+              "optional": True or False, # Not supported by Cloud Run.
               "secretName": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use.
             },
           },
         ],
       },
     },
-    "traffic": [ # Traffic specifies how to distribute traffic over a collection of Knative Revisions and Configurations.
+    "traffic": [ # Specifies how to distribute traffic over a collection of Knative Revisions and Configurations to the Service's main URL.
       { # TrafficTarget holds a single entry of the routing table for a Route.
-        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
+        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision which will be sent this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, traffic will automatically migrate from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
         "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty.
         "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified.
         "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName.
@@ -2180,26 +2180,26 @@ 
Method Details

       },
     ],
   },
-  "status": { # The current state of the Service. Output only. # Status communicates the observed state of the Service (from the controller).
-    "address": { # Information for connecting over HTTP(s). # From RouteStatus. Similar to url, information on where the service is available on HTTP.
+  "status": { # The current state of the Service. Output only. # Communicates the system-controlled state of the Service.
+    "address": { # Information for connecting over HTTP(s). # Similar to url, information on where the service is available on HTTP.
       "url": "A String",
     },
-    "conditions": [ # Conditions communicates information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world. Service-specific conditions include: * "ConfigurationsReady": true when the underlying Configuration is ready. * "RoutesReady": true when the underlying Route is ready. * "Ready": true when both the underlying Route and Configuration are ready.
-      { # Condition defines a generic condition for a Resource.
+    "conditions": [ # Communicates information about ongoing/complete reconciliation processes that bring the `spec` inline with the observed state of the world. Service-specific conditions include: * `ConfigurationsReady`: `True` when the underlying Configuration is ready. * `RoutesReady`: `True` when the underlying Route is ready. * `Ready`: `True` when all underlying resources are ready.
+      { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
         "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
         "message": "A String", # Optional. Human readable message indicating details about the current status.
-        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-        "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+        "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
         "status": "A String", # Status of the condition, one of True, False, Unknown.
-        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
       },
     ],
-    "latestCreatedRevisionName": "A String", # From ConfigurationStatus. LatestCreatedRevisionName is the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName.
-    "latestReadyRevisionName": "A String", # From ConfigurationStatus. LatestReadyRevisionName holds the name of the latest Revision stamped out from this Service's Configuration that has had its "Ready" condition become "True".
-    "observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Route that was last processed by the controller. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False.
-    "traffic": [ # From RouteStatus. Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed.
+    "latestCreatedRevisionName": "A String", # Name of the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName.
+    "latestReadyRevisionName": "A String", # Name of the latest Revision from this Service's Configuration that has had its `Ready` condition become `True`.
+    "observedGeneration": 42, # Returns the generation last fully processed by the system. This will only match metadata.generation when reconciliation is complete. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False.
+    "traffic": [ # Holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed.
       { # TrafficTarget holds a single entry of the routing table for a Route.
-        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
+        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision which will be sent this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, traffic will automatically migrate from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
         "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty.
         "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified.
         "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName.
@@ -2207,7 +2207,7 @@ 
Method Details

         "url": "A String", # Output only. URL displays the URL for accessing tagged traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. https://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.)
       },
     ],
-    "url": "A String", # From RouteStatus. URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app
+    "url": "A String", # URL that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app
   },
 }

 

diff --git a/docs/dyn/run_v1.namespaces.tasks.html b/docs/dyn/run_v1.namespaces.tasks.html
index f51e340d1b4..1be87f2adab 100644
--- a/docs/dyn/run_v1.namespaces.tasks.html
+++ b/docs/dyn/run_v1.namespaces.tasks.html
@@ -104,225 +104,225 @@ 
Method Details

   An object of the form:
 
     { # Task represents a single run of a container to completion.
-  "apiVersion": "A String", # Optional. APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources +optional
-  "kind": "A String", # Optional. Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +optional
-  "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional
-    "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+  "apiVersion": "A String", # Optional. APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+  "kind": "A String", # Optional. Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+  "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+    "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
       "a_key": "A String",
     },
-    "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-    "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-    "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+    "clusterName": "A String", # Not supported by Cloud Run
+    "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+    "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+    "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+    "finalizers": [ # Not supported by Cloud Run
       "A String",
     ],
-    "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-    "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-    "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+    "generateName": "A String", # Not supported by Cloud Run
+    "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+    "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
       "a_key": "A String",
     },
-    "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-    "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-    "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-      { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-        "apiVersion": "A String", # API version of the referent.
-        "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-        "controller": True or False, # If true, this reference points to the managing controller. +optional
-        "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-        "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+    "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+    "ownerReferences": [ # Not supported by Cloud Run
+      { # This is not supported or used by Cloud Run.
+        "apiVersion": "A String", # This is not supported or used by Cloud Run.
+        "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+        "controller": True or False, # This is not supported or used by Cloud Run.
+        "kind": "A String", # This is not supported or used by Cloud Run.
+        "name": "A String", # This is not supported or used by Cloud Run.
+        "uid": "A String", # This is not supported or used by Cloud Run.
       },
     ],
-    "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-    "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-    "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
+    "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
   },
-  "spec": { # TaskSpec is a description of a task. # Optional. Specification of the desired behavior of an execution. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status +optional
+  "spec": { # TaskSpec is a description of a task. # Optional. Specification of the desired behavior of a task. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
     "containers": [ # Optional. List of containers belonging to the task. We disallow a number of fields on this Container. Only a single container may be provided.
       { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime.
-        "args": [ # (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+        "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
           "A String",
         ],
-        "command": [
+        "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
           "A String",
         ],
-        "env": [ # (Optional) List of environment variables to set in the container.
+        "env": [ # List of environment variables to set in the container.
           { # EnvVar represents an environment variable present in a Container.
-            "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
-            "value": "A String", # (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
-            "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # (Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty.
-              "configMapKeyRef": { # Not supported by Cloud Run Selects a key from a ConfigMap. # (Optional) Not supported by Cloud Run Selects a key of a ConfigMap.
-                "key": "A String", # The key to select.
-                "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                  "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+            "name": "A String", # Required. Name of the environment variable. Must be a C_IDENTIFIER.
+            "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
+            "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # Source for the environment variable's value. Only supports secret_key_ref. Cannot be used if value is not empty.
+              "configMapKeyRef": { # Not supported by Cloud Run. Selects a key from a ConfigMap. # Not supported by Cloud Run. Selects a key of a ConfigMap.
+                "key": "A String", # Required. The key to select.
+                "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                  "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                 },
-                "name": "A String", # The ConfigMap to select from.
-                "optional": True or False, # (Optional) Specify whether the ConfigMap or its key must be defined
+                "name": "A String", # Required. The ConfigMap to select from.
+                "optional": True or False, # Specify whether the ConfigMap or its key must be defined
               },
-              "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # (Optional) Selects a key (version) of a secret in Secret Manager.
-                "key": "A String", # A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
-                "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                  "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+              "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # Selects a key (version) of a secret in Secret Manager.
+                "key": "A String", # Required. A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
+                "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                  "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                 },
                 "name": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from.
-                "optional": True or False, # (Optional) Specify whether the Secret or its key must be defined
+                "optional": True or False, # Specify whether the Secret or its key must be defined.
               },
             },
           },
         ],
-        "envFrom": [ # (Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
-          { # Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps
-            "configMapRef": { # Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # (Optional) The ConfigMap to select from
-              "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+        "envFrom": [ # Not supported by Cloud Run.
+          { # Not supported by Cloud Run. EnvFromSource represents the source of a set of ConfigMaps
+            "configMapRef": { # Not supported by Cloud Run. ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from
+              "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
               },
               "name": "A String", # The ConfigMap to select from.
-              "optional": True or False, # (Optional) Specify whether the ConfigMap must be defined
+              "optional": True or False, # Specify whether the ConfigMap must be defined.
             },
-            "prefix": "A String", # (Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
-            "secretRef": { # Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # (Optional) The Secret to select from
-              "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+            "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
+            "secretRef": { # Not supported by Cloud Run. SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from
+              "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
               },
               "name": "A String", # The Secret to select from.
-              "optional": True or False, # (Optional) Specify whether the Secret must be defined
+              "optional": True or False, # Specify whether the Secret must be defined
             },
           },
         ],
-        "image": "A String", # Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images
-        "imagePullPolicy": "A String", # (Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
-        "livenessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-          "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-            "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+        "image": "A String", # Required. URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images
+        "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
+        "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+          "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+            "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
               "A String",
             ],
           },
-          "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-          "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+          "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+          "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
             "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
             "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
           },
-          "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-            "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-            "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+          "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+            "host": "A String", # Not supported by Cloud Run.
+            "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
               { # HTTPHeader describes a custom header to be used in HTTP probes
                 "name": "A String", # The header field name
                 "value": "A String", # The header field value
               },
             ],
-            "path": "A String", # (Optional) Path to access on the HTTP server.
-            "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+            "path": "A String", # Path to access on the HTTP server.
+            "scheme": "A String", # Not supported by Cloud Run.
           },
-          "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-          "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-          "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-          "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-            "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-            "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+          "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+          "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+          "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+          "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+            "host": "A String", # Not supported by Cloud Run.
+            "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
           },
-          "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+          "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
         },
-        "name": "A String", # (Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
-        "ports": [ # (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
+        "name": "A String", # Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
+        "ports": [ # List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
           { # ContainerPort represents a network port in a single container.
-            "containerPort": 42, # (Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536.
-            "name": "A String", # (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
-            "protocol": "A String", # (Optional) Protocol for port. Must be "TCP". Defaults to "TCP".
+            "containerPort": 42, # Port number the container listens on. This must be a valid port number, 0 < x < 65536.
+            "name": "A String", # If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
+            "protocol": "A String", # Protocol for port. Must be "TCP". Defaults to "TCP".
           },
         ],
-        "readinessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-          "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-            "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+        "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Not supported by Cloud Run.
+          "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+            "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
               "A String",
             ],
           },
-          "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-          "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+          "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+          "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
             "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
             "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
           },
-          "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-            "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-            "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+          "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+            "host": "A String", # Not supported by Cloud Run.
+            "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
               { # HTTPHeader describes a custom header to be used in HTTP probes
                 "name": "A String", # The header field name
                 "value": "A String", # The header field value
               },
             ],
-            "path": "A String", # (Optional) Path to access on the HTTP server.
-            "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+            "path": "A String", # Path to access on the HTTP server.
+            "scheme": "A String", # Not supported by Cloud Run.
           },
-          "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-          "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-          "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-          "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-            "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-            "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+          "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+          "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+          "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+          "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+            "host": "A String", # Not supported by Cloud Run.
+            "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
           },
-          "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+          "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
         },
-        "resources": { # ResourceRequirements describes the compute resource requirements. # (Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
-          "limits": { # (Optional) Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+        "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+          "limits": { # Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
             "a_key": "A String",
           },
-          "requests": { # (Optional) Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+          "requests": { # Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
             "a_key": "A String",
           },
         },
-        "securityContext": { # Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # (Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
-          "runAsUser": 42, # (Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+        "securityContext": { # Not supported by Cloud Run. SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Not supported by Cloud Run.
+          "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
         },
-        "startupProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-          "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-            "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+        "startupProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not receive traffic if the probe fails. If not provided, a default startup probe with TCP socket action is used. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+          "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+            "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
               "A String",
             ],
           },
-          "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-          "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+          "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+          "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
             "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
             "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
           },
-          "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-            "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-            "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+          "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+            "host": "A String", # Not supported by Cloud Run.
+            "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
               { # HTTPHeader describes a custom header to be used in HTTP probes
                 "name": "A String", # The header field name
                 "value": "A String", # The header field value
               },
             ],
-            "path": "A String", # (Optional) Path to access on the HTTP server.
-            "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+            "path": "A String", # Path to access on the HTTP server.
+            "scheme": "A String", # Not supported by Cloud Run.
           },
-          "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-          "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-          "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-          "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-            "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-            "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+          "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+          "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+          "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+          "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+            "host": "A String", # Not supported by Cloud Run.
+            "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
           },
-          "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+          "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
         },
-        "terminationMessagePath": "A String", # (Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
-        "terminationMessagePolicy": "A String", # (Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
-        "volumeMounts": [ # (Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
+        "terminationMessagePath": "A String", # Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
+        "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
+        "volumeMounts": [ # Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
           { # VolumeMount describes a mounting of a Volume within a container.
-            "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'.
-            "name": "A String", # The name of the volume. There must be a corresponding Volume with the same name.
-            "readOnly": True or False, # (Optional) Only true is accepted. Defaults to true.
-            "subPath": "A String", # (Optional) Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
+            "mountPath": "A String", # Required. Path within the container at which the volume should be mounted. Must not contain ':'.
+            "name": "A String", # Required. The name of the volume. There must be a corresponding Volume with the same name.
+            "readOnly": True or False, # Only true is accepted for Secret Volumes. Defaults to true for Secrets Volumes.
+            "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
           },
         ],
-        "workingDir": "A String", # (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
+        "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
       },
     ],
     "maxRetries": 42, # Optional. Number of retries allowed per task, before marking this job failed.
-    "serviceAccountName": "A String", # Optional. Email address of the IAM service account associated with the task of a job execution. The service account represents the identity of the running task, and determines what permissions the task has. If not provided, the task will use the project's default service account. +optional
-    "timeoutSeconds": "A String", # Optional. Optional duration in seconds the task may be active before the system will actively try to mark it failed and kill associated containers. This applies per attempt of a task, meaning each retry can run for the full timeout. +optional
-    "volumes": [ # Optional. List of volumes that can be mounted by containers belonging to the task. More info: https://kubernetes.io/docs/concepts/storage/volumes +optional
+    "serviceAccountName": "A String", # Optional. Email address of the IAM service account associated with the task of a job execution. The service account represents the identity of the running task, and determines what permissions the task has. If not provided, the task will use the project's default service account.
+    "timeoutSeconds": "A String", # Optional. Duration in seconds the task may be active before the system will actively try to mark it failed and kill associated containers. This applies per attempt of a task, meaning each retry can run for the full timeout.
+    "volumes": [ # Optional. List of volumes that can be mounted by containers belonging to the task. More info: https://kubernetes.io/docs/concepts/storage/volumes
       { # Volume represents a named volume in a container.
-        "configMap": { # Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
+        "configMap": { # Not supported by Cloud Run. Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
           "defaultMode": 42, # (Optional) Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
           "items": [ # (Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
             { # Maps a string key to a path within a volume.
@@ -335,35 +335,35 @@ 
Method Details

           "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
         },
         "name": "A String", # Volume's name. In Cloud Run Fully Managed, the name 'cloudsql' is reserved.
-        "secret": { # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names.
+        "secret": { # A volume representing a secret stored in Google Secret Manager. The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secretName.
           "defaultMode": 42, # Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0444. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
-          "items": [ # (Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
+          "items": [ # A list of secret versions to mount in the volume. If no items are specified, the volume will expose a file with the same name as the secret name. The contents of the file will be the data in the latest version of the secret. If items are specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify both a key and a path.
             { # Maps a string key to a path within a volume.
               "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project.
               "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
               "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
             },
           ],
-          "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
+          "optional": True or False, # Not supported by Cloud Run.
           "secretName": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use.
         },
       },
     ],
   },
-  "status": { # TaskStatus represents the status of a task of a job execution. # Output only. Current status of an execution. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status +optional
-    "completionTime": "A String", # Optional. Represents time when the task was completed. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC. +optional
-    "conditions": [ # Optional. The latest available observations of a task's current state. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/ +optional
-      { # Condition defines a generic condition for a Resource.
+  "status": { # TaskStatus represents the status of a task. # Output only. Current status of a task. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+    "completionTime": "A String", # Optional. Represents time when the task was completed. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC.
+    "conditions": [ # Optional. The latest available observations of a task's current state. More info: https://kubernetes.io/docs/concepts/workloads/controllers/job/
+      { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
         "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
         "message": "A String", # Optional. Human readable message indicating details about the current status.
-        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-        "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+        "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
         "status": "A String", # Status of the condition, one of True, False, Unknown.
-        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
       },
     ],
     "index": 42, # Required. Index of the task, unique per execution, and beginning at 0.
-    "lastAttemptResult": { # Result of a task attempt. # Optional. Result of the last attempt of this task. +optional
+    "lastAttemptResult": { # Result of a task attempt. # Optional. Result of the last attempt of this task.
       "exitCode": 42, # Optional. The exit code of this attempt. This may be unset if the container was unable to exit cleanly with a code due to some other failure. See status field for possible failure details.
       "status": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # Optional. The status of this attempt. If the status code is OK, then the attempt succeeded.
         "code": 42, # The status code, which should be an enum value of google.rpc.Code.
@@ -376,9 +376,9 @@ 
Method Details

       },
     },
     "logUri": "A String", # Optional. URI where logs for this task can be found in Cloud Console.
-    "observedGeneration": 42, # Optional. The 'generation' of the execution that was last processed by the controller.
-    "retried": 42, # Optional. The number of times this task was retried. Instances are retried when they fail up to the maxRetries limit. +optional
-    "startTime": "A String", # Optional. Represents time when the task started to run. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC. +optional
+    "observedGeneration": 42, # Optional. The 'generation' of the task that was last processed by the controller.
+    "retried": 42, # Optional. The number of times this task was retried. Instances are retried when they fail up to the maxRetries limit.
+    "startTime": "A String", # Optional. Represents time when the task started to run. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC.
   },
 }

 

@@ -390,12 +390,12 @@ 
Method Details

 Args:
   parent: string, Required. The namespace from which the tasks should be listed. Replace {namespace} with the project ID or number. It takes the form namespaces/{namespace}. For example: namespaces/PROJECT_ID (required)
   continue: string, Optional. Optional encoded string to continue paging.
-  fieldSelector: string, Optional. Allows to filter resources based on a specific value for a field name. Send this in a query string format. i.e. 'metadata.name%3Dlorem'. Not currently used by Cloud Run.
-  includeUninitialized: boolean, Optional. Not currently used by Cloud Run.
+  fieldSelector: string, Optional. Not supported by Cloud Run.
+  includeUninitialized: boolean, Optional. Not supported by Cloud Run.
   labelSelector: string, Optional. Allows to filter resources based on a label. Supported operations are =, !=, exists, in, and notIn.
   limit: integer, Optional. The maximum number of records that should be returned.
-  resourceVersion: string, Optional. The baseline resource version from which the list or watch operation should start. Not currently used by Cloud Run.
-  watch: boolean, Optional. Flag that indicates that the client expects to watch this resource as well. Not currently used by Cloud Run.
+  resourceVersion: string, Optional. Not supported by Cloud Run.
+  watch: boolean, Optional. Not supported by Cloud Run.
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -408,225 +408,225 @@ 
Method Details

   "apiVersion": "A String", # The API version for this call such as "run.googleapis.com/v1".
   "items": [ # List of Tasks.
     { # Task represents a single run of a container to completion.
-      "apiVersion": "A String", # Optional. APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources +optional
-      "kind": "A String", # Optional. Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +optional
-      "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional
-        "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+      "apiVersion": "A String", # Optional. APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+      "kind": "A String", # Optional. Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+      "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+        "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
           "a_key": "A String",
         },
-        "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-        "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-        "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+        "clusterName": "A String", # Not supported by Cloud Run
+        "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+        "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+        "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+        "finalizers": [ # Not supported by Cloud Run
           "A String",
         ],
-        "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-        "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-        "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+        "generateName": "A String", # Not supported by Cloud Run
+        "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+        "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
           "a_key": "A String",
         },
-        "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-        "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-        "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-          { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-            "apiVersion": "A String", # API version of the referent.
-            "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-            "controller": True or False, # If true, this reference points to the managing controller. +optional
-            "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-            "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+        "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+        "ownerReferences": [ # Not supported by Cloud Run
+          { # This is not supported or used by Cloud Run.
+            "apiVersion": "A String", # This is not supported or used by Cloud Run.
+            "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+            "controller": True or False, # This is not supported or used by Cloud Run.
+            "kind": "A String", # This is not supported or used by Cloud Run.
+            "name": "A String", # This is not supported or used by Cloud Run.
+            "uid": "A String", # This is not supported or used by Cloud Run.
           },
         ],
-        "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-        "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-        "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+        "selfLink": "A String", # URL representing this object.
+        "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
       },
-      "spec": { # TaskSpec is a description of a task. # Optional. Specification of the desired behavior of an execution. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status +optional
+      "spec": { # TaskSpec is a description of a task. # Optional. Specification of the desired behavior of a task. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
         "containers": [ # Optional. List of containers belonging to the task. We disallow a number of fields on this Container. Only a single container may be provided.
           { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime.
-            "args": [ # (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+            "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
               "A String",
             ],
-            "command": [
+            "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
               "A String",
             ],
-            "env": [ # (Optional) List of environment variables to set in the container.
+            "env": [ # List of environment variables to set in the container.
               { # EnvVar represents an environment variable present in a Container.
-                "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
-                "value": "A String", # (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
-                "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # (Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty.
-                  "configMapKeyRef": { # Not supported by Cloud Run Selects a key from a ConfigMap. # (Optional) Not supported by Cloud Run Selects a key of a ConfigMap.
-                    "key": "A String", # The key to select.
-                    "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                      "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "name": "A String", # Required. Name of the environment variable. Must be a C_IDENTIFIER.
+                "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
+                "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # Source for the environment variable's value. Only supports secret_key_ref. Cannot be used if value is not empty.
+                  "configMapKeyRef": { # Not supported by Cloud Run. Selects a key from a ConfigMap. # Not supported by Cloud Run. Selects a key of a ConfigMap.
+                    "key": "A String", # Required. The key to select.
+                    "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                      "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                     },
-                    "name": "A String", # The ConfigMap to select from.
-                    "optional": True or False, # (Optional) Specify whether the ConfigMap or its key must be defined
+                    "name": "A String", # Required. The ConfigMap to select from.
+                    "optional": True or False, # Specify whether the ConfigMap or its key must be defined
                   },
-                  "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # (Optional) Selects a key (version) of a secret in Secret Manager.
-                    "key": "A String", # A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
-                    "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                      "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                  "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # Selects a key (version) of a secret in Secret Manager.
+                    "key": "A String", # Required. A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
+                    "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                      "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                     },
                     "name": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from.
-                    "optional": True or False, # (Optional) Specify whether the Secret or its key must be defined
+                    "optional": True or False, # Specify whether the Secret or its key must be defined.
                   },
                 },
               },
             ],
-            "envFrom": [ # (Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
-              { # Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps
-                "configMapRef": { # Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # (Optional) The ConfigMap to select from
-                  "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                    "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+            "envFrom": [ # Not supported by Cloud Run.
+              { # Not supported by Cloud Run. EnvFromSource represents the source of a set of ConfigMaps
+                "configMapRef": { # Not supported by Cloud Run. ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from
+                  "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                    "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                   },
                   "name": "A String", # The ConfigMap to select from.
-                  "optional": True or False, # (Optional) Specify whether the ConfigMap must be defined
+                  "optional": True or False, # Specify whether the ConfigMap must be defined.
                 },
-                "prefix": "A String", # (Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
-                "secretRef": { # Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # (Optional) The Secret to select from
-                  "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                    "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
+                "secretRef": { # Not supported by Cloud Run. SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from
+                  "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                    "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                   },
                   "name": "A String", # The Secret to select from.
-                  "optional": True or False, # (Optional) Specify whether the Secret must be defined
+                  "optional": True or False, # Specify whether the Secret must be defined
                 },
               },
             ],
-            "image": "A String", # Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images
-            "imagePullPolicy": "A String", # (Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
-            "livenessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "image": "A String", # Required. URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images
+            "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
+            "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "name": "A String", # (Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
-            "ports": [ # (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
+            "name": "A String", # Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
+            "ports": [ # List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
               { # ContainerPort represents a network port in a single container.
-                "containerPort": 42, # (Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536.
-                "name": "A String", # (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
-                "protocol": "A String", # (Optional) Protocol for port. Must be "TCP". Defaults to "TCP".
+                "containerPort": 42, # Port number the container listens on. This must be a valid port number, 0 < x < 65536.
+                "name": "A String", # If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
+                "protocol": "A String", # Protocol for port. Must be "TCP". Defaults to "TCP".
               },
             ],
-            "readinessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Not supported by Cloud Run.
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "resources": { # ResourceRequirements describes the compute resource requirements. # (Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
-              "limits": { # (Optional) Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+            "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+              "limits": { # Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                 "a_key": "A String",
               },
-              "requests": { # (Optional) Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+              "requests": { # Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                 "a_key": "A String",
               },
             },
-            "securityContext": { # Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # (Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
-              "runAsUser": 42, # (Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+            "securityContext": { # Not supported by Cloud Run. SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Not supported by Cloud Run.
+              "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
             },
-            "startupProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "startupProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not receive traffic if the probe fails. If not provided, a default startup probe with TCP socket action is used. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "terminationMessagePath": "A String", # (Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
-            "terminationMessagePolicy": "A String", # (Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
-            "volumeMounts": [ # (Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
+            "terminationMessagePath": "A String", # Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
+            "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
+            "volumeMounts": [ # Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
               { # VolumeMount describes a mounting of a Volume within a container.
-                "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'.
-                "name": "A String", # The name of the volume. There must be a corresponding Volume with the same name.
-                "readOnly": True or False, # (Optional) Only true is accepted. Defaults to true.
-                "subPath": "A String", # (Optional) Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
+                "mountPath": "A String", # Required. Path within the container at which the volume should be mounted. Must not contain ':'.
+                "name": "A String", # Required. The name of the volume. There must be a corresponding Volume with the same name.
+                "readOnly": True or False, # Only true is accepted for Secret Volumes. Defaults to true for Secrets Volumes.
+                "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
               },
             ],
-            "workingDir": "A String", # (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
+            "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
           },
         ],
         "maxRetries": 42, # Optional. Number of retries allowed per task, before marking this job failed.
-        "serviceAccountName": "A String", # Optional. Email address of the IAM service account associated with the task of a job execution. The service account represents the identity of the running task, and determines what permissions the task has. If not provided, the task will use the project's default service account. +optional
-        "timeoutSeconds": "A String", # Optional. Optional duration in seconds the task may be active before the system will actively try to mark it failed and kill associated containers. This applies per attempt of a task, meaning each retry can run for the full timeout. +optional
-        "volumes": [ # Optional. List of volumes that can be mounted by containers belonging to the task. More info: https://kubernetes.io/docs/concepts/storage/volumes +optional
+        "serviceAccountName": "A String", # Optional. Email address of the IAM service account associated with the task of a job execution. The service account represents the identity of the running task, and determines what permissions the task has. If not provided, the task will use the project's default service account.
+        "timeoutSeconds": "A String", # Optional. Duration in seconds the task may be active before the system will actively try to mark it failed and kill associated containers. This applies per attempt of a task, meaning each retry can run for the full timeout.
+        "volumes": [ # Optional. List of volumes that can be mounted by containers belonging to the task. More info: https://kubernetes.io/docs/concepts/storage/volumes
           { # Volume represents a named volume in a container.
-            "configMap": { # Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
+            "configMap": { # Not supported by Cloud Run. Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
               "defaultMode": 42, # (Optional) Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
               "items": [ # (Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
                 { # Maps a string key to a path within a volume.
@@ -639,35 +639,35 @@ 
Method Details

               "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
             },
             "name": "A String", # Volume's name. In Cloud Run Fully Managed, the name 'cloudsql' is reserved.
-            "secret": { # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names.
+            "secret": { # A volume representing a secret stored in Google Secret Manager. The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secretName.
               "defaultMode": 42, # Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0444. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
-              "items": [ # (Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
+              "items": [ # A list of secret versions to mount in the volume. If no items are specified, the volume will expose a file with the same name as the secret name. The contents of the file will be the data in the latest version of the secret. If items are specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify both a key and a path.
                 { # Maps a string key to a path within a volume.
                   "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project.
                   "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                   "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                 },
               ],
-              "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
+              "optional": True or False, # Not supported by Cloud Run.
               "secretName": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use.
             },
           },
         ],
       },
-      "status": { # TaskStatus represents the status of a task of a job execution. # Output only. Current status of an execution. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status +optional
-        "completionTime": "A String", # Optional. Represents time when the task was completed. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC. +optional
-        "conditions": [ # Optional. The latest available observations of a task's current state. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/ +optional
-          { # Condition defines a generic condition for a Resource.
+      "status": { # TaskStatus represents the status of a task. # Output only. Current status of a task. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+        "completionTime": "A String", # Optional. Represents time when the task was completed. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC.
+        "conditions": [ # Optional. The latest available observations of a task's current state. More info: https://kubernetes.io/docs/concepts/workloads/controllers/job/
+          { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
             "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
             "message": "A String", # Optional. Human readable message indicating details about the current status.
-            "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-            "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+            "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+            "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
             "status": "A String", # Status of the condition, one of True, False, Unknown.
-            "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+            "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
           },
         ],
         "index": 42, # Required. Index of the task, unique per execution, and beginning at 0.
-        "lastAttemptResult": { # Result of a task attempt. # Optional. Result of the last attempt of this task. +optional
+        "lastAttemptResult": { # Result of a task attempt. # Optional. Result of the last attempt of this task.
           "exitCode": 42, # Optional. The exit code of this attempt. This may be unset if the container was unable to exit cleanly with a code due to some other failure. See status field for possible failure details.
           "status": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # Optional. The status of this attempt. If the status code is OK, then the attempt succeeded.
             "code": 42, # The status code, which should be an enum value of google.rpc.Code.
@@ -680,17 +680,17 @@ 
Method Details

           },
         },
         "logUri": "A String", # Optional. URI where logs for this task can be found in Cloud Console.
-        "observedGeneration": 42, # Optional. The 'generation' of the execution that was last processed by the controller.
-        "retried": 42, # Optional. The number of times this task was retried. Instances are retried when they fail up to the maxRetries limit. +optional
-        "startTime": "A String", # Optional. Represents time when the task started to run. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC. +optional
+        "observedGeneration": 42, # Optional. The 'generation' of the task that was last processed by the controller.
+        "retried": 42, # Optional. The number of times this task was retried. Instances are retried when they fail up to the maxRetries limit.
+        "startTime": "A String", # Optional. Represents time when the task started to run. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC.
       },
     },
   ],
   "kind": "A String", # The kind of this resource, in this case "TasksList".
-  "metadata": { # ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}. # Metadata associated with this tasks list.
-    "continue": "A String", # continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response.
-    "resourceVersion": "A String", # String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional
-    "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional
+  "metadata": { # Metadata for synthetic resources like List. In Cloud Run, all List Resources Responses will have a ListMeta instead of ObjectMeta. # Metadata associated with this tasks list.
+    "continue": "A String", # Continuation token is a value emitted when the count of items is larger than the user/system limit. To retrieve the next page of items, pass the value of `continue` as the next request's `page_token`.
+    "resourceVersion": "A String", # Opaque string that identifies the server's internal version of this object. It can be used by clients to determine when objects have changed. If the message is passed back to the server, it must be left unmodified. https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
   },
   "unreachable": [ # Locations that could not be reached.
     "A String",
diff --git a/docs/dyn/run_v1.projects.locations.configurations.html b/docs/dyn/run_v1.projects.locations.configurations.html
index 321ec97207b..d97fa8fe4ea 100644
--- a/docs/dyn/run_v1.projects.locations.configurations.html
+++ b/docs/dyn/run_v1.projects.locations.configurations.html
@@ -94,7 +94,7 @@ 
Method Details

   
Get information about a configuration.
 
 Args:
-  name: string, The name of the configuration to retrieve. For Cloud Run (fully managed), replace {namespace_id} with the project ID or number. (required)
+  name: string, The name of the configuration to retrieve. For Cloud Run, replace {namespace_id} with the project ID or number. (required)
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -103,266 +103,266 @@ 
Method Details

 Returns:
   An object of the form:
 
-    { # Configuration represents the "floating HEAD" of a linear history of Revisions, and optionally how the containers those revisions reference are built. Users create new Revisions by updating the Configuration's spec. The "latest created" revision's name is available under status, as is the "latest ready" revision's name. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#configuration
+    { # Configuration represents the "floating HEAD" of a linear history of Revisions, and optionally how the containers those revisions reference are built. Users create new Revisions by updating the Configuration's spec. The "latest created" revision's name is available under status, as is the "latest ready" revision's name. See also: https://github.com/knative/specs/blob/main/specs/serving/overview.md#configuration
   "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1".
   "kind": "A String", # The kind of resource, in this case always "Configuration".
   "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Configuration, including name, namespace, labels, and annotations.
-    "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+    "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
       "a_key": "A String",
     },
-    "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-    "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-    "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+    "clusterName": "A String", # Not supported by Cloud Run
+    "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+    "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+    "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+    "finalizers": [ # Not supported by Cloud Run
       "A String",
     ],
-    "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-    "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-    "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+    "generateName": "A String", # Not supported by Cloud Run
+    "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+    "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
       "a_key": "A String",
     },
-    "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-    "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-    "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-      { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-        "apiVersion": "A String", # API version of the referent.
-        "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-        "controller": True or False, # If true, this reference points to the managing controller. +optional
-        "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-        "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+    "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+    "ownerReferences": [ # Not supported by Cloud Run
+      { # This is not supported or used by Cloud Run.
+        "apiVersion": "A String", # This is not supported or used by Cloud Run.
+        "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+        "controller": True or False, # This is not supported or used by Cloud Run.
+        "kind": "A String", # This is not supported or used by Cloud Run.
+        "name": "A String", # This is not supported or used by Cloud Run.
+        "uid": "A String", # This is not supported or used by Cloud Run.
       },
     ],
-    "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-    "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-    "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
+    "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
   },
   "spec": { # ConfigurationSpec holds the desired state of the Configuration (from the client). # Spec holds the desired state of the Configuration (from the client).
     "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out.
       "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. The following annotation keys set properties of the created revision: * `autoscaling.knative.dev/minScale` sets the minimum number of instances. * `autoscaling.knative.dev/maxScale` sets the maximum number of instances. * `run.googleapis.com/cloudsql-instances` sets Cloud SQL connections. Multiple values should be comma separated. * `run.googleapis.com/vpc-access-connector` sets a Serverless VPC Access connector. * `run.googleapis.com/vpc-access-egress` sets VPC egress. Supported values are `all-traffic`, `all` (deprecated), and `private-ranges-only`. `all-traffic` and `all` provide the same functionality. `all` is deprecated but will continue to be supported. Prefer `all-traffic`.
-        "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+        "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
           "a_key": "A String",
         },
-        "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-        "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-        "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+        "clusterName": "A String", # Not supported by Cloud Run
+        "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+        "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+        "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+        "finalizers": [ # Not supported by Cloud Run
           "A String",
         ],
-        "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-        "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-        "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+        "generateName": "A String", # Not supported by Cloud Run
+        "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+        "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
           "a_key": "A String",
         },
-        "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-        "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-        "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-          { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-            "apiVersion": "A String", # API version of the referent.
-            "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-            "controller": True or False, # If true, this reference points to the managing controller. +optional
-            "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-            "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+        "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+        "ownerReferences": [ # Not supported by Cloud Run
+          { # This is not supported or used by Cloud Run.
+            "apiVersion": "A String", # This is not supported or used by Cloud Run.
+            "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+            "controller": True or False, # This is not supported or used by Cloud Run.
+            "kind": "A String", # This is not supported or used by Cloud Run.
+            "name": "A String", # This is not supported or used by Cloud Run.
+            "uid": "A String", # This is not supported or used by Cloud Run.
           },
         ],
-        "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-        "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-        "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+        "selfLink": "A String", # URL representing this object.
+        "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
       },
       "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
-        "containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run for Anthos: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler.
-        "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/serving/blob/main/docs/runtime-contract.md
+        "containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run: supported, defaults to 80
+        "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/specs/blob/main/specs/serving/runtime-contract.md
           { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime.
-            "args": [ # (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+            "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
               "A String",
             ],
-            "command": [
+            "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
               "A String",
             ],
-            "env": [ # (Optional) List of environment variables to set in the container.
+            "env": [ # List of environment variables to set in the container.
               { # EnvVar represents an environment variable present in a Container.
-                "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
-                "value": "A String", # (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
-                "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # (Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty.
-                  "configMapKeyRef": { # Not supported by Cloud Run Selects a key from a ConfigMap. # (Optional) Not supported by Cloud Run Selects a key of a ConfigMap.
-                    "key": "A String", # The key to select.
-                    "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                      "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "name": "A String", # Required. Name of the environment variable. Must be a C_IDENTIFIER.
+                "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
+                "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # Source for the environment variable's value. Only supports secret_key_ref. Cannot be used if value is not empty.
+                  "configMapKeyRef": { # Not supported by Cloud Run. Selects a key from a ConfigMap. # Not supported by Cloud Run. Selects a key of a ConfigMap.
+                    "key": "A String", # Required. The key to select.
+                    "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                      "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                     },
-                    "name": "A String", # The ConfigMap to select from.
-                    "optional": True or False, # (Optional) Specify whether the ConfigMap or its key must be defined
+                    "name": "A String", # Required. The ConfigMap to select from.
+                    "optional": True or False, # Specify whether the ConfigMap or its key must be defined
                   },
-                  "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # (Optional) Selects a key (version) of a secret in Secret Manager.
-                    "key": "A String", # A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
-                    "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                      "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                  "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # Selects a key (version) of a secret in Secret Manager.
+                    "key": "A String", # Required. A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
+                    "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                      "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                     },
                     "name": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from.
-                    "optional": True or False, # (Optional) Specify whether the Secret or its key must be defined
+                    "optional": True or False, # Specify whether the Secret or its key must be defined.
                   },
                 },
               },
             ],
-            "envFrom": [ # (Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
-              { # Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps
-                "configMapRef": { # Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # (Optional) The ConfigMap to select from
-                  "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                    "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+            "envFrom": [ # Not supported by Cloud Run.
+              { # Not supported by Cloud Run. EnvFromSource represents the source of a set of ConfigMaps
+                "configMapRef": { # Not supported by Cloud Run. ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from
+                  "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                    "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                   },
                   "name": "A String", # The ConfigMap to select from.
-                  "optional": True or False, # (Optional) Specify whether the ConfigMap must be defined
+                  "optional": True or False, # Specify whether the ConfigMap must be defined.
                 },
-                "prefix": "A String", # (Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
-                "secretRef": { # Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # (Optional) The Secret to select from
-                  "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                    "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
+                "secretRef": { # Not supported by Cloud Run. SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from
+                  "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                    "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                   },
                   "name": "A String", # The Secret to select from.
-                  "optional": True or False, # (Optional) Specify whether the Secret must be defined
+                  "optional": True or False, # Specify whether the Secret must be defined
                 },
               },
             ],
-            "image": "A String", # Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images
-            "imagePullPolicy": "A String", # (Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
-            "livenessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "image": "A String", # Required. URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images
+            "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
+            "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "name": "A String", # (Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
-            "ports": [ # (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
+            "name": "A String", # Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
+            "ports": [ # List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
               { # ContainerPort represents a network port in a single container.
-                "containerPort": 42, # (Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536.
-                "name": "A String", # (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
-                "protocol": "A String", # (Optional) Protocol for port. Must be "TCP". Defaults to "TCP".
+                "containerPort": 42, # Port number the container listens on. This must be a valid port number, 0 < x < 65536.
+                "name": "A String", # If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
+                "protocol": "A String", # Protocol for port. Must be "TCP". Defaults to "TCP".
               },
             ],
-            "readinessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Not supported by Cloud Run.
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "resources": { # ResourceRequirements describes the compute resource requirements. # (Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
-              "limits": { # (Optional) Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+            "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+              "limits": { # Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                 "a_key": "A String",
               },
-              "requests": { # (Optional) Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+              "requests": { # Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                 "a_key": "A String",
               },
             },
-            "securityContext": { # Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # (Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
-              "runAsUser": 42, # (Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+            "securityContext": { # Not supported by Cloud Run. SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Not supported by Cloud Run.
+              "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
             },
-            "startupProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "startupProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not receive traffic if the probe fails. If not provided, a default startup probe with TCP socket action is used. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "terminationMessagePath": "A String", # (Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
-            "terminationMessagePolicy": "A String", # (Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
-            "volumeMounts": [ # (Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
+            "terminationMessagePath": "A String", # Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
+            "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
+            "volumeMounts": [ # Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
               { # VolumeMount describes a mounting of a Volume within a container.
-                "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'.
-                "name": "A String", # The name of the volume. There must be a corresponding Volume with the same name.
-                "readOnly": True or False, # (Optional) Only true is accepted. Defaults to true.
-                "subPath": "A String", # (Optional) Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
+                "mountPath": "A String", # Required. Path within the container at which the volume should be mounted. Must not contain ':'.
+                "name": "A String", # Required. The name of the volume. There must be a corresponding Volume with the same name.
+                "readOnly": True or False, # Only true is accepted for Secret Volumes. Defaults to true for Secrets Volumes.
+                "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
               },
             ],
-            "workingDir": "A String", # (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
+            "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
           },
         ],
-        "enableServiceLinks": True or False, # Indicates whether information about services should be injected into pod's environment variables, matching the syntax of Docker links. Cloud Run fully managed: Not supported. Cloud Run for Anthos: supported, defaults to true.
-        "imagePullSecrets": [ # ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet. More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod Cloud Run fully managed: Not supported. Cloud Run for Anthos: supported.
-          { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
-            "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+        "enableServiceLinks": True or False, # Not supported by Cloud Run.
+        "imagePullSecrets": [ # Not supported by Cloud Run.
+          { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
+            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
           },
         ],
         "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account.
-        "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run fully managed: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour). Cloud Run for Anthos: defaults to 300 seconds (5 minutes). Maximum allowed value is configurable by the cluster operator.
+        "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour).
         "volumes": [
           { # Volume represents a named volume in a container.
-            "configMap": { # Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
+            "configMap": { # Not supported by Cloud Run. Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
               "defaultMode": 42, # (Optional) Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
               "items": [ # (Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
                 { # Maps a string key to a path within a volume.
@@ -375,16 +375,16 @@ 
Method Details

               "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
             },
             "name": "A String", # Volume's name. In Cloud Run Fully Managed, the name 'cloudsql' is reserved.
-            "secret": { # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names.
+            "secret": { # A volume representing a secret stored in Google Secret Manager. The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secretName.
               "defaultMode": 42, # Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0444. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
-              "items": [ # (Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
+              "items": [ # A list of secret versions to mount in the volume. If no items are specified, the volume will expose a file with the same name as the secret name. The contents of the file will be the data in the latest version of the secret. If items are specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify both a key and a path.
                 { # Maps a string key to a path within a volume.
                   "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project.
                   "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                   "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                 },
               ],
-              "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
+              "optional": True or False, # Not supported by Cloud Run.
               "secretName": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use.
             },
           },
@@ -393,17 +393,17 @@ 
Method Details

     },
   },
   "status": { # ConfigurationStatus communicates the observed state of the Configuration (from the controller). # Status communicates the observed state of the Configuration (from the controller).
-    "conditions": [ # Conditions communicates information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world.
-      { # Condition defines a generic condition for a Resource.
+    "conditions": [ # Conditions communicate information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world.
+      { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
         "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
         "message": "A String", # Optional. Human readable message indicating details about the current status.
-        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-        "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+        "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
         "status": "A String", # Status of the condition, one of True, False, Unknown.
-        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
       },
     ],
-    "latestCreatedRevisionName": "A String", # LatestCreatedRevisionName is the last revision that was created from this Configuration. It might not be ready yet, for that use LatestReadyRevisionName.
+    "latestCreatedRevisionName": "A String", # LatestCreatedRevisionName is the last revision that was created from this Configuration. It might not be ready yet, so for the latest ready revision, use LatestReadyRevisionName.
     "latestReadyRevisionName": "A String", # LatestReadyRevisionName holds the name of the latest Revision stamped out from this Configuration that has had its "Ready" condition become "True".
     "observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Configuration that was last processed by the controller. The observed generation is updated even if the controller failed to process the spec and create the Revision. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation, and the Ready condition's status is True or False.
   },
@@ -415,14 +415,14 @@ 
Method Details

   
List configurations.
 
 Args:
-  parent: string, The namespace from which the configurations should be listed. For Cloud Run (fully managed), replace {namespace_id} with the project ID or number. (required)
+  parent: string, The namespace from which the configurations should be listed. For Cloud Run, replace {namespace_id} with the project ID or number. (required)
   continue: string, Optional. Encoded string to continue paging.
-  fieldSelector: string, Allows to filter resources based on a specific value for a field name. Send this in a query string format. i.e. 'metadata.name%3Dlorem'. Not currently used by Cloud Run.
-  includeUninitialized: boolean, Not currently used by Cloud Run.
+  fieldSelector: string, Not supported by Cloud Run.
+  includeUninitialized: boolean, Not supported by Cloud Run.
   labelSelector: string, Allows to filter resources based on a label. Supported operations are =, !=, exists, in, and notIn.
-  limit: integer, Optional. The maximum number of records that should be returned.
-  resourceVersion: string, The baseline resource version from which the list or watch operation should start. Not currently used by Cloud Run.
-  watch: boolean, Flag that indicates that the client expects to watch this resource as well. Not currently used by Cloud Run.
+  limit: integer, Optional. The maximum number of the records that should be returned.
+  resourceVersion: string, Not supported by Cloud Run.
+  watch: boolean, Not supported by Cloud Run.
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -434,266 +434,266 @@ 
Method Details

     { # ListConfigurationsResponse is a list of Configuration resources.
   "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1".
   "items": [ # List of Configurations.
-    { # Configuration represents the "floating HEAD" of a linear history of Revisions, and optionally how the containers those revisions reference are built. Users create new Revisions by updating the Configuration's spec. The "latest created" revision's name is available under status, as is the "latest ready" revision's name. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#configuration
+    { # Configuration represents the "floating HEAD" of a linear history of Revisions, and optionally how the containers those revisions reference are built. Users create new Revisions by updating the Configuration's spec. The "latest created" revision's name is available under status, as is the "latest ready" revision's name. See also: https://github.com/knative/specs/blob/main/specs/serving/overview.md#configuration
       "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1".
       "kind": "A String", # The kind of resource, in this case always "Configuration".
       "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Configuration, including name, namespace, labels, and annotations.
-        "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+        "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
           "a_key": "A String",
         },
-        "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-        "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-        "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+        "clusterName": "A String", # Not supported by Cloud Run
+        "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+        "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+        "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+        "finalizers": [ # Not supported by Cloud Run
           "A String",
         ],
-        "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-        "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-        "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+        "generateName": "A String", # Not supported by Cloud Run
+        "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+        "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
           "a_key": "A String",
         },
-        "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-        "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-        "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-          { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-            "apiVersion": "A String", # API version of the referent.
-            "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-            "controller": True or False, # If true, this reference points to the managing controller. +optional
-            "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-            "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+        "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+        "ownerReferences": [ # Not supported by Cloud Run
+          { # This is not supported or used by Cloud Run.
+            "apiVersion": "A String", # This is not supported or used by Cloud Run.
+            "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+            "controller": True or False, # This is not supported or used by Cloud Run.
+            "kind": "A String", # This is not supported or used by Cloud Run.
+            "name": "A String", # This is not supported or used by Cloud Run.
+            "uid": "A String", # This is not supported or used by Cloud Run.
           },
         ],
-        "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-        "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-        "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+        "selfLink": "A String", # URL representing this object.
+        "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
       },
       "spec": { # ConfigurationSpec holds the desired state of the Configuration (from the client). # Spec holds the desired state of the Configuration (from the client).
         "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out.
           "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. The following annotation keys set properties of the created revision: * `autoscaling.knative.dev/minScale` sets the minimum number of instances. * `autoscaling.knative.dev/maxScale` sets the maximum number of instances. * `run.googleapis.com/cloudsql-instances` sets Cloud SQL connections. Multiple values should be comma separated. * `run.googleapis.com/vpc-access-connector` sets a Serverless VPC Access connector. * `run.googleapis.com/vpc-access-egress` sets VPC egress. Supported values are `all-traffic`, `all` (deprecated), and `private-ranges-only`. `all-traffic` and `all` provide the same functionality. `all` is deprecated but will continue to be supported. Prefer `all-traffic`.
-            "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+            "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
               "a_key": "A String",
             },
-            "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-            "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-            "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-            "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-            "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+            "clusterName": "A String", # Not supported by Cloud Run
+            "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+            "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+            "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+            "finalizers": [ # Not supported by Cloud Run
               "A String",
             ],
-            "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-            "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-            "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+            "generateName": "A String", # Not supported by Cloud Run
+            "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+            "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
               "a_key": "A String",
             },
-            "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-            "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-            "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-              { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-                "apiVersion": "A String", # API version of the referent.
-                "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-                "controller": True or False, # If true, this reference points to the managing controller. +optional
-                "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-                "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-                "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+            "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+            "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+            "ownerReferences": [ # Not supported by Cloud Run
+              { # This is not supported or used by Cloud Run.
+                "apiVersion": "A String", # This is not supported or used by Cloud Run.
+                "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+                "controller": True or False, # This is not supported or used by Cloud Run.
+                "kind": "A String", # This is not supported or used by Cloud Run.
+                "name": "A String", # This is not supported or used by Cloud Run.
+                "uid": "A String", # This is not supported or used by Cloud Run.
               },
             ],
-            "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-            "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-            "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+            "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+            "selfLink": "A String", # URL representing this object.
+            "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
           },
           "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
-            "containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run for Anthos: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler.
-            "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/serving/blob/main/docs/runtime-contract.md
+            "containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run: supported, defaults to 80
+            "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/specs/blob/main/specs/serving/runtime-contract.md
               { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime.
-                "args": [ # (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+                "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
                   "A String",
                 ],
-                "command": [
+                "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
                   "A String",
                 ],
-                "env": [ # (Optional) List of environment variables to set in the container.
+                "env": [ # List of environment variables to set in the container.
                   { # EnvVar represents an environment variable present in a Container.
-                    "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
-                    "value": "A String", # (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
-                    "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # (Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty.
-                      "configMapKeyRef": { # Not supported by Cloud Run Selects a key from a ConfigMap. # (Optional) Not supported by Cloud Run Selects a key of a ConfigMap.
-                        "key": "A String", # The key to select.
-                        "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                          "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                    "name": "A String", # Required. Name of the environment variable. Must be a C_IDENTIFIER.
+                    "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
+                    "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # Source for the environment variable's value. Only supports secret_key_ref. Cannot be used if value is not empty.
+                      "configMapKeyRef": { # Not supported by Cloud Run. Selects a key from a ConfigMap. # Not supported by Cloud Run. Selects a key of a ConfigMap.
+                        "key": "A String", # Required. The key to select.
+                        "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                          "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                         },
-                        "name": "A String", # The ConfigMap to select from.
-                        "optional": True or False, # (Optional) Specify whether the ConfigMap or its key must be defined
+                        "name": "A String", # Required. The ConfigMap to select from.
+                        "optional": True or False, # Specify whether the ConfigMap or its key must be defined
                       },
-                      "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # (Optional) Selects a key (version) of a secret in Secret Manager.
-                        "key": "A String", # A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
-                        "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                          "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                      "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # Selects a key (version) of a secret in Secret Manager.
+                        "key": "A String", # Required. A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
+                        "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                          "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                         },
                         "name": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from.
-                        "optional": True or False, # (Optional) Specify whether the Secret or its key must be defined
+                        "optional": True or False, # Specify whether the Secret or its key must be defined.
                       },
                     },
                   },
                 ],
-                "envFrom": [ # (Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
-                  { # Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps
-                    "configMapRef": { # Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # (Optional) The ConfigMap to select from
-                      "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                        "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "envFrom": [ # Not supported by Cloud Run.
+                  { # Not supported by Cloud Run. EnvFromSource represents the source of a set of ConfigMaps
+                    "configMapRef": { # Not supported by Cloud Run. ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from
+                      "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                       },
                       "name": "A String", # The ConfigMap to select from.
-                      "optional": True or False, # (Optional) Specify whether the ConfigMap must be defined
+                      "optional": True or False, # Specify whether the ConfigMap must be defined.
                     },
-                    "prefix": "A String", # (Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
-                    "secretRef": { # Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # (Optional) The Secret to select from
-                      "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                        "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                    "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
+                    "secretRef": { # Not supported by Cloud Run. SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from
+                      "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                       },
                       "name": "A String", # The Secret to select from.
-                      "optional": True or False, # (Optional) Specify whether the Secret must be defined
+                      "optional": True or False, # Specify whether the Secret must be defined
                     },
                   },
                 ],
-                "image": "A String", # Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images
-                "imagePullPolicy": "A String", # (Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
-                "livenessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                    "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+                "image": "A String", # Required. URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images
+                "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
+                "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                    "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                       "A String",
                     ],
                   },
-                  "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-                  "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+                  "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+                  "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                     "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                     "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
                   },
-                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                    "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                       { # HTTPHeader describes a custom header to be used in HTTP probes
                         "name": "A String", # The header field name
                         "value": "A String", # The header field value
                       },
                     ],
-                    "path": "A String", # (Optional) Path to access on the HTTP server.
-                    "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                    "path": "A String", # Path to access on the HTTP server.
+                    "scheme": "A String", # Not supported by Cloud Run.
                   },
-                  "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-                  "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                    "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+                  "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+                  "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
                   },
-                  "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
                 },
-                "name": "A String", # (Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
-                "ports": [ # (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
+                "name": "A String", # Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
+                "ports": [ # List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
                   { # ContainerPort represents a network port in a single container.
-                    "containerPort": 42, # (Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536.
-                    "name": "A String", # (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
-                    "protocol": "A String", # (Optional) Protocol for port. Must be "TCP". Defaults to "TCP".
+                    "containerPort": 42, # Port number the container listens on. This must be a valid port number, 0 < x < 65536.
+                    "name": "A String", # If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
+                    "protocol": "A String", # Protocol for port. Must be "TCP". Defaults to "TCP".
                   },
                 ],
-                "readinessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                    "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+                "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Not supported by Cloud Run.
+                  "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                    "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                       "A String",
                     ],
                   },
-                  "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-                  "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+                  "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+                  "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                     "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                     "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
                   },
-                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                    "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                       { # HTTPHeader describes a custom header to be used in HTTP probes
                         "name": "A String", # The header field name
                         "value": "A String", # The header field value
                       },
                     ],
-                    "path": "A String", # (Optional) Path to access on the HTTP server.
-                    "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                    "path": "A String", # Path to access on the HTTP server.
+                    "scheme": "A String", # Not supported by Cloud Run.
                   },
-                  "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-                  "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                    "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+                  "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+                  "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
                   },
-                  "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
                 },
-                "resources": { # ResourceRequirements describes the compute resource requirements. # (Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
-                  "limits": { # (Optional) Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+                "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+                  "limits": { # Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                     "a_key": "A String",
                   },
-                  "requests": { # (Optional) Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+                  "requests": { # Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                     "a_key": "A String",
                   },
                 },
-                "securityContext": { # Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # (Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
-                  "runAsUser": 42, # (Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+                "securityContext": { # Not supported by Cloud Run. SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Not supported by Cloud Run.
+                  "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
                 },
-                "startupProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                    "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+                "startupProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not receive traffic if the probe fails. If not provided, a default startup probe with TCP socket action is used. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                    "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                       "A String",
                     ],
                   },
-                  "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-                  "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+                  "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+                  "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                     "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                     "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
                   },
-                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                    "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                       { # HTTPHeader describes a custom header to be used in HTTP probes
                         "name": "A String", # The header field name
                         "value": "A String", # The header field value
                       },
                     ],
-                    "path": "A String", # (Optional) Path to access on the HTTP server.
-                    "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                    "path": "A String", # Path to access on the HTTP server.
+                    "scheme": "A String", # Not supported by Cloud Run.
                   },
-                  "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-                  "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                    "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+                  "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+                  "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
                   },
-                  "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
                 },
-                "terminationMessagePath": "A String", # (Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
-                "terminationMessagePolicy": "A String", # (Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
-                "volumeMounts": [ # (Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
+                "terminationMessagePath": "A String", # Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
+                "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
+                "volumeMounts": [ # Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
                   { # VolumeMount describes a mounting of a Volume within a container.
-                    "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'.
-                    "name": "A String", # The name of the volume. There must be a corresponding Volume with the same name.
-                    "readOnly": True or False, # (Optional) Only true is accepted. Defaults to true.
-                    "subPath": "A String", # (Optional) Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
+                    "mountPath": "A String", # Required. Path within the container at which the volume should be mounted. Must not contain ':'.
+                    "name": "A String", # Required. The name of the volume. There must be a corresponding Volume with the same name.
+                    "readOnly": True or False, # Only true is accepted for Secret Volumes. Defaults to true for Secrets Volumes.
+                    "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
                   },
                 ],
-                "workingDir": "A String", # (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
+                "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
               },
             ],
-            "enableServiceLinks": True or False, # Indicates whether information about services should be injected into pod's environment variables, matching the syntax of Docker links. Cloud Run fully managed: Not supported. Cloud Run for Anthos: supported, defaults to true.
-            "imagePullSecrets": [ # ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet. More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod Cloud Run fully managed: Not supported. Cloud Run for Anthos: supported.
-              { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
-                "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+            "enableServiceLinks": True or False, # Not supported by Cloud Run.
+            "imagePullSecrets": [ # Not supported by Cloud Run.
+              { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
+                "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
               },
             ],
             "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account.
-            "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run fully managed: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour). Cloud Run for Anthos: defaults to 300 seconds (5 minutes). Maximum allowed value is configurable by the cluster operator.
+            "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour).
             "volumes": [
               { # Volume represents a named volume in a container.
-                "configMap": { # Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
+                "configMap": { # Not supported by Cloud Run. Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
                   "defaultMode": 42, # (Optional) Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                   "items": [ # (Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
                     { # Maps a string key to a path within a volume.
@@ -706,16 +706,16 @@ 
Method Details

                   "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
                 },
                 "name": "A String", # Volume's name. In Cloud Run Fully Managed, the name 'cloudsql' is reserved.
-                "secret": { # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names.
+                "secret": { # A volume representing a secret stored in Google Secret Manager. The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secretName.
                   "defaultMode": 42, # Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0444. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
-                  "items": [ # (Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
+                  "items": [ # A list of secret versions to mount in the volume. If no items are specified, the volume will expose a file with the same name as the secret name. The contents of the file will be the data in the latest version of the secret. If items are specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify both a key and a path.
                     { # Maps a string key to a path within a volume.
                       "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project.
                       "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                       "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                     },
                   ],
-                  "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
+                  "optional": True or False, # Not supported by Cloud Run.
                   "secretName": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use.
                 },
               },
@@ -724,27 +724,27 @@ 
Method Details

         },
       },
       "status": { # ConfigurationStatus communicates the observed state of the Configuration (from the controller). # Status communicates the observed state of the Configuration (from the controller).
-        "conditions": [ # Conditions communicates information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world.
-          { # Condition defines a generic condition for a Resource.
+        "conditions": [ # Conditions communicate information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world.
+          { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
             "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
             "message": "A String", # Optional. Human readable message indicating details about the current status.
-            "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-            "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+            "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+            "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
             "status": "A String", # Status of the condition, one of True, False, Unknown.
-            "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+            "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
           },
         ],
-        "latestCreatedRevisionName": "A String", # LatestCreatedRevisionName is the last revision that was created from this Configuration. It might not be ready yet, for that use LatestReadyRevisionName.
+        "latestCreatedRevisionName": "A String", # LatestCreatedRevisionName is the last revision that was created from this Configuration. It might not be ready yet, so for the latest ready revision, use LatestReadyRevisionName.
         "latestReadyRevisionName": "A String", # LatestReadyRevisionName holds the name of the latest Revision stamped out from this Configuration that has had its "Ready" condition become "True".
         "observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Configuration that was last processed by the controller. The observed generation is updated even if the controller failed to process the spec and create the Revision. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation, and the Ready condition's status is True or False.
       },
     },
   ],
   "kind": "A String", # The kind of this resource, in this case "ConfigurationList".
-  "metadata": { # ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}. # Metadata associated with this Configuration list.
-    "continue": "A String", # continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response.
-    "resourceVersion": "A String", # String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional
-    "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional
+  "metadata": { # Metadata for synthetic resources like List. In Cloud Run, all List Resources Responses will have a ListMeta instead of ObjectMeta. # Metadata associated with this Configuration list.
+    "continue": "A String", # Continuation token is a value emitted when the count of items is larger than the user/system limit. To retrieve the next page of items, pass the value of `continue` as the next request's `page_token`.
+    "resourceVersion": "A String", # Opaque string that identifies the server's internal version of this object. It can be used by clients to determine when objects have changed. If the message is passed back to the server, it must be left unmodified. https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
   },
   "unreachable": [ # Locations that could not be reached.
     "A String",
diff --git a/docs/dyn/run_v1.projects.locations.domainmappings.html b/docs/dyn/run_v1.projects.locations.domainmappings.html
index b20cfbd625b..c033e0f4935 100644
--- a/docs/dyn/run_v1.projects.locations.domainmappings.html
+++ b/docs/dyn/run_v1.projects.locations.domainmappings.html
@@ -88,7 +88,7 @@ 
Instance Methods

 
Get information about a domain mapping.

 

   list(parent, continue=None, fieldSelector=None, includeUninitialized=None, labelSelector=None, limit=None, resourceVersion=None, watch=None, x__xgafv=None)

-
List domain mappings.

+
List all domain mappings.

 
Method Details

 

     close()
@@ -108,36 +108,36 @@ 
Method Details

   "apiVersion": "A String", # The API version for this call such as "domains.cloudrun.com/v1".
   "kind": "A String", # The kind of resource, in this case "DomainMapping".
   "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this BuildTemplate.
-    "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+    "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
       "a_key": "A String",
     },
-    "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-    "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-    "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+    "clusterName": "A String", # Not supported by Cloud Run
+    "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+    "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+    "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+    "finalizers": [ # Not supported by Cloud Run
       "A String",
     ],
-    "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-    "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-    "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+    "generateName": "A String", # Not supported by Cloud Run
+    "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+    "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
       "a_key": "A String",
     },
-    "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-    "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-    "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-      { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-        "apiVersion": "A String", # API version of the referent.
-        "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-        "controller": True or False, # If true, this reference points to the managing controller. +optional
-        "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-        "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+    "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+    "ownerReferences": [ # Not supported by Cloud Run
+      { # This is not supported or used by Cloud Run.
+        "apiVersion": "A String", # This is not supported or used by Cloud Run.
+        "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+        "controller": True or False, # This is not supported or used by Cloud Run.
+        "kind": "A String", # This is not supported or used by Cloud Run.
+        "name": "A String", # This is not supported or used by Cloud Run.
+        "uid": "A String", # This is not supported or used by Cloud Run.
       },
     ],
-    "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-    "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-    "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
+    "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
   },
   "spec": { # The desired state of the Domain Mapping. # The spec for this DomainMapping.
     "certificateMode": "A String", # The mode of the certificate.
@@ -146,13 +146,13 @@ 
Method Details

   },
   "status": { # The current state of the Domain Mapping. # The current status of the DomainMapping.
     "conditions": [ # Array of observed DomainMappingConditions, indicating the current state of the DomainMapping.
-      { # Condition defines a generic condition for a Resource.
+      { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
         "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
         "message": "A String", # Optional. Human readable message indicating details about the current status.
-        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-        "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+        "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
         "status": "A String", # Status of the condition, one of True, False, Unknown.
-        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
       },
     ],
     "mappedRouteName": "A String", # The name of the route that the mapping currently points to.
@@ -164,7 +164,7 @@ 
Method Details

         "type": "A String", # Resource record type. Example: `AAAA`.
       },
     ],
-    "url": "A String", # Optional. Cloud Run fully managed: not supported Cloud Run on GKE: supported Holds the URL that will serve the traffic of the DomainMapping.
+    "url": "A String", # Optional. Not supported by Cloud Run.
   },
 }
 
@@ -181,36 +181,36 @@ 
Method Details

   "apiVersion": "A String", # The API version for this call such as "domains.cloudrun.com/v1".
   "kind": "A String", # The kind of resource, in this case "DomainMapping".
   "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this BuildTemplate.
-    "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+    "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
       "a_key": "A String",
     },
-    "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-    "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-    "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+    "clusterName": "A String", # Not supported by Cloud Run
+    "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+    "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+    "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+    "finalizers": [ # Not supported by Cloud Run
       "A String",
     ],
-    "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-    "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-    "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+    "generateName": "A String", # Not supported by Cloud Run
+    "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+    "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
       "a_key": "A String",
     },
-    "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-    "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-    "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-      { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-        "apiVersion": "A String", # API version of the referent.
-        "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-        "controller": True or False, # If true, this reference points to the managing controller. +optional
-        "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-        "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+    "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+    "ownerReferences": [ # Not supported by Cloud Run
+      { # This is not supported or used by Cloud Run.
+        "apiVersion": "A String", # This is not supported or used by Cloud Run.
+        "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+        "controller": True or False, # This is not supported or used by Cloud Run.
+        "kind": "A String", # This is not supported or used by Cloud Run.
+        "name": "A String", # This is not supported or used by Cloud Run.
+        "uid": "A String", # This is not supported or used by Cloud Run.
       },
     ],
-    "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-    "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-    "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
+    "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
   },
   "spec": { # The desired state of the Domain Mapping. # The spec for this DomainMapping.
     "certificateMode": "A String", # The mode of the certificate.
@@ -219,13 +219,13 @@ 
Method Details

   },
   "status": { # The current state of the Domain Mapping. # The current status of the DomainMapping.
     "conditions": [ # Array of observed DomainMappingConditions, indicating the current state of the DomainMapping.
-      { # Condition defines a generic condition for a Resource.
+      { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
         "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
         "message": "A String", # Optional. Human readable message indicating details about the current status.
-        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-        "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+        "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
         "status": "A String", # Status of the condition, one of True, False, Unknown.
-        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
       },
     ],
     "mappedRouteName": "A String", # The name of the route that the mapping currently points to.
@@ -237,7 +237,7 @@ 
Method Details

         "type": "A String", # Resource record type. Example: `AAAA`.
       },
     ],
-    "url": "A String", # Optional. Cloud Run fully managed: not supported Cloud Run on GKE: supported Holds the URL that will serve the traffic of the DomainMapping.
+    "url": "A String", # Optional. Not supported by Cloud Run.
   },
 }

 

@@ -251,7 +251,7 @@ 
Method Details

   apiVersion: string, Cloud Run currently ignores this parameter.
   dryRun: string, Indicates that the server should validate the request and populate default values without persisting the request. Supported values: `all`
   kind: string, Cloud Run currently ignores this parameter.
-  propagationPolicy: string, Specifies the propagation policy of delete. Cloud Run currently ignores this setting, and deletes in the background. Please see kubernetes.io/docs/concepts/workloads/controllers/garbage-collection/ for more information.
+  propagationPolicy: string, Specifies the propagation policy of delete. Cloud Run currently ignores this setting, and deletes in the background. Please see kubernetes.io/docs/concepts/architecture/garbage-collection/ for more information.
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -260,30 +260,30 @@ 
Method Details

 Returns:
   An object of the form:
 
-    { # Status is a return value for calls that don't return other objects
-  "code": 42, # Suggested HTTP return code for this status, 0 if not set. +optional
-  "details": { # StatusDetails is a set of additional properties that MAY be set by the server to provide additional information about a response. The Reason field of a Status object defines what attributes will be set. Clients must ignore fields that do not match the defined type of each attribute, and should assume that any attribute may be empty, invalid, or under defined. # Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type. +optional
-    "causes": [ # The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes. +optional
+    { # Status is a return value for calls that don't return other objects.
+  "code": 42, # Suggested HTTP return code for this status, 0 if not set.
+  "details": { # StatusDetails is a set of additional properties that MAY be set by the server to provide additional information about a response. The Reason field of a Status object defines what attributes will be set. Clients must ignore fields that do not match the defined type of each attribute, and should assume that any attribute may be empty, invalid, or under defined. # Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type.
+    "causes": [ # The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes.
       { # StatusCause provides more information about an api.Status failure, including cases when multiple errors are encountered.
-        "field": "A String", # The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. Examples: "name" - the field "name" on the current resource "items[0].name" - the field "name" on the first array entry in "items" +optional
-        "message": "A String", # A human-readable description of the cause of the error. This field may be presented as-is to a reader. +optional
-        "reason": "A String", # A machine-readable description of the cause of the error. If this value is empty there is no information available. +optional
+        "field": "A String", # The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Examples: "name" - the field "name" on the current resource "items[0].name" - the field "name" on the first array entry in "items"
+        "message": "A String", # A human-readable description of the cause of the error. This field may be presented as-is to a reader.
+        "reason": "A String", # A machine-readable description of the cause of the error. If this value is empty there is no information available.
       },
     ],
-    "group": "A String", # The group attribute of the resource associated with the status StatusReason. +optional
-    "kind": "A String", # The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +optional
-    "name": "A String", # The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described). +optional
-    "retryAfterSeconds": 42, # If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action. +optional
-    "uid": "A String", # UID of the resource. (when there is a single resource which can be described). More info: https://kubernetes.io/docs/user-guide/identifiers#uids +optional
+    "group": "A String", # The group attribute of the resource associated with the status StatusReason.
+    "kind": "A String", # The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+    "name": "A String", # The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described).
+    "retryAfterSeconds": 42, # If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action.
+    "uid": "A String", # UID of the resource. (when there is a single resource which can be described). More info: https://kubernetes.io/docs/user-guide/identifiers#uids
   },
-  "message": "A String", # A human-readable description of the status of this operation. +optional
-  "metadata": { # ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}. # Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +optional
-    "continue": "A String", # continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response.
-    "resourceVersion": "A String", # String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional
-    "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional
+  "message": "A String", # A human-readable description of the status of this operation.
+  "metadata": { # Metadata for synthetic resources like List. In Cloud Run, all List Resources Responses will have a ListMeta instead of ObjectMeta. # Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+    "continue": "A String", # Continuation token is a value emitted when the count of items is larger than the user/system limit. To retrieve the next page of items, pass the value of `continue` as the next request's `page_token`.
+    "resourceVersion": "A String", # Opaque string that identifies the server's internal version of this object. It can be used by clients to determine when objects have changed. If the message is passed back to the server, it must be left unmodified. https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
   },
-  "reason": "A String", # A machine-readable description of why this operation is in the "Failure" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it. +optional
-  "status": "A String", # Status of the operation. One of: "Success" or "Failure". More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status +optional
+  "reason": "A String", # A machine-readable description of why this operation is in the "Failure" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it.
+  "status": "A String", # Status of the operation. One of: "Success" or "Failure". More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
 }

 

 
@@ -305,36 +305,36 @@ 
Method Details

   "apiVersion": "A String", # The API version for this call such as "domains.cloudrun.com/v1".
   "kind": "A String", # The kind of resource, in this case "DomainMapping".
   "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this BuildTemplate.
-    "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+    "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
       "a_key": "A String",
     },
-    "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-    "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-    "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+    "clusterName": "A String", # Not supported by Cloud Run
+    "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+    "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+    "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+    "finalizers": [ # Not supported by Cloud Run
       "A String",
     ],
-    "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-    "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-    "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+    "generateName": "A String", # Not supported by Cloud Run
+    "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+    "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
       "a_key": "A String",
     },
-    "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-    "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-    "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-      { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-        "apiVersion": "A String", # API version of the referent.
-        "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-        "controller": True or False, # If true, this reference points to the managing controller. +optional
-        "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-        "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+    "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+    "ownerReferences": [ # Not supported by Cloud Run
+      { # This is not supported or used by Cloud Run.
+        "apiVersion": "A String", # This is not supported or used by Cloud Run.
+        "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+        "controller": True or False, # This is not supported or used by Cloud Run.
+        "kind": "A String", # This is not supported or used by Cloud Run.
+        "name": "A String", # This is not supported or used by Cloud Run.
+        "uid": "A String", # This is not supported or used by Cloud Run.
       },
     ],
-    "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-    "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-    "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
+    "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
   },
   "spec": { # The desired state of the Domain Mapping. # The spec for this DomainMapping.
     "certificateMode": "A String", # The mode of the certificate.
@@ -343,13 +343,13 @@ 
Method Details

   },
   "status": { # The current state of the Domain Mapping. # The current status of the DomainMapping.
     "conditions": [ # Array of observed DomainMappingConditions, indicating the current state of the DomainMapping.
-      { # Condition defines a generic condition for a Resource.
+      { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
         "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
         "message": "A String", # Optional. Human readable message indicating details about the current status.
-        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-        "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+        "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
         "status": "A String", # Status of the condition, one of True, False, Unknown.
-        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
       },
     ],
     "mappedRouteName": "A String", # The name of the route that the mapping currently points to.
@@ -361,14 +361,14 @@ 
Method Details

         "type": "A String", # Resource record type. Example: `AAAA`.
       },
     ],
-    "url": "A String", # Optional. Cloud Run fully managed: not supported Cloud Run on GKE: supported Holds the URL that will serve the traffic of the DomainMapping.
+    "url": "A String", # Optional. Not supported by Cloud Run.
   },
 }

 

 
 

     list(parent, continue=None, fieldSelector=None, includeUninitialized=None, labelSelector=None, limit=None, resourceVersion=None, watch=None, x__xgafv=None)
-  
List domain mappings.
+  
List all domain mappings.
 
 Args:
   parent: string, The namespace from which the domain mappings should be listed. For Cloud Run (fully managed), replace {namespace} with the project ID or number. It takes the form namespaces/{namespace}. For example: namespaces/PROJECT_ID (required)
@@ -394,36 +394,36 @@ 
Method Details

       "apiVersion": "A String", # The API version for this call such as "domains.cloudrun.com/v1".
       "kind": "A String", # The kind of resource, in this case "DomainMapping".
       "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this BuildTemplate.
-        "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+        "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
           "a_key": "A String",
         },
-        "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-        "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-        "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+        "clusterName": "A String", # Not supported by Cloud Run
+        "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+        "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+        "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+        "finalizers": [ # Not supported by Cloud Run
           "A String",
         ],
-        "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-        "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-        "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+        "generateName": "A String", # Not supported by Cloud Run
+        "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+        "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
           "a_key": "A String",
         },
-        "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-        "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-        "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-          { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-            "apiVersion": "A String", # API version of the referent.
-            "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-            "controller": True or False, # If true, this reference points to the managing controller. +optional
-            "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-            "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+        "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+        "ownerReferences": [ # Not supported by Cloud Run
+          { # This is not supported or used by Cloud Run.
+            "apiVersion": "A String", # This is not supported or used by Cloud Run.
+            "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+            "controller": True or False, # This is not supported or used by Cloud Run.
+            "kind": "A String", # This is not supported or used by Cloud Run.
+            "name": "A String", # This is not supported or used by Cloud Run.
+            "uid": "A String", # This is not supported or used by Cloud Run.
           },
         ],
-        "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-        "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-        "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+        "selfLink": "A String", # URL representing this object.
+        "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
       },
       "spec": { # The desired state of the Domain Mapping. # The spec for this DomainMapping.
         "certificateMode": "A String", # The mode of the certificate.
@@ -432,13 +432,13 @@ 
Method Details

       },
       "status": { # The current state of the Domain Mapping. # The current status of the DomainMapping.
         "conditions": [ # Array of observed DomainMappingConditions, indicating the current state of the DomainMapping.
-          { # Condition defines a generic condition for a Resource.
+          { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
             "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
             "message": "A String", # Optional. Human readable message indicating details about the current status.
-            "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-            "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+            "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+            "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
             "status": "A String", # Status of the condition, one of True, False, Unknown.
-            "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+            "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
           },
         ],
         "mappedRouteName": "A String", # The name of the route that the mapping currently points to.
@@ -450,15 +450,15 @@ 
Method Details

             "type": "A String", # Resource record type. Example: `AAAA`.
           },
         ],
-        "url": "A String", # Optional. Cloud Run fully managed: not supported Cloud Run on GKE: supported Holds the URL that will serve the traffic of the DomainMapping.
+        "url": "A String", # Optional. Not supported by Cloud Run.
       },
     },
   ],
   "kind": "A String", # The kind of this resource, in this case "DomainMappingList".
-  "metadata": { # ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}. # Metadata associated with this DomainMapping list.
-    "continue": "A String", # continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response.
-    "resourceVersion": "A String", # String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional
-    "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional
+  "metadata": { # Metadata for synthetic resources like List. In Cloud Run, all List Resources Responses will have a ListMeta instead of ObjectMeta. # Metadata associated with this DomainMapping list.
+    "continue": "A String", # Continuation token is a value emitted when the count of items is larger than the user/system limit. To retrieve the next page of items, pass the value of `continue` as the next request's `page_token`.
+    "resourceVersion": "A String", # Opaque string that identifies the server's internal version of this object. It can be used by clients to determine when objects have changed. If the message is passed back to the server, it must be left unmodified. https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
   },
   "unreachable": [ # Locations that could not be reached.
     "A String",
diff --git a/docs/dyn/run_v1.projects.locations.revisions.html b/docs/dyn/run_v1.projects.locations.revisions.html
index 2681c808044..07e8ca9c60b 100644
--- a/docs/dyn/run_v1.projects.locations.revisions.html
+++ b/docs/dyn/run_v1.projects.locations.revisions.html
@@ -101,7 +101,7 @@ 
Method Details

   apiVersion: string, Cloud Run currently ignores this parameter.
   dryRun: string, Indicates that the server should validate the request and populate default values without persisting the request. Supported values: `all`
   kind: string, Cloud Run currently ignores this parameter.
-  propagationPolicy: string, Specifies the propagation policy of delete. Cloud Run currently ignores this setting, and deletes in the background. Please see kubernetes.io/docs/concepts/workloads/controllers/garbage-collection/ for more information.
+  propagationPolicy: string, Specifies the propagation policy of delete. Cloud Run currently ignores this setting, and deletes in the background. Please see https://kubernetes.io/docs/concepts/architecture/garbage-collection/ for more information.
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -110,30 +110,30 @@ 
Method Details

 Returns:
   An object of the form:
 
-    { # Status is a return value for calls that don't return other objects
-  "code": 42, # Suggested HTTP return code for this status, 0 if not set. +optional
-  "details": { # StatusDetails is a set of additional properties that MAY be set by the server to provide additional information about a response. The Reason field of a Status object defines what attributes will be set. Clients must ignore fields that do not match the defined type of each attribute, and should assume that any attribute may be empty, invalid, or under defined. # Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type. +optional
-    "causes": [ # The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes. +optional
+    { # Status is a return value for calls that don't return other objects.
+  "code": 42, # Suggested HTTP return code for this status, 0 if not set.
+  "details": { # StatusDetails is a set of additional properties that MAY be set by the server to provide additional information about a response. The Reason field of a Status object defines what attributes will be set. Clients must ignore fields that do not match the defined type of each attribute, and should assume that any attribute may be empty, invalid, or under defined. # Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type.
+    "causes": [ # The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes.
       { # StatusCause provides more information about an api.Status failure, including cases when multiple errors are encountered.
-        "field": "A String", # The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. Examples: "name" - the field "name" on the current resource "items[0].name" - the field "name" on the first array entry in "items" +optional
-        "message": "A String", # A human-readable description of the cause of the error. This field may be presented as-is to a reader. +optional
-        "reason": "A String", # A machine-readable description of the cause of the error. If this value is empty there is no information available. +optional
+        "field": "A String", # The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Examples: "name" - the field "name" on the current resource "items[0].name" - the field "name" on the first array entry in "items"
+        "message": "A String", # A human-readable description of the cause of the error. This field may be presented as-is to a reader.
+        "reason": "A String", # A machine-readable description of the cause of the error. If this value is empty there is no information available.
       },
     ],
-    "group": "A String", # The group attribute of the resource associated with the status StatusReason. +optional
-    "kind": "A String", # The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +optional
-    "name": "A String", # The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described). +optional
-    "retryAfterSeconds": 42, # If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action. +optional
-    "uid": "A String", # UID of the resource. (when there is a single resource which can be described). More info: https://kubernetes.io/docs/user-guide/identifiers#uids +optional
+    "group": "A String", # The group attribute of the resource associated with the status StatusReason.
+    "kind": "A String", # The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+    "name": "A String", # The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described).
+    "retryAfterSeconds": 42, # If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action.
+    "uid": "A String", # UID of the resource. (when there is a single resource which can be described). More info: https://kubernetes.io/docs/user-guide/identifiers#uids
   },
-  "message": "A String", # A human-readable description of the status of this operation. +optional
-  "metadata": { # ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}. # Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +optional
-    "continue": "A String", # continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response.
-    "resourceVersion": "A String", # String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional
-    "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional
+  "message": "A String", # A human-readable description of the status of this operation.
+  "metadata": { # Metadata for synthetic resources like List. In Cloud Run, all List Resources Responses will have a ListMeta instead of ObjectMeta. # Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+    "continue": "A String", # Continuation token is a value emitted when the count of items is larger than the user/system limit. To retrieve the next page of items, pass the value of `continue` as the next request's `page_token`.
+    "resourceVersion": "A String", # Opaque string that identifies the server's internal version of this object. It can be used by clients to determine when objects have changed. If the message is passed back to the server, it must be left unmodified. https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
   },
-  "reason": "A String", # A machine-readable description of why this operation is in the "Failure" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it. +optional
-  "status": "A String", # Status of the operation. One of: "Success" or "Failure". More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status +optional
+  "reason": "A String", # A machine-readable description of why this operation is in the "Failure" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it.
+  "status": "A String", # Status of the operation. One of: "Success" or "Failure". More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
 }

 

 
@@ -151,232 +151,232 @@ 
Method Details

 Returns:
   An object of the form:
 
-    { # Revision is an immutable snapshot of code and configuration. A revision references a container image. Revisions are created by updates to a Configuration. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#revision
+    { # Revision is an immutable snapshot of code and configuration. A revision references a container image. Revisions are created by updates to a Configuration. See also: https://github.com/knative/specs/blob/main/specs/serving/overview.md#revision
   "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1".
   "kind": "A String", # The kind of this resource, in this case "Revision".
   "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Revision, including name, namespace, labels, and annotations.
-    "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+    "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
       "a_key": "A String",
     },
-    "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-    "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-    "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+    "clusterName": "A String", # Not supported by Cloud Run
+    "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+    "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+    "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+    "finalizers": [ # Not supported by Cloud Run
       "A String",
     ],
-    "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-    "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-    "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+    "generateName": "A String", # Not supported by Cloud Run
+    "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+    "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
       "a_key": "A String",
     },
-    "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-    "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-    "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-      { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-        "apiVersion": "A String", # API version of the referent.
-        "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-        "controller": True or False, # If true, this reference points to the managing controller. +optional
-        "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-        "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+    "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+    "ownerReferences": [ # Not supported by Cloud Run
+      { # This is not supported or used by Cloud Run.
+        "apiVersion": "A String", # This is not supported or used by Cloud Run.
+        "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+        "controller": True or False, # This is not supported or used by Cloud Run.
+        "kind": "A String", # This is not supported or used by Cloud Run.
+        "name": "A String", # This is not supported or used by Cloud Run.
+        "uid": "A String", # This is not supported or used by Cloud Run.
       },
     ],
-    "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-    "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-    "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
+    "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
   },
   "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # Spec holds the desired state of the Revision (from the client).
-    "containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run for Anthos: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler.
-    "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/serving/blob/main/docs/runtime-contract.md
+    "containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run: supported, defaults to 80
+    "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/specs/blob/main/specs/serving/runtime-contract.md
       { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime.
-        "args": [ # (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+        "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
           "A String",
         ],
-        "command": [
+        "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
           "A String",
         ],
-        "env": [ # (Optional) List of environment variables to set in the container.
+        "env": [ # List of environment variables to set in the container.
           { # EnvVar represents an environment variable present in a Container.
-            "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
-            "value": "A String", # (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
-            "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # (Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty.
-              "configMapKeyRef": { # Not supported by Cloud Run Selects a key from a ConfigMap. # (Optional) Not supported by Cloud Run Selects a key of a ConfigMap.
-                "key": "A String", # The key to select.
-                "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                  "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+            "name": "A String", # Required. Name of the environment variable. Must be a C_IDENTIFIER.
+            "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
+            "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # Source for the environment variable's value. Only supports secret_key_ref. Cannot be used if value is not empty.
+              "configMapKeyRef": { # Not supported by Cloud Run. Selects a key from a ConfigMap. # Not supported by Cloud Run. Selects a key of a ConfigMap.
+                "key": "A String", # Required. The key to select.
+                "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                  "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                 },
-                "name": "A String", # The ConfigMap to select from.
-                "optional": True or False, # (Optional) Specify whether the ConfigMap or its key must be defined
+                "name": "A String", # Required. The ConfigMap to select from.
+                "optional": True or False, # Specify whether the ConfigMap or its key must be defined
               },
-              "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # (Optional) Selects a key (version) of a secret in Secret Manager.
-                "key": "A String", # A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
-                "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                  "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+              "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # Selects a key (version) of a secret in Secret Manager.
+                "key": "A String", # Required. A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
+                "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                  "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                 },
                 "name": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from.
-                "optional": True or False, # (Optional) Specify whether the Secret or its key must be defined
+                "optional": True or False, # Specify whether the Secret or its key must be defined.
               },
             },
           },
         ],
-        "envFrom": [ # (Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
-          { # Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps
-            "configMapRef": { # Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # (Optional) The ConfigMap to select from
-              "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+        "envFrom": [ # Not supported by Cloud Run.
+          { # Not supported by Cloud Run. EnvFromSource represents the source of a set of ConfigMaps
+            "configMapRef": { # Not supported by Cloud Run. ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from
+              "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
               },
               "name": "A String", # The ConfigMap to select from.
-              "optional": True or False, # (Optional) Specify whether the ConfigMap must be defined
+              "optional": True or False, # Specify whether the ConfigMap must be defined.
             },
-            "prefix": "A String", # (Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
-            "secretRef": { # Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # (Optional) The Secret to select from
-              "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+            "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
+            "secretRef": { # Not supported by Cloud Run. SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from
+              "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
               },
               "name": "A String", # The Secret to select from.
-              "optional": True or False, # (Optional) Specify whether the Secret must be defined
+              "optional": True or False, # Specify whether the Secret must be defined
             },
           },
         ],
-        "image": "A String", # Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images
-        "imagePullPolicy": "A String", # (Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
-        "livenessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-          "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-            "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+        "image": "A String", # Required. URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images
+        "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
+        "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+          "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+            "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
               "A String",
             ],
           },
-          "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-          "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+          "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+          "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
             "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
             "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
           },
-          "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-            "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-            "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+          "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+            "host": "A String", # Not supported by Cloud Run.
+            "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
               { # HTTPHeader describes a custom header to be used in HTTP probes
                 "name": "A String", # The header field name
                 "value": "A String", # The header field value
               },
             ],
-            "path": "A String", # (Optional) Path to access on the HTTP server.
-            "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+            "path": "A String", # Path to access on the HTTP server.
+            "scheme": "A String", # Not supported by Cloud Run.
           },
-          "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-          "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-          "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-          "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-            "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-            "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+          "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+          "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+          "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+          "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+            "host": "A String", # Not supported by Cloud Run.
+            "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
           },
-          "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+          "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
         },
-        "name": "A String", # (Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
-        "ports": [ # (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
+        "name": "A String", # Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
+        "ports": [ # List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
           { # ContainerPort represents a network port in a single container.
-            "containerPort": 42, # (Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536.
-            "name": "A String", # (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
-            "protocol": "A String", # (Optional) Protocol for port. Must be "TCP". Defaults to "TCP".
+            "containerPort": 42, # Port number the container listens on. This must be a valid port number, 0 < x < 65536.
+            "name": "A String", # If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
+            "protocol": "A String", # Protocol for port. Must be "TCP". Defaults to "TCP".
           },
         ],
-        "readinessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-          "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-            "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+        "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Not supported by Cloud Run.
+          "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+            "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
               "A String",
             ],
           },
-          "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-          "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+          "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+          "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
             "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
             "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
           },
-          "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-            "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-            "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+          "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+            "host": "A String", # Not supported by Cloud Run.
+            "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
               { # HTTPHeader describes a custom header to be used in HTTP probes
                 "name": "A String", # The header field name
                 "value": "A String", # The header field value
               },
             ],
-            "path": "A String", # (Optional) Path to access on the HTTP server.
-            "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+            "path": "A String", # Path to access on the HTTP server.
+            "scheme": "A String", # Not supported by Cloud Run.
           },
-          "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-          "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-          "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-          "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-            "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-            "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+          "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+          "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+          "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+          "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+            "host": "A String", # Not supported by Cloud Run.
+            "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
           },
-          "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+          "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
         },
-        "resources": { # ResourceRequirements describes the compute resource requirements. # (Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
-          "limits": { # (Optional) Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+        "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+          "limits": { # Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
             "a_key": "A String",
           },
-          "requests": { # (Optional) Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+          "requests": { # Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
             "a_key": "A String",
           },
         },
-        "securityContext": { # Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # (Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
-          "runAsUser": 42, # (Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+        "securityContext": { # Not supported by Cloud Run. SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Not supported by Cloud Run.
+          "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
         },
-        "startupProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-          "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-            "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+        "startupProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not receive traffic if the probe fails. If not provided, a default startup probe with TCP socket action is used. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+          "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+            "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
               "A String",
             ],
           },
-          "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-          "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+          "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+          "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
             "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
             "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
           },
-          "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-            "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-            "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+          "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+            "host": "A String", # Not supported by Cloud Run.
+            "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
               { # HTTPHeader describes a custom header to be used in HTTP probes
                 "name": "A String", # The header field name
                 "value": "A String", # The header field value
               },
             ],
-            "path": "A String", # (Optional) Path to access on the HTTP server.
-            "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+            "path": "A String", # Path to access on the HTTP server.
+            "scheme": "A String", # Not supported by Cloud Run.
           },
-          "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-          "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-          "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-          "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-            "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-            "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+          "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+          "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+          "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+          "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+            "host": "A String", # Not supported by Cloud Run.
+            "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
           },
-          "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+          "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
         },
-        "terminationMessagePath": "A String", # (Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
-        "terminationMessagePolicy": "A String", # (Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
-        "volumeMounts": [ # (Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
+        "terminationMessagePath": "A String", # Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
+        "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
+        "volumeMounts": [ # Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
           { # VolumeMount describes a mounting of a Volume within a container.
-            "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'.
-            "name": "A String", # The name of the volume. There must be a corresponding Volume with the same name.
-            "readOnly": True or False, # (Optional) Only true is accepted. Defaults to true.
-            "subPath": "A String", # (Optional) Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
+            "mountPath": "A String", # Required. Path within the container at which the volume should be mounted. Must not contain ':'.
+            "name": "A String", # Required. The name of the volume. There must be a corresponding Volume with the same name.
+            "readOnly": True or False, # Only true is accepted for Secret Volumes. Defaults to true for Secrets Volumes.
+            "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
           },
         ],
-        "workingDir": "A String", # (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
+        "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
       },
     ],
-    "enableServiceLinks": True or False, # Indicates whether information about services should be injected into pod's environment variables, matching the syntax of Docker links. Cloud Run fully managed: Not supported. Cloud Run for Anthos: supported, defaults to true.
-    "imagePullSecrets": [ # ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet. More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod Cloud Run fully managed: Not supported. Cloud Run for Anthos: supported.
-      { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
-        "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+    "enableServiceLinks": True or False, # Not supported by Cloud Run.
+    "imagePullSecrets": [ # Not supported by Cloud Run.
+      { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
+        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
       },
     ],
     "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account.
-    "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run fully managed: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour). Cloud Run for Anthos: defaults to 300 seconds (5 minutes). Maximum allowed value is configurable by the cluster operator.
+    "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour).
     "volumes": [
       { # Volume represents a named volume in a container.
-        "configMap": { # Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
+        "configMap": { # Not supported by Cloud Run. Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
           "defaultMode": 42, # (Optional) Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
           "items": [ # (Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
             { # Maps a string key to a path within a volume.
@@ -389,16 +389,16 @@ 
Method Details

           "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
         },
         "name": "A String", # Volume's name. In Cloud Run Fully Managed, the name 'cloudsql' is reserved.
-        "secret": { # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names.
+        "secret": { # A volume representing a secret stored in Google Secret Manager. The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secretName.
           "defaultMode": 42, # Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0444. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
-          "items": [ # (Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
+          "items": [ # A list of secret versions to mount in the volume. If no items are specified, the volume will expose a file with the same name as the secret name. The contents of the file will be the data in the latest version of the secret. If items are specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify both a key and a path.
             { # Maps a string key to a path within a volume.
               "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project.
               "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
               "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
             },
           ],
-          "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
+          "optional": True or False, # Not supported by Cloud Run.
           "secretName": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use.
         },
       },
@@ -406,13 +406,13 @@ 
Method Details

   },
   "status": { # RevisionStatus communicates the observed state of the Revision (from the controller). # Status communicates the observed state of the Revision (from the controller).
     "conditions": [ # Conditions communicates information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world. As a Revision is being prepared, it will incrementally update conditions. Revision-specific conditions include: * "ResourcesAvailable": True when underlying resources have been provisioned. * "ContainerHealthy": True when the Revision readiness check completes. * "Active": True when the Revision may receive traffic.
-      { # Condition defines a generic condition for a Resource.
+      { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
         "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
         "message": "A String", # Optional. Human readable message indicating details about the current status.
-        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-        "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+        "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
         "status": "A String", # Status of the condition, one of True, False, Unknown.
-        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
       },
     ],
     "imageDigest": "A String", # ImageDigest holds the resolved digest for the image specified within .Spec.Container.Image. The digest is resolved during the creation of Revision. This field holds the digest value regardless of whether a tag or digest was originally specified in the Container object.
@@ -447,232 +447,232 @@ 
Method Details

     { # ListRevisionsResponse is a list of Revision resources.
   "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1".
   "items": [ # List of Revisions.
-    { # Revision is an immutable snapshot of code and configuration. A revision references a container image. Revisions are created by updates to a Configuration. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#revision
+    { # Revision is an immutable snapshot of code and configuration. A revision references a container image. Revisions are created by updates to a Configuration. See also: https://github.com/knative/specs/blob/main/specs/serving/overview.md#revision
       "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1".
       "kind": "A String", # The kind of this resource, in this case "Revision".
       "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Revision, including name, namespace, labels, and annotations.
-        "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+        "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
           "a_key": "A String",
         },
-        "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-        "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-        "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+        "clusterName": "A String", # Not supported by Cloud Run
+        "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+        "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+        "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+        "finalizers": [ # Not supported by Cloud Run
           "A String",
         ],
-        "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-        "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-        "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+        "generateName": "A String", # Not supported by Cloud Run
+        "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+        "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
           "a_key": "A String",
         },
-        "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-        "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-        "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-          { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-            "apiVersion": "A String", # API version of the referent.
-            "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-            "controller": True or False, # If true, this reference points to the managing controller. +optional
-            "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-            "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+        "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+        "ownerReferences": [ # Not supported by Cloud Run
+          { # This is not supported or used by Cloud Run.
+            "apiVersion": "A String", # This is not supported or used by Cloud Run.
+            "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+            "controller": True or False, # This is not supported or used by Cloud Run.
+            "kind": "A String", # This is not supported or used by Cloud Run.
+            "name": "A String", # This is not supported or used by Cloud Run.
+            "uid": "A String", # This is not supported or used by Cloud Run.
           },
         ],
-        "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-        "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-        "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+        "selfLink": "A String", # URL representing this object.
+        "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
       },
       "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # Spec holds the desired state of the Revision (from the client).
-        "containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run for Anthos: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler.
-        "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/serving/blob/main/docs/runtime-contract.md
+        "containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run: supported, defaults to 80
+        "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/specs/blob/main/specs/serving/runtime-contract.md
           { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime.
-            "args": [ # (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+            "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
               "A String",
             ],
-            "command": [
+            "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
               "A String",
             ],
-            "env": [ # (Optional) List of environment variables to set in the container.
+            "env": [ # List of environment variables to set in the container.
               { # EnvVar represents an environment variable present in a Container.
-                "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
-                "value": "A String", # (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
-                "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # (Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty.
-                  "configMapKeyRef": { # Not supported by Cloud Run Selects a key from a ConfigMap. # (Optional) Not supported by Cloud Run Selects a key of a ConfigMap.
-                    "key": "A String", # The key to select.
-                    "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                      "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "name": "A String", # Required. Name of the environment variable. Must be a C_IDENTIFIER.
+                "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
+                "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # Source for the environment variable's value. Only supports secret_key_ref. Cannot be used if value is not empty.
+                  "configMapKeyRef": { # Not supported by Cloud Run. Selects a key from a ConfigMap. # Not supported by Cloud Run. Selects a key of a ConfigMap.
+                    "key": "A String", # Required. The key to select.
+                    "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                      "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                     },
-                    "name": "A String", # The ConfigMap to select from.
-                    "optional": True or False, # (Optional) Specify whether the ConfigMap or its key must be defined
+                    "name": "A String", # Required. The ConfigMap to select from.
+                    "optional": True or False, # Specify whether the ConfigMap or its key must be defined
                   },
-                  "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # (Optional) Selects a key (version) of a secret in Secret Manager.
-                    "key": "A String", # A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
-                    "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                      "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                  "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # Selects a key (version) of a secret in Secret Manager.
+                    "key": "A String", # Required. A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
+                    "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                      "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                     },
                     "name": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from.
-                    "optional": True or False, # (Optional) Specify whether the Secret or its key must be defined
+                    "optional": True or False, # Specify whether the Secret or its key must be defined.
                   },
                 },
               },
             ],
-            "envFrom": [ # (Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
-              { # Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps
-                "configMapRef": { # Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # (Optional) The ConfigMap to select from
-                  "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                    "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+            "envFrom": [ # Not supported by Cloud Run.
+              { # Not supported by Cloud Run. EnvFromSource represents the source of a set of ConfigMaps
+                "configMapRef": { # Not supported by Cloud Run. ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from
+                  "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                    "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                   },
                   "name": "A String", # The ConfigMap to select from.
-                  "optional": True or False, # (Optional) Specify whether the ConfigMap must be defined
+                  "optional": True or False, # Specify whether the ConfigMap must be defined.
                 },
-                "prefix": "A String", # (Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
-                "secretRef": { # Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # (Optional) The Secret to select from
-                  "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                    "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
+                "secretRef": { # Not supported by Cloud Run. SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from
+                  "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                    "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                   },
                   "name": "A String", # The Secret to select from.
-                  "optional": True or False, # (Optional) Specify whether the Secret must be defined
+                  "optional": True or False, # Specify whether the Secret must be defined
                 },
               },
             ],
-            "image": "A String", # Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images
-            "imagePullPolicy": "A String", # (Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
-            "livenessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "image": "A String", # Required. URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images
+            "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
+            "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "name": "A String", # (Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
-            "ports": [ # (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
+            "name": "A String", # Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
+            "ports": [ # List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
               { # ContainerPort represents a network port in a single container.
-                "containerPort": 42, # (Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536.
-                "name": "A String", # (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
-                "protocol": "A String", # (Optional) Protocol for port. Must be "TCP". Defaults to "TCP".
+                "containerPort": 42, # Port number the container listens on. This must be a valid port number, 0 < x < 65536.
+                "name": "A String", # If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
+                "protocol": "A String", # Protocol for port. Must be "TCP". Defaults to "TCP".
               },
             ],
-            "readinessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Not supported by Cloud Run.
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "resources": { # ResourceRequirements describes the compute resource requirements. # (Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
-              "limits": { # (Optional) Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+            "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+              "limits": { # Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                 "a_key": "A String",
               },
-              "requests": { # (Optional) Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+              "requests": { # Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                 "a_key": "A String",
               },
             },
-            "securityContext": { # Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # (Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
-              "runAsUser": 42, # (Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+            "securityContext": { # Not supported by Cloud Run. SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Not supported by Cloud Run.
+              "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
             },
-            "startupProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "startupProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not receive traffic if the probe fails. If not provided, a default startup probe with TCP socket action is used. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "terminationMessagePath": "A String", # (Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
-            "terminationMessagePolicy": "A String", # (Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
-            "volumeMounts": [ # (Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
+            "terminationMessagePath": "A String", # Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
+            "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
+            "volumeMounts": [ # Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
               { # VolumeMount describes a mounting of a Volume within a container.
-                "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'.
-                "name": "A String", # The name of the volume. There must be a corresponding Volume with the same name.
-                "readOnly": True or False, # (Optional) Only true is accepted. Defaults to true.
-                "subPath": "A String", # (Optional) Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
+                "mountPath": "A String", # Required. Path within the container at which the volume should be mounted. Must not contain ':'.
+                "name": "A String", # Required. The name of the volume. There must be a corresponding Volume with the same name.
+                "readOnly": True or False, # Only true is accepted for Secret Volumes. Defaults to true for Secrets Volumes.
+                "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
               },
             ],
-            "workingDir": "A String", # (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
+            "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
           },
         ],
-        "enableServiceLinks": True or False, # Indicates whether information about services should be injected into pod's environment variables, matching the syntax of Docker links. Cloud Run fully managed: Not supported. Cloud Run for Anthos: supported, defaults to true.
-        "imagePullSecrets": [ # ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet. More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod Cloud Run fully managed: Not supported. Cloud Run for Anthos: supported.
-          { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
-            "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+        "enableServiceLinks": True or False, # Not supported by Cloud Run.
+        "imagePullSecrets": [ # Not supported by Cloud Run.
+          { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
+            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
           },
         ],
         "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account.
-        "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run fully managed: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour). Cloud Run for Anthos: defaults to 300 seconds (5 minutes). Maximum allowed value is configurable by the cluster operator.
+        "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour).
         "volumes": [
           { # Volume represents a named volume in a container.
-            "configMap": { # Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
+            "configMap": { # Not supported by Cloud Run. Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
               "defaultMode": 42, # (Optional) Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
               "items": [ # (Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
                 { # Maps a string key to a path within a volume.
@@ -685,16 +685,16 @@ 
Method Details

               "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
             },
             "name": "A String", # Volume's name. In Cloud Run Fully Managed, the name 'cloudsql' is reserved.
-            "secret": { # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names.
+            "secret": { # A volume representing a secret stored in Google Secret Manager. The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secretName.
               "defaultMode": 42, # Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0444. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
-              "items": [ # (Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
+              "items": [ # A list of secret versions to mount in the volume. If no items are specified, the volume will expose a file with the same name as the secret name. The contents of the file will be the data in the latest version of the secret. If items are specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify both a key and a path.
                 { # Maps a string key to a path within a volume.
                   "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project.
                   "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                   "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                 },
               ],
-              "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
+              "optional": True or False, # Not supported by Cloud Run.
               "secretName": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use.
             },
           },
@@ -702,13 +702,13 @@ 
Method Details

       },
       "status": { # RevisionStatus communicates the observed state of the Revision (from the controller). # Status communicates the observed state of the Revision (from the controller).
         "conditions": [ # Conditions communicates information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world. As a Revision is being prepared, it will incrementally update conditions. Revision-specific conditions include: * "ResourcesAvailable": True when underlying resources have been provisioned. * "ContainerHealthy": True when the Revision readiness check completes. * "Active": True when the Revision may receive traffic.
-          { # Condition defines a generic condition for a Resource.
+          { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
             "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
             "message": "A String", # Optional. Human readable message indicating details about the current status.
-            "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-            "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+            "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+            "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
             "status": "A String", # Status of the condition, one of True, False, Unknown.
-            "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+            "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
           },
         ],
         "imageDigest": "A String", # ImageDigest holds the resolved digest for the image specified within .Spec.Container.Image. The digest is resolved during the creation of Revision. This field holds the digest value regardless of whether a tag or digest was originally specified in the Container object.
@@ -719,10 +719,10 @@ 
Method Details

     },
   ],
   "kind": "A String", # The kind of this resource, in this case "RevisionList".
-  "metadata": { # ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}. # Metadata associated with this revision list.
-    "continue": "A String", # continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response.
-    "resourceVersion": "A String", # String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional
-    "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional
+  "metadata": { # Metadata for synthetic resources like List. In Cloud Run, all List Resources Responses will have a ListMeta instead of ObjectMeta. # Metadata associated with this revision list.
+    "continue": "A String", # Continuation token is a value emitted when the count of items is larger than the user/system limit. To retrieve the next page of items, pass the value of `continue` as the next request's `page_token`.
+    "resourceVersion": "A String", # Opaque string that identifies the server's internal version of this object. It can be used by clients to determine when objects have changed. If the message is passed back to the server, it must be left unmodified. https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
   },
   "unreachable": [ # Locations that could not be reached.
     "A String",
diff --git a/docs/dyn/run_v1.projects.locations.routes.html b/docs/dyn/run_v1.projects.locations.routes.html
index e9881bc6906..a8c151a9be3 100644
--- a/docs/dyn/run_v1.projects.locations.routes.html
+++ b/docs/dyn/run_v1.projects.locations.routes.html
@@ -103,45 +103,45 @@ 
Method Details

 Returns:
   An object of the form:
 
-    { # Route is responsible for configuring ingress over a collection of Revisions. Some of the Revisions a Route distributes traffic over may be specified by referencing the Configuration responsible for creating them; in these cases the Route is additionally responsible for monitoring the Configuration for "latest ready" revision changes, and smoothly rolling out latest revisions. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#route Cloud Run currently supports referencing a single Configuration to automatically deploy the "latest ready" Revision from that Configuration.
+    { # Route is responsible for configuring ingress over a collection of Revisions. Some of the Revisions a Route distributes traffic over may be specified by referencing the Configuration responsible for creating them; in these cases the Route is additionally responsible for monitoring the Configuration for "latest ready" revision changes, and smoothly rolling out latest revisions. See also: https://github.com/knative/specs/blob/main/specs/serving/overview.md#route Cloud Run currently supports referencing a single Configuration to automatically deploy the "latest ready" Revision from that Configuration.
   "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1".
   "kind": "A String", # The kind of this resource, in this case always "Route".
   "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Route, including name, namespace, labels, and annotations.
-    "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+    "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
       "a_key": "A String",
     },
-    "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-    "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-    "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+    "clusterName": "A String", # Not supported by Cloud Run
+    "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+    "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+    "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+    "finalizers": [ # Not supported by Cloud Run
       "A String",
     ],
-    "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-    "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-    "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+    "generateName": "A String", # Not supported by Cloud Run
+    "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+    "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
       "a_key": "A String",
     },
-    "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-    "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-    "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-      { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-        "apiVersion": "A String", # API version of the referent.
-        "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-        "controller": True or False, # If true, this reference points to the managing controller. +optional
-        "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-        "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+    "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+    "ownerReferences": [ # Not supported by Cloud Run
+      { # This is not supported or used by Cloud Run.
+        "apiVersion": "A String", # This is not supported or used by Cloud Run.
+        "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+        "controller": True or False, # This is not supported or used by Cloud Run.
+        "kind": "A String", # This is not supported or used by Cloud Run.
+        "name": "A String", # This is not supported or used by Cloud Run.
+        "uid": "A String", # This is not supported or used by Cloud Run.
       },
     ],
-    "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-    "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-    "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
+    "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
   },
   "spec": { # RouteSpec holds the desired state of the Route (from the client). # Spec holds the desired state of the Route (from the client).
     "traffic": [ # Traffic specifies how to distribute traffic over a collection of Knative Revisions and Configurations. Cloud Run currently supports a single configurationName.
       { # TrafficTarget holds a single entry of the routing table for a Route.
-        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
+        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision which will be sent this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, traffic will automatically migrate from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
         "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty.
         "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified.
         "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName.
@@ -155,19 +155,19 @@ 
Method Details

       "url": "A String",
     },
     "conditions": [ # Conditions communicates information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world.
-      { # Condition defines a generic condition for a Resource.
+      { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
         "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
         "message": "A String", # Optional. Human readable message indicating details about the current status.
-        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-        "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+        "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
         "status": "A String", # Status of the condition, one of True, False, Unknown.
-        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
       },
     ],
     "observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Route that was last processed by the controller. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False. Note that providing a trafficTarget that only has a configurationName will result in a Route that does not increment either its metadata.generation or its observedGeneration, as new "latest ready" revisions from the Configuration are processed without an update to the Route's spec.
-    "traffic": [ # Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed.
+    "traffic": [ # Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that was last observed.
       { # TrafficTarget holds a single entry of the routing table for a Route.
-        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
+        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision which will be sent this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, traffic will automatically migrate from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
         "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty.
         "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified.
         "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName.
@@ -204,45 +204,45 @@ 
Method Details

     { # ListRoutesResponse is a list of Route resources.
   "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1".
   "items": [ # List of Routes.
-    { # Route is responsible for configuring ingress over a collection of Revisions. Some of the Revisions a Route distributes traffic over may be specified by referencing the Configuration responsible for creating them; in these cases the Route is additionally responsible for monitoring the Configuration for "latest ready" revision changes, and smoothly rolling out latest revisions. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#route Cloud Run currently supports referencing a single Configuration to automatically deploy the "latest ready" Revision from that Configuration.
+    { # Route is responsible for configuring ingress over a collection of Revisions. Some of the Revisions a Route distributes traffic over may be specified by referencing the Configuration responsible for creating them; in these cases the Route is additionally responsible for monitoring the Configuration for "latest ready" revision changes, and smoothly rolling out latest revisions. See also: https://github.com/knative/specs/blob/main/specs/serving/overview.md#route Cloud Run currently supports referencing a single Configuration to automatically deploy the "latest ready" Revision from that Configuration.
       "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1".
       "kind": "A String", # The kind of this resource, in this case always "Route".
       "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Route, including name, namespace, labels, and annotations.
-        "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+        "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
           "a_key": "A String",
         },
-        "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-        "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-        "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+        "clusterName": "A String", # Not supported by Cloud Run
+        "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+        "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+        "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+        "finalizers": [ # Not supported by Cloud Run
           "A String",
         ],
-        "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-        "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-        "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+        "generateName": "A String", # Not supported by Cloud Run
+        "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+        "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
           "a_key": "A String",
         },
-        "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-        "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-        "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-          { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-            "apiVersion": "A String", # API version of the referent.
-            "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-            "controller": True or False, # If true, this reference points to the managing controller. +optional
-            "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-            "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+        "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+        "ownerReferences": [ # Not supported by Cloud Run
+          { # This is not supported or used by Cloud Run.
+            "apiVersion": "A String", # This is not supported or used by Cloud Run.
+            "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+            "controller": True or False, # This is not supported or used by Cloud Run.
+            "kind": "A String", # This is not supported or used by Cloud Run.
+            "name": "A String", # This is not supported or used by Cloud Run.
+            "uid": "A String", # This is not supported or used by Cloud Run.
           },
         ],
-        "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-        "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-        "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+        "selfLink": "A String", # URL representing this object.
+        "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
       },
       "spec": { # RouteSpec holds the desired state of the Route (from the client). # Spec holds the desired state of the Route (from the client).
         "traffic": [ # Traffic specifies how to distribute traffic over a collection of Knative Revisions and Configurations. Cloud Run currently supports a single configurationName.
           { # TrafficTarget holds a single entry of the routing table for a Route.
-            "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
+            "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision which will be sent this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, traffic will automatically migrate from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
             "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty.
             "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified.
             "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName.
@@ -256,19 +256,19 @@ 
Method Details

           "url": "A String",
         },
         "conditions": [ # Conditions communicates information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world.
-          { # Condition defines a generic condition for a Resource.
+          { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
             "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
             "message": "A String", # Optional. Human readable message indicating details about the current status.
-            "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-            "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+            "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+            "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
             "status": "A String", # Status of the condition, one of True, False, Unknown.
-            "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+            "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
           },
         ],
         "observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Route that was last processed by the controller. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False. Note that providing a trafficTarget that only has a configurationName will result in a Route that does not increment either its metadata.generation or its observedGeneration, as new "latest ready" revisions from the Configuration are processed without an update to the Route's spec.
-        "traffic": [ # Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed.
+        "traffic": [ # Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that was last observed.
           { # TrafficTarget holds a single entry of the routing table for a Route.
-            "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
+            "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision which will be sent this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, traffic will automatically migrate from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
             "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty.
             "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified.
             "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName.
@@ -281,10 +281,10 @@ 
Method Details

     },
   ],
   "kind": "A String", # The kind of this resource, in this case always "RouteList".
-  "metadata": { # ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}. # Metadata associated with this Route list.
-    "continue": "A String", # continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response.
-    "resourceVersion": "A String", # String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional
-    "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional
+  "metadata": { # Metadata for synthetic resources like List. In Cloud Run, all List Resources Responses will have a ListMeta instead of ObjectMeta. # Metadata associated with this Route list.
+    "continue": "A String", # Continuation token is a value emitted when the count of items is larger than the user/system limit. To retrieve the next page of items, pass the value of `continue` as the next request's `page_token`.
+    "resourceVersion": "A String", # Opaque string that identifies the server's internal version of this object. It can be used by clients to determine when objects have changed. If the message is passed back to the server, it must be left unmodified. https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
   },
   "unreachable": [ # Locations that could not be reached.
     "A String",
diff --git a/docs/dyn/run_v1.projects.locations.services.html b/docs/dyn/run_v1.projects.locations.services.html
index eaed5db7689..e78a094a64f 100644
--- a/docs/dyn/run_v1.projects.locations.services.html
+++ b/docs/dyn/run_v1.projects.locations.services.html
@@ -79,22 +79,22 @@ 
Instance Methods

 
Close httplib2 connections.

 

   create(parent, body=None, dryRun=None, x__xgafv=None)

-
Create a service.

+
Creates a new Service. Service creation will trigger a new deployment. Use GetService, and check service.status to determine if the Service is ready.

 

   delete(name, apiVersion=None, dryRun=None, kind=None, propagationPolicy=None, x__xgafv=None)

-
Delete a service. This will cause the Service to stop serving traffic and will delete the child entities like Routes, Configurations and Revisions.

+
Deletes the provided service. This will cause the Service to stop serving traffic and will delete all associated Revisions.

 

   get(name, x__xgafv=None)

-
Get information about a service.

+
Gets information about a service.

 

   getIamPolicy(resource, options_requestedPolicyVersion=None, x__xgafv=None)

-
Get the IAM Access Control policy currently in effect for the given Cloud Run service. This result does not include any inherited policies.

+
Gets the IAM Access Control policy currently in effect for the given Cloud Run service. This result does not include any inherited policies.

 

   list(parent, continue=None, fieldSelector=None, includeUninitialized=None, labelSelector=None, limit=None, resourceVersion=None, watch=None, x__xgafv=None)

-
List services.

+
Lists services for the given project and region.

 

   replaceService(name, body=None, dryRun=None, x__xgafv=None)

-
Replace a service. Only the spec and metadata labels and annotations are modifiable. After the Update request, Cloud Run will work to make the 'status' match the requested 'spec'. May provide metadata.resourceVersion to enforce update from last read for optimistic concurrency control.

+
Replaces a service. Only the spec and metadata labels and annotations are modifiable. After the Update request, Cloud Run will work to make the 'status' match the requested 'spec'. May provide metadata.resourceVersion to enforce update from last read for optimistic concurrency control.

 

   setIamPolicy(resource, body=None, x__xgafv=None)

 
Sets the IAM Access control policy for the specified Service. Overwrites any existing policy.

@@ -109,273 +109,273 @@ 
Method Details

 
 

     create(parent, body=None, dryRun=None, x__xgafv=None)
-  
Create a service.
+  
Creates a new Service. Service creation will trigger a new deployment. Use GetService, and check service.status to determine if the Service is ready.
 
 Args:
-  parent: string, The namespace in which the service should be created. For Cloud Run (fully managed), replace {namespace} with the project ID or number. It takes the form namespaces/{namespace}. For example: namespaces/PROJECT_ID (required)
+  parent: string, The resource's parent. In Cloud Run, it may be one of the following: * `namespaces/{project_id_or_number}` * `projects/{project_id_or_number}/locations/{region}` * `projects/{project_id_or_number}/regions/{region}` (required)
   body: object, The request body.
     The object takes the form of:
 
 { # Service acts as a top-level container that manages a set of Routes and Configurations which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets). The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#service
-  "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1".
-  "kind": "A String", # The kind of resource, in this case "Service".
-  "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Service, including name, namespace, labels, and annotations. Cloud Run (fully managed) uses the following annotation keys to configure features on a Service: * `run.googleapis.com/ingress` sets the ingress settings for the Service. See [the ingress settings documentation](/run/docs/securing/ingress) for details on configuring ingress settings. * `run.googleapis.com/ingress-status` is output-only and contains the currently active ingress settings for the Service. `run.googleapis.com/ingress-status` may differ from `run.googleapis.com/ingress` while the system is processing a change to `run.googleapis.com/ingress` or if the system failed to process a change to `run.googleapis.com/ingress`. When the system has processed all changes successfully `run.googleapis.com/ingress-status` and `run.googleapis.com/ingress` are equal.
-    "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+  "apiVersion": "A String", # The API version for this call. It must be "serving.knative.dev/v1".
+  "kind": "A String", # The kind of resource. It must be "Service".
+  "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Service, including name, namespace, labels, and annotations. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. The following Cloud Run-specific annotations are accepted in Service.metadata.annotations. * `run.googleapis.com/binary-authorization-breakglass` * `run.googleapis.com/binary-authorization` * `run.googleapis.com/client-name` * `run.googleapis.com/custom-audiences` * `run.googleapis.com/description` * `run.googleapis.com/gc-traffic-tags` * `run.googleapis.com/ingress` * `run.googleapis.com/ingress` sets the ingress settings for the Service. See [the ingress settings documentation](/run/docs/securing/ingress) for details on configuring ingress settings. * `run.googleapis.com/ingress-status` is output-only and contains the currently active ingress settings for the Service. `run.googleapis.com/ingress-status` may differ from `run.googleapis.com/ingress` while the system is processing a change to `run.googleapis.com/ingress` or if the system failed to process a change to `run.googleapis.com/ingress`. When the system has processed all changes successfully `run.googleapis.com/ingress-status` and `run.googleapis.com/ingress` are equal.
+    "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
       "a_key": "A String",
     },
-    "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-    "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-    "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+    "clusterName": "A String", # Not supported by Cloud Run
+    "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+    "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+    "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+    "finalizers": [ # Not supported by Cloud Run
       "A String",
     ],
-    "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-    "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-    "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+    "generateName": "A String", # Not supported by Cloud Run
+    "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+    "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
       "a_key": "A String",
     },
-    "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-    "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-    "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-      { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-        "apiVersion": "A String", # API version of the referent.
-        "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-        "controller": True or False, # If true, this reference points to the managing controller. +optional
-        "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-        "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+    "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+    "ownerReferences": [ # Not supported by Cloud Run
+      { # This is not supported or used by Cloud Run.
+        "apiVersion": "A String", # This is not supported or used by Cloud Run.
+        "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+        "controller": True or False, # This is not supported or used by Cloud Run.
+        "kind": "A String", # This is not supported or used by Cloud Run.
+        "name": "A String", # This is not supported or used by Cloud Run.
+        "uid": "A String", # This is not supported or used by Cloud Run.
       },
     ],
-    "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-    "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-    "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
+    "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
   },
-  "spec": { # ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s). # Spec holds the desired state of the Service (from the client).
-    "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out.
+  "spec": { # ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s). # Holds the desired state of the Service (from the client).
+    "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Holds the latest specification for the Revision to be stamped out.
       "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. The following annotation keys set properties of the created revision: * `autoscaling.knative.dev/minScale` sets the minimum number of instances. * `autoscaling.knative.dev/maxScale` sets the maximum number of instances. * `run.googleapis.com/cloudsql-instances` sets Cloud SQL connections. Multiple values should be comma separated. * `run.googleapis.com/vpc-access-connector` sets a Serverless VPC Access connector. * `run.googleapis.com/vpc-access-egress` sets VPC egress. Supported values are `all-traffic`, `all` (deprecated), and `private-ranges-only`. `all-traffic` and `all` provide the same functionality. `all` is deprecated but will continue to be supported. Prefer `all-traffic`.
-        "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+        "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
           "a_key": "A String",
         },
-        "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-        "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-        "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+        "clusterName": "A String", # Not supported by Cloud Run
+        "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+        "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+        "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+        "finalizers": [ # Not supported by Cloud Run
           "A String",
         ],
-        "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-        "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-        "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+        "generateName": "A String", # Not supported by Cloud Run
+        "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+        "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
           "a_key": "A String",
         },
-        "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-        "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-        "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-          { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-            "apiVersion": "A String", # API version of the referent.
-            "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-            "controller": True or False, # If true, this reference points to the managing controller. +optional
-            "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-            "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+        "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+        "ownerReferences": [ # Not supported by Cloud Run
+          { # This is not supported or used by Cloud Run.
+            "apiVersion": "A String", # This is not supported or used by Cloud Run.
+            "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+            "controller": True or False, # This is not supported or used by Cloud Run.
+            "kind": "A String", # This is not supported or used by Cloud Run.
+            "name": "A String", # This is not supported or used by Cloud Run.
+            "uid": "A String", # This is not supported or used by Cloud Run.
           },
         ],
-        "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-        "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-        "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+        "selfLink": "A String", # URL representing this object.
+        "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
       },
       "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
-        "containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run for Anthos: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler.
-        "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/serving/blob/main/docs/runtime-contract.md
+        "containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run: supported, defaults to 80
+        "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/specs/blob/main/specs/serving/runtime-contract.md
           { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime.
-            "args": [ # (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+            "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
               "A String",
             ],
-            "command": [
+            "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
               "A String",
             ],
-            "env": [ # (Optional) List of environment variables to set in the container.
+            "env": [ # List of environment variables to set in the container.
               { # EnvVar represents an environment variable present in a Container.
-                "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
-                "value": "A String", # (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
-                "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # (Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty.
-                  "configMapKeyRef": { # Not supported by Cloud Run Selects a key from a ConfigMap. # (Optional) Not supported by Cloud Run Selects a key of a ConfigMap.
-                    "key": "A String", # The key to select.
-                    "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                      "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "name": "A String", # Required. Name of the environment variable. Must be a C_IDENTIFIER.
+                "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
+                "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # Source for the environment variable's value. Only supports secret_key_ref. Cannot be used if value is not empty.
+                  "configMapKeyRef": { # Not supported by Cloud Run. Selects a key from a ConfigMap. # Not supported by Cloud Run. Selects a key of a ConfigMap.
+                    "key": "A String", # Required. The key to select.
+                    "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                      "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                     },
-                    "name": "A String", # The ConfigMap to select from.
-                    "optional": True or False, # (Optional) Specify whether the ConfigMap or its key must be defined
+                    "name": "A String", # Required. The ConfigMap to select from.
+                    "optional": True or False, # Specify whether the ConfigMap or its key must be defined
                   },
-                  "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # (Optional) Selects a key (version) of a secret in Secret Manager.
-                    "key": "A String", # A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
-                    "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                      "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                  "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # Selects a key (version) of a secret in Secret Manager.
+                    "key": "A String", # Required. A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
+                    "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                      "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                     },
                     "name": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from.
-                    "optional": True or False, # (Optional) Specify whether the Secret or its key must be defined
+                    "optional": True or False, # Specify whether the Secret or its key must be defined.
                   },
                 },
               },
             ],
-            "envFrom": [ # (Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
-              { # Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps
-                "configMapRef": { # Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # (Optional) The ConfigMap to select from
-                  "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                    "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+            "envFrom": [ # Not supported by Cloud Run.
+              { # Not supported by Cloud Run. EnvFromSource represents the source of a set of ConfigMaps
+                "configMapRef": { # Not supported by Cloud Run. ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from
+                  "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                    "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                   },
                   "name": "A String", # The ConfigMap to select from.
-                  "optional": True or False, # (Optional) Specify whether the ConfigMap must be defined
+                  "optional": True or False, # Specify whether the ConfigMap must be defined.
                 },
-                "prefix": "A String", # (Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
-                "secretRef": { # Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # (Optional) The Secret to select from
-                  "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                    "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
+                "secretRef": { # Not supported by Cloud Run. SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from
+                  "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                    "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                   },
                   "name": "A String", # The Secret to select from.
-                  "optional": True or False, # (Optional) Specify whether the Secret must be defined
+                  "optional": True or False, # Specify whether the Secret must be defined
                 },
               },
             ],
-            "image": "A String", # Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images
-            "imagePullPolicy": "A String", # (Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
-            "livenessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "image": "A String", # Required. URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images
+            "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
+            "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "name": "A String", # (Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
-            "ports": [ # (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
+            "name": "A String", # Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
+            "ports": [ # List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
               { # ContainerPort represents a network port in a single container.
-                "containerPort": 42, # (Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536.
-                "name": "A String", # (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
-                "protocol": "A String", # (Optional) Protocol for port. Must be "TCP". Defaults to "TCP".
+                "containerPort": 42, # Port number the container listens on. This must be a valid port number, 0 < x < 65536.
+                "name": "A String", # If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
+                "protocol": "A String", # Protocol for port. Must be "TCP". Defaults to "TCP".
               },
             ],
-            "readinessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Not supported by Cloud Run.
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "resources": { # ResourceRequirements describes the compute resource requirements. # (Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
-              "limits": { # (Optional) Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+            "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+              "limits": { # Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                 "a_key": "A String",
               },
-              "requests": { # (Optional) Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+              "requests": { # Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                 "a_key": "A String",
               },
             },
-            "securityContext": { # Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # (Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
-              "runAsUser": 42, # (Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+            "securityContext": { # Not supported by Cloud Run. SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Not supported by Cloud Run.
+              "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
             },
-            "startupProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "startupProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not receive traffic if the probe fails. If not provided, a default startup probe with TCP socket action is used. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "terminationMessagePath": "A String", # (Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
-            "terminationMessagePolicy": "A String", # (Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
-            "volumeMounts": [ # (Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
+            "terminationMessagePath": "A String", # Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
+            "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
+            "volumeMounts": [ # Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
               { # VolumeMount describes a mounting of a Volume within a container.
-                "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'.
-                "name": "A String", # The name of the volume. There must be a corresponding Volume with the same name.
-                "readOnly": True or False, # (Optional) Only true is accepted. Defaults to true.
-                "subPath": "A String", # (Optional) Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
+                "mountPath": "A String", # Required. Path within the container at which the volume should be mounted. Must not contain ':'.
+                "name": "A String", # Required. The name of the volume. There must be a corresponding Volume with the same name.
+                "readOnly": True or False, # Only true is accepted for Secret Volumes. Defaults to true for Secrets Volumes.
+                "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
               },
             ],
-            "workingDir": "A String", # (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
+            "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
           },
         ],
-        "enableServiceLinks": True or False, # Indicates whether information about services should be injected into pod's environment variables, matching the syntax of Docker links. Cloud Run fully managed: Not supported. Cloud Run for Anthos: supported, defaults to true.
-        "imagePullSecrets": [ # ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet. More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod Cloud Run fully managed: Not supported. Cloud Run for Anthos: supported.
-          { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
-            "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+        "enableServiceLinks": True or False, # Not supported by Cloud Run.
+        "imagePullSecrets": [ # Not supported by Cloud Run.
+          { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
+            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
           },
         ],
         "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account.
-        "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run fully managed: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour). Cloud Run for Anthos: defaults to 300 seconds (5 minutes). Maximum allowed value is configurable by the cluster operator.
+        "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour).
         "volumes": [
           { # Volume represents a named volume in a container.
-            "configMap": { # Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
+            "configMap": { # Not supported by Cloud Run. Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
               "defaultMode": 42, # (Optional) Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
               "items": [ # (Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
                 { # Maps a string key to a path within a volume.
@@ -388,25 +388,25 @@ 
Method Details

               "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
             },
             "name": "A String", # Volume's name. In Cloud Run Fully Managed, the name 'cloudsql' is reserved.
-            "secret": { # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names.
+            "secret": { # A volume representing a secret stored in Google Secret Manager. The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secretName.
               "defaultMode": 42, # Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0444. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
-              "items": [ # (Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
+              "items": [ # A list of secret versions to mount in the volume. If no items are specified, the volume will expose a file with the same name as the secret name. The contents of the file will be the data in the latest version of the secret. If items are specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify both a key and a path.
                 { # Maps a string key to a path within a volume.
                   "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project.
                   "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                   "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                 },
               ],
-              "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
+              "optional": True or False, # Not supported by Cloud Run.
               "secretName": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use.
             },
           },
         ],
       },
     },
-    "traffic": [ # Traffic specifies how to distribute traffic over a collection of Knative Revisions and Configurations.
+    "traffic": [ # Specifies how to distribute traffic over a collection of Knative Revisions and Configurations to the Service's main URL.
       { # TrafficTarget holds a single entry of the routing table for a Route.
-        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
+        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision which will be sent this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, traffic will automatically migrate from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
         "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty.
         "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified.
         "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName.
@@ -415,26 +415,26 @@ 
Method Details

       },
     ],
   },
-  "status": { # The current state of the Service. Output only. # Status communicates the observed state of the Service (from the controller).
-    "address": { # Information for connecting over HTTP(s). # From RouteStatus. Similar to url, information on where the service is available on HTTP.
+  "status": { # The current state of the Service. Output only. # Communicates the system-controlled state of the Service.
+    "address": { # Information for connecting over HTTP(s). # Similar to url, information on where the service is available on HTTP.
       "url": "A String",
     },
-    "conditions": [ # Conditions communicates information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world. Service-specific conditions include: * "ConfigurationsReady": true when the underlying Configuration is ready. * "RoutesReady": true when the underlying Route is ready. * "Ready": true when both the underlying Route and Configuration are ready.
-      { # Condition defines a generic condition for a Resource.
+    "conditions": [ # Communicates information about ongoing/complete reconciliation processes that bring the `spec` inline with the observed state of the world. Service-specific conditions include: * `ConfigurationsReady`: `True` when the underlying Configuration is ready. * `RoutesReady`: `True` when the underlying Route is ready. * `Ready`: `True` when all underlying resources are ready.
+      { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
         "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
         "message": "A String", # Optional. Human readable message indicating details about the current status.
-        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-        "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+        "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
         "status": "A String", # Status of the condition, one of True, False, Unknown.
-        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
       },
     ],
-    "latestCreatedRevisionName": "A String", # From ConfigurationStatus. LatestCreatedRevisionName is the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName.
-    "latestReadyRevisionName": "A String", # From ConfigurationStatus. LatestReadyRevisionName holds the name of the latest Revision stamped out from this Service's Configuration that has had its "Ready" condition become "True".
-    "observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Route that was last processed by the controller. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False.
-    "traffic": [ # From RouteStatus. Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed.
+    "latestCreatedRevisionName": "A String", # Name of the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName.
+    "latestReadyRevisionName": "A String", # Name of the latest Revision from this Service's Configuration that has had its `Ready` condition become `True`.
+    "observedGeneration": 42, # Returns the generation last fully processed by the system. This will only match metadata.generation when reconciliation is complete. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False.
+    "traffic": [ # Holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed.
       { # TrafficTarget holds a single entry of the routing table for a Route.
-        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
+        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision which will be sent this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, traffic will automatically migrate from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
         "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty.
         "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified.
         "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName.
@@ -442,7 +442,7 @@ 
Method Details

         "url": "A String", # Output only. URL displays the URL for accessing tagged traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. https://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.)
       },
     ],
-    "url": "A String", # From RouteStatus. URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app
+    "url": "A String", # URL that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app
   },
 }
 
@@ -456,265 +456,265 @@ 
Method Details

   An object of the form:
 
     { # Service acts as a top-level container that manages a set of Routes and Configurations which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets). The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#service
-  "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1".
-  "kind": "A String", # The kind of resource, in this case "Service".
-  "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Service, including name, namespace, labels, and annotations. Cloud Run (fully managed) uses the following annotation keys to configure features on a Service: * `run.googleapis.com/ingress` sets the ingress settings for the Service. See [the ingress settings documentation](/run/docs/securing/ingress) for details on configuring ingress settings. * `run.googleapis.com/ingress-status` is output-only and contains the currently active ingress settings for the Service. `run.googleapis.com/ingress-status` may differ from `run.googleapis.com/ingress` while the system is processing a change to `run.googleapis.com/ingress` or if the system failed to process a change to `run.googleapis.com/ingress`. When the system has processed all changes successfully `run.googleapis.com/ingress-status` and `run.googleapis.com/ingress` are equal.
-    "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+  "apiVersion": "A String", # The API version for this call. It must be "serving.knative.dev/v1".
+  "kind": "A String", # The kind of resource. It must be "Service".
+  "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Service, including name, namespace, labels, and annotations. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. The following Cloud Run-specific annotations are accepted in Service.metadata.annotations. * `run.googleapis.com/binary-authorization-breakglass` * `run.googleapis.com/binary-authorization` * `run.googleapis.com/client-name` * `run.googleapis.com/custom-audiences` * `run.googleapis.com/description` * `run.googleapis.com/gc-traffic-tags` * `run.googleapis.com/ingress` * `run.googleapis.com/ingress` sets the ingress settings for the Service. See [the ingress settings documentation](/run/docs/securing/ingress) for details on configuring ingress settings. * `run.googleapis.com/ingress-status` is output-only and contains the currently active ingress settings for the Service. `run.googleapis.com/ingress-status` may differ from `run.googleapis.com/ingress` while the system is processing a change to `run.googleapis.com/ingress` or if the system failed to process a change to `run.googleapis.com/ingress`. When the system has processed all changes successfully `run.googleapis.com/ingress-status` and `run.googleapis.com/ingress` are equal.
+    "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
       "a_key": "A String",
     },
-    "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-    "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-    "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+    "clusterName": "A String", # Not supported by Cloud Run
+    "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+    "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+    "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+    "finalizers": [ # Not supported by Cloud Run
       "A String",
     ],
-    "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-    "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-    "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+    "generateName": "A String", # Not supported by Cloud Run
+    "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+    "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
       "a_key": "A String",
     },
-    "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-    "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-    "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-      { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-        "apiVersion": "A String", # API version of the referent.
-        "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-        "controller": True or False, # If true, this reference points to the managing controller. +optional
-        "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-        "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+    "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+    "ownerReferences": [ # Not supported by Cloud Run
+      { # This is not supported or used by Cloud Run.
+        "apiVersion": "A String", # This is not supported or used by Cloud Run.
+        "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+        "controller": True or False, # This is not supported or used by Cloud Run.
+        "kind": "A String", # This is not supported or used by Cloud Run.
+        "name": "A String", # This is not supported or used by Cloud Run.
+        "uid": "A String", # This is not supported or used by Cloud Run.
       },
     ],
-    "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-    "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-    "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
+    "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
   },
-  "spec": { # ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s). # Spec holds the desired state of the Service (from the client).
-    "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out.
+  "spec": { # ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s). # Holds the desired state of the Service (from the client).
+    "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Holds the latest specification for the Revision to be stamped out.
       "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. The following annotation keys set properties of the created revision: * `autoscaling.knative.dev/minScale` sets the minimum number of instances. * `autoscaling.knative.dev/maxScale` sets the maximum number of instances. * `run.googleapis.com/cloudsql-instances` sets Cloud SQL connections. Multiple values should be comma separated. * `run.googleapis.com/vpc-access-connector` sets a Serverless VPC Access connector. * `run.googleapis.com/vpc-access-egress` sets VPC egress. Supported values are `all-traffic`, `all` (deprecated), and `private-ranges-only`. `all-traffic` and `all` provide the same functionality. `all` is deprecated but will continue to be supported. Prefer `all-traffic`.
-        "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+        "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
           "a_key": "A String",
         },
-        "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-        "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-        "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+        "clusterName": "A String", # Not supported by Cloud Run
+        "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+        "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+        "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+        "finalizers": [ # Not supported by Cloud Run
           "A String",
         ],
-        "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-        "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-        "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+        "generateName": "A String", # Not supported by Cloud Run
+        "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+        "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
           "a_key": "A String",
         },
-        "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-        "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-        "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-          { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-            "apiVersion": "A String", # API version of the referent.
-            "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-            "controller": True or False, # If true, this reference points to the managing controller. +optional
-            "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-            "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+        "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+        "ownerReferences": [ # Not supported by Cloud Run
+          { # This is not supported or used by Cloud Run.
+            "apiVersion": "A String", # This is not supported or used by Cloud Run.
+            "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+            "controller": True or False, # This is not supported or used by Cloud Run.
+            "kind": "A String", # This is not supported or used by Cloud Run.
+            "name": "A String", # This is not supported or used by Cloud Run.
+            "uid": "A String", # This is not supported or used by Cloud Run.
           },
         ],
-        "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-        "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-        "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+        "selfLink": "A String", # URL representing this object.
+        "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
       },
       "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
-        "containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run for Anthos: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler.
-        "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/serving/blob/main/docs/runtime-contract.md
+        "containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run: supported, defaults to 80
+        "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/specs/blob/main/specs/serving/runtime-contract.md
           { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime.
-            "args": [ # (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+            "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
               "A String",
             ],
-            "command": [
+            "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
               "A String",
             ],
-            "env": [ # (Optional) List of environment variables to set in the container.
+            "env": [ # List of environment variables to set in the container.
               { # EnvVar represents an environment variable present in a Container.
-                "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
-                "value": "A String", # (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
-                "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # (Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty.
-                  "configMapKeyRef": { # Not supported by Cloud Run Selects a key from a ConfigMap. # (Optional) Not supported by Cloud Run Selects a key of a ConfigMap.
-                    "key": "A String", # The key to select.
-                    "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                      "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "name": "A String", # Required. Name of the environment variable. Must be a C_IDENTIFIER.
+                "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
+                "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # Source for the environment variable's value. Only supports secret_key_ref. Cannot be used if value is not empty.
+                  "configMapKeyRef": { # Not supported by Cloud Run. Selects a key from a ConfigMap. # Not supported by Cloud Run. Selects a key of a ConfigMap.
+                    "key": "A String", # Required. The key to select.
+                    "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                      "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                     },
-                    "name": "A String", # The ConfigMap to select from.
-                    "optional": True or False, # (Optional) Specify whether the ConfigMap or its key must be defined
+                    "name": "A String", # Required. The ConfigMap to select from.
+                    "optional": True or False, # Specify whether the ConfigMap or its key must be defined
                   },
-                  "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # (Optional) Selects a key (version) of a secret in Secret Manager.
-                    "key": "A String", # A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
-                    "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                      "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                  "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # Selects a key (version) of a secret in Secret Manager.
+                    "key": "A String", # Required. A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
+                    "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                      "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                     },
                     "name": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from.
-                    "optional": True or False, # (Optional) Specify whether the Secret or its key must be defined
+                    "optional": True or False, # Specify whether the Secret or its key must be defined.
                   },
                 },
               },
             ],
-            "envFrom": [ # (Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
-              { # Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps
-                "configMapRef": { # Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # (Optional) The ConfigMap to select from
-                  "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                    "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+            "envFrom": [ # Not supported by Cloud Run.
+              { # Not supported by Cloud Run. EnvFromSource represents the source of a set of ConfigMaps
+                "configMapRef": { # Not supported by Cloud Run. ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from
+                  "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                    "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                   },
                   "name": "A String", # The ConfigMap to select from.
-                  "optional": True or False, # (Optional) Specify whether the ConfigMap must be defined
+                  "optional": True or False, # Specify whether the ConfigMap must be defined.
                 },
-                "prefix": "A String", # (Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
-                "secretRef": { # Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # (Optional) The Secret to select from
-                  "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                    "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
+                "secretRef": { # Not supported by Cloud Run. SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from
+                  "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                    "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                   },
                   "name": "A String", # The Secret to select from.
-                  "optional": True or False, # (Optional) Specify whether the Secret must be defined
+                  "optional": True or False, # Specify whether the Secret must be defined
                 },
               },
             ],
-            "image": "A String", # Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images
-            "imagePullPolicy": "A String", # (Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
-            "livenessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "image": "A String", # Required. URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images
+            "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
+            "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "name": "A String", # (Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
-            "ports": [ # (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
+            "name": "A String", # Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
+            "ports": [ # List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
               { # ContainerPort represents a network port in a single container.
-                "containerPort": 42, # (Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536.
-                "name": "A String", # (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
-                "protocol": "A String", # (Optional) Protocol for port. Must be "TCP". Defaults to "TCP".
+                "containerPort": 42, # Port number the container listens on. This must be a valid port number, 0 < x < 65536.
+                "name": "A String", # If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
+                "protocol": "A String", # Protocol for port. Must be "TCP". Defaults to "TCP".
               },
             ],
-            "readinessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Not supported by Cloud Run.
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "resources": { # ResourceRequirements describes the compute resource requirements. # (Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
-              "limits": { # (Optional) Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+            "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+              "limits": { # Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                 "a_key": "A String",
               },
-              "requests": { # (Optional) Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+              "requests": { # Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                 "a_key": "A String",
               },
             },
-            "securityContext": { # Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # (Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
-              "runAsUser": 42, # (Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+            "securityContext": { # Not supported by Cloud Run. SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Not supported by Cloud Run.
+              "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
             },
-            "startupProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "startupProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not receive traffic if the probe fails. If not provided, a default startup probe with TCP socket action is used. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "terminationMessagePath": "A String", # (Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
-            "terminationMessagePolicy": "A String", # (Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
-            "volumeMounts": [ # (Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
+            "terminationMessagePath": "A String", # Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
+            "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
+            "volumeMounts": [ # Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
               { # VolumeMount describes a mounting of a Volume within a container.
-                "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'.
-                "name": "A String", # The name of the volume. There must be a corresponding Volume with the same name.
-                "readOnly": True or False, # (Optional) Only true is accepted. Defaults to true.
-                "subPath": "A String", # (Optional) Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
+                "mountPath": "A String", # Required. Path within the container at which the volume should be mounted. Must not contain ':'.
+                "name": "A String", # Required. The name of the volume. There must be a corresponding Volume with the same name.
+                "readOnly": True or False, # Only true is accepted for Secret Volumes. Defaults to true for Secrets Volumes.
+                "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
               },
             ],
-            "workingDir": "A String", # (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
+            "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
           },
         ],
-        "enableServiceLinks": True or False, # Indicates whether information about services should be injected into pod's environment variables, matching the syntax of Docker links. Cloud Run fully managed: Not supported. Cloud Run for Anthos: supported, defaults to true.
-        "imagePullSecrets": [ # ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet. More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod Cloud Run fully managed: Not supported. Cloud Run for Anthos: supported.
-          { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
-            "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+        "enableServiceLinks": True or False, # Not supported by Cloud Run.
+        "imagePullSecrets": [ # Not supported by Cloud Run.
+          { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
+            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
           },
         ],
         "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account.
-        "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run fully managed: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour). Cloud Run for Anthos: defaults to 300 seconds (5 minutes). Maximum allowed value is configurable by the cluster operator.
+        "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour).
         "volumes": [
           { # Volume represents a named volume in a container.
-            "configMap": { # Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
+            "configMap": { # Not supported by Cloud Run. Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
               "defaultMode": 42, # (Optional) Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
               "items": [ # (Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
                 { # Maps a string key to a path within a volume.
@@ -727,25 +727,25 @@ 
Method Details

               "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
             },
             "name": "A String", # Volume's name. In Cloud Run Fully Managed, the name 'cloudsql' is reserved.
-            "secret": { # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names.
+            "secret": { # A volume representing a secret stored in Google Secret Manager. The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secretName.
               "defaultMode": 42, # Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0444. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
-              "items": [ # (Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
+              "items": [ # A list of secret versions to mount in the volume. If no items are specified, the volume will expose a file with the same name as the secret name. The contents of the file will be the data in the latest version of the secret. If items are specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify both a key and a path.
                 { # Maps a string key to a path within a volume.
                   "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project.
                   "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                   "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                 },
               ],
-              "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
+              "optional": True or False, # Not supported by Cloud Run.
               "secretName": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use.
             },
           },
         ],
       },
     },
-    "traffic": [ # Traffic specifies how to distribute traffic over a collection of Knative Revisions and Configurations.
+    "traffic": [ # Specifies how to distribute traffic over a collection of Knative Revisions and Configurations to the Service's main URL.
       { # TrafficTarget holds a single entry of the routing table for a Route.
-        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
+        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision which will be sent this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, traffic will automatically migrate from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
         "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty.
         "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified.
         "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName.
@@ -754,26 +754,26 @@ 
Method Details

       },
     ],
   },
-  "status": { # The current state of the Service. Output only. # Status communicates the observed state of the Service (from the controller).
-    "address": { # Information for connecting over HTTP(s). # From RouteStatus. Similar to url, information on where the service is available on HTTP.
+  "status": { # The current state of the Service. Output only. # Communicates the system-controlled state of the Service.
+    "address": { # Information for connecting over HTTP(s). # Similar to url, information on where the service is available on HTTP.
       "url": "A String",
     },
-    "conditions": [ # Conditions communicates information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world. Service-specific conditions include: * "ConfigurationsReady": true when the underlying Configuration is ready. * "RoutesReady": true when the underlying Route is ready. * "Ready": true when both the underlying Route and Configuration are ready.
-      { # Condition defines a generic condition for a Resource.
+    "conditions": [ # Communicates information about ongoing/complete reconciliation processes that bring the `spec` inline with the observed state of the world. Service-specific conditions include: * `ConfigurationsReady`: `True` when the underlying Configuration is ready. * `RoutesReady`: `True` when the underlying Route is ready. * `Ready`: `True` when all underlying resources are ready.
+      { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
         "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
         "message": "A String", # Optional. Human readable message indicating details about the current status.
-        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-        "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+        "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
         "status": "A String", # Status of the condition, one of True, False, Unknown.
-        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
       },
     ],
-    "latestCreatedRevisionName": "A String", # From ConfigurationStatus. LatestCreatedRevisionName is the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName.
-    "latestReadyRevisionName": "A String", # From ConfigurationStatus. LatestReadyRevisionName holds the name of the latest Revision stamped out from this Service's Configuration that has had its "Ready" condition become "True".
-    "observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Route that was last processed by the controller. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False.
-    "traffic": [ # From RouteStatus. Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed.
+    "latestCreatedRevisionName": "A String", # Name of the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName.
+    "latestReadyRevisionName": "A String", # Name of the latest Revision from this Service's Configuration that has had its `Ready` condition become `True`.
+    "observedGeneration": 42, # Returns the generation last fully processed by the system. This will only match metadata.generation when reconciliation is complete. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False.
+    "traffic": [ # Holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed.
       { # TrafficTarget holds a single entry of the routing table for a Route.
-        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
+        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision which will be sent this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, traffic will automatically migrate from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
         "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty.
         "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified.
         "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName.
@@ -781,21 +781,21 @@ 
Method Details

         "url": "A String", # Output only. URL displays the URL for accessing tagged traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. https://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.)
       },
     ],
-    "url": "A String", # From RouteStatus. URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app
+    "url": "A String", # URL that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app
   },
 }

 

 
 

     delete(name, apiVersion=None, dryRun=None, kind=None, propagationPolicy=None, x__xgafv=None)
-  
Delete a service. This will cause the Service to stop serving traffic and will delete the child entities like Routes, Configurations and Revisions.
+  
Deletes the provided service. This will cause the Service to stop serving traffic and will delete all associated Revisions.
 
 Args:
-  name: string, The name of the service to delete. For Cloud Run (fully managed), replace {namespace} with the project ID or number. It takes the form namespaces/{namespace}. For example: namespaces/PROJECT_ID (required)
-  apiVersion: string, Cloud Run currently ignores this parameter.
+  name: string, The fully qualified name of the service to delete. It can be any of the following forms: * `namespaces/{project_id_or_number}/services/{service_name}` * `projects/{project_id_or_number}/locations/{region}/services/{service_name}` * `projects/{project_id_or_number}/regions/{region}/services/{service_name}` (required)
+  apiVersion: string, Not supported, and ignored by Cloud Run.
   dryRun: string, Indicates that the server should validate the request and populate default values without persisting the request. Supported values: `all`
-  kind: string, Cloud Run currently ignores this parameter.
-  propagationPolicy: string, Specifies the propagation policy of delete. Cloud Run currently ignores this setting, and deletes in the background. Please see kubernetes.io/docs/concepts/workloads/controllers/garbage-collection/ for more information.
+  kind: string, Not supported, and ignored by Cloud Run.
+  propagationPolicy: string, Not supported, and ignored by Cloud Run.
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -804,39 +804,39 @@ 
Method Details

 Returns:
   An object of the form:
 
-    { # Status is a return value for calls that don't return other objects
-  "code": 42, # Suggested HTTP return code for this status, 0 if not set. +optional
-  "details": { # StatusDetails is a set of additional properties that MAY be set by the server to provide additional information about a response. The Reason field of a Status object defines what attributes will be set. Clients must ignore fields that do not match the defined type of each attribute, and should assume that any attribute may be empty, invalid, or under defined. # Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type. +optional
-    "causes": [ # The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes. +optional
+    { # Status is a return value for calls that don't return other objects.
+  "code": 42, # Suggested HTTP return code for this status, 0 if not set.
+  "details": { # StatusDetails is a set of additional properties that MAY be set by the server to provide additional information about a response. The Reason field of a Status object defines what attributes will be set. Clients must ignore fields that do not match the defined type of each attribute, and should assume that any attribute may be empty, invalid, or under defined. # Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type.
+    "causes": [ # The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes.
       { # StatusCause provides more information about an api.Status failure, including cases when multiple errors are encountered.
-        "field": "A String", # The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. Examples: "name" - the field "name" on the current resource "items[0].name" - the field "name" on the first array entry in "items" +optional
-        "message": "A String", # A human-readable description of the cause of the error. This field may be presented as-is to a reader. +optional
-        "reason": "A String", # A machine-readable description of the cause of the error. If this value is empty there is no information available. +optional
+        "field": "A String", # The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Examples: "name" - the field "name" on the current resource "items[0].name" - the field "name" on the first array entry in "items"
+        "message": "A String", # A human-readable description of the cause of the error. This field may be presented as-is to a reader.
+        "reason": "A String", # A machine-readable description of the cause of the error. If this value is empty there is no information available.
       },
     ],
-    "group": "A String", # The group attribute of the resource associated with the status StatusReason. +optional
-    "kind": "A String", # The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +optional
-    "name": "A String", # The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described). +optional
-    "retryAfterSeconds": 42, # If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action. +optional
-    "uid": "A String", # UID of the resource. (when there is a single resource which can be described). More info: https://kubernetes.io/docs/user-guide/identifiers#uids +optional
+    "group": "A String", # The group attribute of the resource associated with the status StatusReason.
+    "kind": "A String", # The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+    "name": "A String", # The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described).
+    "retryAfterSeconds": 42, # If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action.
+    "uid": "A String", # UID of the resource. (when there is a single resource which can be described). More info: https://kubernetes.io/docs/user-guide/identifiers#uids
   },
-  "message": "A String", # A human-readable description of the status of this operation. +optional
-  "metadata": { # ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}. # Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +optional
-    "continue": "A String", # continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response.
-    "resourceVersion": "A String", # String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional
-    "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional
+  "message": "A String", # A human-readable description of the status of this operation.
+  "metadata": { # Metadata for synthetic resources like List. In Cloud Run, all List Resources Responses will have a ListMeta instead of ObjectMeta. # Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+    "continue": "A String", # Continuation token is a value emitted when the count of items is larger than the user/system limit. To retrieve the next page of items, pass the value of `continue` as the next request's `page_token`.
+    "resourceVersion": "A String", # Opaque string that identifies the server's internal version of this object. It can be used by clients to determine when objects have changed. If the message is passed back to the server, it must be left unmodified. https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
   },
-  "reason": "A String", # A machine-readable description of why this operation is in the "Failure" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it. +optional
-  "status": "A String", # Status of the operation. One of: "Success" or "Failure". More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status +optional
+  "reason": "A String", # A machine-readable description of why this operation is in the "Failure" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it.
+  "status": "A String", # Status of the operation. One of: "Success" or "Failure". More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
 }

 

 
 

     get(name, x__xgafv=None)
-  
Get information about a service.
+  
Gets information about a service.
 
 Args:
-  name: string, The name of the service to retrieve. For Cloud Run (fully managed), replace {namespace} with the project ID or number. It takes the form namespaces/{namespace}. For example: namespaces/PROJECT_ID (required)
+  name: string, The fully qualified name of the service to retrieve. It can be any of the following forms: * `namespaces/{project_id_or_number}/services/{service_name}` * `projects/{project_id_or_number}/locations/{region}/services/{service_name}` * `projects/{project_id_or_number}/regions/{region}/services/{service_name}` (required)
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -846,265 +846,265 @@ 
Method Details

   An object of the form:
 
     { # Service acts as a top-level container that manages a set of Routes and Configurations which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets). The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#service
-  "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1".
-  "kind": "A String", # The kind of resource, in this case "Service".
-  "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Service, including name, namespace, labels, and annotations. Cloud Run (fully managed) uses the following annotation keys to configure features on a Service: * `run.googleapis.com/ingress` sets the ingress settings for the Service. See [the ingress settings documentation](/run/docs/securing/ingress) for details on configuring ingress settings. * `run.googleapis.com/ingress-status` is output-only and contains the currently active ingress settings for the Service. `run.googleapis.com/ingress-status` may differ from `run.googleapis.com/ingress` while the system is processing a change to `run.googleapis.com/ingress` or if the system failed to process a change to `run.googleapis.com/ingress`. When the system has processed all changes successfully `run.googleapis.com/ingress-status` and `run.googleapis.com/ingress` are equal.
-    "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+  "apiVersion": "A String", # The API version for this call. It must be "serving.knative.dev/v1".
+  "kind": "A String", # The kind of resource. It must be "Service".
+  "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Service, including name, namespace, labels, and annotations. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. The following Cloud Run-specific annotations are accepted in Service.metadata.annotations. * `run.googleapis.com/binary-authorization-breakglass` * `run.googleapis.com/binary-authorization` * `run.googleapis.com/client-name` * `run.googleapis.com/custom-audiences` * `run.googleapis.com/description` * `run.googleapis.com/gc-traffic-tags` * `run.googleapis.com/ingress` * `run.googleapis.com/ingress` sets the ingress settings for the Service. See [the ingress settings documentation](/run/docs/securing/ingress) for details on configuring ingress settings. * `run.googleapis.com/ingress-status` is output-only and contains the currently active ingress settings for the Service. `run.googleapis.com/ingress-status` may differ from `run.googleapis.com/ingress` while the system is processing a change to `run.googleapis.com/ingress` or if the system failed to process a change to `run.googleapis.com/ingress`. When the system has processed all changes successfully `run.googleapis.com/ingress-status` and `run.googleapis.com/ingress` are equal.
+    "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
       "a_key": "A String",
     },
-    "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-    "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-    "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+    "clusterName": "A String", # Not supported by Cloud Run
+    "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+    "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+    "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+    "finalizers": [ # Not supported by Cloud Run
       "A String",
     ],
-    "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-    "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-    "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+    "generateName": "A String", # Not supported by Cloud Run
+    "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+    "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
       "a_key": "A String",
     },
-    "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-    "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-    "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-      { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-        "apiVersion": "A String", # API version of the referent.
-        "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-        "controller": True or False, # If true, this reference points to the managing controller. +optional
-        "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-        "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+    "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+    "ownerReferences": [ # Not supported by Cloud Run
+      { # This is not supported or used by Cloud Run.
+        "apiVersion": "A String", # This is not supported or used by Cloud Run.
+        "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+        "controller": True or False, # This is not supported or used by Cloud Run.
+        "kind": "A String", # This is not supported or used by Cloud Run.
+        "name": "A String", # This is not supported or used by Cloud Run.
+        "uid": "A String", # This is not supported or used by Cloud Run.
       },
     ],
-    "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-    "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-    "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
+    "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
   },
-  "spec": { # ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s). # Spec holds the desired state of the Service (from the client).
-    "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out.
+  "spec": { # ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s). # Holds the desired state of the Service (from the client).
+    "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Holds the latest specification for the Revision to be stamped out.
       "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. The following annotation keys set properties of the created revision: * `autoscaling.knative.dev/minScale` sets the minimum number of instances. * `autoscaling.knative.dev/maxScale` sets the maximum number of instances. * `run.googleapis.com/cloudsql-instances` sets Cloud SQL connections. Multiple values should be comma separated. * `run.googleapis.com/vpc-access-connector` sets a Serverless VPC Access connector. * `run.googleapis.com/vpc-access-egress` sets VPC egress. Supported values are `all-traffic`, `all` (deprecated), and `private-ranges-only`. `all-traffic` and `all` provide the same functionality. `all` is deprecated but will continue to be supported. Prefer `all-traffic`.
-        "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+        "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
           "a_key": "A String",
         },
-        "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-        "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-        "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+        "clusterName": "A String", # Not supported by Cloud Run
+        "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+        "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+        "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+        "finalizers": [ # Not supported by Cloud Run
           "A String",
         ],
-        "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-        "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-        "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+        "generateName": "A String", # Not supported by Cloud Run
+        "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+        "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
           "a_key": "A String",
         },
-        "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-        "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-        "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-          { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-            "apiVersion": "A String", # API version of the referent.
-            "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-            "controller": True or False, # If true, this reference points to the managing controller. +optional
-            "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-            "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+        "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+        "ownerReferences": [ # Not supported by Cloud Run
+          { # This is not supported or used by Cloud Run.
+            "apiVersion": "A String", # This is not supported or used by Cloud Run.
+            "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+            "controller": True or False, # This is not supported or used by Cloud Run.
+            "kind": "A String", # This is not supported or used by Cloud Run.
+            "name": "A String", # This is not supported or used by Cloud Run.
+            "uid": "A String", # This is not supported or used by Cloud Run.
           },
         ],
-        "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-        "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-        "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+        "selfLink": "A String", # URL representing this object.
+        "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
       },
       "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
-        "containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run for Anthos: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler.
-        "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/serving/blob/main/docs/runtime-contract.md
+        "containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run: supported, defaults to 80
+        "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/specs/blob/main/specs/serving/runtime-contract.md
           { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime.
-            "args": [ # (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+            "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
               "A String",
             ],
-            "command": [
+            "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
               "A String",
             ],
-            "env": [ # (Optional) List of environment variables to set in the container.
+            "env": [ # List of environment variables to set in the container.
               { # EnvVar represents an environment variable present in a Container.
-                "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
-                "value": "A String", # (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
-                "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # (Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty.
-                  "configMapKeyRef": { # Not supported by Cloud Run Selects a key from a ConfigMap. # (Optional) Not supported by Cloud Run Selects a key of a ConfigMap.
-                    "key": "A String", # The key to select.
-                    "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                      "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "name": "A String", # Required. Name of the environment variable. Must be a C_IDENTIFIER.
+                "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
+                "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # Source for the environment variable's value. Only supports secret_key_ref. Cannot be used if value is not empty.
+                  "configMapKeyRef": { # Not supported by Cloud Run. Selects a key from a ConfigMap. # Not supported by Cloud Run. Selects a key of a ConfigMap.
+                    "key": "A String", # Required. The key to select.
+                    "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                      "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                     },
-                    "name": "A String", # The ConfigMap to select from.
-                    "optional": True or False, # (Optional) Specify whether the ConfigMap or its key must be defined
+                    "name": "A String", # Required. The ConfigMap to select from.
+                    "optional": True or False, # Specify whether the ConfigMap or its key must be defined
                   },
-                  "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # (Optional) Selects a key (version) of a secret in Secret Manager.
-                    "key": "A String", # A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
-                    "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                      "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                  "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # Selects a key (version) of a secret in Secret Manager.
+                    "key": "A String", # Required. A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
+                    "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                      "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                     },
                     "name": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from.
-                    "optional": True or False, # (Optional) Specify whether the Secret or its key must be defined
+                    "optional": True or False, # Specify whether the Secret or its key must be defined.
                   },
                 },
               },
             ],
-            "envFrom": [ # (Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
-              { # Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps
-                "configMapRef": { # Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # (Optional) The ConfigMap to select from
-                  "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                    "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+            "envFrom": [ # Not supported by Cloud Run.
+              { # Not supported by Cloud Run. EnvFromSource represents the source of a set of ConfigMaps
+                "configMapRef": { # Not supported by Cloud Run. ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from
+                  "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                    "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                   },
                   "name": "A String", # The ConfigMap to select from.
-                  "optional": True or False, # (Optional) Specify whether the ConfigMap must be defined
+                  "optional": True or False, # Specify whether the ConfigMap must be defined.
                 },
-                "prefix": "A String", # (Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
-                "secretRef": { # Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # (Optional) The Secret to select from
-                  "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                    "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
+                "secretRef": { # Not supported by Cloud Run. SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from
+                  "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                    "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                   },
                   "name": "A String", # The Secret to select from.
-                  "optional": True or False, # (Optional) Specify whether the Secret must be defined
+                  "optional": True or False, # Specify whether the Secret must be defined
                 },
               },
             ],
-            "image": "A String", # Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images
-            "imagePullPolicy": "A String", # (Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
-            "livenessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "image": "A String", # Required. URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images
+            "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
+            "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "name": "A String", # (Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
-            "ports": [ # (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
+            "name": "A String", # Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
+            "ports": [ # List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
               { # ContainerPort represents a network port in a single container.
-                "containerPort": 42, # (Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536.
-                "name": "A String", # (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
-                "protocol": "A String", # (Optional) Protocol for port. Must be "TCP". Defaults to "TCP".
+                "containerPort": 42, # Port number the container listens on. This must be a valid port number, 0 < x < 65536.
+                "name": "A String", # If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
+                "protocol": "A String", # Protocol for port. Must be "TCP". Defaults to "TCP".
               },
             ],
-            "readinessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Not supported by Cloud Run.
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "resources": { # ResourceRequirements describes the compute resource requirements. # (Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
-              "limits": { # (Optional) Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+            "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+              "limits": { # Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                 "a_key": "A String",
               },
-              "requests": { # (Optional) Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+              "requests": { # Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                 "a_key": "A String",
               },
             },
-            "securityContext": { # Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # (Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
-              "runAsUser": 42, # (Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+            "securityContext": { # Not supported by Cloud Run. SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Not supported by Cloud Run.
+              "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
             },
-            "startupProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "startupProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not receive traffic if the probe fails. If not provided, a default startup probe with TCP socket action is used. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "terminationMessagePath": "A String", # (Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
-            "terminationMessagePolicy": "A String", # (Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
-            "volumeMounts": [ # (Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
+            "terminationMessagePath": "A String", # Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
+            "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
+            "volumeMounts": [ # Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
               { # VolumeMount describes a mounting of a Volume within a container.
-                "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'.
-                "name": "A String", # The name of the volume. There must be a corresponding Volume with the same name.
-                "readOnly": True or False, # (Optional) Only true is accepted. Defaults to true.
-                "subPath": "A String", # (Optional) Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
+                "mountPath": "A String", # Required. Path within the container at which the volume should be mounted. Must not contain ':'.
+                "name": "A String", # Required. The name of the volume. There must be a corresponding Volume with the same name.
+                "readOnly": True or False, # Only true is accepted for Secret Volumes. Defaults to true for Secrets Volumes.
+                "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
               },
             ],
-            "workingDir": "A String", # (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
+            "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
           },
         ],
-        "enableServiceLinks": True or False, # Indicates whether information about services should be injected into pod's environment variables, matching the syntax of Docker links. Cloud Run fully managed: Not supported. Cloud Run for Anthos: supported, defaults to true.
-        "imagePullSecrets": [ # ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet. More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod Cloud Run fully managed: Not supported. Cloud Run for Anthos: supported.
-          { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
-            "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+        "enableServiceLinks": True or False, # Not supported by Cloud Run.
+        "imagePullSecrets": [ # Not supported by Cloud Run.
+          { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
+            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
           },
         ],
         "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account.
-        "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run fully managed: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour). Cloud Run for Anthos: defaults to 300 seconds (5 minutes). Maximum allowed value is configurable by the cluster operator.
+        "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour).
         "volumes": [
           { # Volume represents a named volume in a container.
-            "configMap": { # Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
+            "configMap": { # Not supported by Cloud Run. Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
               "defaultMode": 42, # (Optional) Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
               "items": [ # (Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
                 { # Maps a string key to a path within a volume.
@@ -1117,25 +1117,25 @@ 
Method Details

               "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
             },
             "name": "A String", # Volume's name. In Cloud Run Fully Managed, the name 'cloudsql' is reserved.
-            "secret": { # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names.
+            "secret": { # A volume representing a secret stored in Google Secret Manager. The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secretName.
               "defaultMode": 42, # Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0444. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
-              "items": [ # (Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
+              "items": [ # A list of secret versions to mount in the volume. If no items are specified, the volume will expose a file with the same name as the secret name. The contents of the file will be the data in the latest version of the secret. If items are specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify both a key and a path.
                 { # Maps a string key to a path within a volume.
                   "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project.
                   "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                   "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                 },
               ],
-              "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
+              "optional": True or False, # Not supported by Cloud Run.
               "secretName": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use.
             },
           },
         ],
       },
     },
-    "traffic": [ # Traffic specifies how to distribute traffic over a collection of Knative Revisions and Configurations.
+    "traffic": [ # Specifies how to distribute traffic over a collection of Knative Revisions and Configurations to the Service's main URL.
       { # TrafficTarget holds a single entry of the routing table for a Route.
-        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
+        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision which will be sent this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, traffic will automatically migrate from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
         "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty.
         "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified.
         "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName.
@@ -1144,26 +1144,26 @@ 
Method Details

       },
     ],
   },
-  "status": { # The current state of the Service. Output only. # Status communicates the observed state of the Service (from the controller).
-    "address": { # Information for connecting over HTTP(s). # From RouteStatus. Similar to url, information on where the service is available on HTTP.
+  "status": { # The current state of the Service. Output only. # Communicates the system-controlled state of the Service.
+    "address": { # Information for connecting over HTTP(s). # Similar to url, information on where the service is available on HTTP.
       "url": "A String",
     },
-    "conditions": [ # Conditions communicates information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world. Service-specific conditions include: * "ConfigurationsReady": true when the underlying Configuration is ready. * "RoutesReady": true when the underlying Route is ready. * "Ready": true when both the underlying Route and Configuration are ready.
-      { # Condition defines a generic condition for a Resource.
+    "conditions": [ # Communicates information about ongoing/complete reconciliation processes that bring the `spec` inline with the observed state of the world. Service-specific conditions include: * `ConfigurationsReady`: `True` when the underlying Configuration is ready. * `RoutesReady`: `True` when the underlying Route is ready. * `Ready`: `True` when all underlying resources are ready.
+      { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
         "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
         "message": "A String", # Optional. Human readable message indicating details about the current status.
-        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-        "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+        "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
         "status": "A String", # Status of the condition, one of True, False, Unknown.
-        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
       },
     ],
-    "latestCreatedRevisionName": "A String", # From ConfigurationStatus. LatestCreatedRevisionName is the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName.
-    "latestReadyRevisionName": "A String", # From ConfigurationStatus. LatestReadyRevisionName holds the name of the latest Revision stamped out from this Service's Configuration that has had its "Ready" condition become "True".
-    "observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Route that was last processed by the controller. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False.
-    "traffic": [ # From RouteStatus. Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed.
+    "latestCreatedRevisionName": "A String", # Name of the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName.
+    "latestReadyRevisionName": "A String", # Name of the latest Revision from this Service's Configuration that has had its `Ready` condition become `True`.
+    "observedGeneration": 42, # Returns the generation last fully processed by the system. This will only match metadata.generation when reconciliation is complete. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False.
+    "traffic": [ # Holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed.
       { # TrafficTarget holds a single entry of the routing table for a Route.
-        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
+        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision which will be sent this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, traffic will automatically migrate from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
         "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty.
         "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified.
         "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName.
@@ -1171,14 +1171,14 @@ 
Method Details

         "url": "A String", # Output only. URL displays the URL for accessing tagged traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. https://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.)
       },
     ],
-    "url": "A String", # From RouteStatus. URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app
+    "url": "A String", # URL that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app
   },
 }

 

 
 

     getIamPolicy(resource, options_requestedPolicyVersion=None, x__xgafv=None)
-  
Get the IAM Access Control policy currently in effect for the given Cloud Run service. This result does not include any inherited policies.
+  
Gets the IAM Access Control policy currently in effect for the given Cloud Run service. This result does not include any inherited policies.
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field. (required)
@@ -1226,17 +1226,17 @@ 
Method Details

 
 

     list(parent, continue=None, fieldSelector=None, includeUninitialized=None, labelSelector=None, limit=None, resourceVersion=None, watch=None, x__xgafv=None)
-  
List services.
+  
Lists services for the given project and region.
 
 Args:
-  parent: string, The namespace from which the services should be listed. For Cloud Run (fully managed), replace {namespace} with the project ID or number. It takes the form namespaces/{namespace}. For example: namespaces/PROJECT_ID (required)
+  parent: string, The parent from where the resources should be listed. In Cloud Run, it may be one of the following: * `namespaces/{project_id_or_number}` * `projects/{project_id_or_number}/locations/{region}` * `projects/{project_id_or_number}/regions/{region}` (required)
   continue: string, Optional. Encoded string to continue paging.
-  fieldSelector: string, Allows to filter resources based on a specific value for a field name. Send this in a query string format. i.e. 'metadata.name%3Dlorem'. Not currently used by Cloud Run.
-  includeUninitialized: boolean, Not currently used by Cloud Run.
+  fieldSelector: string, Not supported, and ignored by Cloud Run.
+  includeUninitialized: boolean, Not supported, and ignored by Cloud Run.
   labelSelector: string, Allows to filter resources based on a label. Supported operations are =, !=, exists, in, and notIn.
   limit: integer, Optional. The maximum number of records that should be returned.
-  resourceVersion: string, The baseline resource version from which the list or watch operation should start. Not currently used by Cloud Run.
-  watch: boolean, Flag that indicates that the client expects to watch this resource as well. Not currently used by Cloud Run.
+  resourceVersion: string, Not supported, and ignored by Cloud Run.
+  watch: boolean, Not supported, and ignored by Cloud Run.
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -1246,268 +1246,268 @@ 
Method Details

   An object of the form:
 
     { # A list of Service resources.
-  "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1".
+  "apiVersion": "A String", # The API version for this call; returns "serving.knative.dev/v1".
   "items": [ # List of Services.
     { # Service acts as a top-level container that manages a set of Routes and Configurations which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets). The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#service
-      "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1".
-      "kind": "A String", # The kind of resource, in this case "Service".
-      "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Service, including name, namespace, labels, and annotations. Cloud Run (fully managed) uses the following annotation keys to configure features on a Service: * `run.googleapis.com/ingress` sets the ingress settings for the Service. See [the ingress settings documentation](/run/docs/securing/ingress) for details on configuring ingress settings. * `run.googleapis.com/ingress-status` is output-only and contains the currently active ingress settings for the Service. `run.googleapis.com/ingress-status` may differ from `run.googleapis.com/ingress` while the system is processing a change to `run.googleapis.com/ingress` or if the system failed to process a change to `run.googleapis.com/ingress`. When the system has processed all changes successfully `run.googleapis.com/ingress-status` and `run.googleapis.com/ingress` are equal.
-        "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+      "apiVersion": "A String", # The API version for this call. It must be "serving.knative.dev/v1".
+      "kind": "A String", # The kind of resource. It must be "Service".
+      "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Service, including name, namespace, labels, and annotations. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. The following Cloud Run-specific annotations are accepted in Service.metadata.annotations. * `run.googleapis.com/binary-authorization-breakglass` * `run.googleapis.com/binary-authorization` * `run.googleapis.com/client-name` * `run.googleapis.com/custom-audiences` * `run.googleapis.com/description` * `run.googleapis.com/gc-traffic-tags` * `run.googleapis.com/ingress` * `run.googleapis.com/ingress` sets the ingress settings for the Service. See [the ingress settings documentation](/run/docs/securing/ingress) for details on configuring ingress settings. * `run.googleapis.com/ingress-status` is output-only and contains the currently active ingress settings for the Service. `run.googleapis.com/ingress-status` may differ from `run.googleapis.com/ingress` while the system is processing a change to `run.googleapis.com/ingress` or if the system failed to process a change to `run.googleapis.com/ingress`. When the system has processed all changes successfully `run.googleapis.com/ingress-status` and `run.googleapis.com/ingress` are equal.
+        "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
           "a_key": "A String",
         },
-        "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-        "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-        "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+        "clusterName": "A String", # Not supported by Cloud Run
+        "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+        "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+        "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+        "finalizers": [ # Not supported by Cloud Run
           "A String",
         ],
-        "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-        "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-        "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+        "generateName": "A String", # Not supported by Cloud Run
+        "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+        "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
           "a_key": "A String",
         },
-        "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-        "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-        "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-          { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-            "apiVersion": "A String", # API version of the referent.
-            "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-            "controller": True or False, # If true, this reference points to the managing controller. +optional
-            "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-            "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+        "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+        "ownerReferences": [ # Not supported by Cloud Run
+          { # This is not supported or used by Cloud Run.
+            "apiVersion": "A String", # This is not supported or used by Cloud Run.
+            "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+            "controller": True or False, # This is not supported or used by Cloud Run.
+            "kind": "A String", # This is not supported or used by Cloud Run.
+            "name": "A String", # This is not supported or used by Cloud Run.
+            "uid": "A String", # This is not supported or used by Cloud Run.
           },
         ],
-        "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-        "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-        "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+        "selfLink": "A String", # URL representing this object.
+        "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
       },
-      "spec": { # ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s). # Spec holds the desired state of the Service (from the client).
-        "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out.
+      "spec": { # ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s). # Holds the desired state of the Service (from the client).
+        "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Holds the latest specification for the Revision to be stamped out.
           "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. The following annotation keys set properties of the created revision: * `autoscaling.knative.dev/minScale` sets the minimum number of instances. * `autoscaling.knative.dev/maxScale` sets the maximum number of instances. * `run.googleapis.com/cloudsql-instances` sets Cloud SQL connections. Multiple values should be comma separated. * `run.googleapis.com/vpc-access-connector` sets a Serverless VPC Access connector. * `run.googleapis.com/vpc-access-egress` sets VPC egress. Supported values are `all-traffic`, `all` (deprecated), and `private-ranges-only`. `all-traffic` and `all` provide the same functionality. `all` is deprecated but will continue to be supported. Prefer `all-traffic`.
-            "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+            "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
               "a_key": "A String",
             },
-            "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-            "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-            "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-            "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-            "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+            "clusterName": "A String", # Not supported by Cloud Run
+            "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+            "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+            "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+            "finalizers": [ # Not supported by Cloud Run
               "A String",
             ],
-            "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-            "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-            "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+            "generateName": "A String", # Not supported by Cloud Run
+            "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+            "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
               "a_key": "A String",
             },
-            "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-            "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-            "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-              { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-                "apiVersion": "A String", # API version of the referent.
-                "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-                "controller": True or False, # If true, this reference points to the managing controller. +optional
-                "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-                "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-                "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+            "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+            "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+            "ownerReferences": [ # Not supported by Cloud Run
+              { # This is not supported or used by Cloud Run.
+                "apiVersion": "A String", # This is not supported or used by Cloud Run.
+                "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+                "controller": True or False, # This is not supported or used by Cloud Run.
+                "kind": "A String", # This is not supported or used by Cloud Run.
+                "name": "A String", # This is not supported or used by Cloud Run.
+                "uid": "A String", # This is not supported or used by Cloud Run.
               },
             ],
-            "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-            "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-            "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+            "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+            "selfLink": "A String", # URL representing this object.
+            "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
           },
           "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
-            "containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run for Anthos: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler.
-            "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/serving/blob/main/docs/runtime-contract.md
+            "containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run: supported, defaults to 80
+            "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/specs/blob/main/specs/serving/runtime-contract.md
               { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime.
-                "args": [ # (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+                "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
                   "A String",
                 ],
-                "command": [
+                "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
                   "A String",
                 ],
-                "env": [ # (Optional) List of environment variables to set in the container.
+                "env": [ # List of environment variables to set in the container.
                   { # EnvVar represents an environment variable present in a Container.
-                    "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
-                    "value": "A String", # (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
-                    "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # (Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty.
-                      "configMapKeyRef": { # Not supported by Cloud Run Selects a key from a ConfigMap. # (Optional) Not supported by Cloud Run Selects a key of a ConfigMap.
-                        "key": "A String", # The key to select.
-                        "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                          "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                    "name": "A String", # Required. Name of the environment variable. Must be a C_IDENTIFIER.
+                    "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
+                    "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # Source for the environment variable's value. Only supports secret_key_ref. Cannot be used if value is not empty.
+                      "configMapKeyRef": { # Not supported by Cloud Run. Selects a key from a ConfigMap. # Not supported by Cloud Run. Selects a key of a ConfigMap.
+                        "key": "A String", # Required. The key to select.
+                        "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                          "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                         },
-                        "name": "A String", # The ConfigMap to select from.
-                        "optional": True or False, # (Optional) Specify whether the ConfigMap or its key must be defined
+                        "name": "A String", # Required. The ConfigMap to select from.
+                        "optional": True or False, # Specify whether the ConfigMap or its key must be defined
                       },
-                      "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # (Optional) Selects a key (version) of a secret in Secret Manager.
-                        "key": "A String", # A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
-                        "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                          "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                      "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # Selects a key (version) of a secret in Secret Manager.
+                        "key": "A String", # Required. A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
+                        "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                          "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                         },
                         "name": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from.
-                        "optional": True or False, # (Optional) Specify whether the Secret or its key must be defined
+                        "optional": True or False, # Specify whether the Secret or its key must be defined.
                       },
                     },
                   },
                 ],
-                "envFrom": [ # (Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
-                  { # Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps
-                    "configMapRef": { # Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # (Optional) The ConfigMap to select from
-                      "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                        "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "envFrom": [ # Not supported by Cloud Run.
+                  { # Not supported by Cloud Run. EnvFromSource represents the source of a set of ConfigMaps
+                    "configMapRef": { # Not supported by Cloud Run. ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from
+                      "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                       },
                       "name": "A String", # The ConfigMap to select from.
-                      "optional": True or False, # (Optional) Specify whether the ConfigMap must be defined
+                      "optional": True or False, # Specify whether the ConfigMap must be defined.
                     },
-                    "prefix": "A String", # (Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
-                    "secretRef": { # Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # (Optional) The Secret to select from
-                      "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                        "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                    "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
+                    "secretRef": { # Not supported by Cloud Run. SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from
+                      "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                       },
                       "name": "A String", # The Secret to select from.
-                      "optional": True or False, # (Optional) Specify whether the Secret must be defined
+                      "optional": True or False, # Specify whether the Secret must be defined
                     },
                   },
                 ],
-                "image": "A String", # Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images
-                "imagePullPolicy": "A String", # (Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
-                "livenessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                    "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+                "image": "A String", # Required. URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images
+                "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
+                "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                    "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                       "A String",
                     ],
                   },
-                  "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-                  "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+                  "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+                  "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                     "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                     "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
                   },
-                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                    "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                       { # HTTPHeader describes a custom header to be used in HTTP probes
                         "name": "A String", # The header field name
                         "value": "A String", # The header field value
                       },
                     ],
-                    "path": "A String", # (Optional) Path to access on the HTTP server.
-                    "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                    "path": "A String", # Path to access on the HTTP server.
+                    "scheme": "A String", # Not supported by Cloud Run.
                   },
-                  "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-                  "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                    "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+                  "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+                  "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
                   },
-                  "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
                 },
-                "name": "A String", # (Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
-                "ports": [ # (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
+                "name": "A String", # Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
+                "ports": [ # List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
                   { # ContainerPort represents a network port in a single container.
-                    "containerPort": 42, # (Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536.
-                    "name": "A String", # (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
-                    "protocol": "A String", # (Optional) Protocol for port. Must be "TCP". Defaults to "TCP".
+                    "containerPort": 42, # Port number the container listens on. This must be a valid port number, 0 < x < 65536.
+                    "name": "A String", # If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
+                    "protocol": "A String", # Protocol for port. Must be "TCP". Defaults to "TCP".
                   },
                 ],
-                "readinessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                    "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+                "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Not supported by Cloud Run.
+                  "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                    "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                       "A String",
                     ],
                   },
-                  "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-                  "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+                  "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+                  "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                     "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                     "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
                   },
-                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                    "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                       { # HTTPHeader describes a custom header to be used in HTTP probes
                         "name": "A String", # The header field name
                         "value": "A String", # The header field value
                       },
                     ],
-                    "path": "A String", # (Optional) Path to access on the HTTP server.
-                    "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                    "path": "A String", # Path to access on the HTTP server.
+                    "scheme": "A String", # Not supported by Cloud Run.
                   },
-                  "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-                  "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                    "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+                  "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+                  "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
                   },
-                  "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
                 },
-                "resources": { # ResourceRequirements describes the compute resource requirements. # (Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
-                  "limits": { # (Optional) Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+                "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+                  "limits": { # Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                     "a_key": "A String",
                   },
-                  "requests": { # (Optional) Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+                  "requests": { # Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                     "a_key": "A String",
                   },
                 },
-                "securityContext": { # Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # (Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
-                  "runAsUser": 42, # (Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+                "securityContext": { # Not supported by Cloud Run. SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Not supported by Cloud Run.
+                  "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
                 },
-                "startupProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                    "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+                "startupProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not receive traffic if the probe fails. If not provided, a default startup probe with TCP socket action is used. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                    "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                       "A String",
                     ],
                   },
-                  "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-                  "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+                  "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+                  "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                     "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                     "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
                   },
-                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                    "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+                  "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                       { # HTTPHeader describes a custom header to be used in HTTP probes
                         "name": "A String", # The header field name
                         "value": "A String", # The header field value
                       },
                     ],
-                    "path": "A String", # (Optional) Path to access on the HTTP server.
-                    "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                    "path": "A String", # Path to access on the HTTP server.
+                    "scheme": "A String", # Not supported by Cloud Run.
                   },
-                  "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-                  "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-                  "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                    "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                    "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+                  "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+                  "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+                  "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                    "host": "A String", # Not supported by Cloud Run.
+                    "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
                   },
-                  "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+                  "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
                 },
-                "terminationMessagePath": "A String", # (Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
-                "terminationMessagePolicy": "A String", # (Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
-                "volumeMounts": [ # (Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
+                "terminationMessagePath": "A String", # Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
+                "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
+                "volumeMounts": [ # Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
                   { # VolumeMount describes a mounting of a Volume within a container.
-                    "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'.
-                    "name": "A String", # The name of the volume. There must be a corresponding Volume with the same name.
-                    "readOnly": True or False, # (Optional) Only true is accepted. Defaults to true.
-                    "subPath": "A String", # (Optional) Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
+                    "mountPath": "A String", # Required. Path within the container at which the volume should be mounted. Must not contain ':'.
+                    "name": "A String", # Required. The name of the volume. There must be a corresponding Volume with the same name.
+                    "readOnly": True or False, # Only true is accepted for Secret Volumes. Defaults to true for Secrets Volumes.
+                    "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
                   },
                 ],
-                "workingDir": "A String", # (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
+                "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
               },
             ],
-            "enableServiceLinks": True or False, # Indicates whether information about services should be injected into pod's environment variables, matching the syntax of Docker links. Cloud Run fully managed: Not supported. Cloud Run for Anthos: supported, defaults to true.
-            "imagePullSecrets": [ # ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet. More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod Cloud Run fully managed: Not supported. Cloud Run for Anthos: supported.
-              { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
-                "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+            "enableServiceLinks": True or False, # Not supported by Cloud Run.
+            "imagePullSecrets": [ # Not supported by Cloud Run.
+              { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
+                "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
               },
             ],
             "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account.
-            "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run fully managed: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour). Cloud Run for Anthos: defaults to 300 seconds (5 minutes). Maximum allowed value is configurable by the cluster operator.
+            "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour).
             "volumes": [
               { # Volume represents a named volume in a container.
-                "configMap": { # Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
+                "configMap": { # Not supported by Cloud Run. Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
                   "defaultMode": 42, # (Optional) Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                   "items": [ # (Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
                     { # Maps a string key to a path within a volume.
@@ -1520,25 +1520,25 @@ 
Method Details

                   "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
                 },
                 "name": "A String", # Volume's name. In Cloud Run Fully Managed, the name 'cloudsql' is reserved.
-                "secret": { # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names.
+                "secret": { # A volume representing a secret stored in Google Secret Manager. The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secretName.
                   "defaultMode": 42, # Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0444. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
-                  "items": [ # (Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
+                  "items": [ # A list of secret versions to mount in the volume. If no items are specified, the volume will expose a file with the same name as the secret name. The contents of the file will be the data in the latest version of the secret. If items are specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify both a key and a path.
                     { # Maps a string key to a path within a volume.
                       "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project.
                       "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                       "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                     },
                   ],
-                  "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
+                  "optional": True or False, # Not supported by Cloud Run.
                   "secretName": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use.
                 },
               },
             ],
           },
         },
-        "traffic": [ # Traffic specifies how to distribute traffic over a collection of Knative Revisions and Configurations.
+        "traffic": [ # Specifies how to distribute traffic over a collection of Knative Revisions and Configurations to the Service's main URL.
           { # TrafficTarget holds a single entry of the routing table for a Route.
-            "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
+            "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision which will be sent this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, traffic will automatically migrate from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
             "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty.
             "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified.
             "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName.
@@ -1547,26 +1547,26 @@ 
Method Details

           },
         ],
       },
-      "status": { # The current state of the Service. Output only. # Status communicates the observed state of the Service (from the controller).
-        "address": { # Information for connecting over HTTP(s). # From RouteStatus. Similar to url, information on where the service is available on HTTP.
+      "status": { # The current state of the Service. Output only. # Communicates the system-controlled state of the Service.
+        "address": { # Information for connecting over HTTP(s). # Similar to url, information on where the service is available on HTTP.
           "url": "A String",
         },
-        "conditions": [ # Conditions communicates information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world. Service-specific conditions include: * "ConfigurationsReady": true when the underlying Configuration is ready. * "RoutesReady": true when the underlying Route is ready. * "Ready": true when both the underlying Route and Configuration are ready.
-          { # Condition defines a generic condition for a Resource.
+        "conditions": [ # Communicates information about ongoing/complete reconciliation processes that bring the `spec` inline with the observed state of the world. Service-specific conditions include: * `ConfigurationsReady`: `True` when the underlying Configuration is ready. * `RoutesReady`: `True` when the underlying Route is ready. * `Ready`: `True` when all underlying resources are ready.
+          { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
             "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
             "message": "A String", # Optional. Human readable message indicating details about the current status.
-            "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-            "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+            "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+            "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
             "status": "A String", # Status of the condition, one of True, False, Unknown.
-            "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+            "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
           },
         ],
-        "latestCreatedRevisionName": "A String", # From ConfigurationStatus. LatestCreatedRevisionName is the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName.
-        "latestReadyRevisionName": "A String", # From ConfigurationStatus. LatestReadyRevisionName holds the name of the latest Revision stamped out from this Service's Configuration that has had its "Ready" condition become "True".
-        "observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Route that was last processed by the controller. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False.
-        "traffic": [ # From RouteStatus. Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed.
+        "latestCreatedRevisionName": "A String", # Name of the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName.
+        "latestReadyRevisionName": "A String", # Name of the latest Revision from this Service's Configuration that has had its `Ready` condition become `True`.
+        "observedGeneration": 42, # Returns the generation last fully processed by the system. This will only match metadata.generation when reconciliation is complete. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False.
+        "traffic": [ # Holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed.
           { # TrafficTarget holds a single entry of the routing table for a Route.
-            "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
+            "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision which will be sent this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, traffic will automatically migrate from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
             "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty.
             "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified.
             "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName.
@@ -1574,17 +1574,17 @@ 
Method Details

             "url": "A String", # Output only. URL displays the URL for accessing tagged traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. https://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.)
           },
         ],
-        "url": "A String", # From RouteStatus. URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app
+        "url": "A String", # URL that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app
       },
     },
   ],
-  "kind": "A String", # The kind of this resource, in this case "ServiceList".
-  "metadata": { # ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}. # Metadata associated with this Service list.
-    "continue": "A String", # continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response.
-    "resourceVersion": "A String", # String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional
-    "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional
+  "kind": "A String", # The kind of this resource; returns "ServiceList".
+  "metadata": { # Metadata for synthetic resources like List. In Cloud Run, all List Resources Responses will have a ListMeta instead of ObjectMeta. # Metadata associated with this Service list.
+    "continue": "A String", # Continuation token is a value emitted when the count of items is larger than the user/system limit. To retrieve the next page of items, pass the value of `continue` as the next request's `page_token`.
+    "resourceVersion": "A String", # Opaque string that identifies the server's internal version of this object. It can be used by clients to determine when objects have changed. If the message is passed back to the server, it must be left unmodified. https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
   },
-  "unreachable": [ # Locations that could not be reached.
+  "unreachable": [ # For calls against the global endpoint, returns the list of Cloud locations that could not be reached. For regional calls, this field is not used.
     "A String",
   ],
 }

@@ -1592,273 +1592,273 @@ 
Method Details

 
 

     replaceService(name, body=None, dryRun=None, x__xgafv=None)
-  
Replace a service. Only the spec and metadata labels and annotations are modifiable. After the Update request, Cloud Run will work to make the 'status' match the requested 'spec'. May provide metadata.resourceVersion to enforce update from last read for optimistic concurrency control.
+  
Replaces a service. Only the spec and metadata labels and annotations are modifiable. After the Update request, Cloud Run will work to make the 'status' match the requested 'spec'. May provide metadata.resourceVersion to enforce update from last read for optimistic concurrency control.
 
 Args:
-  name: string, The name of the service being replaced. For Cloud Run (fully managed), replace {namespace} with the project ID or number. It takes the form namespaces/{namespace}. For example: namespaces/PROJECT_ID (required)
+  name: string, The fully qualified name of the service to replace. It can be any of the following forms: * `namespaces/{project_id_or_number}/services/{service_name}` * `projects/{project_id_or_number}/locations/{region}/services/{service_name}` * `projects/{project_id_or_number}/regions/{region}/services/{service_name}` (required)
   body: object, The request body.
     The object takes the form of:
 
 { # Service acts as a top-level container that manages a set of Routes and Configurations which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets). The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#service
-  "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1".
-  "kind": "A String", # The kind of resource, in this case "Service".
-  "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Service, including name, namespace, labels, and annotations. Cloud Run (fully managed) uses the following annotation keys to configure features on a Service: * `run.googleapis.com/ingress` sets the ingress settings for the Service. See [the ingress settings documentation](/run/docs/securing/ingress) for details on configuring ingress settings. * `run.googleapis.com/ingress-status` is output-only and contains the currently active ingress settings for the Service. `run.googleapis.com/ingress-status` may differ from `run.googleapis.com/ingress` while the system is processing a change to `run.googleapis.com/ingress` or if the system failed to process a change to `run.googleapis.com/ingress`. When the system has processed all changes successfully `run.googleapis.com/ingress-status` and `run.googleapis.com/ingress` are equal.
-    "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+  "apiVersion": "A String", # The API version for this call. It must be "serving.knative.dev/v1".
+  "kind": "A String", # The kind of resource. It must be "Service".
+  "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Service, including name, namespace, labels, and annotations. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. The following Cloud Run-specific annotations are accepted in Service.metadata.annotations. * `run.googleapis.com/binary-authorization-breakglass` * `run.googleapis.com/binary-authorization` * `run.googleapis.com/client-name` * `run.googleapis.com/custom-audiences` * `run.googleapis.com/description` * `run.googleapis.com/gc-traffic-tags` * `run.googleapis.com/ingress` * `run.googleapis.com/ingress` sets the ingress settings for the Service. See [the ingress settings documentation](/run/docs/securing/ingress) for details on configuring ingress settings. * `run.googleapis.com/ingress-status` is output-only and contains the currently active ingress settings for the Service. `run.googleapis.com/ingress-status` may differ from `run.googleapis.com/ingress` while the system is processing a change to `run.googleapis.com/ingress` or if the system failed to process a change to `run.googleapis.com/ingress`. When the system has processed all changes successfully `run.googleapis.com/ingress-status` and `run.googleapis.com/ingress` are equal.
+    "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
       "a_key": "A String",
     },
-    "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-    "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-    "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+    "clusterName": "A String", # Not supported by Cloud Run
+    "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+    "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+    "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+    "finalizers": [ # Not supported by Cloud Run
       "A String",
     ],
-    "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-    "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-    "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+    "generateName": "A String", # Not supported by Cloud Run
+    "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+    "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
       "a_key": "A String",
     },
-    "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-    "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-    "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-      { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-        "apiVersion": "A String", # API version of the referent.
-        "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-        "controller": True or False, # If true, this reference points to the managing controller. +optional
-        "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-        "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+    "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+    "ownerReferences": [ # Not supported by Cloud Run
+      { # This is not supported or used by Cloud Run.
+        "apiVersion": "A String", # This is not supported or used by Cloud Run.
+        "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+        "controller": True or False, # This is not supported or used by Cloud Run.
+        "kind": "A String", # This is not supported or used by Cloud Run.
+        "name": "A String", # This is not supported or used by Cloud Run.
+        "uid": "A String", # This is not supported or used by Cloud Run.
       },
     ],
-    "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-    "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-    "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
+    "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
   },
-  "spec": { # ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s). # Spec holds the desired state of the Service (from the client).
-    "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out.
+  "spec": { # ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s). # Holds the desired state of the Service (from the client).
+    "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Holds the latest specification for the Revision to be stamped out.
       "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. The following annotation keys set properties of the created revision: * `autoscaling.knative.dev/minScale` sets the minimum number of instances. * `autoscaling.knative.dev/maxScale` sets the maximum number of instances. * `run.googleapis.com/cloudsql-instances` sets Cloud SQL connections. Multiple values should be comma separated. * `run.googleapis.com/vpc-access-connector` sets a Serverless VPC Access connector. * `run.googleapis.com/vpc-access-egress` sets VPC egress. Supported values are `all-traffic`, `all` (deprecated), and `private-ranges-only`. `all-traffic` and `all` provide the same functionality. `all` is deprecated but will continue to be supported. Prefer `all-traffic`.
-        "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+        "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
           "a_key": "A String",
         },
-        "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-        "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-        "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+        "clusterName": "A String", # Not supported by Cloud Run
+        "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+        "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+        "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+        "finalizers": [ # Not supported by Cloud Run
           "A String",
         ],
-        "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-        "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-        "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+        "generateName": "A String", # Not supported by Cloud Run
+        "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+        "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
           "a_key": "A String",
         },
-        "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-        "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-        "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-          { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-            "apiVersion": "A String", # API version of the referent.
-            "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-            "controller": True or False, # If true, this reference points to the managing controller. +optional
-            "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-            "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+        "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+        "ownerReferences": [ # Not supported by Cloud Run
+          { # This is not supported or used by Cloud Run.
+            "apiVersion": "A String", # This is not supported or used by Cloud Run.
+            "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+            "controller": True or False, # This is not supported or used by Cloud Run.
+            "kind": "A String", # This is not supported or used by Cloud Run.
+            "name": "A String", # This is not supported or used by Cloud Run.
+            "uid": "A String", # This is not supported or used by Cloud Run.
           },
         ],
-        "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-        "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-        "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+        "selfLink": "A String", # URL representing this object.
+        "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
       },
       "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
-        "containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run for Anthos: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler.
-        "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/serving/blob/main/docs/runtime-contract.md
+        "containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run: supported, defaults to 80
+        "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/specs/blob/main/specs/serving/runtime-contract.md
           { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime.
-            "args": [ # (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+            "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
               "A String",
             ],
-            "command": [
+            "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
               "A String",
             ],
-            "env": [ # (Optional) List of environment variables to set in the container.
+            "env": [ # List of environment variables to set in the container.
               { # EnvVar represents an environment variable present in a Container.
-                "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
-                "value": "A String", # (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
-                "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # (Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty.
-                  "configMapKeyRef": { # Not supported by Cloud Run Selects a key from a ConfigMap. # (Optional) Not supported by Cloud Run Selects a key of a ConfigMap.
-                    "key": "A String", # The key to select.
-                    "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                      "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "name": "A String", # Required. Name of the environment variable. Must be a C_IDENTIFIER.
+                "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
+                "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # Source for the environment variable's value. Only supports secret_key_ref. Cannot be used if value is not empty.
+                  "configMapKeyRef": { # Not supported by Cloud Run. Selects a key from a ConfigMap. # Not supported by Cloud Run. Selects a key of a ConfigMap.
+                    "key": "A String", # Required. The key to select.
+                    "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                      "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                     },
-                    "name": "A String", # The ConfigMap to select from.
-                    "optional": True or False, # (Optional) Specify whether the ConfigMap or its key must be defined
+                    "name": "A String", # Required. The ConfigMap to select from.
+                    "optional": True or False, # Specify whether the ConfigMap or its key must be defined
                   },
-                  "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # (Optional) Selects a key (version) of a secret in Secret Manager.
-                    "key": "A String", # A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
-                    "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                      "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                  "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # Selects a key (version) of a secret in Secret Manager.
+                    "key": "A String", # Required. A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
+                    "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                      "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                     },
                     "name": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from.
-                    "optional": True or False, # (Optional) Specify whether the Secret or its key must be defined
+                    "optional": True or False, # Specify whether the Secret or its key must be defined.
                   },
                 },
               },
             ],
-            "envFrom": [ # (Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
-              { # Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps
-                "configMapRef": { # Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # (Optional) The ConfigMap to select from
-                  "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                    "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+            "envFrom": [ # Not supported by Cloud Run.
+              { # Not supported by Cloud Run. EnvFromSource represents the source of a set of ConfigMaps
+                "configMapRef": { # Not supported by Cloud Run. ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from
+                  "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                    "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                   },
                   "name": "A String", # The ConfigMap to select from.
-                  "optional": True or False, # (Optional) Specify whether the ConfigMap must be defined
+                  "optional": True or False, # Specify whether the ConfigMap must be defined.
                 },
-                "prefix": "A String", # (Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
-                "secretRef": { # Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # (Optional) The Secret to select from
-                  "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                    "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
+                "secretRef": { # Not supported by Cloud Run. SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from
+                  "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                    "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                   },
                   "name": "A String", # The Secret to select from.
-                  "optional": True or False, # (Optional) Specify whether the Secret must be defined
+                  "optional": True or False, # Specify whether the Secret must be defined
                 },
               },
             ],
-            "image": "A String", # Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images
-            "imagePullPolicy": "A String", # (Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
-            "livenessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "image": "A String", # Required. URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images
+            "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
+            "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "name": "A String", # (Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
-            "ports": [ # (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
+            "name": "A String", # Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
+            "ports": [ # List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
               { # ContainerPort represents a network port in a single container.
-                "containerPort": 42, # (Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536.
-                "name": "A String", # (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
-                "protocol": "A String", # (Optional) Protocol for port. Must be "TCP". Defaults to "TCP".
+                "containerPort": 42, # Port number the container listens on. This must be a valid port number, 0 < x < 65536.
+                "name": "A String", # If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
+                "protocol": "A String", # Protocol for port. Must be "TCP". Defaults to "TCP".
               },
             ],
-            "readinessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Not supported by Cloud Run.
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "resources": { # ResourceRequirements describes the compute resource requirements. # (Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
-              "limits": { # (Optional) Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+            "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+              "limits": { # Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                 "a_key": "A String",
               },
-              "requests": { # (Optional) Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+              "requests": { # Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                 "a_key": "A String",
               },
             },
-            "securityContext": { # Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # (Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
-              "runAsUser": 42, # (Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+            "securityContext": { # Not supported by Cloud Run. SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Not supported by Cloud Run.
+              "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
             },
-            "startupProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "startupProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not receive traffic if the probe fails. If not provided, a default startup probe with TCP socket action is used. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "terminationMessagePath": "A String", # (Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
-            "terminationMessagePolicy": "A String", # (Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
-            "volumeMounts": [ # (Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
+            "terminationMessagePath": "A String", # Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
+            "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
+            "volumeMounts": [ # Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
               { # VolumeMount describes a mounting of a Volume within a container.
-                "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'.
-                "name": "A String", # The name of the volume. There must be a corresponding Volume with the same name.
-                "readOnly": True or False, # (Optional) Only true is accepted. Defaults to true.
-                "subPath": "A String", # (Optional) Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
+                "mountPath": "A String", # Required. Path within the container at which the volume should be mounted. Must not contain ':'.
+                "name": "A String", # Required. The name of the volume. There must be a corresponding Volume with the same name.
+                "readOnly": True or False, # Only true is accepted for Secret Volumes. Defaults to true for Secrets Volumes.
+                "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
               },
             ],
-            "workingDir": "A String", # (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
+            "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
           },
         ],
-        "enableServiceLinks": True or False, # Indicates whether information about services should be injected into pod's environment variables, matching the syntax of Docker links. Cloud Run fully managed: Not supported. Cloud Run for Anthos: supported, defaults to true.
-        "imagePullSecrets": [ # ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet. More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod Cloud Run fully managed: Not supported. Cloud Run for Anthos: supported.
-          { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
-            "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+        "enableServiceLinks": True or False, # Not supported by Cloud Run.
+        "imagePullSecrets": [ # Not supported by Cloud Run.
+          { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
+            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
           },
         ],
         "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account.
-        "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run fully managed: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour). Cloud Run for Anthos: defaults to 300 seconds (5 minutes). Maximum allowed value is configurable by the cluster operator.
+        "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour).
         "volumes": [
           { # Volume represents a named volume in a container.
-            "configMap": { # Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
+            "configMap": { # Not supported by Cloud Run. Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
               "defaultMode": 42, # (Optional) Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
               "items": [ # (Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
                 { # Maps a string key to a path within a volume.
@@ -1871,25 +1871,25 @@ 
Method Details

               "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
             },
             "name": "A String", # Volume's name. In Cloud Run Fully Managed, the name 'cloudsql' is reserved.
-            "secret": { # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names.
+            "secret": { # A volume representing a secret stored in Google Secret Manager. The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secretName.
               "defaultMode": 42, # Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0444. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
-              "items": [ # (Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
+              "items": [ # A list of secret versions to mount in the volume. If no items are specified, the volume will expose a file with the same name as the secret name. The contents of the file will be the data in the latest version of the secret. If items are specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify both a key and a path.
                 { # Maps a string key to a path within a volume.
                   "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project.
                   "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                   "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                 },
               ],
-              "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
+              "optional": True or False, # Not supported by Cloud Run.
               "secretName": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use.
             },
           },
         ],
       },
     },
-    "traffic": [ # Traffic specifies how to distribute traffic over a collection of Knative Revisions and Configurations.
+    "traffic": [ # Specifies how to distribute traffic over a collection of Knative Revisions and Configurations to the Service's main URL.
       { # TrafficTarget holds a single entry of the routing table for a Route.
-        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
+        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision which will be sent this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, traffic will automatically migrate from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
         "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty.
         "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified.
         "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName.
@@ -1898,26 +1898,26 @@ 
Method Details

       },
     ],
   },
-  "status": { # The current state of the Service. Output only. # Status communicates the observed state of the Service (from the controller).
-    "address": { # Information for connecting over HTTP(s). # From RouteStatus. Similar to url, information on where the service is available on HTTP.
+  "status": { # The current state of the Service. Output only. # Communicates the system-controlled state of the Service.
+    "address": { # Information for connecting over HTTP(s). # Similar to url, information on where the service is available on HTTP.
       "url": "A String",
     },
-    "conditions": [ # Conditions communicates information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world. Service-specific conditions include: * "ConfigurationsReady": true when the underlying Configuration is ready. * "RoutesReady": true when the underlying Route is ready. * "Ready": true when both the underlying Route and Configuration are ready.
-      { # Condition defines a generic condition for a Resource.
+    "conditions": [ # Communicates information about ongoing/complete reconciliation processes that bring the `spec` inline with the observed state of the world. Service-specific conditions include: * `ConfigurationsReady`: `True` when the underlying Configuration is ready. * `RoutesReady`: `True` when the underlying Route is ready. * `Ready`: `True` when all underlying resources are ready.
+      { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
         "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
         "message": "A String", # Optional. Human readable message indicating details about the current status.
-        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-        "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+        "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
         "status": "A String", # Status of the condition, one of True, False, Unknown.
-        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
       },
     ],
-    "latestCreatedRevisionName": "A String", # From ConfigurationStatus. LatestCreatedRevisionName is the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName.
-    "latestReadyRevisionName": "A String", # From ConfigurationStatus. LatestReadyRevisionName holds the name of the latest Revision stamped out from this Service's Configuration that has had its "Ready" condition become "True".
-    "observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Route that was last processed by the controller. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False.
-    "traffic": [ # From RouteStatus. Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed.
+    "latestCreatedRevisionName": "A String", # Name of the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName.
+    "latestReadyRevisionName": "A String", # Name of the latest Revision from this Service's Configuration that has had its `Ready` condition become `True`.
+    "observedGeneration": 42, # Returns the generation last fully processed by the system. This will only match metadata.generation when reconciliation is complete. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False.
+    "traffic": [ # Holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed.
       { # TrafficTarget holds a single entry of the routing table for a Route.
-        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
+        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision which will be sent this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, traffic will automatically migrate from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
         "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty.
         "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified.
         "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName.
@@ -1925,7 +1925,7 @@ 
Method Details

         "url": "A String", # Output only. URL displays the URL for accessing tagged traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. https://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.)
       },
     ],
-    "url": "A String", # From RouteStatus. URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app
+    "url": "A String", # URL that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app
   },
 }
 
@@ -1939,265 +1939,265 @@ 
Method Details

   An object of the form:
 
     { # Service acts as a top-level container that manages a set of Routes and Configurations which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets). The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#service
-  "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1".
-  "kind": "A String", # The kind of resource, in this case "Service".
-  "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Service, including name, namespace, labels, and annotations. Cloud Run (fully managed) uses the following annotation keys to configure features on a Service: * `run.googleapis.com/ingress` sets the ingress settings for the Service. See [the ingress settings documentation](/run/docs/securing/ingress) for details on configuring ingress settings. * `run.googleapis.com/ingress-status` is output-only and contains the currently active ingress settings for the Service. `run.googleapis.com/ingress-status` may differ from `run.googleapis.com/ingress` while the system is processing a change to `run.googleapis.com/ingress` or if the system failed to process a change to `run.googleapis.com/ingress`. When the system has processed all changes successfully `run.googleapis.com/ingress-status` and `run.googleapis.com/ingress` are equal.
-    "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+  "apiVersion": "A String", # The API version for this call. It must be "serving.knative.dev/v1".
+  "kind": "A String", # The kind of resource. It must be "Service".
+  "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Service, including name, namespace, labels, and annotations. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. The following Cloud Run-specific annotations are accepted in Service.metadata.annotations. * `run.googleapis.com/binary-authorization-breakglass` * `run.googleapis.com/binary-authorization` * `run.googleapis.com/client-name` * `run.googleapis.com/custom-audiences` * `run.googleapis.com/description` * `run.googleapis.com/gc-traffic-tags` * `run.googleapis.com/ingress` * `run.googleapis.com/ingress` sets the ingress settings for the Service. See [the ingress settings documentation](/run/docs/securing/ingress) for details on configuring ingress settings. * `run.googleapis.com/ingress-status` is output-only and contains the currently active ingress settings for the Service. `run.googleapis.com/ingress-status` may differ from `run.googleapis.com/ingress` while the system is processing a change to `run.googleapis.com/ingress` or if the system failed to process a change to `run.googleapis.com/ingress`. When the system has processed all changes successfully `run.googleapis.com/ingress-status` and `run.googleapis.com/ingress` are equal.
+    "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
       "a_key": "A String",
     },
-    "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-    "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-    "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-    "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+    "clusterName": "A String", # Not supported by Cloud Run
+    "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+    "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+    "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+    "finalizers": [ # Not supported by Cloud Run
       "A String",
     ],
-    "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-    "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-    "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+    "generateName": "A String", # Not supported by Cloud Run
+    "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+    "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
       "a_key": "A String",
     },
-    "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-    "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-    "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-      { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-        "apiVersion": "A String", # API version of the referent.
-        "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-        "controller": True or False, # If true, this reference points to the managing controller. +optional
-        "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-        "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-        "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+    "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+    "ownerReferences": [ # Not supported by Cloud Run
+      { # This is not supported or used by Cloud Run.
+        "apiVersion": "A String", # This is not supported or used by Cloud Run.
+        "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+        "controller": True or False, # This is not supported or used by Cloud Run.
+        "kind": "A String", # This is not supported or used by Cloud Run.
+        "name": "A String", # This is not supported or used by Cloud Run.
+        "uid": "A String", # This is not supported or used by Cloud Run.
       },
     ],
-    "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-    "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-    "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+    "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+    "selfLink": "A String", # URL representing this object.
+    "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
   },
-  "spec": { # ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s). # Spec holds the desired state of the Service (from the client).
-    "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out.
+  "spec": { # ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s). # Holds the desired state of the Service (from the client).
+    "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Holds the latest specification for the Revision to be stamped out.
       "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. The following annotation keys set properties of the created revision: * `autoscaling.knative.dev/minScale` sets the minimum number of instances. * `autoscaling.knative.dev/maxScale` sets the maximum number of instances. * `run.googleapis.com/cloudsql-instances` sets Cloud SQL connections. Multiple values should be comma separated. * `run.googleapis.com/vpc-access-connector` sets a Serverless VPC Access connector. * `run.googleapis.com/vpc-access-egress` sets VPC egress. Supported values are `all-traffic`, `all` (deprecated), and `private-ranges-only`. `all-traffic` and `all` provide the same functionality. `all` is deprecated but will continue to be supported. Prefer `all-traffic`.
-        "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations
+        "annotations": { # Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations
           "a_key": "A String",
         },
-        "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
-        "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
-        "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-        "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge
+        "clusterName": "A String", # Not supported by Cloud Run
+        "creationTimestamp": "A String", # UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+        "deletionGracePeriodSeconds": 42, # Not supported by Cloud Run
+        "deletionTimestamp": "A String", # The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.
+        "finalizers": [ # Not supported by Cloud Run
           "A String",
         ],
-        "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;
-        "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
-        "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
+        "generateName": "A String", # Not supported by Cloud Run
+        "generation": 42, # A system-provided sequence number representing a specific generation of the desired state.
+        "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels
           "a_key": "A String",
         },
-        "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional
-        "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.
-        "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.
-          { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.
-            "apiVersion": "A String", # API version of the referent.
-            "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional
-            "controller": True or False, # If true, this reference points to the managing controller. +optional
-            "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names
-            "uid": "A String", # UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "name": "A String", # The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,
+        "namespace": "A String", # Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.
+        "ownerReferences": [ # Not supported by Cloud Run
+          { # This is not supported or used by Cloud Run.
+            "apiVersion": "A String", # This is not supported or used by Cloud Run.
+            "blockOwnerDeletion": True or False, # This is not supported or used by Cloud Run.
+            "controller": True or False, # This is not supported or used by Cloud Run.
+            "kind": "A String", # This is not supported or used by Cloud Run.
+            "name": "A String", # This is not supported or used by Cloud Run.
+            "uid": "A String", # This is not supported or used by Cloud Run.
           },
         ],
-        "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-        "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;
-        "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
+        "resourceVersion": "A String", # Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+        "selfLink": "A String", # URL representing this object.
+        "uid": "A String", # Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids
       },
       "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
-        "containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run for Anthos: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler.
-        "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/serving/blob/main/docs/runtime-contract.md
+        "containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run: supported, defaults to 80
+        "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/specs/blob/main/specs/serving/runtime-contract.md
           { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime.
-            "args": [ # (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+            "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
               "A String",
             ],
-            "command": [
+            "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
               "A String",
             ],
-            "env": [ # (Optional) List of environment variables to set in the container.
+            "env": [ # List of environment variables to set in the container.
               { # EnvVar represents an environment variable present in a Container.
-                "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
-                "value": "A String", # (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
-                "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # (Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty.
-                  "configMapKeyRef": { # Not supported by Cloud Run Selects a key from a ConfigMap. # (Optional) Not supported by Cloud Run Selects a key of a ConfigMap.
-                    "key": "A String", # The key to select.
-                    "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                      "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "name": "A String", # Required. Name of the environment variable. Must be a C_IDENTIFIER.
+                "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
+                "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # Source for the environment variable's value. Only supports secret_key_ref. Cannot be used if value is not empty.
+                  "configMapKeyRef": { # Not supported by Cloud Run. Selects a key from a ConfigMap. # Not supported by Cloud Run. Selects a key of a ConfigMap.
+                    "key": "A String", # Required. The key to select.
+                    "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                      "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                     },
-                    "name": "A String", # The ConfigMap to select from.
-                    "optional": True or False, # (Optional) Specify whether the ConfigMap or its key must be defined
+                    "name": "A String", # Required. The ConfigMap to select from.
+                    "optional": True or False, # Specify whether the ConfigMap or its key must be defined
                   },
-                  "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # (Optional) Selects a key (version) of a secret in Secret Manager.
-                    "key": "A String", # A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
-                    "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                      "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                  "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # Selects a key (version) of a secret in Secret Manager.
+                    "key": "A String", # Required. A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.
+                    "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                      "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                     },
                     "name": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from.
-                    "optional": True or False, # (Optional) Specify whether the Secret or its key must be defined
+                    "optional": True or False, # Specify whether the Secret or its key must be defined.
                   },
                 },
               },
             ],
-            "envFrom": [ # (Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
-              { # Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps
-                "configMapRef": { # Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # (Optional) The ConfigMap to select from
-                  "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                    "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+            "envFrom": [ # Not supported by Cloud Run.
+              { # Not supported by Cloud Run. EnvFromSource represents the source of a set of ConfigMaps
+                "configMapRef": { # Not supported by Cloud Run. ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from
+                  "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                    "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                   },
                   "name": "A String", # The ConfigMap to select from.
-                  "optional": True or False, # (Optional) Specify whether the ConfigMap must be defined
+                  "optional": True or False, # Specify whether the ConfigMap must be defined.
                 },
-                "prefix": "A String", # (Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
-                "secretRef": { # Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # (Optional) The Secret to select from
-                  "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
-                    "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
+                "secretRef": { # Not supported by Cloud Run. SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from
+                  "localObjectReference": { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead.
+                    "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                   },
                   "name": "A String", # The Secret to select from.
-                  "optional": True or False, # (Optional) Specify whether the Secret must be defined
+                  "optional": True or False, # Specify whether the Secret must be defined
                 },
               },
             ],
-            "image": "A String", # Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images
-            "imagePullPolicy": "A String", # (Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
-            "livenessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "image": "A String", # Required. URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images
+            "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
+            "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "name": "A String", # (Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
-            "ports": [ # (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
+            "name": "A String", # Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
+            "ports": [ # List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.
               { # ContainerPort represents a network port in a single container.
-                "containerPort": 42, # (Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536.
-                "name": "A String", # (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
-                "protocol": "A String", # (Optional) Protocol for port. Must be "TCP". Defaults to "TCP".
+                "containerPort": 42, # Port number the container listens on. This must be a valid port number, 0 < x < 65536.
+                "name": "A String", # If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
+                "protocol": "A String", # Protocol for port. Must be "TCP". Defaults to "TCP".
               },
             ],
-            "readinessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Not supported by Cloud Run.
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "resources": { # ResourceRequirements describes the compute resource requirements. # (Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
-              "limits": { # (Optional) Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+            "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+              "limits": { # Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                 "a_key": "A String",
               },
-              "requests": { # (Optional) Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
+              "requests": { # Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
                 "a_key": "A String",
               },
             },
-            "securityContext": { # Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # (Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
-              "runAsUser": 42, # (Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+            "securityContext": { # Not supported by Cloud Run. SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Not supported by Cloud Run.
+              "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
             },
-            "startupProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message.
-                "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+            "startupProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not receive traffic if the probe fails. If not provided, a default startup probe with TCP socket action is used. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "exec": { # Not supported by Cloud Run. ExecAction describes a "run in container" action. # Not supported by Cloud Run.
+                "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                   "A String",
                 ],
               },
-              "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
-              "grpc": { # GRPCAction describes an action involving a GRPC port. # (Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message.
+              "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
+              "grpc": { # GRPCAction describes an action involving a GRPC port. # GRPCAction specifies an action involving a GRPC port.
                 "port": 42, # Port number of the gRPC service. Number must be in the range 1 to 65535.
                 "service": "A String", # Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
               },
-              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message.
-                "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
-                "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers.
+              "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
+                "host": "A String", # Not supported by Cloud Run.
+                "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
                   { # HTTPHeader describes a custom header to be used in HTTP probes
                     "name": "A String", # The header field name
                     "value": "A String", # The header field value
                   },
                 ],
-                "path": "A String", # (Optional) Path to access on the HTTP server.
-                "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP.
+                "path": "A String", # Path to access on the HTTP server.
+                "scheme": "A String", # Not supported by Cloud Run.
               },
-              "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
-              "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
-              "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
-              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message.
-                "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP.
-                "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.
+              "initialDelaySeconds": 42, # Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.
+              "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.
+              "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
+                "host": "A String", # Not supported by Cloud Run.
+                "port": 42, # Port number to access on the container. Number must be in the range 1 to 65535.
               },
-              "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+              "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
             },
-            "terminationMessagePath": "A String", # (Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
-            "terminationMessagePolicy": "A String", # (Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
-            "volumeMounts": [ # (Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
+            "terminationMessagePath": "A String", # Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.
+            "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
+            "volumeMounts": [ # Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.
               { # VolumeMount describes a mounting of a Volume within a container.
-                "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'.
-                "name": "A String", # The name of the volume. There must be a corresponding Volume with the same name.
-                "readOnly": True or False, # (Optional) Only true is accepted. Defaults to true.
-                "subPath": "A String", # (Optional) Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
+                "mountPath": "A String", # Required. Path within the container at which the volume should be mounted. Must not contain ':'.
+                "name": "A String", # Required. The name of the volume. There must be a corresponding Volume with the same name.
+                "readOnly": True or False, # Only true is accepted for Secret Volumes. Defaults to true for Secrets Volumes.
+                "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
               },
             ],
-            "workingDir": "A String", # (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
+            "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
           },
         ],
-        "enableServiceLinks": True or False, # Indicates whether information about services should be injected into pod's environment variables, matching the syntax of Docker links. Cloud Run fully managed: Not supported. Cloud Run for Anthos: supported, defaults to true.
-        "imagePullSecrets": [ # ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet. More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod Cloud Run fully managed: Not supported. Cloud Run for Anthos: supported.
-          { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
-            "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+        "enableServiceLinks": True or False, # Not supported by Cloud Run.
+        "imagePullSecrets": [ # Not supported by Cloud Run.
+          { # Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
+            "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
           },
         ],
         "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account.
-        "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run fully managed: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour). Cloud Run for Anthos: defaults to 300 seconds (5 minutes). Maximum allowed value is configurable by the cluster operator.
+        "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour).
         "volumes": [
           { # Volume represents a named volume in a container.
-            "configMap": { # Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
+            "configMap": { # Not supported by Cloud Run. Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.
               "defaultMode": 42, # (Optional) Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
               "items": [ # (Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
                 { # Maps a string key to a path within a volume.
@@ -2210,25 +2210,25 @@ 
Method Details

               "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
             },
             "name": "A String", # Volume's name. In Cloud Run Fully Managed, the name 'cloudsql' is reserved.
-            "secret": { # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names.
+            "secret": { # A volume representing a secret stored in Google Secret Manager. The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secretName.
               "defaultMode": 42, # Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0444. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
-              "items": [ # (Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.
+              "items": [ # A list of secret versions to mount in the volume. If no items are specified, the volume will expose a file with the same name as the secret name. The contents of the file will be the data in the latest version of the secret. If items are specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify both a key and a path.
                 { # Maps a string key to a path within a volume.
                   "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project.
                   "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                   "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                 },
               ],
-              "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined.
+              "optional": True or False, # Not supported by Cloud Run.
               "secretName": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use.
             },
           },
         ],
       },
     },
-    "traffic": [ # Traffic specifies how to distribute traffic over a collection of Knative Revisions and Configurations.
+    "traffic": [ # Specifies how to distribute traffic over a collection of Knative Revisions and Configurations to the Service's main URL.
       { # TrafficTarget holds a single entry of the routing table for a Route.
-        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
+        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision which will be sent this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, traffic will automatically migrate from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
         "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty.
         "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified.
         "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName.
@@ -2237,26 +2237,26 @@ 
Method Details

       },
     ],
   },
-  "status": { # The current state of the Service. Output only. # Status communicates the observed state of the Service (from the controller).
-    "address": { # Information for connecting over HTTP(s). # From RouteStatus. Similar to url, information on where the service is available on HTTP.
+  "status": { # The current state of the Service. Output only. # Communicates the system-controlled state of the Service.
+    "address": { # Information for connecting over HTTP(s). # Similar to url, information on where the service is available on HTTP.
       "url": "A String",
     },
-    "conditions": [ # Conditions communicates information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world. Service-specific conditions include: * "ConfigurationsReady": true when the underlying Configuration is ready. * "RoutesReady": true when the underlying Route is ready. * "Ready": true when both the underlying Route and Configuration are ready.
-      { # Condition defines a generic condition for a Resource.
+    "conditions": [ # Communicates information about ongoing/complete reconciliation processes that bring the `spec` inline with the observed state of the world. Service-specific conditions include: * `ConfigurationsReady`: `True` when the underlying Configuration is ready. * `RoutesReady`: `True` when the underlying Route is ready. * `Ready`: `True` when all underlying resources are ready.
+      { # Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.
         "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another.
         "message": "A String", # Optional. Human readable message indicating details about the current status.
-        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition.
-        "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info
+        "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.
+        "severity": "A String", # Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.
         "status": "A String", # Status of the condition, one of True, False, Unknown.
-        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
+        "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready" or "Completed": True when the Resource is ready.
       },
     ],
-    "latestCreatedRevisionName": "A String", # From ConfigurationStatus. LatestCreatedRevisionName is the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName.
-    "latestReadyRevisionName": "A String", # From ConfigurationStatus. LatestReadyRevisionName holds the name of the latest Revision stamped out from this Service's Configuration that has had its "Ready" condition become "True".
-    "observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Route that was last processed by the controller. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False.
-    "traffic": [ # From RouteStatus. Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed.
+    "latestCreatedRevisionName": "A String", # Name of the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName.
+    "latestReadyRevisionName": "A String", # Name of the latest Revision from this Service's Configuration that has had its `Ready` condition become `True`.
+    "observedGeneration": 42, # Returns the generation last fully processed by the system. This will only match metadata.generation when reconciliation is complete. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False.
+    "traffic": [ # Holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed.
       { # TrafficTarget holds a single entry of the routing table for a Route.
-        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
+        "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision which will be sent this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, traffic will automatically migrate from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.
         "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty.
         "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified.
         "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName.
@@ -2264,7 +2264,7 @@ 
Method Details

         "url": "A String", # Output only. URL displays the URL for accessing tagged traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. https://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.)
       },
     ],
-    "url": "A String", # From RouteStatus. URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app
+    "url": "A String", # URL that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app
   },
 }

 

diff --git a/docs/dyn/secretmanager_v1.projects.secrets.html b/docs/dyn/secretmanager_v1.projects.secrets.html
index 94941bda649..09cbae18ff0 100644
--- a/docs/dyn/secretmanager_v1.projects.secrets.html
+++ b/docs/dyn/secretmanager_v1.projects.secrets.html
@@ -179,6 +179,9 @@ 
Method Details

     The object takes the form of:
 
 { # A Secret is a logical secret whose value and versions can be accessed. A Secret is made up of zero or more SecretVersions that represent the secret data.
+  "annotations": { # Optional. Custom metadata about the secret. Annotations are distinct from various forms of labels. Annotations exist to allow client tools to store their own state information without requiring a database. Annotation keys must be between 1 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, begin and end with an alphanumeric character ([a-z0-9A-Z]), and may have dashes (-), underscores (_), dots (.), and alphanumerics in between these symbols. The total size of annotation keys and values must be less than 16KiB.
+    "a_key": "A String",
+  },
   "createTime": "A String", # Output only. The time at which the Secret was created.
   "etag": "A String", # Optional. Etag of the currently stored Secret.
   "expireTime": "A String", # Optional. Timestamp in UTC when the Secret is scheduled to expire. This is always provided on output, regardless of what was sent on input.
@@ -228,6 +231,9 @@ 
Method Details

   An object of the form:
 
     { # A Secret is a logical secret whose value and versions can be accessed. A Secret is made up of zero or more SecretVersions that represent the secret data.
+  "annotations": { # Optional. Custom metadata about the secret. Annotations are distinct from various forms of labels. Annotations exist to allow client tools to store their own state information without requiring a database. Annotation keys must be between 1 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, begin and end with an alphanumeric character ([a-z0-9A-Z]), and may have dashes (-), underscores (_), dots (.), and alphanumerics in between these symbols. The total size of annotation keys and values must be less than 16KiB.
+    "a_key": "A String",
+  },
   "createTime": "A String", # Output only. The time at which the Secret was created.
   "etag": "A String", # Optional. Etag of the currently stored Secret.
   "expireTime": "A String", # Optional. Timestamp in UTC when the Secret is scheduled to expire. This is always provided on output, regardless of what was sent on input.
@@ -302,6 +308,9 @@ 
Method Details

   An object of the form:
 
     { # A Secret is a logical secret whose value and versions can be accessed. A Secret is made up of zero or more SecretVersions that represent the secret data.
+  "annotations": { # Optional. Custom metadata about the secret. Annotations are distinct from various forms of labels. Annotations exist to allow client tools to store their own state information without requiring a database. Annotation keys must be between 1 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, begin and end with an alphanumeric character ([a-z0-9A-Z]), and may have dashes (-), underscores (_), dots (.), and alphanumerics in between these symbols. The total size of annotation keys and values must be less than 16KiB.
+    "a_key": "A String",
+  },
   "createTime": "A String", # Output only. The time at which the Secret was created.
   "etag": "A String", # Optional. Etag of the currently stored Secret.
   "expireTime": "A String", # Optional. Timestamp in UTC when the Secret is scheduled to expire. This is always provided on output, regardless of what was sent on input.
@@ -379,7 +388,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -411,6 +420,9 @@ 
Method Details

   "nextPageToken": "A String", # A token to retrieve the next page of results. Pass this value in ListSecretsRequest.page_token to retrieve the next page.
   "secrets": [ # The list of Secrets sorted in reverse by create_time (newest first).
     { # A Secret is a logical secret whose value and versions can be accessed. A Secret is made up of zero or more SecretVersions that represent the secret data.
+      "annotations": { # Optional. Custom metadata about the secret. Annotations are distinct from various forms of labels. Annotations exist to allow client tools to store their own state information without requiring a database. Annotation keys must be between 1 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, begin and end with an alphanumeric character ([a-z0-9A-Z]), and may have dashes (-), underscores (_), dots (.), and alphanumerics in between these symbols. The total size of annotation keys and values must be less than 16KiB.
+        "a_key": "A String",
+      },
       "createTime": "A String", # Output only. The time at which the Secret was created.
       "etag": "A String", # Optional. Etag of the currently stored Secret.
       "expireTime": "A String", # Optional. Timestamp in UTC when the Secret is scheduled to expire. This is always provided on output, regardless of what was sent on input.
@@ -478,6 +490,9 @@ 
Method Details

     The object takes the form of:
 
 { # A Secret is a logical secret whose value and versions can be accessed. A Secret is made up of zero or more SecretVersions that represent the secret data.
+  "annotations": { # Optional. Custom metadata about the secret. Annotations are distinct from various forms of labels. Annotations exist to allow client tools to store their own state information without requiring a database. Annotation keys must be between 1 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, begin and end with an alphanumeric character ([a-z0-9A-Z]), and may have dashes (-), underscores (_), dots (.), and alphanumerics in between these symbols. The total size of annotation keys and values must be less than 16KiB.
+    "a_key": "A String",
+  },
   "createTime": "A String", # Output only. The time at which the Secret was created.
   "etag": "A String", # Optional. Etag of the currently stored Secret.
   "expireTime": "A String", # Optional. Timestamp in UTC when the Secret is scheduled to expire. This is always provided on output, regardless of what was sent on input.
@@ -527,6 +542,9 @@ 
Method Details

   An object of the form:
 
     { # A Secret is a logical secret whose value and versions can be accessed. A Secret is made up of zero or more SecretVersions that represent the secret data.
+  "annotations": { # Optional. Custom metadata about the secret. Annotations are distinct from various forms of labels. Annotations exist to allow client tools to store their own state information without requiring a database. Annotation keys must be between 1 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, begin and end with an alphanumeric character ([a-z0-9A-Z]), and may have dashes (-), underscores (_), dots (.), and alphanumerics in between these symbols. The total size of annotation keys and values must be less than 16KiB.
+    "a_key": "A String",
+  },
   "createTime": "A String", # Output only. The time at which the Secret was created.
   "etag": "A String", # Optional. Etag of the currently stored Secret.
   "expireTime": "A String", # Optional. Timestamp in UTC when the Secret is scheduled to expire. This is always provided on output, regardless of what was sent on input.
@@ -599,7 +617,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -641,7 +659,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/secretmanager_v1beta1.projects.secrets.html b/docs/dyn/secretmanager_v1beta1.projects.secrets.html
index b5091b6fe12..bd2b0e7d700 100644
--- a/docs/dyn/secretmanager_v1beta1.projects.secrets.html
+++ b/docs/dyn/secretmanager_v1beta1.projects.secrets.html
@@ -295,7 +295,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -451,7 +451,7 @@ 
Method Details

           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
@@ -493,7 +493,7 @@ 
Method Details

         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
diff --git a/docs/dyn/servicemanagement_v1.services.configs.html b/docs/dyn/servicemanagement_v1.services.configs.html
index e972feaecbb..7407d295ee5 100644
--- a/docs/dyn/servicemanagement_v1.services.configs.html
+++ b/docs/dyn/servicemanagement_v1.services.configs.html
@@ -172,6 +172,7 @@ 
Method Details

       { # Authentication rules for the service. By default, if a method has any authentication requirements, every request must include a valid credential matching one of the requirements. It's an error to include more than one kind of credential in a single request. If a method doesn't have any auth requirements, request credentials will be ignored.
         "allowWithoutCredential": True or False, # If true, the service accepts API keys without any other credential. This flag only applies to HTTP and gRPC requests.
         "oauth": { # OAuth scopes are a way to define data and permissions on data. For example, there are scopes defined for "Read-only access to Google Calendar" and "Access to Cloud Platform". Users can consent to a scope for an application, giving it permission to access that data on their behalf. OAuth scope specifications should be fairly coarse grained; a user will need to see and understand the text description of what your scope means. In most cases: use one or at most two OAuth scopes for an entire family of products. If your product has multiple APIs, you should probably be sharing the OAuth scope across all of those APIs. When you need finer grained OAuth consent screens: talk with your product management about how developers will use them in practice. Please note that even though each of the canonical scopes is enough for a request to be accepted and passed to the backend, a request can still fail due to the backend requiring additional scopes or permissions. # The requirements for OAuth credentials.
+          "allowAnyScope": True or False, # UNIMPLEMENTED: If enabled, ESF will allow OAuth credentials with any scope, more details in http://go/esf-oauth-any-scope. WARNING: Enabling this option will bring security risks. Customers enabling this feature accidentally may have the risk of losing authentication enforcement. Please reach out to api-auth@ and esf-team@ for approval and allowlisting before you enable this option.
           "canonicalScopes": "A String", # The list of publicly documented OAuth scopes that are allowed access. An OAuth token containing any of these scopes will be accepted. Example: canonical_scopes: https://www.googleapis.com/auth/calendar, https://www.googleapis.com/auth/calendar.read
         },
         "requirements": [ # Requirements for additional authentication providers.
@@ -638,6 +639,7 @@ 
Method Details

       { # Authentication rules for the service. By default, if a method has any authentication requirements, every request must include a valid credential matching one of the requirements. It's an error to include more than one kind of credential in a single request. If a method doesn't have any auth requirements, request credentials will be ignored.
         "allowWithoutCredential": True or False, # If true, the service accepts API keys without any other credential. This flag only applies to HTTP and gRPC requests.
         "oauth": { # OAuth scopes are a way to define data and permissions on data. For example, there are scopes defined for "Read-only access to Google Calendar" and "Access to Cloud Platform". Users can consent to a scope for an application, giving it permission to access that data on their behalf. OAuth scope specifications should be fairly coarse grained; a user will need to see and understand the text description of what your scope means. In most cases: use one or at most two OAuth scopes for an entire family of products. If your product has multiple APIs, you should probably be sharing the OAuth scope across all of those APIs. When you need finer grained OAuth consent screens: talk with your product management about how developers will use them in practice. Please note that even though each of the canonical scopes is enough for a request to be accepted and passed to the backend, a request can still fail due to the backend requiring additional scopes or permissions. # The requirements for OAuth credentials.
+          "allowAnyScope": True or False, # UNIMPLEMENTED: If enabled, ESF will allow OAuth credentials with any scope, more details in http://go/esf-oauth-any-scope. WARNING: Enabling this option will bring security risks. Customers enabling this feature accidentally may have the risk of losing authentication enforcement. Please reach out to api-auth@ and esf-team@ for approval and allowlisting before you enable this option.
           "canonicalScopes": "A String", # The list of publicly documented OAuth scopes that are allowed access. An OAuth token containing any of these scopes will be accepted. Example: canonical_scopes: https://www.googleapis.com/auth/calendar, https://www.googleapis.com/auth/calendar.read
         },
         "requirements": [ # Requirements for additional authentication providers.
@@ -1116,6 +1118,7 @@ 
Method Details

       { # Authentication rules for the service. By default, if a method has any authentication requirements, every request must include a valid credential matching one of the requirements. It's an error to include more than one kind of credential in a single request. If a method doesn't have any auth requirements, request credentials will be ignored.
         "allowWithoutCredential": True or False, # If true, the service accepts API keys without any other credential. This flag only applies to HTTP and gRPC requests.
         "oauth": { # OAuth scopes are a way to define data and permissions on data. For example, there are scopes defined for "Read-only access to Google Calendar" and "Access to Cloud Platform". Users can consent to a scope for an application, giving it permission to access that data on their behalf. OAuth scope specifications should be fairly coarse grained; a user will need to see and understand the text description of what your scope means. In most cases: use one or at most two OAuth scopes for an entire family of products. If your product has multiple APIs, you should probably be sharing the OAuth scope across all of those APIs. When you need finer grained OAuth consent screens: talk with your product management about how developers will use them in practice. Please note that even though each of the canonical scopes is enough for a request to be accepted and passed to the backend, a request can still fail due to the backend requiring additional scopes or permissions. # The requirements for OAuth credentials.
+          "allowAnyScope": True or False, # UNIMPLEMENTED: If enabled, ESF will allow OAuth credentials with any scope, more details in http://go/esf-oauth-any-scope. WARNING: Enabling this option will bring security risks. Customers enabling this feature accidentally may have the risk of losing authentication enforcement. Please reach out to api-auth@ and esf-team@ for approval and allowlisting before you enable this option.
           "canonicalScopes": "A String", # The list of publicly documented OAuth scopes that are allowed access. An OAuth token containing any of these scopes will be accepted. Example: canonical_scopes: https://www.googleapis.com/auth/calendar, https://www.googleapis.com/auth/calendar.read
         },
         "requirements": [ # Requirements for additional authentication providers.
@@ -1594,6 +1597,7 @@ 
Method Details

           { # Authentication rules for the service. By default, if a method has any authentication requirements, every request must include a valid credential matching one of the requirements. It's an error to include more than one kind of credential in a single request. If a method doesn't have any auth requirements, request credentials will be ignored.
             "allowWithoutCredential": True or False, # If true, the service accepts API keys without any other credential. This flag only applies to HTTP and gRPC requests.
             "oauth": { # OAuth scopes are a way to define data and permissions on data. For example, there are scopes defined for "Read-only access to Google Calendar" and "Access to Cloud Platform". Users can consent to a scope for an application, giving it permission to access that data on their behalf. OAuth scope specifications should be fairly coarse grained; a user will need to see and understand the text description of what your scope means. In most cases: use one or at most two OAuth scopes for an entire family of products. If your product has multiple APIs, you should probably be sharing the OAuth scope across all of those APIs. When you need finer grained OAuth consent screens: talk with your product management about how developers will use them in practice. Please note that even though each of the canonical scopes is enough for a request to be accepted and passed to the backend, a request can still fail due to the backend requiring additional scopes or permissions. # The requirements for OAuth credentials.
+              "allowAnyScope": True or False, # UNIMPLEMENTED: If enabled, ESF will allow OAuth credentials with any scope, more details in http://go/esf-oauth-any-scope. WARNING: Enabling this option will bring security risks. Customers enabling this feature accidentally may have the risk of losing authentication enforcement. Please reach out to api-auth@ and esf-team@ for approval and allowlisting before you enable this option.
               "canonicalScopes": "A String", # The list of publicly documented OAuth scopes that are allowed access. An OAuth token containing any of these scopes will be accepted. Example: canonical_scopes: https://www.googleapis.com/auth/calendar, https://www.googleapis.com/auth/calendar.read
             },
             "requirements": [ # Requirements for additional authentication providers.
diff --git a/docs/dyn/servicemanagement_v1.services.html b/docs/dyn/servicemanagement_v1.services.html
index 94db2f60244..9fdeebc76cf 100644
--- a/docs/dyn/servicemanagement_v1.services.html
+++ b/docs/dyn/servicemanagement_v1.services.html
@@ -367,6 +367,7 @@ 
Method Details

       { # Authentication rules for the service. By default, if a method has any authentication requirements, every request must include a valid credential matching one of the requirements. It's an error to include more than one kind of credential in a single request. If a method doesn't have any auth requirements, request credentials will be ignored.
         "allowWithoutCredential": True or False, # If true, the service accepts API keys without any other credential. This flag only applies to HTTP and gRPC requests.
         "oauth": { # OAuth scopes are a way to define data and permissions on data. For example, there are scopes defined for "Read-only access to Google Calendar" and "Access to Cloud Platform". Users can consent to a scope for an application, giving it permission to access that data on their behalf. OAuth scope specifications should be fairly coarse grained; a user will need to see and understand the text description of what your scope means. In most cases: use one or at most two OAuth scopes for an entire family of products. If your product has multiple APIs, you should probably be sharing the OAuth scope across all of those APIs. When you need finer grained OAuth consent screens: talk with your product management about how developers will use them in practice. Please note that even though each of the canonical scopes is enough for a request to be accepted and passed to the backend, a request can still fail due to the backend requiring additional scopes or permissions. # The requirements for OAuth credentials.
+          "allowAnyScope": True or False, # UNIMPLEMENTED: If enabled, ESF will allow OAuth credentials with any scope, more details in http://go/esf-oauth-any-scope. WARNING: Enabling this option will bring security risks. Customers enabling this feature accidentally may have the risk of losing authentication enforcement. Please reach out to api-auth@ and esf-team@ for approval and allowlisting before you enable this option.
           "canonicalScopes": "A String", # The list of publicly documented OAuth scopes that are allowed access. An OAuth token containing any of these scopes will be accepted. Example: canonical_scopes: https://www.googleapis.com/auth/calendar, https://www.googleapis.com/auth/calendar.read
         },
         "requirements": [ # Requirements for additional authentication providers.
diff --git a/docs/dyn/serviceusage_v1.services.html b/docs/dyn/serviceusage_v1.services.html
index ccaadbbd02a..26a36b40de5 100644
--- a/docs/dyn/serviceusage_v1.services.html
+++ b/docs/dyn/serviceusage_v1.services.html
@@ -226,6 +226,7 @@ 
Method Details

             { # Authentication rules for the service. By default, if a method has any authentication requirements, every request must include a valid credential matching one of the requirements. It's an error to include more than one kind of credential in a single request. If a method doesn't have any auth requirements, request credentials will be ignored.
               "allowWithoutCredential": True or False, # If true, the service accepts API keys without any other credential. This flag only applies to HTTP and gRPC requests.
               "oauth": { # OAuth scopes are a way to define data and permissions on data. For example, there are scopes defined for "Read-only access to Google Calendar" and "Access to Cloud Platform". Users can consent to a scope for an application, giving it permission to access that data on their behalf. OAuth scope specifications should be fairly coarse grained; a user will need to see and understand the text description of what your scope means. In most cases: use one or at most two OAuth scopes for an entire family of products. If your product has multiple APIs, you should probably be sharing the OAuth scope across all of those APIs. When you need finer grained OAuth consent screens: talk with your product management about how developers will use them in practice. Please note that even though each of the canonical scopes is enough for a request to be accepted and passed to the backend, a request can still fail due to the backend requiring additional scopes or permissions. # The requirements for OAuth credentials.
+                "allowAnyScope": True or False, # UNIMPLEMENTED: If enabled, ESF will allow OAuth credentials with any scope, more details in http://go/esf-oauth-any-scope. WARNING: Enabling this option will bring security risks. Customers enabling this feature accidentally may have the risk of losing authentication enforcement. Please reach out to api-auth@ and esf-team@ for approval and allowlisting before you enable this option.
                 "canonicalScopes": "A String", # The list of publicly documented OAuth scopes that are allowed access. An OAuth token containing any of these scopes will be accepted. Example: canonical_scopes: https://www.googleapis.com/auth/calendar, https://www.googleapis.com/auth/calendar.read
               },
               "requirements": [ # Requirements for additional authentication providers.
@@ -520,6 +521,7 @@ 
Method Details

         { # Authentication rules for the service. By default, if a method has any authentication requirements, every request must include a valid credential matching one of the requirements. It's an error to include more than one kind of credential in a single request. If a method doesn't have any auth requirements, request credentials will be ignored.
           "allowWithoutCredential": True or False, # If true, the service accepts API keys without any other credential. This flag only applies to HTTP and gRPC requests.
           "oauth": { # OAuth scopes are a way to define data and permissions on data. For example, there are scopes defined for "Read-only access to Google Calendar" and "Access to Cloud Platform". Users can consent to a scope for an application, giving it permission to access that data on their behalf. OAuth scope specifications should be fairly coarse grained; a user will need to see and understand the text description of what your scope means. In most cases: use one or at most two OAuth scopes for an entire family of products. If your product has multiple APIs, you should probably be sharing the OAuth scope across all of those APIs. When you need finer grained OAuth consent screens: talk with your product management about how developers will use them in practice. Please note that even though each of the canonical scopes is enough for a request to be accepted and passed to the backend, a request can still fail due to the backend requiring additional scopes or permissions. # The requirements for OAuth credentials.
+            "allowAnyScope": True or False, # UNIMPLEMENTED: If enabled, ESF will allow OAuth credentials with any scope, more details in http://go/esf-oauth-any-scope. WARNING: Enabling this option will bring security risks. Customers enabling this feature accidentally may have the risk of losing authentication enforcement. Please reach out to api-auth@ and esf-team@ for approval and allowlisting before you enable this option.
             "canonicalScopes": "A String", # The list of publicly documented OAuth scopes that are allowed access. An OAuth token containing any of these scopes will be accepted. Example: canonical_scopes: https://www.googleapis.com/auth/calendar, https://www.googleapis.com/auth/calendar.read
           },
           "requirements": [ # Requirements for additional authentication providers.
@@ -729,6 +731,7 @@ 
Method Details

             { # Authentication rules for the service. By default, if a method has any authentication requirements, every request must include a valid credential matching one of the requirements. It's an error to include more than one kind of credential in a single request. If a method doesn't have any auth requirements, request credentials will be ignored.
               "allowWithoutCredential": True or False, # If true, the service accepts API keys without any other credential. This flag only applies to HTTP and gRPC requests.
               "oauth": { # OAuth scopes are a way to define data and permissions on data. For example, there are scopes defined for "Read-only access to Google Calendar" and "Access to Cloud Platform". Users can consent to a scope for an application, giving it permission to access that data on their behalf. OAuth scope specifications should be fairly coarse grained; a user will need to see and understand the text description of what your scope means. In most cases: use one or at most two OAuth scopes for an entire family of products. If your product has multiple APIs, you should probably be sharing the OAuth scope across all of those APIs. When you need finer grained OAuth consent screens: talk with your product management about how developers will use them in practice. Please note that even though each of the canonical scopes is enough for a request to be accepted and passed to the backend, a request can still fail due to the backend requiring additional scopes or permissions. # The requirements for OAuth credentials.
+                "allowAnyScope": True or False, # UNIMPLEMENTED: If enabled, ESF will allow OAuth credentials with any scope, more details in http://go/esf-oauth-any-scope. WARNING: Enabling this option will bring security risks. Customers enabling this feature accidentally may have the risk of losing authentication enforcement. Please reach out to api-auth@ and esf-team@ for approval and allowlisting before you enable this option.
                 "canonicalScopes": "A String", # The list of publicly documented OAuth scopes that are allowed access. An OAuth token containing any of these scopes will be accepted. Example: canonical_scopes: https://www.googleapis.com/auth/calendar, https://www.googleapis.com/auth/calendar.read
               },
               "requirements": [ # Requirements for additional authentication providers.
diff --git a/docs/dyn/serviceusage_v1beta1.services.html b/docs/dyn/serviceusage_v1beta1.services.html
index 16df2c71e17..94b41c7e9ed 100644
--- a/docs/dyn/serviceusage_v1beta1.services.html
+++ b/docs/dyn/serviceusage_v1beta1.services.html
@@ -350,6 +350,7 @@ 
Method Details

         { # Authentication rules for the service. By default, if a method has any authentication requirements, every request must include a valid credential matching one of the requirements. It's an error to include more than one kind of credential in a single request. If a method doesn't have any auth requirements, request credentials will be ignored.
           "allowWithoutCredential": True or False, # If true, the service accepts API keys without any other credential. This flag only applies to HTTP and gRPC requests.
           "oauth": { # OAuth scopes are a way to define data and permissions on data. For example, there are scopes defined for "Read-only access to Google Calendar" and "Access to Cloud Platform". Users can consent to a scope for an application, giving it permission to access that data on their behalf. OAuth scope specifications should be fairly coarse grained; a user will need to see and understand the text description of what your scope means. In most cases: use one or at most two OAuth scopes for an entire family of products. If your product has multiple APIs, you should probably be sharing the OAuth scope across all of those APIs. When you need finer grained OAuth consent screens: talk with your product management about how developers will use them in practice. Please note that even though each of the canonical scopes is enough for a request to be accepted and passed to the backend, a request can still fail due to the backend requiring additional scopes or permissions. # The requirements for OAuth credentials.
+            "allowAnyScope": True or False, # UNIMPLEMENTED: If enabled, ESF will allow OAuth credentials with any scope, more details in http://go/esf-oauth-any-scope. WARNING: Enabling this option will bring security risks. Customers enabling this feature accidentally may have the risk of losing authentication enforcement. Please reach out to api-auth@ and esf-team@ for approval and allowlisting before you enable this option.
             "canonicalScopes": "A String", # The list of publicly documented OAuth scopes that are allowed access. An OAuth token containing any of these scopes will be accepted. Example: canonical_scopes: https://www.googleapis.com/auth/calendar, https://www.googleapis.com/auth/calendar.read
           },
           "requirements": [ # Requirements for additional authentication providers.
@@ -559,6 +560,7 @@ 
Method Details

             { # Authentication rules for the service. By default, if a method has any authentication requirements, every request must include a valid credential matching one of the requirements. It's an error to include more than one kind of credential in a single request. If a method doesn't have any auth requirements, request credentials will be ignored.
               "allowWithoutCredential": True or False, # If true, the service accepts API keys without any other credential. This flag only applies to HTTP and gRPC requests.
               "oauth": { # OAuth scopes are a way to define data and permissions on data. For example, there are scopes defined for "Read-only access to Google Calendar" and "Access to Cloud Platform". Users can consent to a scope for an application, giving it permission to access that data on their behalf. OAuth scope specifications should be fairly coarse grained; a user will need to see and understand the text description of what your scope means. In most cases: use one or at most two OAuth scopes for an entire family of products. If your product has multiple APIs, you should probably be sharing the OAuth scope across all of those APIs. When you need finer grained OAuth consent screens: talk with your product management about how developers will use them in practice. Please note that even though each of the canonical scopes is enough for a request to be accepted and passed to the backend, a request can still fail due to the backend requiring additional scopes or permissions. # The requirements for OAuth credentials.
+                "allowAnyScope": True or False, # UNIMPLEMENTED: If enabled, ESF will allow OAuth credentials with any scope, more details in http://go/esf-oauth-any-scope. WARNING: Enabling this option will bring security risks. Customers enabling this feature accidentally may have the risk of losing authentication enforcement. Please reach out to api-auth@ and esf-team@ for approval and allowlisting before you enable this option.
                 "canonicalScopes": "A String", # The list of publicly documented OAuth scopes that are allowed access. An OAuth token containing any of these scopes will be accepted. Example: canonical_scopes: https://www.googleapis.com/auth/calendar, https://www.googleapis.com/auth/calendar.read
               },
               "requirements": [ # Requirements for additional authentication providers.
diff --git a/docs/dyn/slides_v1.presentations.html b/docs/dyn/slides_v1.presentations.html
index 0847214e996..0013f68370e 100644
--- a/docs/dyn/slides_v1.presentations.html
+++ b/docs/dyn/slides_v1.presentations.html
@@ -777,1014 +777,7 @@ 
Method Details

           "isSkipped": True or False, # Whether the slide is skipped in the presentation mode. Defaults to false.
           "layoutObjectId": "A String", # The object ID of the layout that this slide is based on. This property is read-only.
           "masterObjectId": "A String", # The object ID of the master that this slide is based on. This property is read-only.
-          "notesPage": { # A page in a presentation. # The notes page that this slide is associated with. It defines the visual appearance of a notes page when printing or exporting slides with speaker notes. A notes page inherits properties from the notes master. The placeholder shape with type BODY on the notes page contains the speaker notes for this slide. The ID of this shape is identified by the speakerNotesObjectId field. The notes page is read-only except for the text content and styles of the speaker notes shape. This property is read-only.
-            "layoutProperties": { # The properties of Page are only relevant for pages with page_type LAYOUT. # Layout specific properties. Only set if page_type = LAYOUT.
-              "displayName": "A String", # The human-readable name of the layout.
-              "masterObjectId": "A String", # The object ID of the master that this layout is based on.
-              "name": "A String", # The name of the layout.
-            },
-            "masterProperties": { # The properties of Page that are only relevant for pages with page_type MASTER. # Master specific properties. Only set if page_type = MASTER.
-              "displayName": "A String", # The human-readable name of the master.
-            },
-            "notesProperties": { # The properties of Page that are only relevant for pages with page_type NOTES. # Notes specific properties. Only set if page_type = NOTES.
-              "speakerNotesObjectId": "A String", # The object ID of the shape on this notes page that contains the speaker notes for the corresponding slide. The actual shape may not always exist on the notes page. Inserting text using this object ID will automatically create the shape. In this case, the actual shape may have different object ID. The `GetPresentation` or `GetPage` action will always return the latest object ID.
-            },
-            "objectId": "A String", # The object ID for this page. Object IDs used by Page and PageElement share the same namespace.
-            "pageElements": [ # The page elements rendered on the page.
-              { # A visual element rendered on a page.
-                "description": "A String", # The description of the page element. Combined with title to display alt text. The field is not supported for Group elements.
-                "elementGroup": { # A PageElement kind representing a joined collection of PageElements. # A collection of page elements joined as a single unit.
-                  "children": [ # The collection of elements in the group. The minimum size of a group is 2.
-                    # Object with schema name: PageElement
-                  ],
-                },
-                "image": { # A PageElement kind representing an image. # An image page element.
-                  "contentUrl": "A String", # An URL to an image with a default lifetime of 30 minutes. This URL is tagged with the account of the requester. Anyone with the URL effectively accesses the image as the original requester. Access to the image may be lost if the presentation's sharing settings change.
-                  "imageProperties": { # The properties of the Image. # The properties of the image.
-                    "brightness": 3.14, # The brightness effect of the image. The value should be in the interval [-1.0, 1.0], where 0 means no effect. This property is read-only.
-                    "contrast": 3.14, # The contrast effect of the image. The value should be in the interval [-1.0, 1.0], where 0 means no effect. This property is read-only.
-                    "cropProperties": { # The crop properties of an object enclosed in a container. For example, an Image. The crop properties is represented by the offsets of four edges which define a crop rectangle. The offsets are measured in percentage from the corresponding edges of the object's original bounding rectangle towards inside, relative to the object's original dimensions. - If the offset is in the interval (0, 1), the corresponding edge of crop rectangle is positioned inside of the object's original bounding rectangle. - If the offset is negative or greater than 1, the corresponding edge of crop rectangle is positioned outside of the object's original bounding rectangle. - If the left edge of the crop rectangle is on the right side of its right edge, the object will be flipped horizontally. - If the top edge of the crop rectangle is below its bottom edge, the object will be flipped vertically. - If all offsets and rotation angle is 0, the object is not cropped. After cropping, the content in the crop rectangle will be stretched to fit its container. # The crop properties of the image. If not set, the image is not cropped. This property is read-only.
-                      "angle": 3.14, # The rotation angle of the crop window around its center, in radians. Rotation angle is applied after the offset.
-                      "bottomOffset": 3.14, # The offset specifies the bottom edge of the crop rectangle that is located above the original bounding rectangle bottom edge, relative to the object's original height.
-                      "leftOffset": 3.14, # The offset specifies the left edge of the crop rectangle that is located to the right of the original bounding rectangle left edge, relative to the object's original width.
-                      "rightOffset": 3.14, # The offset specifies the right edge of the crop rectangle that is located to the left of the original bounding rectangle right edge, relative to the object's original width.
-                      "topOffset": 3.14, # The offset specifies the top edge of the crop rectangle that is located below the original bounding rectangle top edge, relative to the object's original height.
-                    },
-                    "link": { # A hypertext link. # The hyperlink destination of the image. If unset, there is no link.
-                      "pageObjectId": "A String", # If set, indicates this is a link to the specific page in this presentation with this ID. A page with this ID may not exist.
-                      "relativeLink": "A String", # If set, indicates this is a link to a slide in this presentation, addressed by its position.
-                      "slideIndex": 42, # If set, indicates this is a link to the slide at this zero-based index in the presentation. There may not be a slide at this index.
-                      "url": "A String", # If set, indicates this is a link to the external web page at this URL.
-                    },
-                    "outline": { # The outline of a PageElement. If these fields are unset, they may be inherited from a parent placeholder if it exists. If there is no parent, the fields will default to the value used for new page elements created in the Slides editor, which may depend on the page element kind. # The outline of the image. If not set, the image has no outline.
-                      "dashStyle": "A String", # The dash style of the outline.
-                      "outlineFill": { # The fill of the outline. # The fill of the outline.
-                        "solidFill": { # A solid color fill. The page or page element is filled entirely with the specified color value. If any field is unset, its value may be inherited from a parent placeholder if it exists. # Solid color fill.
-                          "alpha": 3.14, # The fraction of this `color` that should be applied to the pixel. That is, the final pixel color is defined by the equation: pixel color = alpha * (color) + (1.0 - alpha) * (background color) This means that a value of 1.0 corresponds to a solid color, whereas a value of 0.0 corresponds to a completely transparent color.
-                          "color": { # A themeable solid color value. # The color value of the solid fill.
-                            "rgbColor": { # An RGB color. # An opaque RGB color.
-                              "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
-                              "green": 3.14, # The green component of the color, from 0.0 to 1.0.
-                              "red": 3.14, # The red component of the color, from 0.0 to 1.0.
-                            },
-                            "themeColor": "A String", # An opaque theme color.
-                          },
-                        },
-                      },
-                      "propertyState": "A String", # The outline property state. Updating the outline on a page element will implicitly update this field to `RENDERED`, unless another value is specified in the same request. To have no outline on a page element, set this field to `NOT_RENDERED`. In this case, any other outline fields set in the same request will be ignored.
-                      "weight": { # A magnitude in a single direction in the specified units. # The thickness of the outline.
-                        "magnitude": 3.14, # The magnitude.
-                        "unit": "A String", # The units for magnitude.
-                      },
-                    },
-                    "recolor": { # A recolor effect applied on an image. # The recolor effect of the image. If not set, the image is not recolored. This property is read-only.
-                      "name": "A String", # The name of the recolor effect. The name is determined from the `recolor_stops` by matching the gradient against the colors in the page's current color scheme. This property is read-only.
-                      "recolorStops": [ # The recolor effect is represented by a gradient, which is a list of color stops. The colors in the gradient will replace the corresponding colors at the same position in the color palette and apply to the image. This property is read-only.
-                        { # A color and position in a gradient band.
-                          "alpha": 3.14, # The alpha value of this color in the gradient band. Defaults to 1.0, fully opaque.
-                          "color": { # A themeable solid color value. # The color of the gradient stop.
-                            "rgbColor": { # An RGB color. # An opaque RGB color.
-                              "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
-                              "green": 3.14, # The green component of the color, from 0.0 to 1.0.
-                              "red": 3.14, # The red component of the color, from 0.0 to 1.0.
-                            },
-                            "themeColor": "A String", # An opaque theme color.
-                          },
-                          "position": 3.14, # The relative position of the color stop in the gradient band measured in percentage. The value should be in the interval [0.0, 1.0].
-                        },
-                      ],
-                    },
-                    "shadow": { # The shadow properties of a page element. If these fields are unset, they may be inherited from a parent placeholder if it exists. If there is no parent, the fields will default to the value used for new page elements created in the Slides editor, which may depend on the page element kind. # The shadow of the image. If not set, the image has no shadow. This property is read-only.
-                      "alignment": "A String", # The alignment point of the shadow, that sets the origin for translate, scale and skew of the shadow. This property is read-only.
-                      "alpha": 3.14, # The alpha of the shadow's color, from 0.0 to 1.0.
-                      "blurRadius": { # A magnitude in a single direction in the specified units. # The radius of the shadow blur. The larger the radius, the more diffuse the shadow becomes.
-                        "magnitude": 3.14, # The magnitude.
-                        "unit": "A String", # The units for magnitude.
-                      },
-                      "color": { # A themeable solid color value. # The shadow color value.
-                        "rgbColor": { # An RGB color. # An opaque RGB color.
-                          "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
-                          "green": 3.14, # The green component of the color, from 0.0 to 1.0.
-                          "red": 3.14, # The red component of the color, from 0.0 to 1.0.
-                        },
-                        "themeColor": "A String", # An opaque theme color.
-                      },
-                      "propertyState": "A String", # The shadow property state. Updating the shadow on a page element will implicitly update this field to `RENDERED`, unless another value is specified in the same request. To have no shadow on a page element, set this field to `NOT_RENDERED`. In this case, any other shadow fields set in the same request will be ignored.
-                      "rotateWithShape": True or False, # Whether the shadow should rotate with the shape. This property is read-only.
-                      "transform": { # AffineTransform uses a 3x3 matrix with an implied last row of [ 0 0 1 ] to transform source coordinates (x,y) into destination coordinates (x', y') according to: x' x = shear_y scale_y translate_y 1 [ 1 ] After transformation, x' = scale_x * x + shear_x * y + translate_x; y' = scale_y * y + shear_y * x + translate_y; This message is therefore composed of these six matrix elements. # Transform that encodes the translate, scale, and skew of the shadow, relative to the alignment position.
-                        "scaleX": 3.14, # The X coordinate scaling element.
-                        "scaleY": 3.14, # The Y coordinate scaling element.
-                        "shearX": 3.14, # The X coordinate shearing element.
-                        "shearY": 3.14, # The Y coordinate shearing element.
-                        "translateX": 3.14, # The X coordinate translation element.
-                        "translateY": 3.14, # The Y coordinate translation element.
-                        "unit": "A String", # The units for translate elements.
-                      },
-                      "type": "A String", # The type of the shadow. This property is read-only.
-                    },
-                    "transparency": 3.14, # The transparency effect of the image. The value should be in the interval [0.0, 1.0], where 0 means no effect and 1 means completely transparent. This property is read-only.
-                  },
-                  "placeholder": { # The placeholder information that uniquely identifies a placeholder shape. # Placeholders are page elements that inherit from corresponding placeholders on layouts and masters. If set, the image is a placeholder image and any inherited properties can be resolved by looking at the parent placeholder identified by the Placeholder.parent_object_id field.
-                    "index": 42, # The index of the placeholder. If the same placeholder types are present in the same page, they would have different index values.
-                    "parentObjectId": "A String", # The object ID of this shape's parent placeholder. If unset, the parent placeholder shape does not exist, so the shape does not inherit properties from any other shape.
-                    "type": "A String", # The type of the placeholder.
-                  },
-                  "sourceUrl": "A String", # The source URL is the URL used to insert the image. The source URL can be empty.
-                },
-                "line": { # A PageElement kind representing a non-connector line, straight connector, curved connector, or bent connector. # A line page element.
-                  "lineCategory": "A String", # The category of the line. It matches the `category` specified in CreateLineRequest, and can be updated with UpdateLineCategoryRequest.
-                  "lineProperties": { # The properties of the Line. When unset, these fields default to values that match the appearance of new lines created in the Slides editor. # The properties of the line.
-                    "dashStyle": "A String", # The dash style of the line.
-                    "endArrow": "A String", # The style of the arrow at the end of the line.
-                    "endConnection": { # The properties for one end of a Line connection. # The connection at the end of the line. If unset, there is no connection. Only lines with a Type indicating it is a "connector" can have an `end_connection`.
-                      "connectedObjectId": "A String", # The object ID of the connected page element. Some page elements, such as groups, tables, and lines do not have connection sites and therefore cannot be connected to a connector line.
-                      "connectionSiteIndex": 42, # The index of the connection site on the connected page element. In most cases, it corresponds to the predefined connection site index from the ECMA-376 standard. More information on those connection sites can be found in the description of the "cnx" attribute in section 20.1.9.9 and Annex H. "Predefined DrawingML Shape and Text Geometries" of "Office Open XML File Formats-Fundamentals and Markup Language Reference", part 1 of [ECMA-376 5th edition] (http://www.ecma-international.org/publications/standards/Ecma-376.htm). The position of each connection site can also be viewed from Slides editor.
-                    },
-                    "lineFill": { # The fill of the line. # The fill of the line. The default line fill matches the defaults for new lines created in the Slides editor.
-                      "solidFill": { # A solid color fill. The page or page element is filled entirely with the specified color value. If any field is unset, its value may be inherited from a parent placeholder if it exists. # Solid color fill.
-                        "alpha": 3.14, # The fraction of this `color` that should be applied to the pixel. That is, the final pixel color is defined by the equation: pixel color = alpha * (color) + (1.0 - alpha) * (background color) This means that a value of 1.0 corresponds to a solid color, whereas a value of 0.0 corresponds to a completely transparent color.
-                        "color": { # A themeable solid color value. # The color value of the solid fill.
-                          "rgbColor": { # An RGB color. # An opaque RGB color.
-                            "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
-                            "green": 3.14, # The green component of the color, from 0.0 to 1.0.
-                            "red": 3.14, # The red component of the color, from 0.0 to 1.0.
-                          },
-                          "themeColor": "A String", # An opaque theme color.
-                        },
-                      },
-                    },
-                    "link": { # A hypertext link. # The hyperlink destination of the line. If unset, there is no link.
-                      "pageObjectId": "A String", # If set, indicates this is a link to the specific page in this presentation with this ID. A page with this ID may not exist.
-                      "relativeLink": "A String", # If set, indicates this is a link to a slide in this presentation, addressed by its position.
-                      "slideIndex": 42, # If set, indicates this is a link to the slide at this zero-based index in the presentation. There may not be a slide at this index.
-                      "url": "A String", # If set, indicates this is a link to the external web page at this URL.
-                    },
-                    "startArrow": "A String", # The style of the arrow at the beginning of the line.
-                    "startConnection": { # The properties for one end of a Line connection. # The connection at the beginning of the line. If unset, there is no connection. Only lines with a Type indicating it is a "connector" can have a `start_connection`.
-                      "connectedObjectId": "A String", # The object ID of the connected page element. Some page elements, such as groups, tables, and lines do not have connection sites and therefore cannot be connected to a connector line.
-                      "connectionSiteIndex": 42, # The index of the connection site on the connected page element. In most cases, it corresponds to the predefined connection site index from the ECMA-376 standard. More information on those connection sites can be found in the description of the "cnx" attribute in section 20.1.9.9 and Annex H. "Predefined DrawingML Shape and Text Geometries" of "Office Open XML File Formats-Fundamentals and Markup Language Reference", part 1 of [ECMA-376 5th edition] (http://www.ecma-international.org/publications/standards/Ecma-376.htm). The position of each connection site can also be viewed from Slides editor.
-                    },
-                    "weight": { # A magnitude in a single direction in the specified units. # The thickness of the line.
-                      "magnitude": 3.14, # The magnitude.
-                      "unit": "A String", # The units for magnitude.
-                    },
-                  },
-                  "lineType": "A String", # The type of the line.
-                },
-                "objectId": "A String", # The object ID for this page element. Object IDs used by google.apps.slides.v1.Page and google.apps.slides.v1.PageElement share the same namespace.
-                "shape": { # A PageElement kind representing a generic shape that does not have a more specific classification. # A generic shape.
-                  "placeholder": { # The placeholder information that uniquely identifies a placeholder shape. # Placeholders are page elements that inherit from corresponding placeholders on layouts and masters. If set, the shape is a placeholder shape and any inherited properties can be resolved by looking at the parent placeholder identified by the Placeholder.parent_object_id field.
-                    "index": 42, # The index of the placeholder. If the same placeholder types are present in the same page, they would have different index values.
-                    "parentObjectId": "A String", # The object ID of this shape's parent placeholder. If unset, the parent placeholder shape does not exist, so the shape does not inherit properties from any other shape.
-                    "type": "A String", # The type of the placeholder.
-                  },
-                  "shapeProperties": { # The properties of a Shape. If the shape is a placeholder shape as determined by the placeholder field, then these properties may be inherited from a parent placeholder shape. Determining the rendered value of the property depends on the corresponding property_state field value. Any text autofit settings on the shape are automatically deactivated by requests that can impact how text fits in the shape. # The properties of the shape.
-                    "autofit": { # The autofit properties of a Shape. # The autofit properties of the shape. This property is only set for shapes that allow text.
-                      "autofitType": "A String", # The autofit type of the shape. If the autofit type is AUTOFIT_TYPE_UNSPECIFIED, the autofit type is inherited from a parent placeholder if it exists. The field is automatically set to NONE if a request is made that might affect text fitting within its bounding text box. In this case the font_scale is applied to the font_size and the line_spacing_reduction is applied to the line_spacing. Both properties are also reset to default values.
-                      "fontScale": 3.14, # The font scale applied to the shape. For shapes with autofit_type NONE or SHAPE_AUTOFIT, this value is the default value of 1. For TEXT_AUTOFIT, this value multiplied by the font_size gives the font size that is rendered in the editor. This property is read-only.
-                      "lineSpacingReduction": 3.14, # The line spacing reduction applied to the shape. For shapes with autofit_type NONE or SHAPE_AUTOFIT, this value is the default value of 0. For TEXT_AUTOFIT, this value subtracted from the line_spacing gives the line spacing that is rendered in the editor. This property is read-only.
-                    },
-                    "contentAlignment": "A String", # The alignment of the content in the shape. If unspecified, the alignment is inherited from a parent placeholder if it exists. If the shape has no parent, the default alignment matches the alignment for new shapes created in the Slides editor.
-                    "link": { # A hypertext link. # The hyperlink destination of the shape. If unset, there is no link. Links are not inherited from parent placeholders.
-                      "pageObjectId": "A String", # If set, indicates this is a link to the specific page in this presentation with this ID. A page with this ID may not exist.
-                      "relativeLink": "A String", # If set, indicates this is a link to a slide in this presentation, addressed by its position.
-                      "slideIndex": 42, # If set, indicates this is a link to the slide at this zero-based index in the presentation. There may not be a slide at this index.
-                      "url": "A String", # If set, indicates this is a link to the external web page at this URL.
-                    },
-                    "outline": { # The outline of a PageElement. If these fields are unset, they may be inherited from a parent placeholder if it exists. If there is no parent, the fields will default to the value used for new page elements created in the Slides editor, which may depend on the page element kind. # The outline of the shape. If unset, the outline is inherited from a parent placeholder if it exists. If the shape has no parent, then the default outline depends on the shape type, matching the defaults for new shapes created in the Slides editor.
-                      "dashStyle": "A String", # The dash style of the outline.
-                      "outlineFill": { # The fill of the outline. # The fill of the outline.
-                        "solidFill": { # A solid color fill. The page or page element is filled entirely with the specified color value. If any field is unset, its value may be inherited from a parent placeholder if it exists. # Solid color fill.
-                          "alpha": 3.14, # The fraction of this `color` that should be applied to the pixel. That is, the final pixel color is defined by the equation: pixel color = alpha * (color) + (1.0 - alpha) * (background color) This means that a value of 1.0 corresponds to a solid color, whereas a value of 0.0 corresponds to a completely transparent color.
-                          "color": { # A themeable solid color value. # The color value of the solid fill.
-                            "rgbColor": { # An RGB color. # An opaque RGB color.
-                              "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
-                              "green": 3.14, # The green component of the color, from 0.0 to 1.0.
-                              "red": 3.14, # The red component of the color, from 0.0 to 1.0.
-                            },
-                            "themeColor": "A String", # An opaque theme color.
-                          },
-                        },
-                      },
-                      "propertyState": "A String", # The outline property state. Updating the outline on a page element will implicitly update this field to `RENDERED`, unless another value is specified in the same request. To have no outline on a page element, set this field to `NOT_RENDERED`. In this case, any other outline fields set in the same request will be ignored.
-                      "weight": { # A magnitude in a single direction in the specified units. # The thickness of the outline.
-                        "magnitude": 3.14, # The magnitude.
-                        "unit": "A String", # The units for magnitude.
-                      },
-                    },
-                    "shadow": { # The shadow properties of a page element. If these fields are unset, they may be inherited from a parent placeholder if it exists. If there is no parent, the fields will default to the value used for new page elements created in the Slides editor, which may depend on the page element kind. # The shadow properties of the shape. If unset, the shadow is inherited from a parent placeholder if it exists. If the shape has no parent, then the default shadow matches the defaults for new shapes created in the Slides editor. This property is read-only.
-                      "alignment": "A String", # The alignment point of the shadow, that sets the origin for translate, scale and skew of the shadow. This property is read-only.
-                      "alpha": 3.14, # The alpha of the shadow's color, from 0.0 to 1.0.
-                      "blurRadius": { # A magnitude in a single direction in the specified units. # The radius of the shadow blur. The larger the radius, the more diffuse the shadow becomes.
-                        "magnitude": 3.14, # The magnitude.
-                        "unit": "A String", # The units for magnitude.
-                      },
-                      "color": { # A themeable solid color value. # The shadow color value.
-                        "rgbColor": { # An RGB color. # An opaque RGB color.
-                          "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
-                          "green": 3.14, # The green component of the color, from 0.0 to 1.0.
-                          "red": 3.14, # The red component of the color, from 0.0 to 1.0.
-                        },
-                        "themeColor": "A String", # An opaque theme color.
-                      },
-                      "propertyState": "A String", # The shadow property state. Updating the shadow on a page element will implicitly update this field to `RENDERED`, unless another value is specified in the same request. To have no shadow on a page element, set this field to `NOT_RENDERED`. In this case, any other shadow fields set in the same request will be ignored.
-                      "rotateWithShape": True or False, # Whether the shadow should rotate with the shape. This property is read-only.
-                      "transform": { # AffineTransform uses a 3x3 matrix with an implied last row of [ 0 0 1 ] to transform source coordinates (x,y) into destination coordinates (x', y') according to: x' x = shear_y scale_y translate_y 1 [ 1 ] After transformation, x' = scale_x * x + shear_x * y + translate_x; y' = scale_y * y + shear_y * x + translate_y; This message is therefore composed of these six matrix elements. # Transform that encodes the translate, scale, and skew of the shadow, relative to the alignment position.
-                        "scaleX": 3.14, # The X coordinate scaling element.
-                        "scaleY": 3.14, # The Y coordinate scaling element.
-                        "shearX": 3.14, # The X coordinate shearing element.
-                        "shearY": 3.14, # The Y coordinate shearing element.
-                        "translateX": 3.14, # The X coordinate translation element.
-                        "translateY": 3.14, # The Y coordinate translation element.
-                        "unit": "A String", # The units for translate elements.
-                      },
-                      "type": "A String", # The type of the shadow. This property is read-only.
-                    },
-                    "shapeBackgroundFill": { # The shape background fill. # The background fill of the shape. If unset, the background fill is inherited from a parent placeholder if it exists. If the shape has no parent, then the default background fill depends on the shape type, matching the defaults for new shapes created in the Slides editor.
-                      "propertyState": "A String", # The background fill property state. Updating the fill on a shape will implicitly update this field to `RENDERED`, unless another value is specified in the same request. To have no fill on a shape, set this field to `NOT_RENDERED`. In this case, any other fill fields set in the same request will be ignored.
-                      "solidFill": { # A solid color fill. The page or page element is filled entirely with the specified color value. If any field is unset, its value may be inherited from a parent placeholder if it exists. # Solid color fill.
-                        "alpha": 3.14, # The fraction of this `color` that should be applied to the pixel. That is, the final pixel color is defined by the equation: pixel color = alpha * (color) + (1.0 - alpha) * (background color) This means that a value of 1.0 corresponds to a solid color, whereas a value of 0.0 corresponds to a completely transparent color.
-                        "color": { # A themeable solid color value. # The color value of the solid fill.
-                          "rgbColor": { # An RGB color. # An opaque RGB color.
-                            "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
-                            "green": 3.14, # The green component of the color, from 0.0 to 1.0.
-                            "red": 3.14, # The red component of the color, from 0.0 to 1.0.
-                          },
-                          "themeColor": "A String", # An opaque theme color.
-                        },
-                      },
-                    },
-                  },
-                  "shapeType": "A String", # The type of the shape.
-                  "text": { # The general text content. The text must reside in a compatible shape (e.g. text box or rectangle) or a table cell in a page. # The text content of the shape.
-                    "lists": { # The bulleted lists contained in this text, keyed by list ID.
-                      "a_key": { # A List describes the look and feel of bullets belonging to paragraphs associated with a list. A paragraph that is part of a list has an implicit reference to that list's ID.
-                        "listId": "A String", # The ID of the list.
-                        "nestingLevel": { # A map of nesting levels to the properties of bullets at the associated level. A list has at most nine levels of nesting, so the possible values for the keys of this map are 0 through 8, inclusive.
-                          "a_key": { # Contains properties describing the look and feel of a list bullet at a given level of nesting.
-                            "bulletStyle": { # Represents the styling that can be applied to a TextRun. If this text is contained in a shape with a parent placeholder, then these text styles may be inherited from the parent. Which text styles are inherited depend on the nesting level of lists: * A text run in a paragraph that is not in a list will inherit its text style from the the newline character in the paragraph at the 0 nesting level of the list inside the parent placeholder. * A text run in a paragraph that is in a list will inherit its text style from the newline character in the paragraph at its corresponding nesting level of the list inside the parent placeholder. Inherited text styles are represented as unset fields in this message. If text is contained in a shape without a parent placeholder, unsetting these fields will revert the style to a value matching the defaults in the Slides editor. # The style of a bullet at this level of nesting.
-                              "backgroundColor": { # A color that can either be fully opaque or fully transparent. # The background color of the text. If set, the color is either opaque or transparent, depending on if the `opaque_color` field in it is set.
-                                "opaqueColor": { # A themeable solid color value. # If set, this will be used as an opaque color. If unset, this represents a transparent color.
-                                  "rgbColor": { # An RGB color. # An opaque RGB color.
-                                    "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
-                                    "green": 3.14, # The green component of the color, from 0.0 to 1.0.
-                                    "red": 3.14, # The red component of the color, from 0.0 to 1.0.
-                                  },
-                                  "themeColor": "A String", # An opaque theme color.
-                                },
-                              },
-                              "baselineOffset": "A String", # The text's vertical offset from its normal position. Text with `SUPERSCRIPT` or `SUBSCRIPT` baseline offsets is automatically rendered in a smaller font size, computed based on the `font_size` field. The `font_size` itself is not affected by changes in this field.
-                              "bold": True or False, # Whether or not the text is rendered as bold.
-                              "fontFamily": "A String", # The font family of the text. The font family can be any font from the Font menu in Slides or from [Google Fonts] (https://fonts.google.com/). If the font name is unrecognized, the text is rendered in `Arial`. Some fonts can affect the weight of the text. If an update request specifies values for both `font_family` and `bold`, the explicitly-set `bold` value is used.
-                              "fontSize": { # A magnitude in a single direction in the specified units. # The size of the text's font. When read, the `font_size` will specified in points.
-                                "magnitude": 3.14, # The magnitude.
-                                "unit": "A String", # The units for magnitude.
-                              },
-                              "foregroundColor": { # A color that can either be fully opaque or fully transparent. # The color of the text itself. If set, the color is either opaque or transparent, depending on if the `opaque_color` field in it is set.
-                                "opaqueColor": { # A themeable solid color value. # If set, this will be used as an opaque color. If unset, this represents a transparent color.
-                                  "rgbColor": { # An RGB color. # An opaque RGB color.
-                                    "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
-                                    "green": 3.14, # The green component of the color, from 0.0 to 1.0.
-                                    "red": 3.14, # The red component of the color, from 0.0 to 1.0.
-                                  },
-                                  "themeColor": "A String", # An opaque theme color.
-                                },
-                              },
-                              "italic": True or False, # Whether or not the text is italicized.
-                              "link": { # A hypertext link. # The hyperlink destination of the text. If unset, there is no link. Links are not inherited from parent text. Changing the link in an update request causes some other changes to the text style of the range: * When setting a link, the text foreground color will be set to ThemeColorType.HYPERLINK and the text will be underlined. If these fields are modified in the same request, those values will be used instead of the link defaults. * Setting a link on a text range that overlaps with an existing link will also update the existing link to point to the new URL. * Links are not settable on newline characters. As a result, setting a link on a text range that crosses a paragraph boundary, such as `"ABC\n123"`, will separate the newline character(s) into their own text runs. The link will be applied separately to the runs before and after the newline. * Removing a link will update the text style of the range to match the style of the preceding text (or the default text styles if the preceding text is another link) unless different styles are being set in the same request.
-                                "pageObjectId": "A String", # If set, indicates this is a link to the specific page in this presentation with this ID. A page with this ID may not exist.
-                                "relativeLink": "A String", # If set, indicates this is a link to a slide in this presentation, addressed by its position.
-                                "slideIndex": 42, # If set, indicates this is a link to the slide at this zero-based index in the presentation. There may not be a slide at this index.
-                                "url": "A String", # If set, indicates this is a link to the external web page at this URL.
-                              },
-                              "smallCaps": True or False, # Whether or not the text is in small capital letters.
-                              "strikethrough": True or False, # Whether or not the text is struck through.
-                              "underline": True or False, # Whether or not the text is underlined.
-                              "weightedFontFamily": { # Represents a font family and weight used to style a TextRun. # The font family and rendered weight of the text. This field is an extension of `font_family` meant to support explicit font weights without breaking backwards compatibility. As such, when reading the style of a range of text, the value of `weighted_font_family#font_family` will always be equal to that of `font_family`. However, when writing, if both fields are included in the field mask (either explicitly or through the wildcard `"*"`), their values are reconciled as follows: * If `font_family` is set and `weighted_font_family` is not, the value of `font_family` is applied with weight `400` ("normal"). * If both fields are set, the value of `font_family` must match that of `weighted_font_family#font_family`. If so, the font family and weight of `weighted_font_family` is applied. Otherwise, a 400 bad request error is returned. * If `weighted_font_family` is set and `font_family` is not, the font family and weight of `weighted_font_family` is applied. * If neither field is set, the font family and weight of the text inherit from the parent. Note that these properties cannot inherit separately from each other. If an update request specifies values for both `weighted_font_family` and `bold`, the `weighted_font_family` is applied first, then `bold`. If `weighted_font_family#weight` is not set, it defaults to `400`. If `weighted_font_family` is set, then `weighted_font_family#font_family` must also be set with a non-empty value. Otherwise, a 400 bad request error is returned.
-                                "fontFamily": "A String", # The font family of the text. The font family can be any font from the Font menu in Slides or from [Google Fonts] (https://fonts.google.com/). If the font name is unrecognized, the text is rendered in `Arial`.
-                                "weight": 42, # The rendered weight of the text. This field can have any value that is a multiple of `100` between `100` and `900`, inclusive. This range corresponds to the numerical values described in the CSS 2.1 Specification, [section 15.6](https://www.w3.org/TR/CSS21/fonts.html#font-boldness), with non-numerical values disallowed. Weights greater than or equal to `700` are considered bold, and weights less than `700`are not bold. The default value is `400` ("normal").
-                              },
-                            },
-                          },
-                        },
-                      },
-                    },
-                    "textElements": [ # The text contents broken down into its component parts, including styling information. This property is read-only.
-                      { # A TextElement describes the content of a range of indices in the text content of a Shape or TableCell.
-                        "autoText": { # A TextElement kind that represents auto text. # A TextElement representing a spot in the text that is dynamically replaced with content that can change over time.
-                          "content": "A String", # The rendered content of this auto text, if available.
-                          "style": { # Represents the styling that can be applied to a TextRun. If this text is contained in a shape with a parent placeholder, then these text styles may be inherited from the parent. Which text styles are inherited depend on the nesting level of lists: * A text run in a paragraph that is not in a list will inherit its text style from the the newline character in the paragraph at the 0 nesting level of the list inside the parent placeholder. * A text run in a paragraph that is in a list will inherit its text style from the newline character in the paragraph at its corresponding nesting level of the list inside the parent placeholder. Inherited text styles are represented as unset fields in this message. If text is contained in a shape without a parent placeholder, unsetting these fields will revert the style to a value matching the defaults in the Slides editor. # The styling applied to this auto text.
-                            "backgroundColor": { # A color that can either be fully opaque or fully transparent. # The background color of the text. If set, the color is either opaque or transparent, depending on if the `opaque_color` field in it is set.
-                              "opaqueColor": { # A themeable solid color value. # If set, this will be used as an opaque color. If unset, this represents a transparent color.
-                                "rgbColor": { # An RGB color. # An opaque RGB color.
-                                  "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
-                                  "green": 3.14, # The green component of the color, from 0.0 to 1.0.
-                                  "red": 3.14, # The red component of the color, from 0.0 to 1.0.
-                                },
-                                "themeColor": "A String", # An opaque theme color.
-                              },
-                            },
-                            "baselineOffset": "A String", # The text's vertical offset from its normal position. Text with `SUPERSCRIPT` or `SUBSCRIPT` baseline offsets is automatically rendered in a smaller font size, computed based on the `font_size` field. The `font_size` itself is not affected by changes in this field.
-                            "bold": True or False, # Whether or not the text is rendered as bold.
-                            "fontFamily": "A String", # The font family of the text. The font family can be any font from the Font menu in Slides or from [Google Fonts] (https://fonts.google.com/). If the font name is unrecognized, the text is rendered in `Arial`. Some fonts can affect the weight of the text. If an update request specifies values for both `font_family` and `bold`, the explicitly-set `bold` value is used.
-                            "fontSize": { # A magnitude in a single direction in the specified units. # The size of the text's font. When read, the `font_size` will specified in points.
-                              "magnitude": 3.14, # The magnitude.
-                              "unit": "A String", # The units for magnitude.
-                            },
-                            "foregroundColor": { # A color that can either be fully opaque or fully transparent. # The color of the text itself. If set, the color is either opaque or transparent, depending on if the `opaque_color` field in it is set.
-                              "opaqueColor": { # A themeable solid color value. # If set, this will be used as an opaque color. If unset, this represents a transparent color.
-                                "rgbColor": { # An RGB color. # An opaque RGB color.
-                                  "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
-                                  "green": 3.14, # The green component of the color, from 0.0 to 1.0.
-                                  "red": 3.14, # The red component of the color, from 0.0 to 1.0.
-                                },
-                                "themeColor": "A String", # An opaque theme color.
-                              },
-                            },
-                            "italic": True or False, # Whether or not the text is italicized.
-                            "link": { # A hypertext link. # The hyperlink destination of the text. If unset, there is no link. Links are not inherited from parent text. Changing the link in an update request causes some other changes to the text style of the range: * When setting a link, the text foreground color will be set to ThemeColorType.HYPERLINK and the text will be underlined. If these fields are modified in the same request, those values will be used instead of the link defaults. * Setting a link on a text range that overlaps with an existing link will also update the existing link to point to the new URL. * Links are not settable on newline characters. As a result, setting a link on a text range that crosses a paragraph boundary, such as `"ABC\n123"`, will separate the newline character(s) into their own text runs. The link will be applied separately to the runs before and after the newline. * Removing a link will update the text style of the range to match the style of the preceding text (or the default text styles if the preceding text is another link) unless different styles are being set in the same request.
-                              "pageObjectId": "A String", # If set, indicates this is a link to the specific page in this presentation with this ID. A page with this ID may not exist.
-                              "relativeLink": "A String", # If set, indicates this is a link to a slide in this presentation, addressed by its position.
-                              "slideIndex": 42, # If set, indicates this is a link to the slide at this zero-based index in the presentation. There may not be a slide at this index.
-                              "url": "A String", # If set, indicates this is a link to the external web page at this URL.
-                            },
-                            "smallCaps": True or False, # Whether or not the text is in small capital letters.
-                            "strikethrough": True or False, # Whether or not the text is struck through.
-                            "underline": True or False, # Whether or not the text is underlined.
-                            "weightedFontFamily": { # Represents a font family and weight used to style a TextRun. # The font family and rendered weight of the text. This field is an extension of `font_family` meant to support explicit font weights without breaking backwards compatibility. As such, when reading the style of a range of text, the value of `weighted_font_family#font_family` will always be equal to that of `font_family`. However, when writing, if both fields are included in the field mask (either explicitly or through the wildcard `"*"`), their values are reconciled as follows: * If `font_family` is set and `weighted_font_family` is not, the value of `font_family` is applied with weight `400` ("normal"). * If both fields are set, the value of `font_family` must match that of `weighted_font_family#font_family`. If so, the font family and weight of `weighted_font_family` is applied. Otherwise, a 400 bad request error is returned. * If `weighted_font_family` is set and `font_family` is not, the font family and weight of `weighted_font_family` is applied. * If neither field is set, the font family and weight of the text inherit from the parent. Note that these properties cannot inherit separately from each other. If an update request specifies values for both `weighted_font_family` and `bold`, the `weighted_font_family` is applied first, then `bold`. If `weighted_font_family#weight` is not set, it defaults to `400`. If `weighted_font_family` is set, then `weighted_font_family#font_family` must also be set with a non-empty value. Otherwise, a 400 bad request error is returned.
-                              "fontFamily": "A String", # The font family of the text. The font family can be any font from the Font menu in Slides or from [Google Fonts] (https://fonts.google.com/). If the font name is unrecognized, the text is rendered in `Arial`.
-                              "weight": 42, # The rendered weight of the text. This field can have any value that is a multiple of `100` between `100` and `900`, inclusive. This range corresponds to the numerical values described in the CSS 2.1 Specification, [section 15.6](https://www.w3.org/TR/CSS21/fonts.html#font-boldness), with non-numerical values disallowed. Weights greater than or equal to `700` are considered bold, and weights less than `700`are not bold. The default value is `400` ("normal").
-                            },
-                          },
-                          "type": "A String", # The type of this auto text.
-                        },
-                        "endIndex": 42, # The zero-based end index of this text element, exclusive, in Unicode code units.
-                        "paragraphMarker": { # A TextElement kind that represents the beginning of a new paragraph. # A marker representing the beginning of a new paragraph. The `start_index` and `end_index` of this TextElement represent the range of the paragraph. Other TextElements with an index range contained inside this paragraph's range are considered to be part of this paragraph. The range of indices of two separate paragraphs will never overlap.
-                          "bullet": { # Describes the bullet of a paragraph. # The bullet for this paragraph. If not present, the paragraph does not belong to a list.
-                            "bulletStyle": { # Represents the styling that can be applied to a TextRun. If this text is contained in a shape with a parent placeholder, then these text styles may be inherited from the parent. Which text styles are inherited depend on the nesting level of lists: * A text run in a paragraph that is not in a list will inherit its text style from the the newline character in the paragraph at the 0 nesting level of the list inside the parent placeholder. * A text run in a paragraph that is in a list will inherit its text style from the newline character in the paragraph at its corresponding nesting level of the list inside the parent placeholder. Inherited text styles are represented as unset fields in this message. If text is contained in a shape without a parent placeholder, unsetting these fields will revert the style to a value matching the defaults in the Slides editor. # The paragraph specific text style applied to this bullet.
-                              "backgroundColor": { # A color that can either be fully opaque or fully transparent. # The background color of the text. If set, the color is either opaque or transparent, depending on if the `opaque_color` field in it is set.
-                                "opaqueColor": { # A themeable solid color value. # If set, this will be used as an opaque color. If unset, this represents a transparent color.
-                                  "rgbColor": { # An RGB color. # An opaque RGB color.
-                                    "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
-                                    "green": 3.14, # The green component of the color, from 0.0 to 1.0.
-                                    "red": 3.14, # The red component of the color, from 0.0 to 1.0.
-                                  },
-                                  "themeColor": "A String", # An opaque theme color.
-                                },
-                              },
-                              "baselineOffset": "A String", # The text's vertical offset from its normal position. Text with `SUPERSCRIPT` or `SUBSCRIPT` baseline offsets is automatically rendered in a smaller font size, computed based on the `font_size` field. The `font_size` itself is not affected by changes in this field.
-                              "bold": True or False, # Whether or not the text is rendered as bold.
-                              "fontFamily": "A String", # The font family of the text. The font family can be any font from the Font menu in Slides or from [Google Fonts] (https://fonts.google.com/). If the font name is unrecognized, the text is rendered in `Arial`. Some fonts can affect the weight of the text. If an update request specifies values for both `font_family` and `bold`, the explicitly-set `bold` value is used.
-                              "fontSize": { # A magnitude in a single direction in the specified units. # The size of the text's font. When read, the `font_size` will specified in points.
-                                "magnitude": 3.14, # The magnitude.
-                                "unit": "A String", # The units for magnitude.
-                              },
-                              "foregroundColor": { # A color that can either be fully opaque or fully transparent. # The color of the text itself. If set, the color is either opaque or transparent, depending on if the `opaque_color` field in it is set.
-                                "opaqueColor": { # A themeable solid color value. # If set, this will be used as an opaque color. If unset, this represents a transparent color.
-                                  "rgbColor": { # An RGB color. # An opaque RGB color.
-                                    "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
-                                    "green": 3.14, # The green component of the color, from 0.0 to 1.0.
-                                    "red": 3.14, # The red component of the color, from 0.0 to 1.0.
-                                  },
-                                  "themeColor": "A String", # An opaque theme color.
-                                },
-                              },
-                              "italic": True or False, # Whether or not the text is italicized.
-                              "link": { # A hypertext link. # The hyperlink destination of the text. If unset, there is no link. Links are not inherited from parent text. Changing the link in an update request causes some other changes to the text style of the range: * When setting a link, the text foreground color will be set to ThemeColorType.HYPERLINK and the text will be underlined. If these fields are modified in the same request, those values will be used instead of the link defaults. * Setting a link on a text range that overlaps with an existing link will also update the existing link to point to the new URL. * Links are not settable on newline characters. As a result, setting a link on a text range that crosses a paragraph boundary, such as `"ABC\n123"`, will separate the newline character(s) into their own text runs. The link will be applied separately to the runs before and after the newline. * Removing a link will update the text style of the range to match the style of the preceding text (or the default text styles if the preceding text is another link) unless different styles are being set in the same request.
-                                "pageObjectId": "A String", # If set, indicates this is a link to the specific page in this presentation with this ID. A page with this ID may not exist.
-                                "relativeLink": "A String", # If set, indicates this is a link to a slide in this presentation, addressed by its position.
-                                "slideIndex": 42, # If set, indicates this is a link to the slide at this zero-based index in the presentation. There may not be a slide at this index.
-                                "url": "A String", # If set, indicates this is a link to the external web page at this URL.
-                              },
-                              "smallCaps": True or False, # Whether or not the text is in small capital letters.
-                              "strikethrough": True or False, # Whether or not the text is struck through.
-                              "underline": True or False, # Whether or not the text is underlined.
-                              "weightedFontFamily": { # Represents a font family and weight used to style a TextRun. # The font family and rendered weight of the text. This field is an extension of `font_family` meant to support explicit font weights without breaking backwards compatibility. As such, when reading the style of a range of text, the value of `weighted_font_family#font_family` will always be equal to that of `font_family`. However, when writing, if both fields are included in the field mask (either explicitly or through the wildcard `"*"`), their values are reconciled as follows: * If `font_family` is set and `weighted_font_family` is not, the value of `font_family` is applied with weight `400` ("normal"). * If both fields are set, the value of `font_family` must match that of `weighted_font_family#font_family`. If so, the font family and weight of `weighted_font_family` is applied. Otherwise, a 400 bad request error is returned. * If `weighted_font_family` is set and `font_family` is not, the font family and weight of `weighted_font_family` is applied. * If neither field is set, the font family and weight of the text inherit from the parent. Note that these properties cannot inherit separately from each other. If an update request specifies values for both `weighted_font_family` and `bold`, the `weighted_font_family` is applied first, then `bold`. If `weighted_font_family#weight` is not set, it defaults to `400`. If `weighted_font_family` is set, then `weighted_font_family#font_family` must also be set with a non-empty value. Otherwise, a 400 bad request error is returned.
-                                "fontFamily": "A String", # The font family of the text. The font family can be any font from the Font menu in Slides or from [Google Fonts] (https://fonts.google.com/). If the font name is unrecognized, the text is rendered in `Arial`.
-                                "weight": 42, # The rendered weight of the text. This field can have any value that is a multiple of `100` between `100` and `900`, inclusive. This range corresponds to the numerical values described in the CSS 2.1 Specification, [section 15.6](https://www.w3.org/TR/CSS21/fonts.html#font-boldness), with non-numerical values disallowed. Weights greater than or equal to `700` are considered bold, and weights less than `700`are not bold. The default value is `400` ("normal").
-                              },
-                            },
-                            "glyph": "A String", # The rendered bullet glyph for this paragraph.
-                            "listId": "A String", # The ID of the list this paragraph belongs to.
-                            "nestingLevel": 42, # The nesting level of this paragraph in the list.
-                          },
-                          "style": { # Styles that apply to a whole paragraph. If this text is contained in a shape with a parent placeholder, then these paragraph styles may be inherited from the parent. Which paragraph styles are inherited depend on the nesting level of lists: * A paragraph not in a list will inherit its paragraph style from the paragraph at the 0 nesting level of the list inside the parent placeholder. * A paragraph in a list will inherit its paragraph style from the paragraph at its corresponding nesting level of the list inside the parent placeholder. Inherited paragraph styles are represented as unset fields in this message. # The paragraph's style
-                            "alignment": "A String", # The text alignment for this paragraph.
-                            "direction": "A String", # The text direction of this paragraph. If unset, the value defaults to LEFT_TO_RIGHT since text direction is not inherited.
-                            "indentEnd": { # A magnitude in a single direction in the specified units. # The amount indentation for the paragraph on the side that corresponds to the end of the text, based on the current text direction. If unset, the value is inherited from the parent.
-                              "magnitude": 3.14, # The magnitude.
-                              "unit": "A String", # The units for magnitude.
-                            },
-                            "indentFirstLine": { # A magnitude in a single direction in the specified units. # The amount of indentation for the start of the first line of the paragraph. If unset, the value is inherited from the parent.
-                              "magnitude": 3.14, # The magnitude.
-                              "unit": "A String", # The units for magnitude.
-                            },
-                            "indentStart": { # A magnitude in a single direction in the specified units. # The amount indentation for the paragraph on the side that corresponds to the start of the text, based on the current text direction. If unset, the value is inherited from the parent.
-                              "magnitude": 3.14, # The magnitude.
-                              "unit": "A String", # The units for magnitude.
-                            },
-                            "lineSpacing": 3.14, # The amount of space between lines, as a percentage of normal, where normal is represented as 100.0. If unset, the value is inherited from the parent.
-                            "spaceAbove": { # A magnitude in a single direction in the specified units. # The amount of extra space above the paragraph. If unset, the value is inherited from the parent.
-                              "magnitude": 3.14, # The magnitude.
-                              "unit": "A String", # The units for magnitude.
-                            },
-                            "spaceBelow": { # A magnitude in a single direction in the specified units. # The amount of extra space below the paragraph. If unset, the value is inherited from the parent.
-                              "magnitude": 3.14, # The magnitude.
-                              "unit": "A String", # The units for magnitude.
-                            },
-                            "spacingMode": "A String", # The spacing mode for the paragraph.
-                          },
-                        },
-                        "startIndex": 42, # The zero-based start index of this text element, in Unicode code units.
-                        "textRun": { # A TextElement kind that represents a run of text that all has the same styling. # A TextElement representing a run of text where all of the characters in the run have the same TextStyle. The `start_index` and `end_index` of TextRuns will always be fully contained in the index range of a single `paragraph_marker` TextElement. In other words, a TextRun will never span multiple paragraphs.
-                          "content": "A String", # The text of this run.
-                          "style": { # Represents the styling that can be applied to a TextRun. If this text is contained in a shape with a parent placeholder, then these text styles may be inherited from the parent. Which text styles are inherited depend on the nesting level of lists: * A text run in a paragraph that is not in a list will inherit its text style from the the newline character in the paragraph at the 0 nesting level of the list inside the parent placeholder. * A text run in a paragraph that is in a list will inherit its text style from the newline character in the paragraph at its corresponding nesting level of the list inside the parent placeholder. Inherited text styles are represented as unset fields in this message. If text is contained in a shape without a parent placeholder, unsetting these fields will revert the style to a value matching the defaults in the Slides editor. # The styling applied to this run.
-                            "backgroundColor": { # A color that can either be fully opaque or fully transparent. # The background color of the text. If set, the color is either opaque or transparent, depending on if the `opaque_color` field in it is set.
-                              "opaqueColor": { # A themeable solid color value. # If set, this will be used as an opaque color. If unset, this represents a transparent color.
-                                "rgbColor": { # An RGB color. # An opaque RGB color.
-                                  "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
-                                  "green": 3.14, # The green component of the color, from 0.0 to 1.0.
-                                  "red": 3.14, # The red component of the color, from 0.0 to 1.0.
-                                },
-                                "themeColor": "A String", # An opaque theme color.
-                              },
-                            },
-                            "baselineOffset": "A String", # The text's vertical offset from its normal position. Text with `SUPERSCRIPT` or `SUBSCRIPT` baseline offsets is automatically rendered in a smaller font size, computed based on the `font_size` field. The `font_size` itself is not affected by changes in this field.
-                            "bold": True or False, # Whether or not the text is rendered as bold.
-                            "fontFamily": "A String", # The font family of the text. The font family can be any font from the Font menu in Slides or from [Google Fonts] (https://fonts.google.com/). If the font name is unrecognized, the text is rendered in `Arial`. Some fonts can affect the weight of the text. If an update request specifies values for both `font_family` and `bold`, the explicitly-set `bold` value is used.
-                            "fontSize": { # A magnitude in a single direction in the specified units. # The size of the text's font. When read, the `font_size` will specified in points.
-                              "magnitude": 3.14, # The magnitude.
-                              "unit": "A String", # The units for magnitude.
-                            },
-                            "foregroundColor": { # A color that can either be fully opaque or fully transparent. # The color of the text itself. If set, the color is either opaque or transparent, depending on if the `opaque_color` field in it is set.
-                              "opaqueColor": { # A themeable solid color value. # If set, this will be used as an opaque color. If unset, this represents a transparent color.
-                                "rgbColor": { # An RGB color. # An opaque RGB color.
-                                  "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
-                                  "green": 3.14, # The green component of the color, from 0.0 to 1.0.
-                                  "red": 3.14, # The red component of the color, from 0.0 to 1.0.
-                                },
-                                "themeColor": "A String", # An opaque theme color.
-                              },
-                            },
-                            "italic": True or False, # Whether or not the text is italicized.
-                            "link": { # A hypertext link. # The hyperlink destination of the text. If unset, there is no link. Links are not inherited from parent text. Changing the link in an update request causes some other changes to the text style of the range: * When setting a link, the text foreground color will be set to ThemeColorType.HYPERLINK and the text will be underlined. If these fields are modified in the same request, those values will be used instead of the link defaults. * Setting a link on a text range that overlaps with an existing link will also update the existing link to point to the new URL. * Links are not settable on newline characters. As a result, setting a link on a text range that crosses a paragraph boundary, such as `"ABC\n123"`, will separate the newline character(s) into their own text runs. The link will be applied separately to the runs before and after the newline. * Removing a link will update the text style of the range to match the style of the preceding text (or the default text styles if the preceding text is another link) unless different styles are being set in the same request.
-                              "pageObjectId": "A String", # If set, indicates this is a link to the specific page in this presentation with this ID. A page with this ID may not exist.
-                              "relativeLink": "A String", # If set, indicates this is a link to a slide in this presentation, addressed by its position.
-                              "slideIndex": 42, # If set, indicates this is a link to the slide at this zero-based index in the presentation. There may not be a slide at this index.
-                              "url": "A String", # If set, indicates this is a link to the external web page at this URL.
-                            },
-                            "smallCaps": True or False, # Whether or not the text is in small capital letters.
-                            "strikethrough": True or False, # Whether or not the text is struck through.
-                            "underline": True or False, # Whether or not the text is underlined.
-                            "weightedFontFamily": { # Represents a font family and weight used to style a TextRun. # The font family and rendered weight of the text. This field is an extension of `font_family` meant to support explicit font weights without breaking backwards compatibility. As such, when reading the style of a range of text, the value of `weighted_font_family#font_family` will always be equal to that of `font_family`. However, when writing, if both fields are included in the field mask (either explicitly or through the wildcard `"*"`), their values are reconciled as follows: * If `font_family` is set and `weighted_font_family` is not, the value of `font_family` is applied with weight `400` ("normal"). * If both fields are set, the value of `font_family` must match that of `weighted_font_family#font_family`. If so, the font family and weight of `weighted_font_family` is applied. Otherwise, a 400 bad request error is returned. * If `weighted_font_family` is set and `font_family` is not, the font family and weight of `weighted_font_family` is applied. * If neither field is set, the font family and weight of the text inherit from the parent. Note that these properties cannot inherit separately from each other. If an update request specifies values for both `weighted_font_family` and `bold`, the `weighted_font_family` is applied first, then `bold`. If `weighted_font_family#weight` is not set, it defaults to `400`. If `weighted_font_family` is set, then `weighted_font_family#font_family` must also be set with a non-empty value. Otherwise, a 400 bad request error is returned.
-                              "fontFamily": "A String", # The font family of the text. The font family can be any font from the Font menu in Slides or from [Google Fonts] (https://fonts.google.com/). If the font name is unrecognized, the text is rendered in `Arial`.
-                              "weight": 42, # The rendered weight of the text. This field can have any value that is a multiple of `100` between `100` and `900`, inclusive. This range corresponds to the numerical values described in the CSS 2.1 Specification, [section 15.6](https://www.w3.org/TR/CSS21/fonts.html#font-boldness), with non-numerical values disallowed. Weights greater than or equal to `700` are considered bold, and weights less than `700`are not bold. The default value is `400` ("normal").
-                            },
-                          },
-                        },
-                      },
-                    ],
-                  },
-                },
-                "sheetsChart": { # A PageElement kind representing a linked chart embedded from Google Sheets. # A linked chart embedded from Google Sheets. Unlinked charts are represented as images.
-                  "chartId": 42, # The ID of the specific chart in the Google Sheets spreadsheet that is embedded.
-                  "contentUrl": "A String", # The URL of an image of the embedded chart, with a default lifetime of 30 minutes. This URL is tagged with the account of the requester. Anyone with the URL effectively accesses the image as the original requester. Access to the image may be lost if the presentation's sharing settings change.
-                  "sheetsChartProperties": { # The properties of the SheetsChart. # The properties of the Sheets chart.
-                    "chartImageProperties": { # The properties of the Image. # The properties of the embedded chart image.
-                      "brightness": 3.14, # The brightness effect of the image. The value should be in the interval [-1.0, 1.0], where 0 means no effect. This property is read-only.
-                      "contrast": 3.14, # The contrast effect of the image. The value should be in the interval [-1.0, 1.0], where 0 means no effect. This property is read-only.
-                      "cropProperties": { # The crop properties of an object enclosed in a container. For example, an Image. The crop properties is represented by the offsets of four edges which define a crop rectangle. The offsets are measured in percentage from the corresponding edges of the object's original bounding rectangle towards inside, relative to the object's original dimensions. - If the offset is in the interval (0, 1), the corresponding edge of crop rectangle is positioned inside of the object's original bounding rectangle. - If the offset is negative or greater than 1, the corresponding edge of crop rectangle is positioned outside of the object's original bounding rectangle. - If the left edge of the crop rectangle is on the right side of its right edge, the object will be flipped horizontally. - If the top edge of the crop rectangle is below its bottom edge, the object will be flipped vertically. - If all offsets and rotation angle is 0, the object is not cropped. After cropping, the content in the crop rectangle will be stretched to fit its container. # The crop properties of the image. If not set, the image is not cropped. This property is read-only.
-                        "angle": 3.14, # The rotation angle of the crop window around its center, in radians. Rotation angle is applied after the offset.
-                        "bottomOffset": 3.14, # The offset specifies the bottom edge of the crop rectangle that is located above the original bounding rectangle bottom edge, relative to the object's original height.
-                        "leftOffset": 3.14, # The offset specifies the left edge of the crop rectangle that is located to the right of the original bounding rectangle left edge, relative to the object's original width.
-                        "rightOffset": 3.14, # The offset specifies the right edge of the crop rectangle that is located to the left of the original bounding rectangle right edge, relative to the object's original width.
-                        "topOffset": 3.14, # The offset specifies the top edge of the crop rectangle that is located below the original bounding rectangle top edge, relative to the object's original height.
-                      },
-                      "link": { # A hypertext link. # The hyperlink destination of the image. If unset, there is no link.
-                        "pageObjectId": "A String", # If set, indicates this is a link to the specific page in this presentation with this ID. A page with this ID may not exist.
-                        "relativeLink": "A String", # If set, indicates this is a link to a slide in this presentation, addressed by its position.
-                        "slideIndex": 42, # If set, indicates this is a link to the slide at this zero-based index in the presentation. There may not be a slide at this index.
-                        "url": "A String", # If set, indicates this is a link to the external web page at this URL.
-                      },
-                      "outline": { # The outline of a PageElement. If these fields are unset, they may be inherited from a parent placeholder if it exists. If there is no parent, the fields will default to the value used for new page elements created in the Slides editor, which may depend on the page element kind. # The outline of the image. If not set, the image has no outline.
-                        "dashStyle": "A String", # The dash style of the outline.
-                        "outlineFill": { # The fill of the outline. # The fill of the outline.
-                          "solidFill": { # A solid color fill. The page or page element is filled entirely with the specified color value. If any field is unset, its value may be inherited from a parent placeholder if it exists. # Solid color fill.
-                            "alpha": 3.14, # The fraction of this `color` that should be applied to the pixel. That is, the final pixel color is defined by the equation: pixel color = alpha * (color) + (1.0 - alpha) * (background color) This means that a value of 1.0 corresponds to a solid color, whereas a value of 0.0 corresponds to a completely transparent color.
-                            "color": { # A themeable solid color value. # The color value of the solid fill.
-                              "rgbColor": { # An RGB color. # An opaque RGB color.
-                                "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
-                                "green": 3.14, # The green component of the color, from 0.0 to 1.0.
-                                "red": 3.14, # The red component of the color, from 0.0 to 1.0.
-                              },
-                              "themeColor": "A String", # An opaque theme color.
-                            },
-                          },
-                        },
-                        "propertyState": "A String", # The outline property state. Updating the outline on a page element will implicitly update this field to `RENDERED`, unless another value is specified in the same request. To have no outline on a page element, set this field to `NOT_RENDERED`. In this case, any other outline fields set in the same request will be ignored.
-                        "weight": { # A magnitude in a single direction in the specified units. # The thickness of the outline.
-                          "magnitude": 3.14, # The magnitude.
-                          "unit": "A String", # The units for magnitude.
-                        },
-                      },
-                      "recolor": { # A recolor effect applied on an image. # The recolor effect of the image. If not set, the image is not recolored. This property is read-only.
-                        "name": "A String", # The name of the recolor effect. The name is determined from the `recolor_stops` by matching the gradient against the colors in the page's current color scheme. This property is read-only.
-                        "recolorStops": [ # The recolor effect is represented by a gradient, which is a list of color stops. The colors in the gradient will replace the corresponding colors at the same position in the color palette and apply to the image. This property is read-only.
-                          { # A color and position in a gradient band.
-                            "alpha": 3.14, # The alpha value of this color in the gradient band. Defaults to 1.0, fully opaque.
-                            "color": { # A themeable solid color value. # The color of the gradient stop.
-                              "rgbColor": { # An RGB color. # An opaque RGB color.
-                                "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
-                                "green": 3.14, # The green component of the color, from 0.0 to 1.0.
-                                "red": 3.14, # The red component of the color, from 0.0 to 1.0.
-                              },
-                              "themeColor": "A String", # An opaque theme color.
-                            },
-                            "position": 3.14, # The relative position of the color stop in the gradient band measured in percentage. The value should be in the interval [0.0, 1.0].
-                          },
-                        ],
-                      },
-                      "shadow": { # The shadow properties of a page element. If these fields are unset, they may be inherited from a parent placeholder if it exists. If there is no parent, the fields will default to the value used for new page elements created in the Slides editor, which may depend on the page element kind. # The shadow of the image. If not set, the image has no shadow. This property is read-only.
-                        "alignment": "A String", # The alignment point of the shadow, that sets the origin for translate, scale and skew of the shadow. This property is read-only.
-                        "alpha": 3.14, # The alpha of the shadow's color, from 0.0 to 1.0.
-                        "blurRadius": { # A magnitude in a single direction in the specified units. # The radius of the shadow blur. The larger the radius, the more diffuse the shadow becomes.
-                          "magnitude": 3.14, # The magnitude.
-                          "unit": "A String", # The units for magnitude.
-                        },
-                        "color": { # A themeable solid color value. # The shadow color value.
-                          "rgbColor": { # An RGB color. # An opaque RGB color.
-                            "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
-                            "green": 3.14, # The green component of the color, from 0.0 to 1.0.
-                            "red": 3.14, # The red component of the color, from 0.0 to 1.0.
-                          },
-                          "themeColor": "A String", # An opaque theme color.
-                        },
-                        "propertyState": "A String", # The shadow property state. Updating the shadow on a page element will implicitly update this field to `RENDERED`, unless another value is specified in the same request. To have no shadow on a page element, set this field to `NOT_RENDERED`. In this case, any other shadow fields set in the same request will be ignored.
-                        "rotateWithShape": True or False, # Whether the shadow should rotate with the shape. This property is read-only.
-                        "transform": { # AffineTransform uses a 3x3 matrix with an implied last row of [ 0 0 1 ] to transform source coordinates (x,y) into destination coordinates (x', y') according to: x' x = shear_y scale_y translate_y 1 [ 1 ] After transformation, x' = scale_x * x + shear_x * y + translate_x; y' = scale_y * y + shear_y * x + translate_y; This message is therefore composed of these six matrix elements. # Transform that encodes the translate, scale, and skew of the shadow, relative to the alignment position.
-                          "scaleX": 3.14, # The X coordinate scaling element.
-                          "scaleY": 3.14, # The Y coordinate scaling element.
-                          "shearX": 3.14, # The X coordinate shearing element.
-                          "shearY": 3.14, # The Y coordinate shearing element.
-                          "translateX": 3.14, # The X coordinate translation element.
-                          "translateY": 3.14, # The Y coordinate translation element.
-                          "unit": "A String", # The units for translate elements.
-                        },
-                        "type": "A String", # The type of the shadow. This property is read-only.
-                      },
-                      "transparency": 3.14, # The transparency effect of the image. The value should be in the interval [0.0, 1.0], where 0 means no effect and 1 means completely transparent. This property is read-only.
-                    },
-                  },
-                  "spreadsheetId": "A String", # The ID of the Google Sheets spreadsheet that contains the source chart.
-                },
-                "size": { # A width and height. # The size of the page element.
-                  "height": { # A magnitude in a single direction in the specified units. # The height of the object.
-                    "magnitude": 3.14, # The magnitude.
-                    "unit": "A String", # The units for magnitude.
-                  },
-                  "width": { # A magnitude in a single direction in the specified units. # The width of the object.
-                    "magnitude": 3.14, # The magnitude.
-                    "unit": "A String", # The units for magnitude.
-                  },
-                },
-                "table": { # A PageElement kind representing a table. # A table page element.
-                  "columns": 42, # Number of columns in the table.
-                  "horizontalBorderRows": [ # Properties of horizontal cell borders. A table's horizontal cell borders are represented as a grid. The grid has one more row than the number of rows in the table and the same number of columns as the table. For example, if the table is 3 x 3, its horizontal borders will be represented as a grid with 4 rows and 3 columns.
-                    { # Contents of each border row in a table.
-                      "tableBorderCells": [ # Properties of each border cell. When a border's adjacent table cells are merged, it is not included in the response.
-                        { # The properties of each border cell.
-                          "location": { # A location of a single table cell within a table. # The location of the border within the border table.
-                            "columnIndex": 42, # The 0-based column index.
-                            "rowIndex": 42, # The 0-based row index.
-                          },
-                          "tableBorderProperties": { # The border styling properties of the TableBorderCell. # The border properties.
-                            "dashStyle": "A String", # The dash style of the border.
-                            "tableBorderFill": { # The fill of the border. # The fill of the table border.
-                              "solidFill": { # A solid color fill. The page or page element is filled entirely with the specified color value. If any field is unset, its value may be inherited from a parent placeholder if it exists. # Solid fill.
-                                "alpha": 3.14, # The fraction of this `color` that should be applied to the pixel. That is, the final pixel color is defined by the equation: pixel color = alpha * (color) + (1.0 - alpha) * (background color) This means that a value of 1.0 corresponds to a solid color, whereas a value of 0.0 corresponds to a completely transparent color.
-                                "color": { # A themeable solid color value. # The color value of the solid fill.
-                                  "rgbColor": { # An RGB color. # An opaque RGB color.
-                                    "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
-                                    "green": 3.14, # The green component of the color, from 0.0 to 1.0.
-                                    "red": 3.14, # The red component of the color, from 0.0 to 1.0.
-                                  },
-                                  "themeColor": "A String", # An opaque theme color.
-                                },
-                              },
-                            },
-                            "weight": { # A magnitude in a single direction in the specified units. # The thickness of the border.
-                              "magnitude": 3.14, # The magnitude.
-                              "unit": "A String", # The units for magnitude.
-                            },
-                          },
-                        },
-                      ],
-                    },
-                  ],
-                  "rows": 42, # Number of rows in the table.
-                  "tableColumns": [ # Properties of each column.
-                    { # Properties of each column in a table.
-                      "columnWidth": { # A magnitude in a single direction in the specified units. # Width of a column.
-                        "magnitude": 3.14, # The magnitude.
-                        "unit": "A String", # The units for magnitude.
-                      },
-                    },
-                  ],
-                  "tableRows": [ # Properties and contents of each row. Cells that span multiple rows are contained in only one of these rows and have a row_span greater than 1.
-                    { # Properties and contents of each row in a table.
-                      "rowHeight": { # A magnitude in a single direction in the specified units. # Height of a row.
-                        "magnitude": 3.14, # The magnitude.
-                        "unit": "A String", # The units for magnitude.
-                      },
-                      "tableCells": [ # Properties and contents of each cell. Cells that span multiple columns are represented only once with a column_span greater than 1. As a result, the length of this collection does not always match the number of columns of the entire table.
-                        { # Properties and contents of each table cell.
-                          "columnSpan": 42, # Column span of the cell.
-                          "location": { # A location of a single table cell within a table. # The location of the cell within the table.
-                            "columnIndex": 42, # The 0-based column index.
-                            "rowIndex": 42, # The 0-based row index.
-                          },
-                          "rowSpan": 42, # Row span of the cell.
-                          "tableCellProperties": { # The properties of the TableCell. # The properties of the table cell.
-                            "contentAlignment": "A String", # The alignment of the content in the table cell. The default alignment matches the alignment for newly created table cells in the Slides editor.
-                            "tableCellBackgroundFill": { # The table cell background fill. # The background fill of the table cell. The default fill matches the fill for newly created table cells in the Slides editor.
-                              "propertyState": "A String", # The background fill property state. Updating the fill on a table cell will implicitly update this field to `RENDERED`, unless another value is specified in the same request. To have no fill on a table cell, set this field to `NOT_RENDERED`. In this case, any other fill fields set in the same request will be ignored.
-                              "solidFill": { # A solid color fill. The page or page element is filled entirely with the specified color value. If any field is unset, its value may be inherited from a parent placeholder if it exists. # Solid color fill.
-                                "alpha": 3.14, # The fraction of this `color` that should be applied to the pixel. That is, the final pixel color is defined by the equation: pixel color = alpha * (color) + (1.0 - alpha) * (background color) This means that a value of 1.0 corresponds to a solid color, whereas a value of 0.0 corresponds to a completely transparent color.
-                                "color": { # A themeable solid color value. # The color value of the solid fill.
-                                  "rgbColor": { # An RGB color. # An opaque RGB color.
-                                    "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
-                                    "green": 3.14, # The green component of the color, from 0.0 to 1.0.
-                                    "red": 3.14, # The red component of the color, from 0.0 to 1.0.
-                                  },
-                                  "themeColor": "A String", # An opaque theme color.
-                                },
-                              },
-                            },
-                          },
-                          "text": { # The general text content. The text must reside in a compatible shape (e.g. text box or rectangle) or a table cell in a page. # The text content of the cell.
-                            "lists": { # The bulleted lists contained in this text, keyed by list ID.
-                              "a_key": { # A List describes the look and feel of bullets belonging to paragraphs associated with a list. A paragraph that is part of a list has an implicit reference to that list's ID.
-                                "listId": "A String", # The ID of the list.
-                                "nestingLevel": { # A map of nesting levels to the properties of bullets at the associated level. A list has at most nine levels of nesting, so the possible values for the keys of this map are 0 through 8, inclusive.
-                                  "a_key": { # Contains properties describing the look and feel of a list bullet at a given level of nesting.
-                                    "bulletStyle": { # Represents the styling that can be applied to a TextRun. If this text is contained in a shape with a parent placeholder, then these text styles may be inherited from the parent. Which text styles are inherited depend on the nesting level of lists: * A text run in a paragraph that is not in a list will inherit its text style from the the newline character in the paragraph at the 0 nesting level of the list inside the parent placeholder. * A text run in a paragraph that is in a list will inherit its text style from the newline character in the paragraph at its corresponding nesting level of the list inside the parent placeholder. Inherited text styles are represented as unset fields in this message. If text is contained in a shape without a parent placeholder, unsetting these fields will revert the style to a value matching the defaults in the Slides editor. # The style of a bullet at this level of nesting.
-                                      "backgroundColor": { # A color that can either be fully opaque or fully transparent. # The background color of the text. If set, the color is either opaque or transparent, depending on if the `opaque_color` field in it is set.
-                                        "opaqueColor": { # A themeable solid color value. # If set, this will be used as an opaque color. If unset, this represents a transparent color.
-                                          "rgbColor": { # An RGB color. # An opaque RGB color.
-                                            "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
-                                            "green": 3.14, # The green component of the color, from 0.0 to 1.0.
-                                            "red": 3.14, # The red component of the color, from 0.0 to 1.0.
-                                          },
-                                          "themeColor": "A String", # An opaque theme color.
-                                        },
-                                      },
-                                      "baselineOffset": "A String", # The text's vertical offset from its normal position. Text with `SUPERSCRIPT` or `SUBSCRIPT` baseline offsets is automatically rendered in a smaller font size, computed based on the `font_size` field. The `font_size` itself is not affected by changes in this field.
-                                      "bold": True or False, # Whether or not the text is rendered as bold.
-                                      "fontFamily": "A String", # The font family of the text. The font family can be any font from the Font menu in Slides or from [Google Fonts] (https://fonts.google.com/). If the font name is unrecognized, the text is rendered in `Arial`. Some fonts can affect the weight of the text. If an update request specifies values for both `font_family` and `bold`, the explicitly-set `bold` value is used.
-                                      "fontSize": { # A magnitude in a single direction in the specified units. # The size of the text's font. When read, the `font_size` will specified in points.
-                                        "magnitude": 3.14, # The magnitude.
-                                        "unit": "A String", # The units for magnitude.
-                                      },
-                                      "foregroundColor": { # A color that can either be fully opaque or fully transparent. # The color of the text itself. If set, the color is either opaque or transparent, depending on if the `opaque_color` field in it is set.
-                                        "opaqueColor": { # A themeable solid color value. # If set, this will be used as an opaque color. If unset, this represents a transparent color.
-                                          "rgbColor": { # An RGB color. # An opaque RGB color.
-                                            "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
-                                            "green": 3.14, # The green component of the color, from 0.0 to 1.0.
-                                            "red": 3.14, # The red component of the color, from 0.0 to 1.0.
-                                          },
-                                          "themeColor": "A String", # An opaque theme color.
-                                        },
-                                      },
-                                      "italic": True or False, # Whether or not the text is italicized.
-                                      "link": { # A hypertext link. # The hyperlink destination of the text. If unset, there is no link. Links are not inherited from parent text. Changing the link in an update request causes some other changes to the text style of the range: * When setting a link, the text foreground color will be set to ThemeColorType.HYPERLINK and the text will be underlined. If these fields are modified in the same request, those values will be used instead of the link defaults. * Setting a link on a text range that overlaps with an existing link will also update the existing link to point to the new URL. * Links are not settable on newline characters. As a result, setting a link on a text range that crosses a paragraph boundary, such as `"ABC\n123"`, will separate the newline character(s) into their own text runs. The link will be applied separately to the runs before and after the newline. * Removing a link will update the text style of the range to match the style of the preceding text (or the default text styles if the preceding text is another link) unless different styles are being set in the same request.
-                                        "pageObjectId": "A String", # If set, indicates this is a link to the specific page in this presentation with this ID. A page with this ID may not exist.
-                                        "relativeLink": "A String", # If set, indicates this is a link to a slide in this presentation, addressed by its position.
-                                        "slideIndex": 42, # If set, indicates this is a link to the slide at this zero-based index in the presentation. There may not be a slide at this index.
-                                        "url": "A String", # If set, indicates this is a link to the external web page at this URL.
-                                      },
-                                      "smallCaps": True or False, # Whether or not the text is in small capital letters.
-                                      "strikethrough": True or False, # Whether or not the text is struck through.
-                                      "underline": True or False, # Whether or not the text is underlined.
-                                      "weightedFontFamily": { # Represents a font family and weight used to style a TextRun. # The font family and rendered weight of the text. This field is an extension of `font_family` meant to support explicit font weights without breaking backwards compatibility. As such, when reading the style of a range of text, the value of `weighted_font_family#font_family` will always be equal to that of `font_family`. However, when writing, if both fields are included in the field mask (either explicitly or through the wildcard `"*"`), their values are reconciled as follows: * If `font_family` is set and `weighted_font_family` is not, the value of `font_family` is applied with weight `400` ("normal"). * If both fields are set, the value of `font_family` must match that of `weighted_font_family#font_family`. If so, the font family and weight of `weighted_font_family` is applied. Otherwise, a 400 bad request error is returned. * If `weighted_font_family` is set and `font_family` is not, the font family and weight of `weighted_font_family` is applied. * If neither field is set, the font family and weight of the text inherit from the parent. Note that these properties cannot inherit separately from each other. If an update request specifies values for both `weighted_font_family` and `bold`, the `weighted_font_family` is applied first, then `bold`. If `weighted_font_family#weight` is not set, it defaults to `400`. If `weighted_font_family` is set, then `weighted_font_family#font_family` must also be set with a non-empty value. Otherwise, a 400 bad request error is returned.
-                                        "fontFamily": "A String", # The font family of the text. The font family can be any font from the Font menu in Slides or from [Google Fonts] (https://fonts.google.com/). If the font name is unrecognized, the text is rendered in `Arial`.
-                                        "weight": 42, # The rendered weight of the text. This field can have any value that is a multiple of `100` between `100` and `900`, inclusive. This range corresponds to the numerical values described in the CSS 2.1 Specification, [section 15.6](https://www.w3.org/TR/CSS21/fonts.html#font-boldness), with non-numerical values disallowed. Weights greater than or equal to `700` are considered bold, and weights less than `700`are not bold. The default value is `400` ("normal").
-                                      },
-                                    },
-                                  },
-                                },
-                              },
-                            },
-                            "textElements": [ # The text contents broken down into its component parts, including styling information. This property is read-only.
-                              { # A TextElement describes the content of a range of indices in the text content of a Shape or TableCell.
-                                "autoText": { # A TextElement kind that represents auto text. # A TextElement representing a spot in the text that is dynamically replaced with content that can change over time.
-                                  "content": "A String", # The rendered content of this auto text, if available.
-                                  "style": { # Represents the styling that can be applied to a TextRun. If this text is contained in a shape with a parent placeholder, then these text styles may be inherited from the parent. Which text styles are inherited depend on the nesting level of lists: * A text run in a paragraph that is not in a list will inherit its text style from the the newline character in the paragraph at the 0 nesting level of the list inside the parent placeholder. * A text run in a paragraph that is in a list will inherit its text style from the newline character in the paragraph at its corresponding nesting level of the list inside the parent placeholder. Inherited text styles are represented as unset fields in this message. If text is contained in a shape without a parent placeholder, unsetting these fields will revert the style to a value matching the defaults in the Slides editor. # The styling applied to this auto text.
-                                    "backgroundColor": { # A color that can either be fully opaque or fully transparent. # The background color of the text. If set, the color is either opaque or transparent, depending on if the `opaque_color` field in it is set.
-                                      "opaqueColor": { # A themeable solid color value. # If set, this will be used as an opaque color. If unset, this represents a transparent color.
-                                        "rgbColor": { # An RGB color. # An opaque RGB color.
-                                          "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
-                                          "green": 3.14, # The green component of the color, from 0.0 to 1.0.
-                                          "red": 3.14, # The red component of the color, from 0.0 to 1.0.
-                                        },
-                                        "themeColor": "A String", # An opaque theme color.
-                                      },
-                                    },
-                                    "baselineOffset": "A String", # The text's vertical offset from its normal position. Text with `SUPERSCRIPT` or `SUBSCRIPT` baseline offsets is automatically rendered in a smaller font size, computed based on the `font_size` field. The `font_size` itself is not affected by changes in this field.
-                                    "bold": True or False, # Whether or not the text is rendered as bold.
-                                    "fontFamily": "A String", # The font family of the text. The font family can be any font from the Font menu in Slides or from [Google Fonts] (https://fonts.google.com/). If the font name is unrecognized, the text is rendered in `Arial`. Some fonts can affect the weight of the text. If an update request specifies values for both `font_family` and `bold`, the explicitly-set `bold` value is used.
-                                    "fontSize": { # A magnitude in a single direction in the specified units. # The size of the text's font. When read, the `font_size` will specified in points.
-                                      "magnitude": 3.14, # The magnitude.
-                                      "unit": "A String", # The units for magnitude.
-                                    },
-                                    "foregroundColor": { # A color that can either be fully opaque or fully transparent. # The color of the text itself. If set, the color is either opaque or transparent, depending on if the `opaque_color` field in it is set.
-                                      "opaqueColor": { # A themeable solid color value. # If set, this will be used as an opaque color. If unset, this represents a transparent color.
-                                        "rgbColor": { # An RGB color. # An opaque RGB color.
-                                          "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
-                                          "green": 3.14, # The green component of the color, from 0.0 to 1.0.
-                                          "red": 3.14, # The red component of the color, from 0.0 to 1.0.
-                                        },
-                                        "themeColor": "A String", # An opaque theme color.
-                                      },
-                                    },
-                                    "italic": True or False, # Whether or not the text is italicized.
-                                    "link": { # A hypertext link. # The hyperlink destination of the text. If unset, there is no link. Links are not inherited from parent text. Changing the link in an update request causes some other changes to the text style of the range: * When setting a link, the text foreground color will be set to ThemeColorType.HYPERLINK and the text will be underlined. If these fields are modified in the same request, those values will be used instead of the link defaults. * Setting a link on a text range that overlaps with an existing link will also update the existing link to point to the new URL. * Links are not settable on newline characters. As a result, setting a link on a text range that crosses a paragraph boundary, such as `"ABC\n123"`, will separate the newline character(s) into their own text runs. The link will be applied separately to the runs before and after the newline. * Removing a link will update the text style of the range to match the style of the preceding text (or the default text styles if the preceding text is another link) unless different styles are being set in the same request.
-                                      "pageObjectId": "A String", # If set, indicates this is a link to the specific page in this presentation with this ID. A page with this ID may not exist.
-                                      "relativeLink": "A String", # If set, indicates this is a link to a slide in this presentation, addressed by its position.
-                                      "slideIndex": 42, # If set, indicates this is a link to the slide at this zero-based index in the presentation. There may not be a slide at this index.
-                                      "url": "A String", # If set, indicates this is a link to the external web page at this URL.
-                                    },
-                                    "smallCaps": True or False, # Whether or not the text is in small capital letters.
-                                    "strikethrough": True or False, # Whether or not the text is struck through.
-                                    "underline": True or False, # Whether or not the text is underlined.
-                                    "weightedFontFamily": { # Represents a font family and weight used to style a TextRun. # The font family and rendered weight of the text. This field is an extension of `font_family` meant to support explicit font weights without breaking backwards compatibility. As such, when reading the style of a range of text, the value of `weighted_font_family#font_family` will always be equal to that of `font_family`. However, when writing, if both fields are included in the field mask (either explicitly or through the wildcard `"*"`), their values are reconciled as follows: * If `font_family` is set and `weighted_font_family` is not, the value of `font_family` is applied with weight `400` ("normal"). * If both fields are set, the value of `font_family` must match that of `weighted_font_family#font_family`. If so, the font family and weight of `weighted_font_family` is applied. Otherwise, a 400 bad request error is returned. * If `weighted_font_family` is set and `font_family` is not, the font family and weight of `weighted_font_family` is applied. * If neither field is set, the font family and weight of the text inherit from the parent. Note that these properties cannot inherit separately from each other. If an update request specifies values for both `weighted_font_family` and `bold`, the `weighted_font_family` is applied first, then `bold`. If `weighted_font_family#weight` is not set, it defaults to `400`. If `weighted_font_family` is set, then `weighted_font_family#font_family` must also be set with a non-empty value. Otherwise, a 400 bad request error is returned.
-                                      "fontFamily": "A String", # The font family of the text. The font family can be any font from the Font menu in Slides or from [Google Fonts] (https://fonts.google.com/). If the font name is unrecognized, the text is rendered in `Arial`.
-                                      "weight": 42, # The rendered weight of the text. This field can have any value that is a multiple of `100` between `100` and `900`, inclusive. This range corresponds to the numerical values described in the CSS 2.1 Specification, [section 15.6](https://www.w3.org/TR/CSS21/fonts.html#font-boldness), with non-numerical values disallowed. Weights greater than or equal to `700` are considered bold, and weights less than `700`are not bold. The default value is `400` ("normal").
-                                    },
-                                  },
-                                  "type": "A String", # The type of this auto text.
-                                },
-                                "endIndex": 42, # The zero-based end index of this text element, exclusive, in Unicode code units.
-                                "paragraphMarker": { # A TextElement kind that represents the beginning of a new paragraph. # A marker representing the beginning of a new paragraph. The `start_index` and `end_index` of this TextElement represent the range of the paragraph. Other TextElements with an index range contained inside this paragraph's range are considered to be part of this paragraph. The range of indices of two separate paragraphs will never overlap.
-                                  "bullet": { # Describes the bullet of a paragraph. # The bullet for this paragraph. If not present, the paragraph does not belong to a list.
-                                    "bulletStyle": { # Represents the styling that can be applied to a TextRun. If this text is contained in a shape with a parent placeholder, then these text styles may be inherited from the parent. Which text styles are inherited depend on the nesting level of lists: * A text run in a paragraph that is not in a list will inherit its text style from the the newline character in the paragraph at the 0 nesting level of the list inside the parent placeholder. * A text run in a paragraph that is in a list will inherit its text style from the newline character in the paragraph at its corresponding nesting level of the list inside the parent placeholder. Inherited text styles are represented as unset fields in this message. If text is contained in a shape without a parent placeholder, unsetting these fields will revert the style to a value matching the defaults in the Slides editor. # The paragraph specific text style applied to this bullet.
-                                      "backgroundColor": { # A color that can either be fully opaque or fully transparent. # The background color of the text. If set, the color is either opaque or transparent, depending on if the `opaque_color` field in it is set.
-                                        "opaqueColor": { # A themeable solid color value. # If set, this will be used as an opaque color. If unset, this represents a transparent color.
-                                          "rgbColor": { # An RGB color. # An opaque RGB color.
-                                            "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
-                                            "green": 3.14, # The green component of the color, from 0.0 to 1.0.
-                                            "red": 3.14, # The red component of the color, from 0.0 to 1.0.
-                                          },
-                                          "themeColor": "A String", # An opaque theme color.
-                                        },
-                                      },
-                                      "baselineOffset": "A String", # The text's vertical offset from its normal position. Text with `SUPERSCRIPT` or `SUBSCRIPT` baseline offsets is automatically rendered in a smaller font size, computed based on the `font_size` field. The `font_size` itself is not affected by changes in this field.
-                                      "bold": True or False, # Whether or not the text is rendered as bold.
-                                      "fontFamily": "A String", # The font family of the text. The font family can be any font from the Font menu in Slides or from [Google Fonts] (https://fonts.google.com/). If the font name is unrecognized, the text is rendered in `Arial`. Some fonts can affect the weight of the text. If an update request specifies values for both `font_family` and `bold`, the explicitly-set `bold` value is used.
-                                      "fontSize": { # A magnitude in a single direction in the specified units. # The size of the text's font. When read, the `font_size` will specified in points.
-                                        "magnitude": 3.14, # The magnitude.
-                                        "unit": "A String", # The units for magnitude.
-                                      },
-                                      "foregroundColor": { # A color that can either be fully opaque or fully transparent. # The color of the text itself. If set, the color is either opaque or transparent, depending on if the `opaque_color` field in it is set.
-                                        "opaqueColor": { # A themeable solid color value. # If set, this will be used as an opaque color. If unset, this represents a transparent color.
-                                          "rgbColor": { # An RGB color. # An opaque RGB color.
-                                            "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
-                                            "green": 3.14, # The green component of the color, from 0.0 to 1.0.
-                                            "red": 3.14, # The red component of the color, from 0.0 to 1.0.
-                                          },
-                                          "themeColor": "A String", # An opaque theme color.
-                                        },
-                                      },
-                                      "italic": True or False, # Whether or not the text is italicized.
-                                      "link": { # A hypertext link. # The hyperlink destination of the text. If unset, there is no link. Links are not inherited from parent text. Changing the link in an update request causes some other changes to the text style of the range: * When setting a link, the text foreground color will be set to ThemeColorType.HYPERLINK and the text will be underlined. If these fields are modified in the same request, those values will be used instead of the link defaults. * Setting a link on a text range that overlaps with an existing link will also update the existing link to point to the new URL. * Links are not settable on newline characters. As a result, setting a link on a text range that crosses a paragraph boundary, such as `"ABC\n123"`, will separate the newline character(s) into their own text runs. The link will be applied separately to the runs before and after the newline. * Removing a link will update the text style of the range to match the style of the preceding text (or the default text styles if the preceding text is another link) unless different styles are being set in the same request.
-                                        "pageObjectId": "A String", # If set, indicates this is a link to the specific page in this presentation with this ID. A page with this ID may not exist.
-                                        "relativeLink": "A String", # If set, indicates this is a link to a slide in this presentation, addressed by its position.
-                                        "slideIndex": 42, # If set, indicates this is a link to the slide at this zero-based index in the presentation. There may not be a slide at this index.
-                                        "url": "A String", # If set, indicates this is a link to the external web page at this URL.
-                                      },
-                                      "smallCaps": True or False, # Whether or not the text is in small capital letters.
-                                      "strikethrough": True or False, # Whether or not the text is struck through.
-                                      "underline": True or False, # Whether or not the text is underlined.
-                                      "weightedFontFamily": { # Represents a font family and weight used to style a TextRun. # The font family and rendered weight of the text. This field is an extension of `font_family` meant to support explicit font weights without breaking backwards compatibility. As such, when reading the style of a range of text, the value of `weighted_font_family#font_family` will always be equal to that of `font_family`. However, when writing, if both fields are included in the field mask (either explicitly or through the wildcard `"*"`), their values are reconciled as follows: * If `font_family` is set and `weighted_font_family` is not, the value of `font_family` is applied with weight `400` ("normal"). * If both fields are set, the value of `font_family` must match that of `weighted_font_family#font_family`. If so, the font family and weight of `weighted_font_family` is applied. Otherwise, a 400 bad request error is returned. * If `weighted_font_family` is set and `font_family` is not, the font family and weight of `weighted_font_family` is applied. * If neither field is set, the font family and weight of the text inherit from the parent. Note that these properties cannot inherit separately from each other. If an update request specifies values for both `weighted_font_family` and `bold`, the `weighted_font_family` is applied first, then `bold`. If `weighted_font_family#weight` is not set, it defaults to `400`. If `weighted_font_family` is set, then `weighted_font_family#font_family` must also be set with a non-empty value. Otherwise, a 400 bad request error is returned.
-                                        "fontFamily": "A String", # The font family of the text. The font family can be any font from the Font menu in Slides or from [Google Fonts] (https://fonts.google.com/). If the font name is unrecognized, the text is rendered in `Arial`.
-                                        "weight": 42, # The rendered weight of the text. This field can have any value that is a multiple of `100` between `100` and `900`, inclusive. This range corresponds to the numerical values described in the CSS 2.1 Specification, [section 15.6](https://www.w3.org/TR/CSS21/fonts.html#font-boldness), with non-numerical values disallowed. Weights greater than or equal to `700` are considered bold, and weights less than `700`are not bold. The default value is `400` ("normal").
-                                      },
-                                    },
-                                    "glyph": "A String", # The rendered bullet glyph for this paragraph.
-                                    "listId": "A String", # The ID of the list this paragraph belongs to.
-                                    "nestingLevel": 42, # The nesting level of this paragraph in the list.
-                                  },
-                                  "style": { # Styles that apply to a whole paragraph. If this text is contained in a shape with a parent placeholder, then these paragraph styles may be inherited from the parent. Which paragraph styles are inherited depend on the nesting level of lists: * A paragraph not in a list will inherit its paragraph style from the paragraph at the 0 nesting level of the list inside the parent placeholder. * A paragraph in a list will inherit its paragraph style from the paragraph at its corresponding nesting level of the list inside the parent placeholder. Inherited paragraph styles are represented as unset fields in this message. # The paragraph's style
-                                    "alignment": "A String", # The text alignment for this paragraph.
-                                    "direction": "A String", # The text direction of this paragraph. If unset, the value defaults to LEFT_TO_RIGHT since text direction is not inherited.
-                                    "indentEnd": { # A magnitude in a single direction in the specified units. # The amount indentation for the paragraph on the side that corresponds to the end of the text, based on the current text direction. If unset, the value is inherited from the parent.
-                                      "magnitude": 3.14, # The magnitude.
-                                      "unit": "A String", # The units for magnitude.
-                                    },
-                                    "indentFirstLine": { # A magnitude in a single direction in the specified units. # The amount of indentation for the start of the first line of the paragraph. If unset, the value is inherited from the parent.
-                                      "magnitude": 3.14, # The magnitude.
-                                      "unit": "A String", # The units for magnitude.
-                                    },
-                                    "indentStart": { # A magnitude in a single direction in the specified units. # The amount indentation for the paragraph on the side that corresponds to the start of the text, based on the current text direction. If unset, the value is inherited from the parent.
-                                      "magnitude": 3.14, # The magnitude.
-                                      "unit": "A String", # The units for magnitude.
-                                    },
-                                    "lineSpacing": 3.14, # The amount of space between lines, as a percentage of normal, where normal is represented as 100.0. If unset, the value is inherited from the parent.
-                                    "spaceAbove": { # A magnitude in a single direction in the specified units. # The amount of extra space above the paragraph. If unset, the value is inherited from the parent.
-                                      "magnitude": 3.14, # The magnitude.
-                                      "unit": "A String", # The units for magnitude.
-                                    },
-                                    "spaceBelow": { # A magnitude in a single direction in the specified units. # The amount of extra space below the paragraph. If unset, the value is inherited from the parent.
-                                      "magnitude": 3.14, # The magnitude.
-                                      "unit": "A String", # The units for magnitude.
-                                    },
-                                    "spacingMode": "A String", # The spacing mode for the paragraph.
-                                  },
-                                },
-                                "startIndex": 42, # The zero-based start index of this text element, in Unicode code units.
-                                "textRun": { # A TextElement kind that represents a run of text that all has the same styling. # A TextElement representing a run of text where all of the characters in the run have the same TextStyle. The `start_index` and `end_index` of TextRuns will always be fully contained in the index range of a single `paragraph_marker` TextElement. In other words, a TextRun will never span multiple paragraphs.
-                                  "content": "A String", # The text of this run.
-                                  "style": { # Represents the styling that can be applied to a TextRun. If this text is contained in a shape with a parent placeholder, then these text styles may be inherited from the parent. Which text styles are inherited depend on the nesting level of lists: * A text run in a paragraph that is not in a list will inherit its text style from the the newline character in the paragraph at the 0 nesting level of the list inside the parent placeholder. * A text run in a paragraph that is in a list will inherit its text style from the newline character in the paragraph at its corresponding nesting level of the list inside the parent placeholder. Inherited text styles are represented as unset fields in this message. If text is contained in a shape without a parent placeholder, unsetting these fields will revert the style to a value matching the defaults in the Slides editor. # The styling applied to this run.
-                                    "backgroundColor": { # A color that can either be fully opaque or fully transparent. # The background color of the text. If set, the color is either opaque or transparent, depending on if the `opaque_color` field in it is set.
-                                      "opaqueColor": { # A themeable solid color value. # If set, this will be used as an opaque color. If unset, this represents a transparent color.
-                                        "rgbColor": { # An RGB color. # An opaque RGB color.
-                                          "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
-                                          "green": 3.14, # The green component of the color, from 0.0 to 1.0.
-                                          "red": 3.14, # The red component of the color, from 0.0 to 1.0.
-                                        },
-                                        "themeColor": "A String", # An opaque theme color.
-                                      },
-                                    },
-                                    "baselineOffset": "A String", # The text's vertical offset from its normal position. Text with `SUPERSCRIPT` or `SUBSCRIPT` baseline offsets is automatically rendered in a smaller font size, computed based on the `font_size` field. The `font_size` itself is not affected by changes in this field.
-                                    "bold": True or False, # Whether or not the text is rendered as bold.
-                                    "fontFamily": "A String", # The font family of the text. The font family can be any font from the Font menu in Slides or from [Google Fonts] (https://fonts.google.com/). If the font name is unrecognized, the text is rendered in `Arial`. Some fonts can affect the weight of the text. If an update request specifies values for both `font_family` and `bold`, the explicitly-set `bold` value is used.
-                                    "fontSize": { # A magnitude in a single direction in the specified units. # The size of the text's font. When read, the `font_size` will specified in points.
-                                      "magnitude": 3.14, # The magnitude.
-                                      "unit": "A String", # The units for magnitude.
-                                    },
-                                    "foregroundColor": { # A color that can either be fully opaque or fully transparent. # The color of the text itself. If set, the color is either opaque or transparent, depending on if the `opaque_color` field in it is set.
-                                      "opaqueColor": { # A themeable solid color value. # If set, this will be used as an opaque color. If unset, this represents a transparent color.
-                                        "rgbColor": { # An RGB color. # An opaque RGB color.
-                                          "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
-                                          "green": 3.14, # The green component of the color, from 0.0 to 1.0.
-                                          "red": 3.14, # The red component of the color, from 0.0 to 1.0.
-                                        },
-                                        "themeColor": "A String", # An opaque theme color.
-                                      },
-                                    },
-                                    "italic": True or False, # Whether or not the text is italicized.
-                                    "link": { # A hypertext link. # The hyperlink destination of the text. If unset, there is no link. Links are not inherited from parent text. Changing the link in an update request causes some other changes to the text style of the range: * When setting a link, the text foreground color will be set to ThemeColorType.HYPERLINK and the text will be underlined. If these fields are modified in the same request, those values will be used instead of the link defaults. * Setting a link on a text range that overlaps with an existing link will also update the existing link to point to the new URL. * Links are not settable on newline characters. As a result, setting a link on a text range that crosses a paragraph boundary, such as `"ABC\n123"`, will separate the newline character(s) into their own text runs. The link will be applied separately to the runs before and after the newline. * Removing a link will update the text style of the range to match the style of the preceding text (or the default text styles if the preceding text is another link) unless different styles are being set in the same request.
-                                      "pageObjectId": "A String", # If set, indicates this is a link to the specific page in this presentation with this ID. A page with this ID may not exist.
-                                      "relativeLink": "A String", # If set, indicates this is a link to a slide in this presentation, addressed by its position.
-                                      "slideIndex": 42, # If set, indicates this is a link to the slide at this zero-based index in the presentation. There may not be a slide at this index.
-                                      "url": "A String", # If set, indicates this is a link to the external web page at this URL.
-                                    },
-                                    "smallCaps": True or False, # Whether or not the text is in small capital letters.
-                                    "strikethrough": True or False, # Whether or not the text is struck through.
-                                    "underline": True or False, # Whether or not the text is underlined.
-                                    "weightedFontFamily": { # Represents a font family and weight used to style a TextRun. # The font family and rendered weight of the text. This field is an extension of `font_family` meant to support explicit font weights without breaking backwards compatibility. As such, when reading the style of a range of text, the value of `weighted_font_family#font_family` will always be equal to that of `font_family`. However, when writing, if both fields are included in the field mask (either explicitly or through the wildcard `"*"`), their values are reconciled as follows: * If `font_family` is set and `weighted_font_family` is not, the value of `font_family` is applied with weight `400` ("normal"). * If both fields are set, the value of `font_family` must match that of `weighted_font_family#font_family`. If so, the font family and weight of `weighted_font_family` is applied. Otherwise, a 400 bad request error is returned. * If `weighted_font_family` is set and `font_family` is not, the font family and weight of `weighted_font_family` is applied. * If neither field is set, the font family and weight of the text inherit from the parent. Note that these properties cannot inherit separately from each other. If an update request specifies values for both `weighted_font_family` and `bold`, the `weighted_font_family` is applied first, then `bold`. If `weighted_font_family#weight` is not set, it defaults to `400`. If `weighted_font_family` is set, then `weighted_font_family#font_family` must also be set with a non-empty value. Otherwise, a 400 bad request error is returned.
-                                      "fontFamily": "A String", # The font family of the text. The font family can be any font from the Font menu in Slides or from [Google Fonts] (https://fonts.google.com/). If the font name is unrecognized, the text is rendered in `Arial`.
-                                      "weight": 42, # The rendered weight of the text. This field can have any value that is a multiple of `100` between `100` and `900`, inclusive. This range corresponds to the numerical values described in the CSS 2.1 Specification, [section 15.6](https://www.w3.org/TR/CSS21/fonts.html#font-boldness), with non-numerical values disallowed. Weights greater than or equal to `700` are considered bold, and weights less than `700`are not bold. The default value is `400` ("normal").
-                                    },
-                                  },
-                                },
-                              },
-                            ],
-                          },
-                        },
-                      ],
-                      "tableRowProperties": { # Properties of each row in a table. # Properties of the row.
-                        "minRowHeight": { # A magnitude in a single direction in the specified units. # Minimum height of the row. The row will be rendered in the Slides editor at a height equal to or greater than this value in order to show all the text in the row's cell(s).
-                          "magnitude": 3.14, # The magnitude.
-                          "unit": "A String", # The units for magnitude.
-                        },
-                      },
-                    },
-                  ],
-                  "verticalBorderRows": [ # Properties of vertical cell borders. A table's vertical cell borders are represented as a grid. The grid has the same number of rows as the table and one more column than the number of columns in the table. For example, if the table is 3 x 3, its vertical borders will be represented as a grid with 3 rows and 4 columns.
-                    { # Contents of each border row in a table.
-                      "tableBorderCells": [ # Properties of each border cell. When a border's adjacent table cells are merged, it is not included in the response.
-                        { # The properties of each border cell.
-                          "location": { # A location of a single table cell within a table. # The location of the border within the border table.
-                            "columnIndex": 42, # The 0-based column index.
-                            "rowIndex": 42, # The 0-based row index.
-                          },
-                          "tableBorderProperties": { # The border styling properties of the TableBorderCell. # The border properties.
-                            "dashStyle": "A String", # The dash style of the border.
-                            "tableBorderFill": { # The fill of the border. # The fill of the table border.
-                              "solidFill": { # A solid color fill. The page or page element is filled entirely with the specified color value. If any field is unset, its value may be inherited from a parent placeholder if it exists. # Solid fill.
-                                "alpha": 3.14, # The fraction of this `color` that should be applied to the pixel. That is, the final pixel color is defined by the equation: pixel color = alpha * (color) + (1.0 - alpha) * (background color) This means that a value of 1.0 corresponds to a solid color, whereas a value of 0.0 corresponds to a completely transparent color.
-                                "color": { # A themeable solid color value. # The color value of the solid fill.
-                                  "rgbColor": { # An RGB color. # An opaque RGB color.
-                                    "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
-                                    "green": 3.14, # The green component of the color, from 0.0 to 1.0.
-                                    "red": 3.14, # The red component of the color, from 0.0 to 1.0.
-                                  },
-                                  "themeColor": "A String", # An opaque theme color.
-                                },
-                              },
-                            },
-                            "weight": { # A magnitude in a single direction in the specified units. # The thickness of the border.
-                              "magnitude": 3.14, # The magnitude.
-                              "unit": "A String", # The units for magnitude.
-                            },
-                          },
-                        },
-                      ],
-                    },
-                  ],
-                },
-                "title": "A String", # The title of the page element. Combined with description to display alt text. The field is not supported for Group elements.
-                "transform": { # AffineTransform uses a 3x3 matrix with an implied last row of [ 0 0 1 ] to transform source coordinates (x,y) into destination coordinates (x', y') according to: x' x = shear_y scale_y translate_y 1 [ 1 ] After transformation, x' = scale_x * x + shear_x * y + translate_x; y' = scale_y * y + shear_y * x + translate_y; This message is therefore composed of these six matrix elements. # The transform of the page element. The visual appearance of the page element is determined by its absolute transform. To compute the absolute transform, preconcatenate a page element's transform with the transforms of all of its parent groups. If the page element is not in a group, its absolute transform is the same as the value in this field. The initial transform for the newly created Group is always the identity transform.
-                  "scaleX": 3.14, # The X coordinate scaling element.
-                  "scaleY": 3.14, # The Y coordinate scaling element.
-                  "shearX": 3.14, # The X coordinate shearing element.
-                  "shearY": 3.14, # The Y coordinate shearing element.
-                  "translateX": 3.14, # The X coordinate translation element.
-                  "translateY": 3.14, # The Y coordinate translation element.
-                  "unit": "A String", # The units for translate elements.
-                },
-                "video": { # A PageElement kind representing a video. # A video page element.
-                  "id": "A String", # The video source's unique identifier for this video.
-                  "source": "A String", # The video source.
-                  "url": "A String", # An URL to a video. The URL is valid as long as the source video exists and sharing settings do not change.
-                  "videoProperties": { # The properties of the Video. # The properties of the video.
-                    "autoPlay": True or False, # Whether to enable video autoplay when the page is displayed in present mode. Defaults to false.
-                    "end": 42, # The time at which to end playback, measured in seconds from the beginning of the video. If set, the end time should be after the start time. If not set or if you set this to a value that exceeds the video's length, the video will be played until its end.
-                    "mute": True or False, # Whether to mute the audio during video playback. Defaults to false.
-                    "outline": { # The outline of a PageElement. If these fields are unset, they may be inherited from a parent placeholder if it exists. If there is no parent, the fields will default to the value used for new page elements created in the Slides editor, which may depend on the page element kind. # The outline of the video. The default outline matches the defaults for new videos created in the Slides editor.
-                      "dashStyle": "A String", # The dash style of the outline.
-                      "outlineFill": { # The fill of the outline. # The fill of the outline.
-                        "solidFill": { # A solid color fill. The page or page element is filled entirely with the specified color value. If any field is unset, its value may be inherited from a parent placeholder if it exists. # Solid color fill.
-                          "alpha": 3.14, # The fraction of this `color` that should be applied to the pixel. That is, the final pixel color is defined by the equation: pixel color = alpha * (color) + (1.0 - alpha) * (background color) This means that a value of 1.0 corresponds to a solid color, whereas a value of 0.0 corresponds to a completely transparent color.
-                          "color": { # A themeable solid color value. # The color value of the solid fill.
-                            "rgbColor": { # An RGB color. # An opaque RGB color.
-                              "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
-                              "green": 3.14, # The green component of the color, from 0.0 to 1.0.
-                              "red": 3.14, # The red component of the color, from 0.0 to 1.0.
-                            },
-                            "themeColor": "A String", # An opaque theme color.
-                          },
-                        },
-                      },
-                      "propertyState": "A String", # The outline property state. Updating the outline on a page element will implicitly update this field to `RENDERED`, unless another value is specified in the same request. To have no outline on a page element, set this field to `NOT_RENDERED`. In this case, any other outline fields set in the same request will be ignored.
-                      "weight": { # A magnitude in a single direction in the specified units. # The thickness of the outline.
-                        "magnitude": 3.14, # The magnitude.
-                        "unit": "A String", # The units for magnitude.
-                      },
-                    },
-                    "start": 42, # The time at which to start playback, measured in seconds from the beginning of the video. If set, the start time should be before the end time. If you set this to a value that exceeds the video's length in seconds, the video will be played from the last second. If not set, the video will be played from the beginning.
-                  },
-                },
-                "wordArt": { # A PageElement kind representing word art. # A word art page element.
-                  "renderedText": "A String", # The text rendered as word art.
-                },
-              },
-            ],
-            "pageProperties": { # The properties of the Page. The page will inherit properties from the parent page. Depending on the page type the hierarchy is defined in either SlideProperties or LayoutProperties. # The properties of the page.
-              "colorScheme": { # The palette of predefined colors for a page. # The color scheme of the page. If unset, the color scheme is inherited from a parent page. If the page has no parent, the color scheme uses a default Slides color scheme, matching the defaults in the Slides editor. Only the concrete colors of the first 12 ThemeColorTypes are editable. In addition, only the color scheme on `Master` pages can be updated. To update the field, a color scheme containing mappings from all the first 12 ThemeColorTypes to their concrete colors must be provided. Colors for the remaining ThemeColorTypes will be ignored.
-                "colors": [ # The ThemeColorType and corresponding concrete color pairs.
-                  { # A pair mapping a theme color type to the concrete color it represents.
-                    "color": { # An RGB color. # The concrete color corresponding to the theme color type above.
-                      "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
-                      "green": 3.14, # The green component of the color, from 0.0 to 1.0.
-                      "red": 3.14, # The red component of the color, from 0.0 to 1.0.
-                    },
-                    "type": "A String", # The type of the theme color.
-                  },
-                ],
-              },
-              "pageBackgroundFill": { # The page background fill. # The background fill of the page. If unset, the background fill is inherited from a parent page if it exists. If the page has no parent, then the background fill defaults to the corresponding fill in the Slides editor.
-                "propertyState": "A String", # The background fill property state. Updating the fill on a page will implicitly update this field to `RENDERED`, unless another value is specified in the same request. To have no fill on a page, set this field to `NOT_RENDERED`. In this case, any other fill fields set in the same request will be ignored.
-                "solidFill": { # A solid color fill. The page or page element is filled entirely with the specified color value. If any field is unset, its value may be inherited from a parent placeholder if it exists. # Solid color fill.
-                  "alpha": 3.14, # The fraction of this `color` that should be applied to the pixel. That is, the final pixel color is defined by the equation: pixel color = alpha * (color) + (1.0 - alpha) * (background color) This means that a value of 1.0 corresponds to a solid color, whereas a value of 0.0 corresponds to a completely transparent color.
-                  "color": { # A themeable solid color value. # The color value of the solid fill.
-                    "rgbColor": { # An RGB color. # An opaque RGB color.
-                      "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
-                      "green": 3.14, # The green component of the color, from 0.0 to 1.0.
-                      "red": 3.14, # The red component of the color, from 0.0 to 1.0.
-                    },
-                    "themeColor": "A String", # An opaque theme color.
-                  },
-                },
-                "stretchedPictureFill": { # The stretched picture fill. The page or page element is filled entirely with the specified picture. The picture is stretched to fit its container. # Stretched picture fill.
-                  "contentUrl": "A String", # Reading the content_url: An URL to a picture with a default lifetime of 30 minutes. This URL is tagged with the account of the requester. Anyone with the URL effectively accesses the picture as the original requester. Access to the picture may be lost if the presentation's sharing settings change. Writing the content_url: The picture is fetched once at insertion time and a copy is stored for display inside the presentation. Pictures must be less than 50MB in size, cannot exceed 25 megapixels, and must be in one of PNG, JPEG, or GIF format. The provided URL can be at most 2 kB in length.
-                  "size": { # A width and height. # The original size of the picture fill. This field is read-only.
-                    "height": { # A magnitude in a single direction in the specified units. # The height of the object.
-                      "magnitude": 3.14, # The magnitude.
-                      "unit": "A String", # The units for magnitude.
-                    },
-                    "width": { # A magnitude in a single direction in the specified units. # The width of the object.
-                      "magnitude": 3.14, # The magnitude.
-                      "unit": "A String", # The units for magnitude.
-                    },
-                  },
-                },
-              },
-            },
-            "pageType": "A String", # The type of the page.
-            "revisionId": "A String", # Output only. The revision ID of the presentation. Can be used in update requests to assert the presentation revision hasn't changed since the last read operation. Only populated if the user has edit access to the presentation. The revision ID is not a sequential number but an opaque string. The format of the revision ID might change over time. A returned revision ID is only guaranteed to be valid for 24 hours after it has been returned and cannot be shared across users. If the revision ID is unchanged between calls, then the presentation has not changed. Conversely, a changed ID (for the same presentation and user) usually means the presentation has been updated. However, a changed ID can also be due to internal factors such as ID format changes.
-            "slideProperties": # Object with schema name: SlideProperties # Slide specific properties. Only set if page_type = SLIDE.
-          },
+          "notesPage": # Object with schema name: Page # The notes page that this slide is associated with. It defines the visual appearance of a notes page when printing or exporting slides with speaker notes. A notes page inherits properties from the notes master. The placeholder shape with type BODY on the notes page contains the speaker notes for this slide. The ID of this shape is identified by the speakerNotesObjectId field. The notes page is read-only except for the text content and styles of the speaker notes shape. This property is read-only.
         },
       },
       "updateSlidesPosition": { # Updates the position of slides in the presentation. # Updates the position of a set of slides in the presentation.
@@ -3052,7 +2045,12 @@ 
Method Details

       },
       "pageType": "A String", # The type of the page.
       "revisionId": "A String", # Output only. The revision ID of the presentation. Can be used in update requests to assert the presentation revision hasn't changed since the last read operation. Only populated if the user has edit access to the presentation. The revision ID is not a sequential number but an opaque string. The format of the revision ID might change over time. A returned revision ID is only guaranteed to be valid for 24 hours after it has been returned and cannot be shared across users. If the revision ID is unchanged between calls, then the presentation has not changed. Conversely, a changed ID (for the same presentation and user) usually means the presentation has been updated. However, a changed ID can also be due to internal factors such as ID format changes.
-      "slideProperties": # Object with schema name: SlideProperties # Slide specific properties. Only set if page_type = SLIDE.
+      "slideProperties": { # The properties of Page that are only relevant for pages with page_type SLIDE. # Slide specific properties. Only set if page_type = SLIDE.
+        "isSkipped": True or False, # Whether the slide is skipped in the presentation mode. Defaults to false.
+        "layoutObjectId": "A String", # The object ID of the layout that this slide is based on. This property is read-only.
+        "masterObjectId": "A String", # The object ID of the master that this slide is based on. This property is read-only.
+        "notesPage": # Object with schema name: Page # The notes page that this slide is associated with. It defines the visual appearance of a notes page when printing or exporting slides with speaker notes. A notes page inherits properties from the notes master. The placeholder shape with type BODY on the notes page contains the speaker notes for this slide. The ID of this shape is identified by the speakerNotesObjectId field. The notes page is read-only except for the text content and styles of the speaker notes shape. This property is read-only.
+      },
     },
   ],
   "locale": "A String", # The locale of the presentation, as an IETF BCP 47 language tag.
@@ -4063,7 +3061,12 @@ 
Method Details

       },
       "pageType": "A String", # The type of the page.
       "revisionId": "A String", # Output only. The revision ID of the presentation. Can be used in update requests to assert the presentation revision hasn't changed since the last read operation. Only populated if the user has edit access to the presentation. The revision ID is not a sequential number but an opaque string. The format of the revision ID might change over time. A returned revision ID is only guaranteed to be valid for 24 hours after it has been returned and cannot be shared across users. If the revision ID is unchanged between calls, then the presentation has not changed. Conversely, a changed ID (for the same presentation and user) usually means the presentation has been updated. However, a changed ID can also be due to internal factors such as ID format changes.
-      "slideProperties": # Object with schema name: SlideProperties # Slide specific properties. Only set if page_type = SLIDE.
+      "slideProperties": { # The properties of Page that are only relevant for pages with page_type SLIDE. # Slide specific properties. Only set if page_type = SLIDE.
+        "isSkipped": True or False, # Whether the slide is skipped in the presentation mode. Defaults to false.
+        "layoutObjectId": "A String", # The object ID of the layout that this slide is based on. This property is read-only.
+        "masterObjectId": "A String", # The object ID of the master that this slide is based on. This property is read-only.
+        "notesPage": # Object with schema name: Page # The notes page that this slide is associated with. It defines the visual appearance of a notes page when printing or exporting slides with speaker notes. A notes page inherits properties from the notes master. The placeholder shape with type BODY on the notes page contains the speaker notes for this slide. The ID of this shape is identified by the speakerNotesObjectId field. The notes page is read-only except for the text content and styles of the speaker notes shape. This property is read-only.
+      },
     },
   ],
   "notesMaster": { # A page in a presentation. # The notes master in the presentation. It serves three purposes: - Placeholder shapes on a notes master contain the default text styles and shape properties of all placeholder shapes on notes pages. Specifically, a `SLIDE_IMAGE` placeholder shape contains the slide thumbnail, and a `BODY` placeholder shape contains the speaker notes. - The notes master page properties define the common page properties inherited by all notes pages. - Any other shapes on the notes master appear on all notes pages. The notes master is read-only.
@@ -5072,7 +4075,12 @@ 
Method Details

     },
     "pageType": "A String", # The type of the page.
     "revisionId": "A String", # Output only. The revision ID of the presentation. Can be used in update requests to assert the presentation revision hasn't changed since the last read operation. Only populated if the user has edit access to the presentation. The revision ID is not a sequential number but an opaque string. The format of the revision ID might change over time. A returned revision ID is only guaranteed to be valid for 24 hours after it has been returned and cannot be shared across users. If the revision ID is unchanged between calls, then the presentation has not changed. Conversely, a changed ID (for the same presentation and user) usually means the presentation has been updated. However, a changed ID can also be due to internal factors such as ID format changes.
-    "slideProperties": # Object with schema name: SlideProperties # Slide specific properties. Only set if page_type = SLIDE.
+    "slideProperties": { # The properties of Page that are only relevant for pages with page_type SLIDE. # Slide specific properties. Only set if page_type = SLIDE.
+      "isSkipped": True or False, # Whether the slide is skipped in the presentation mode. Defaults to false.
+      "layoutObjectId": "A String", # The object ID of the layout that this slide is based on. This property is read-only.
+      "masterObjectId": "A String", # The object ID of the master that this slide is based on. This property is read-only.
+      "notesPage": # Object with schema name: Page # The notes page that this slide is associated with. It defines the visual appearance of a notes page when printing or exporting slides with speaker notes. A notes page inherits properties from the notes master. The placeholder shape with type BODY on the notes page contains the speaker notes for this slide. The ID of this shape is identified by the speakerNotesObjectId field. The notes page is read-only except for the text content and styles of the speaker notes shape. This property is read-only.
+    },
   },
   "pageSize": { # A width and height. # The size of pages in the presentation.
     "height": { # A magnitude in a single direction in the specified units. # The height of the object.
@@ -6093,7 +5101,12 @@ 
Method Details

       },
       "pageType": "A String", # The type of the page.
       "revisionId": "A String", # Output only. The revision ID of the presentation. Can be used in update requests to assert the presentation revision hasn't changed since the last read operation. Only populated if the user has edit access to the presentation. The revision ID is not a sequential number but an opaque string. The format of the revision ID might change over time. A returned revision ID is only guaranteed to be valid for 24 hours after it has been returned and cannot be shared across users. If the revision ID is unchanged between calls, then the presentation has not changed. Conversely, a changed ID (for the same presentation and user) usually means the presentation has been updated. However, a changed ID can also be due to internal factors such as ID format changes.
-      "slideProperties": # Object with schema name: SlideProperties # Slide specific properties. Only set if page_type = SLIDE.
+      "slideProperties": { # The properties of Page that are only relevant for pages with page_type SLIDE. # Slide specific properties. Only set if page_type = SLIDE.
+        "isSkipped": True or False, # Whether the slide is skipped in the presentation mode. Defaults to false.
+        "layoutObjectId": "A String", # The object ID of the layout that this slide is based on. This property is read-only.
+        "masterObjectId": "A String", # The object ID of the master that this slide is based on. This property is read-only.
+        "notesPage": # Object with schema name: Page # The notes page that this slide is associated with. It defines the visual appearance of a notes page when printing or exporting slides with speaker notes. A notes page inherits properties from the notes master. The placeholder shape with type BODY on the notes page contains the speaker notes for this slide. The ID of this shape is identified by the speakerNotesObjectId field. The notes page is read-only except for the text content and styles of the speaker notes shape. This property is read-only.
+      },
     },
   ],
   "title": "A String", # The title of the presentation.
@@ -7115,7 +6128,12 @@ 
Method Details

       },
       "pageType": "A String", # The type of the page.
       "revisionId": "A String", # Output only. The revision ID of the presentation. Can be used in update requests to assert the presentation revision hasn't changed since the last read operation. Only populated if the user has edit access to the presentation. The revision ID is not a sequential number but an opaque string. The format of the revision ID might change over time. A returned revision ID is only guaranteed to be valid for 24 hours after it has been returned and cannot be shared across users. If the revision ID is unchanged between calls, then the presentation has not changed. Conversely, a changed ID (for the same presentation and user) usually means the presentation has been updated. However, a changed ID can also be due to internal factors such as ID format changes.
-      "slideProperties": # Object with schema name: SlideProperties # Slide specific properties. Only set if page_type = SLIDE.
+      "slideProperties": { # The properties of Page that are only relevant for pages with page_type SLIDE. # Slide specific properties. Only set if page_type = SLIDE.
+        "isSkipped": True or False, # Whether the slide is skipped in the presentation mode. Defaults to false.
+        "layoutObjectId": "A String", # The object ID of the layout that this slide is based on. This property is read-only.
+        "masterObjectId": "A String", # The object ID of the master that this slide is based on. This property is read-only.
+        "notesPage": # Object with schema name: Page # The notes page that this slide is associated with. It defines the visual appearance of a notes page when printing or exporting slides with speaker notes. A notes page inherits properties from the notes master. The placeholder shape with type BODY on the notes page contains the speaker notes for this slide. The ID of this shape is identified by the speakerNotesObjectId field. The notes page is read-only except for the text content and styles of the speaker notes shape. This property is read-only.
+      },
     },
   ],
   "locale": "A String", # The locale of the presentation, as an IETF BCP 47 language tag.
@@ -8126,7 +7144,12 @@ 
Method Details

       },
       "pageType": "A String", # The type of the page.
       "revisionId": "A String", # Output only. The revision ID of the presentation. Can be used in update requests to assert the presentation revision hasn't changed since the last read operation. Only populated if the user has edit access to the presentation. The revision ID is not a sequential number but an opaque string. The format of the revision ID might change over time. A returned revision ID is only guaranteed to be valid for 24 hours after it has been returned and cannot be shared across users. If the revision ID is unchanged between calls, then the presentation has not changed. Conversely, a changed ID (for the same presentation and user) usually means the presentation has been updated. However, a changed ID can also be due to internal factors such as ID format changes.
-      "slideProperties": # Object with schema name: SlideProperties # Slide specific properties. Only set if page_type = SLIDE.
+      "slideProperties": { # The properties of Page that are only relevant for pages with page_type SLIDE. # Slide specific properties. Only set if page_type = SLIDE.
+        "isSkipped": True or False, # Whether the slide is skipped in the presentation mode. Defaults to false.
+        "layoutObjectId": "A String", # The object ID of the layout that this slide is based on. This property is read-only.
+        "masterObjectId": "A String", # The object ID of the master that this slide is based on. This property is read-only.
+        "notesPage": # Object with schema name: Page # The notes page that this slide is associated with. It defines the visual appearance of a notes page when printing or exporting slides with speaker notes. A notes page inherits properties from the notes master. The placeholder shape with type BODY on the notes page contains the speaker notes for this slide. The ID of this shape is identified by the speakerNotesObjectId field. The notes page is read-only except for the text content and styles of the speaker notes shape. This property is read-only.
+      },
     },
   ],
   "notesMaster": { # A page in a presentation. # The notes master in the presentation. It serves three purposes: - Placeholder shapes on a notes master contain the default text styles and shape properties of all placeholder shapes on notes pages. Specifically, a `SLIDE_IMAGE` placeholder shape contains the slide thumbnail, and a `BODY` placeholder shape contains the speaker notes. - The notes master page properties define the common page properties inherited by all notes pages. - Any other shapes on the notes master appear on all notes pages. The notes master is read-only.
@@ -9135,7 +8158,12 @@ 
Method Details

     },
     "pageType": "A String", # The type of the page.
     "revisionId": "A String", # Output only. The revision ID of the presentation. Can be used in update requests to assert the presentation revision hasn't changed since the last read operation. Only populated if the user has edit access to the presentation. The revision ID is not a sequential number but an opaque string. The format of the revision ID might change over time. A returned revision ID is only guaranteed to be valid for 24 hours after it has been returned and cannot be shared across users. If the revision ID is unchanged between calls, then the presentation has not changed. Conversely, a changed ID (for the same presentation and user) usually means the presentation has been updated. However, a changed ID can also be due to internal factors such as ID format changes.
-    "slideProperties": # Object with schema name: SlideProperties # Slide specific properties. Only set if page_type = SLIDE.
+    "slideProperties": { # The properties of Page that are only relevant for pages with page_type SLIDE. # Slide specific properties. Only set if page_type = SLIDE.
+      "isSkipped": True or False, # Whether the slide is skipped in the presentation mode. Defaults to false.
+      "layoutObjectId": "A String", # The object ID of the layout that this slide is based on. This property is read-only.
+      "masterObjectId": "A String", # The object ID of the master that this slide is based on. This property is read-only.
+      "notesPage": # Object with schema name: Page # The notes page that this slide is associated with. It defines the visual appearance of a notes page when printing or exporting slides with speaker notes. A notes page inherits properties from the notes master. The placeholder shape with type BODY on the notes page contains the speaker notes for this slide. The ID of this shape is identified by the speakerNotesObjectId field. The notes page is read-only except for the text content and styles of the speaker notes shape. This property is read-only.
+    },
   },
   "pageSize": { # A width and height. # The size of pages in the presentation.
     "height": { # A magnitude in a single direction in the specified units. # The height of the object.
@@ -10156,7 +9184,12 @@ 
Method Details

       },
       "pageType": "A String", # The type of the page.
       "revisionId": "A String", # Output only. The revision ID of the presentation. Can be used in update requests to assert the presentation revision hasn't changed since the last read operation. Only populated if the user has edit access to the presentation. The revision ID is not a sequential number but an opaque string. The format of the revision ID might change over time. A returned revision ID is only guaranteed to be valid for 24 hours after it has been returned and cannot be shared across users. If the revision ID is unchanged between calls, then the presentation has not changed. Conversely, a changed ID (for the same presentation and user) usually means the presentation has been updated. However, a changed ID can also be due to internal factors such as ID format changes.
-      "slideProperties": # Object with schema name: SlideProperties # Slide specific properties. Only set if page_type = SLIDE.
+      "slideProperties": { # The properties of Page that are only relevant for pages with page_type SLIDE. # Slide specific properties. Only set if page_type = SLIDE.
+        "isSkipped": True or False, # Whether the slide is skipped in the presentation mode. Defaults to false.
+        "layoutObjectId": "A String", # The object ID of the layout that this slide is based on. This property is read-only.
+        "masterObjectId": "A String", # The object ID of the master that this slide is based on. This property is read-only.
+        "notesPage": # Object with schema name: Page # The notes page that this slide is associated with. It defines the visual appearance of a notes page when printing or exporting slides with speaker notes. A notes page inherits properties from the notes master. The placeholder shape with type BODY on the notes page contains the speaker notes for this slide. The ID of this shape is identified by the speakerNotesObjectId field. The notes page is read-only except for the text content and styles of the speaker notes shape. This property is read-only.
+      },
     },
   ],
   "title": "A String", # The title of the presentation.
@@ -11185,7 +10218,12 @@ 
Method Details

       },
       "pageType": "A String", # The type of the page.
       "revisionId": "A String", # Output only. The revision ID of the presentation. Can be used in update requests to assert the presentation revision hasn't changed since the last read operation. Only populated if the user has edit access to the presentation. The revision ID is not a sequential number but an opaque string. The format of the revision ID might change over time. A returned revision ID is only guaranteed to be valid for 24 hours after it has been returned and cannot be shared across users. If the revision ID is unchanged between calls, then the presentation has not changed. Conversely, a changed ID (for the same presentation and user) usually means the presentation has been updated. However, a changed ID can also be due to internal factors such as ID format changes.
-      "slideProperties": # Object with schema name: SlideProperties # Slide specific properties. Only set if page_type = SLIDE.
+      "slideProperties": { # The properties of Page that are only relevant for pages with page_type SLIDE. # Slide specific properties. Only set if page_type = SLIDE.
+        "isSkipped": True or False, # Whether the slide is skipped in the presentation mode. Defaults to false.
+        "layoutObjectId": "A String", # The object ID of the layout that this slide is based on. This property is read-only.
+        "masterObjectId": "A String", # The object ID of the master that this slide is based on. This property is read-only.
+        "notesPage": # Object with schema name: Page # The notes page that this slide is associated with. It defines the visual appearance of a notes page when printing or exporting slides with speaker notes. A notes page inherits properties from the notes master. The placeholder shape with type BODY on the notes page contains the speaker notes for this slide. The ID of this shape is identified by the speakerNotesObjectId field. The notes page is read-only except for the text content and styles of the speaker notes shape. This property is read-only.
+      },
     },
   ],
   "locale": "A String", # The locale of the presentation, as an IETF BCP 47 language tag.
@@ -12196,7 +11234,12 @@ 
Method Details

       },
       "pageType": "A String", # The type of the page.
       "revisionId": "A String", # Output only. The revision ID of the presentation. Can be used in update requests to assert the presentation revision hasn't changed since the last read operation. Only populated if the user has edit access to the presentation. The revision ID is not a sequential number but an opaque string. The format of the revision ID might change over time. A returned revision ID is only guaranteed to be valid for 24 hours after it has been returned and cannot be shared across users. If the revision ID is unchanged between calls, then the presentation has not changed. Conversely, a changed ID (for the same presentation and user) usually means the presentation has been updated. However, a changed ID can also be due to internal factors such as ID format changes.
-      "slideProperties": # Object with schema name: SlideProperties # Slide specific properties. Only set if page_type = SLIDE.
+      "slideProperties": { # The properties of Page that are only relevant for pages with page_type SLIDE. # Slide specific properties. Only set if page_type = SLIDE.
+        "isSkipped": True or False, # Whether the slide is skipped in the presentation mode. Defaults to false.
+        "layoutObjectId": "A String", # The object ID of the layout that this slide is based on. This property is read-only.
+        "masterObjectId": "A String", # The object ID of the master that this slide is based on. This property is read-only.
+        "notesPage": # Object with schema name: Page # The notes page that this slide is associated with. It defines the visual appearance of a notes page when printing or exporting slides with speaker notes. A notes page inherits properties from the notes master. The placeholder shape with type BODY on the notes page contains the speaker notes for this slide. The ID of this shape is identified by the speakerNotesObjectId field. The notes page is read-only except for the text content and styles of the speaker notes shape. This property is read-only.
+      },
     },
   ],
   "notesMaster": { # A page in a presentation. # The notes master in the presentation. It serves three purposes: - Placeholder shapes on a notes master contain the default text styles and shape properties of all placeholder shapes on notes pages. Specifically, a `SLIDE_IMAGE` placeholder shape contains the slide thumbnail, and a `BODY` placeholder shape contains the speaker notes. - The notes master page properties define the common page properties inherited by all notes pages. - Any other shapes on the notes master appear on all notes pages. The notes master is read-only.
@@ -13205,7 +12248,12 @@ 
Method Details

     },
     "pageType": "A String", # The type of the page.
     "revisionId": "A String", # Output only. The revision ID of the presentation. Can be used in update requests to assert the presentation revision hasn't changed since the last read operation. Only populated if the user has edit access to the presentation. The revision ID is not a sequential number but an opaque string. The format of the revision ID might change over time. A returned revision ID is only guaranteed to be valid for 24 hours after it has been returned and cannot be shared across users. If the revision ID is unchanged between calls, then the presentation has not changed. Conversely, a changed ID (for the same presentation and user) usually means the presentation has been updated. However, a changed ID can also be due to internal factors such as ID format changes.
-    "slideProperties": # Object with schema name: SlideProperties # Slide specific properties. Only set if page_type = SLIDE.
+    "slideProperties": { # The properties of Page that are only relevant for pages with page_type SLIDE. # Slide specific properties. Only set if page_type = SLIDE.
+      "isSkipped": True or False, # Whether the slide is skipped in the presentation mode. Defaults to false.
+      "layoutObjectId": "A String", # The object ID of the layout that this slide is based on. This property is read-only.
+      "masterObjectId": "A String", # The object ID of the master that this slide is based on. This property is read-only.
+      "notesPage": # Object with schema name: Page # The notes page that this slide is associated with. It defines the visual appearance of a notes page when printing or exporting slides with speaker notes. A notes page inherits properties from the notes master. The placeholder shape with type BODY on the notes page contains the speaker notes for this slide. The ID of this shape is identified by the speakerNotesObjectId field. The notes page is read-only except for the text content and styles of the speaker notes shape. This property is read-only.
+    },
   },
   "pageSize": { # A width and height. # The size of pages in the presentation.
     "height": { # A magnitude in a single direction in the specified units. # The height of the object.
@@ -14226,7 +13274,12 @@ 
Method Details

       },
       "pageType": "A String", # The type of the page.
       "revisionId": "A String", # Output only. The revision ID of the presentation. Can be used in update requests to assert the presentation revision hasn't changed since the last read operation. Only populated if the user has edit access to the presentation. The revision ID is not a sequential number but an opaque string. The format of the revision ID might change over time. A returned revision ID is only guaranteed to be valid for 24 hours after it has been returned and cannot be shared across users. If the revision ID is unchanged between calls, then the presentation has not changed. Conversely, a changed ID (for the same presentation and user) usually means the presentation has been updated. However, a changed ID can also be due to internal factors such as ID format changes.
-      "slideProperties": # Object with schema name: SlideProperties # Slide specific properties. Only set if page_type = SLIDE.
+      "slideProperties": { # The properties of Page that are only relevant for pages with page_type SLIDE. # Slide specific properties. Only set if page_type = SLIDE.
+        "isSkipped": True or False, # Whether the slide is skipped in the presentation mode. Defaults to false.
+        "layoutObjectId": "A String", # The object ID of the layout that this slide is based on. This property is read-only.
+        "masterObjectId": "A String", # The object ID of the master that this slide is based on. This property is read-only.
+        "notesPage": # Object with schema name: Page # The notes page that this slide is associated with. It defines the visual appearance of a notes page when printing or exporting slides with speaker notes. A notes page inherits properties from the notes master. The placeholder shape with type BODY on the notes page contains the speaker notes for this slide. The ID of this shape is identified by the speakerNotesObjectId field. The notes page is read-only except for the text content and styles of the speaker notes shape. This property is read-only.
+      },
     },
   ],
   "title": "A String", # The title of the presentation.
diff --git a/docs/dyn/slides_v1.presentations.pages.html b/docs/dyn/slides_v1.presentations.pages.html
index d6c583bb80b..7671a5028bb 100644
--- a/docs/dyn/slides_v1.presentations.pages.html
+++ b/docs/dyn/slides_v1.presentations.pages.html
@@ -1110,7 +1110,12 @@ 
Method Details

   },
   "pageType": "A String", # The type of the page.
   "revisionId": "A String", # Output only. The revision ID of the presentation. Can be used in update requests to assert the presentation revision hasn't changed since the last read operation. Only populated if the user has edit access to the presentation. The revision ID is not a sequential number but an opaque string. The format of the revision ID might change over time. A returned revision ID is only guaranteed to be valid for 24 hours after it has been returned and cannot be shared across users. If the revision ID is unchanged between calls, then the presentation has not changed. Conversely, a changed ID (for the same presentation and user) usually means the presentation has been updated. However, a changed ID can also be due to internal factors such as ID format changes.
-  "slideProperties": # Object with schema name: SlideProperties # Slide specific properties. Only set if page_type = SLIDE.
+  "slideProperties": { # The properties of Page that are only relevant for pages with page_type SLIDE. # Slide specific properties. Only set if page_type = SLIDE.
+    "isSkipped": True or False, # Whether the slide is skipped in the presentation mode. Defaults to false.
+    "layoutObjectId": "A String", # The object ID of the layout that this slide is based on. This property is read-only.
+    "masterObjectId": "A String", # The object ID of the master that this slide is based on. This property is read-only.
+    "notesPage": # Object with schema name: Page # The notes page that this slide is associated with. It defines the visual appearance of a notes page when printing or exporting slides with speaker notes. A notes page inherits properties from the notes master. The placeholder shape with type BODY on the notes page contains the speaker notes for this slide. The ID of this shape is identified by the speakerNotesObjectId field. The notes page is read-only except for the text content and styles of the speaker notes shape. This property is read-only.
+  },
 }

 

 
diff --git a/docs/dyn/spanner_v1.projects.instances.databases.sessions.html b/docs/dyn/spanner_v1.projects.instances.databases.sessions.html
index 615f5df113b..961ac25912f 100644
--- a/docs/dyn/spanner_v1.projects.instances.databases.sessions.html
+++ b/docs/dyn/spanner_v1.projects.instances.databases.sessions.html
@@ -425,7 +425,14 @@ 
Method Details

         "a_key": { # `Type` indicates the type of a Cloud Spanner value, as might be stored in a table cell or returned from an SQL query.
           "arrayElementType": # Object with schema name: Type # If code == ARRAY, then `array_element_type` is the type of the array elements.
           "code": "A String", # Required. The TypeCode for this type.
-          "structType": # Object with schema name: StructType # If code == STRUCT, then `struct_type` provides type information for the struct's fields.
+          "structType": { # `StructType` defines the fields of a STRUCT type. # If code == STRUCT, then `struct_type` provides type information for the struct's fields.
+            "fields": [ # The list of fields that make up this struct. Order is significant, because values of this struct type are represented as lists, where the order of field values matches the order of fields in the StructType. In turn, the order of fields matches the order of columns in a read request, or the order of fields in the `SELECT` clause of a query.
+              { # Message representing a single field of a struct.
+                "name": "A String", # The name of the field. For reads, this is the column name. For SQL queries, it is the column alias (e.g., `"Word"` in the query `"SELECT 'hello' AS Word"`), or the column name (e.g., `"ColName"` in the query `"SELECT ColName FROM Table"`). Some columns might have an empty name (e.g., `"SELECT UPPER(ColName)"`). Note that a query result can contain multiple fields with the same name.
+                "type": # Object with schema name: Type # The type of the field.
+              },
+            ],
+          },
           "typeAnnotation": "A String", # The TypeAnnotationCode that disambiguates SQL type that Spanner will use to represent values of this type during query processing. This is necessary for some type codes because a single TypeCode can be mapped to different SQL types depending on the SQL dialect. type_annotation typically is not needed to process the content of a value (it doesn't affect serialization) and clients can ignore it on the read path.
         },
       },
@@ -484,12 +491,7 @@ 
Method Details

           "fields": [ # The list of fields that make up this struct. Order is significant, because values of this struct type are represented as lists, where the order of field values matches the order of fields in the StructType. In turn, the order of fields matches the order of columns in a read request, or the order of fields in the `SELECT` clause of a query.
             { # Message representing a single field of a struct.
               "name": "A String", # The name of the field. For reads, this is the column name. For SQL queries, it is the column alias (e.g., `"Word"` in the query `"SELECT 'hello' AS Word"`), or the column name (e.g., `"ColName"` in the query `"SELECT ColName FROM Table"`). Some columns might have an empty name (e.g., `"SELECT UPPER(ColName)"`). Note that a query result can contain multiple fields with the same name.
-              "type": { # `Type` indicates the type of a Cloud Spanner value, as might be stored in a table cell or returned from an SQL query. # The type of the field.
-                "arrayElementType": # Object with schema name: Type # If code == ARRAY, then `array_element_type` is the type of the array elements.
-                "code": "A String", # Required. The TypeCode for this type.
-                "structType": # Object with schema name: StructType # If code == STRUCT, then `struct_type` provides type information for the struct's fields.
-                "typeAnnotation": "A String", # The TypeAnnotationCode that disambiguates SQL type that Spanner will use to represent values of this type during query processing. This is necessary for some type codes because a single TypeCode can be mapped to different SQL types depending on the SQL dialect. type_annotation typically is not needed to process the content of a value (it doesn't affect serialization) and clients can ignore it on the read path.
-              },
+              "type": # Object with schema name: Type # The type of the field.
             },
           ],
         },
@@ -566,7 +568,14 @@ 
Method Details

     "a_key": { # `Type` indicates the type of a Cloud Spanner value, as might be stored in a table cell or returned from an SQL query.
       "arrayElementType": # Object with schema name: Type # If code == ARRAY, then `array_element_type` is the type of the array elements.
       "code": "A String", # Required. The TypeCode for this type.
-      "structType": # Object with schema name: StructType # If code == STRUCT, then `struct_type` provides type information for the struct's fields.
+      "structType": { # `StructType` defines the fields of a STRUCT type. # If code == STRUCT, then `struct_type` provides type information for the struct's fields.
+        "fields": [ # The list of fields that make up this struct. Order is significant, because values of this struct type are represented as lists, where the order of field values matches the order of fields in the StructType. In turn, the order of fields matches the order of columns in a read request, or the order of fields in the `SELECT` clause of a query.
+          { # Message representing a single field of a struct.
+            "name": "A String", # The name of the field. For reads, this is the column name. For SQL queries, it is the column alias (e.g., `"Word"` in the query `"SELECT 'hello' AS Word"`), or the column name (e.g., `"ColName"` in the query `"SELECT ColName FROM Table"`). Some columns might have an empty name (e.g., `"SELECT UPPER(ColName)"`). Note that a query result can contain multiple fields with the same name.
+            "type": # Object with schema name: Type # The type of the field.
+          },
+        ],
+      },
       "typeAnnotation": "A String", # The TypeAnnotationCode that disambiguates SQL type that Spanner will use to represent values of this type during query processing. This is necessary for some type codes because a single TypeCode can be mapped to different SQL types depending on the SQL dialect. type_annotation typically is not needed to process the content of a value (it doesn't affect serialization) and clients can ignore it on the read path.
     },
   },
@@ -634,12 +643,7 @@ 
Method Details

       "fields": [ # The list of fields that make up this struct. Order is significant, because values of this struct type are represented as lists, where the order of field values matches the order of fields in the StructType. In turn, the order of fields matches the order of columns in a read request, or the order of fields in the `SELECT` clause of a query.
         { # Message representing a single field of a struct.
           "name": "A String", # The name of the field. For reads, this is the column name. For SQL queries, it is the column alias (e.g., `"Word"` in the query `"SELECT 'hello' AS Word"`), or the column name (e.g., `"ColName"` in the query `"SELECT ColName FROM Table"`). Some columns might have an empty name (e.g., `"SELECT UPPER(ColName)"`). Note that a query result can contain multiple fields with the same name.
-          "type": { # `Type` indicates the type of a Cloud Spanner value, as might be stored in a table cell or returned from an SQL query. # The type of the field.
-            "arrayElementType": # Object with schema name: Type # If code == ARRAY, then `array_element_type` is the type of the array elements.
-            "code": "A String", # Required. The TypeCode for this type.
-            "structType": # Object with schema name: StructType # If code == STRUCT, then `struct_type` provides type information for the struct's fields.
-            "typeAnnotation": "A String", # The TypeAnnotationCode that disambiguates SQL type that Spanner will use to represent values of this type during query processing. This is necessary for some type codes because a single TypeCode can be mapped to different SQL types depending on the SQL dialect. type_annotation typically is not needed to process the content of a value (it doesn't affect serialization) and clients can ignore it on the read path.
-          },
+          "type": # Object with schema name: Type # The type of the field.
         },
       ],
     },
@@ -705,7 +709,14 @@ 
Method Details

     "a_key": { # `Type` indicates the type of a Cloud Spanner value, as might be stored in a table cell or returned from an SQL query.
       "arrayElementType": # Object with schema name: Type # If code == ARRAY, then `array_element_type` is the type of the array elements.
       "code": "A String", # Required. The TypeCode for this type.
-      "structType": # Object with schema name: StructType # If code == STRUCT, then `struct_type` provides type information for the struct's fields.
+      "structType": { # `StructType` defines the fields of a STRUCT type. # If code == STRUCT, then `struct_type` provides type information for the struct's fields.
+        "fields": [ # The list of fields that make up this struct. Order is significant, because values of this struct type are represented as lists, where the order of field values matches the order of fields in the StructType. In turn, the order of fields matches the order of columns in a read request, or the order of fields in the `SELECT` clause of a query.
+          { # Message representing a single field of a struct.
+            "name": "A String", # The name of the field. For reads, this is the column name. For SQL queries, it is the column alias (e.g., `"Word"` in the query `"SELECT 'hello' AS Word"`), or the column name (e.g., `"ColName"` in the query `"SELECT ColName FROM Table"`). Some columns might have an empty name (e.g., `"SELECT UPPER(ColName)"`). Note that a query result can contain multiple fields with the same name.
+            "type": # Object with schema name: Type # The type of the field.
+          },
+        ],
+      },
       "typeAnnotation": "A String", # The TypeAnnotationCode that disambiguates SQL type that Spanner will use to represent values of this type during query processing. This is necessary for some type codes because a single TypeCode can be mapped to different SQL types depending on the SQL dialect. type_annotation typically is not needed to process the content of a value (it doesn't affect serialization) and clients can ignore it on the read path.
     },
   },
@@ -774,12 +785,7 @@ 
Method Details

       "fields": [ # The list of fields that make up this struct. Order is significant, because values of this struct type are represented as lists, where the order of field values matches the order of fields in the StructType. In turn, the order of fields matches the order of columns in a read request, or the order of fields in the `SELECT` clause of a query.
         { # Message representing a single field of a struct.
           "name": "A String", # The name of the field. For reads, this is the column name. For SQL queries, it is the column alias (e.g., `"Word"` in the query `"SELECT 'hello' AS Word"`), or the column name (e.g., `"ColName"` in the query `"SELECT ColName FROM Table"`). Some columns might have an empty name (e.g., `"SELECT UPPER(ColName)"`). Note that a query result can contain multiple fields with the same name.
-          "type": { # `Type` indicates the type of a Cloud Spanner value, as might be stored in a table cell or returned from an SQL query. # The type of the field.
-            "arrayElementType": # Object with schema name: Type # If code == ARRAY, then `array_element_type` is the type of the array elements.
-            "code": "A String", # Required. The TypeCode for this type.
-            "structType": # Object with schema name: StructType # If code == STRUCT, then `struct_type` provides type information for the struct's fields.
-            "typeAnnotation": "A String", # The TypeAnnotationCode that disambiguates SQL type that Spanner will use to represent values of this type during query processing. This is necessary for some type codes because a single TypeCode can be mapped to different SQL types depending on the SQL dialect. type_annotation typically is not needed to process the content of a value (it doesn't affect serialization) and clients can ignore it on the read path.
-          },
+          "type": # Object with schema name: Type # The type of the field.
         },
       ],
     },
@@ -916,7 +922,14 @@ 
Method Details

     "a_key": { # `Type` indicates the type of a Cloud Spanner value, as might be stored in a table cell or returned from an SQL query.
       "arrayElementType": # Object with schema name: Type # If code == ARRAY, then `array_element_type` is the type of the array elements.
       "code": "A String", # Required. The TypeCode for this type.
-      "structType": # Object with schema name: StructType # If code == STRUCT, then `struct_type` provides type information for the struct's fields.
+      "structType": { # `StructType` defines the fields of a STRUCT type. # If code == STRUCT, then `struct_type` provides type information for the struct's fields.
+        "fields": [ # The list of fields that make up this struct. Order is significant, because values of this struct type are represented as lists, where the order of field values matches the order of fields in the StructType. In turn, the order of fields matches the order of columns in a read request, or the order of fields in the `SELECT` clause of a query.
+          { # Message representing a single field of a struct.
+            "name": "A String", # The name of the field. For reads, this is the column name. For SQL queries, it is the column alias (e.g., `"Word"` in the query `"SELECT 'hello' AS Word"`), or the column name (e.g., `"ColName"` in the query `"SELECT ColName FROM Table"`). Some columns might have an empty name (e.g., `"SELECT UPPER(ColName)"`). Note that a query result can contain multiple fields with the same name.
+            "type": # Object with schema name: Type # The type of the field.
+          },
+        ],
+      },
       "typeAnnotation": "A String", # The TypeAnnotationCode that disambiguates SQL type that Spanner will use to represent values of this type during query processing. This is necessary for some type codes because a single TypeCode can be mapped to different SQL types depending on the SQL dialect. type_annotation typically is not needed to process the content of a value (it doesn't affect serialization) and clients can ignore it on the read path.
     },
   },
@@ -1173,12 +1186,7 @@ 
Method Details

       "fields": [ # The list of fields that make up this struct. Order is significant, because values of this struct type are represented as lists, where the order of field values matches the order of fields in the StructType. In turn, the order of fields matches the order of columns in a read request, or the order of fields in the `SELECT` clause of a query.
         { # Message representing a single field of a struct.
           "name": "A String", # The name of the field. For reads, this is the column name. For SQL queries, it is the column alias (e.g., `"Word"` in the query `"SELECT 'hello' AS Word"`), or the column name (e.g., `"ColName"` in the query `"SELECT ColName FROM Table"`). Some columns might have an empty name (e.g., `"SELECT UPPER(ColName)"`). Note that a query result can contain multiple fields with the same name.
-          "type": { # `Type` indicates the type of a Cloud Spanner value, as might be stored in a table cell or returned from an SQL query. # The type of the field.
-            "arrayElementType": # Object with schema name: Type # If code == ARRAY, then `array_element_type` is the type of the array elements.
-            "code": "A String", # Required. The TypeCode for this type.
-            "structType": # Object with schema name: StructType # If code == STRUCT, then `struct_type` provides type information for the struct's fields.
-            "typeAnnotation": "A String", # The TypeAnnotationCode that disambiguates SQL type that Spanner will use to represent values of this type during query processing. This is necessary for some type codes because a single TypeCode can be mapped to different SQL types depending on the SQL dialect. type_annotation typically is not needed to process the content of a value (it doesn't affect serialization) and clients can ignore it on the read path.
-          },
+          "type": # Object with schema name: Type # The type of the field.
         },
       ],
     },
@@ -1350,12 +1358,7 @@ 
Method Details

       "fields": [ # The list of fields that make up this struct. Order is significant, because values of this struct type are represented as lists, where the order of field values matches the order of fields in the StructType. In turn, the order of fields matches the order of columns in a read request, or the order of fields in the `SELECT` clause of a query.
         { # Message representing a single field of a struct.
           "name": "A String", # The name of the field. For reads, this is the column name. For SQL queries, it is the column alias (e.g., `"Word"` in the query `"SELECT 'hello' AS Word"`), or the column name (e.g., `"ColName"` in the query `"SELECT ColName FROM Table"`). Some columns might have an empty name (e.g., `"SELECT UPPER(ColName)"`). Note that a query result can contain multiple fields with the same name.
-          "type": { # `Type` indicates the type of a Cloud Spanner value, as might be stored in a table cell or returned from an SQL query. # The type of the field.
-            "arrayElementType": # Object with schema name: Type # If code == ARRAY, then `array_element_type` is the type of the array elements.
-            "code": "A String", # Required. The TypeCode for this type.
-            "structType": # Object with schema name: StructType # If code == STRUCT, then `struct_type` provides type information for the struct's fields.
-            "typeAnnotation": "A String", # The TypeAnnotationCode that disambiguates SQL type that Spanner will use to represent values of this type during query processing. This is necessary for some type codes because a single TypeCode can be mapped to different SQL types depending on the SQL dialect. type_annotation typically is not needed to process the content of a value (it doesn't affect serialization) and clients can ignore it on the read path.
-          },
+          "type": # Object with schema name: Type # The type of the field.
         },
       ],
     },
diff --git a/docs/dyn/tagmanager_v2.accounts.containers.versions.html b/docs/dyn/tagmanager_v2.accounts.containers.versions.html
index 7458413cc6a..36c09ef17b5 100644
--- a/docs/dyn/tagmanager_v2.accounts.containers.versions.html
+++ b/docs/dyn/tagmanager_v2.accounts.containers.versions.html
@@ -713,19 +713,6 @@ 
Method Details

       "fingerprint": "A String", # The fingerprint of the GTM Zone as computed at storage time. This value is recomputed whenever the zone is modified.
       "name": "A String", # Zone display name.
       "notes": "A String", # User notes on how to apply this zone in the container.
-      "parameter": [ # Additional parameters.
-        { # Represents a Google Tag Manager Parameter.
-          "key": "A String", # The named key that uniquely identifies a parameter. Required for top-level parameters, as well as map values. Ignored for list values. @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-          "list": [ # This list parameter's parameters (keys will be ignored). @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-            # Object with schema name: Parameter
-          ],
-          "map": [ # This map parameter's parameters (must have keys; keys must be unique). @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-            # Object with schema name: Parameter
-          ],
-          "type": "A String", # The parameter type. Valid values are: - boolean: The value represents a boolean, represented as 'true' or 'false' - integer: The value represents a 64-bit signed integer value, in base 10 - list: A list of parameters should be specified - map: A map of parameters should be specified - template: The value represents any text; this can include variable references (even variable references that might return non-string types) - trigger_reference: The value represents a trigger, represented as the trigger id - tag_reference: The value represents a tag, represented as the tag name @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-          "value": "A String", # A parameter's value (may contain variable references such as "{{myVariable}}") as appropriate to the specified type. @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-        },
-      ],
       "path": "A String", # GTM Zone's API relative path.
       "tagManagerUrl": "A String", # Auto generated link to the tag manager UI
       "typeRestriction": { # Represents a Zone's type restrictions. # This Zone's type restrictions.
@@ -1336,19 +1323,6 @@ 
Method Details

       "fingerprint": "A String", # The fingerprint of the GTM Zone as computed at storage time. This value is recomputed whenever the zone is modified.
       "name": "A String", # Zone display name.
       "notes": "A String", # User notes on how to apply this zone in the container.
-      "parameter": [ # Additional parameters.
-        { # Represents a Google Tag Manager Parameter.
-          "key": "A String", # The named key that uniquely identifies a parameter. Required for top-level parameters, as well as map values. Ignored for list values. @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-          "list": [ # This list parameter's parameters (keys will be ignored). @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-            # Object with schema name: Parameter
-          ],
-          "map": [ # This map parameter's parameters (must have keys; keys must be unique). @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-            # Object with schema name: Parameter
-          ],
-          "type": "A String", # The parameter type. Valid values are: - boolean: The value represents a boolean, represented as 'true' or 'false' - integer: The value represents a 64-bit signed integer value, in base 10 - list: A list of parameters should be specified - map: A map of parameters should be specified - template: The value represents any text; this can include variable references (even variable references that might return non-string types) - trigger_reference: The value represents a trigger, represented as the trigger id - tag_reference: The value represents a tag, represented as the tag name @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-          "value": "A String", # A parameter's value (may contain variable references such as "{{myVariable}}") as appropriate to the specified type. @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-        },
-      ],
       "path": "A String", # GTM Zone's API relative path.
       "tagManagerUrl": "A String", # Auto generated link to the tag manager UI
       "typeRestriction": { # Represents a Zone's type restrictions. # This Zone's type restrictions.
@@ -1962,19 +1936,6 @@ 
Method Details

         "fingerprint": "A String", # The fingerprint of the GTM Zone as computed at storage time. This value is recomputed whenever the zone is modified.
         "name": "A String", # Zone display name.
         "notes": "A String", # User notes on how to apply this zone in the container.
-        "parameter": [ # Additional parameters.
-          { # Represents a Google Tag Manager Parameter.
-            "key": "A String", # The named key that uniquely identifies a parameter. Required for top-level parameters, as well as map values. Ignored for list values. @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-            "list": [ # This list parameter's parameters (keys will be ignored). @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-              # Object with schema name: Parameter
-            ],
-            "map": [ # This map parameter's parameters (must have keys; keys must be unique). @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-              # Object with schema name: Parameter
-            ],
-            "type": "A String", # The parameter type. Valid values are: - boolean: The value represents a boolean, represented as 'true' or 'false' - integer: The value represents a 64-bit signed integer value, in base 10 - list: A list of parameters should be specified - map: A map of parameters should be specified - template: The value represents any text; this can include variable references (even variable references that might return non-string types) - trigger_reference: The value represents a trigger, represented as the trigger id - tag_reference: The value represents a tag, represented as the tag name @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-            "value": "A String", # A parameter's value (may contain variable references such as "{{myVariable}}") as appropriate to the specified type. @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-          },
-        ],
         "path": "A String", # GTM Zone's API relative path.
         "tagManagerUrl": "A String", # Auto generated link to the tag manager UI
         "typeRestriction": { # Represents a Zone's type restrictions. # This Zone's type restrictions.
@@ -2586,19 +2547,6 @@ 
Method Details

       "fingerprint": "A String", # The fingerprint of the GTM Zone as computed at storage time. This value is recomputed whenever the zone is modified.
       "name": "A String", # Zone display name.
       "notes": "A String", # User notes on how to apply this zone in the container.
-      "parameter": [ # Additional parameters.
-        { # Represents a Google Tag Manager Parameter.
-          "key": "A String", # The named key that uniquely identifies a parameter. Required for top-level parameters, as well as map values. Ignored for list values. @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-          "list": [ # This list parameter's parameters (keys will be ignored). @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-            # Object with schema name: Parameter
-          ],
-          "map": [ # This map parameter's parameters (must have keys; keys must be unique). @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-            # Object with schema name: Parameter
-          ],
-          "type": "A String", # The parameter type. Valid values are: - boolean: The value represents a boolean, represented as 'true' or 'false' - integer: The value represents a 64-bit signed integer value, in base 10 - list: A list of parameters should be specified - map: A map of parameters should be specified - template: The value represents any text; this can include variable references (even variable references that might return non-string types) - trigger_reference: The value represents a trigger, represented as the trigger id - tag_reference: The value represents a tag, represented as the tag name @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-          "value": "A String", # A parameter's value (may contain variable references such as "{{myVariable}}") as appropriate to the specified type. @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-        },
-      ],
       "path": "A String", # GTM Zone's API relative path.
       "tagManagerUrl": "A String", # Auto generated link to the tag manager UI
       "typeRestriction": { # Represents a Zone's type restrictions. # This Zone's type restrictions.
@@ -3209,19 +3157,6 @@ 
Method Details

       "fingerprint": "A String", # The fingerprint of the GTM Zone as computed at storage time. This value is recomputed whenever the zone is modified.
       "name": "A String", # Zone display name.
       "notes": "A String", # User notes on how to apply this zone in the container.
-      "parameter": [ # Additional parameters.
-        { # Represents a Google Tag Manager Parameter.
-          "key": "A String", # The named key that uniquely identifies a parameter. Required for top-level parameters, as well as map values. Ignored for list values. @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-          "list": [ # This list parameter's parameters (keys will be ignored). @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-            # Object with schema name: Parameter
-          ],
-          "map": [ # This map parameter's parameters (must have keys; keys must be unique). @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-            # Object with schema name: Parameter
-          ],
-          "type": "A String", # The parameter type. Valid values are: - boolean: The value represents a boolean, represented as 'true' or 'false' - integer: The value represents a 64-bit signed integer value, in base 10 - list: A list of parameters should be specified - map: A map of parameters should be specified - template: The value represents any text; this can include variable references (even variable references that might return non-string types) - trigger_reference: The value represents a trigger, represented as the trigger id - tag_reference: The value represents a tag, represented as the tag name @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-          "value": "A String", # A parameter's value (may contain variable references such as "{{myVariable}}") as appropriate to the specified type. @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-        },
-      ],
       "path": "A String", # GTM Zone's API relative path.
       "tagManagerUrl": "A String", # Auto generated link to the tag manager UI
       "typeRestriction": { # Represents a Zone's type restrictions. # This Zone's type restrictions.
@@ -3827,19 +3762,6 @@ 
Method Details

       "fingerprint": "A String", # The fingerprint of the GTM Zone as computed at storage time. This value is recomputed whenever the zone is modified.
       "name": "A String", # Zone display name.
       "notes": "A String", # User notes on how to apply this zone in the container.
-      "parameter": [ # Additional parameters.
-        { # Represents a Google Tag Manager Parameter.
-          "key": "A String", # The named key that uniquely identifies a parameter. Required for top-level parameters, as well as map values. Ignored for list values. @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-          "list": [ # This list parameter's parameters (keys will be ignored). @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-            # Object with schema name: Parameter
-          ],
-          "map": [ # This map parameter's parameters (must have keys; keys must be unique). @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-            # Object with schema name: Parameter
-          ],
-          "type": "A String", # The parameter type. Valid values are: - boolean: The value represents a boolean, represented as 'true' or 'false' - integer: The value represents a 64-bit signed integer value, in base 10 - list: A list of parameters should be specified - map: A map of parameters should be specified - template: The value represents any text; this can include variable references (even variable references that might return non-string types) - trigger_reference: The value represents a trigger, represented as the trigger id - tag_reference: The value represents a tag, represented as the tag name @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-          "value": "A String", # A parameter's value (may contain variable references such as "{{myVariable}}") as appropriate to the specified type. @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-        },
-      ],
       "path": "A String", # GTM Zone's API relative path.
       "tagManagerUrl": "A String", # Auto generated link to the tag manager UI
       "typeRestriction": { # Represents a Zone's type restrictions. # This Zone's type restrictions.
@@ -4444,19 +4366,6 @@ 
Method Details

       "fingerprint": "A String", # The fingerprint of the GTM Zone as computed at storage time. This value is recomputed whenever the zone is modified.
       "name": "A String", # Zone display name.
       "notes": "A String", # User notes on how to apply this zone in the container.
-      "parameter": [ # Additional parameters.
-        { # Represents a Google Tag Manager Parameter.
-          "key": "A String", # The named key that uniquely identifies a parameter. Required for top-level parameters, as well as map values. Ignored for list values. @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-          "list": [ # This list parameter's parameters (keys will be ignored). @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-            # Object with schema name: Parameter
-          ],
-          "map": [ # This map parameter's parameters (must have keys; keys must be unique). @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-            # Object with schema name: Parameter
-          ],
-          "type": "A String", # The parameter type. Valid values are: - boolean: The value represents a boolean, represented as 'true' or 'false' - integer: The value represents a 64-bit signed integer value, in base 10 - list: A list of parameters should be specified - map: A map of parameters should be specified - template: The value represents any text; this can include variable references (even variable references that might return non-string types) - trigger_reference: The value represents a trigger, represented as the trigger id - tag_reference: The value represents a tag, represented as the tag name @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-          "value": "A String", # A parameter's value (may contain variable references such as "{{myVariable}}") as appropriate to the specified type. @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-        },
-      ],
       "path": "A String", # GTM Zone's API relative path.
       "tagManagerUrl": "A String", # Auto generated link to the tag manager UI
       "typeRestriction": { # Represents a Zone's type restrictions. # This Zone's type restrictions.
diff --git a/docs/dyn/tagmanager_v2.accounts.containers.workspaces.html b/docs/dyn/tagmanager_v2.accounts.containers.workspaces.html
index c9233b6cb06..27688b12a03 100644
--- a/docs/dyn/tagmanager_v2.accounts.containers.workspaces.html
+++ b/docs/dyn/tagmanager_v2.accounts.containers.workspaces.html
@@ -801,19 +801,6 @@ 
Method Details

         "fingerprint": "A String", # The fingerprint of the GTM Zone as computed at storage time. This value is recomputed whenever the zone is modified.
         "name": "A String", # Zone display name.
         "notes": "A String", # User notes on how to apply this zone in the container.
-        "parameter": [ # Additional parameters.
-          { # Represents a Google Tag Manager Parameter.
-            "key": "A String", # The named key that uniquely identifies a parameter. Required for top-level parameters, as well as map values. Ignored for list values. @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-            "list": [ # This list parameter's parameters (keys will be ignored). @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-              # Object with schema name: Parameter
-            ],
-            "map": [ # This map parameter's parameters (must have keys; keys must be unique). @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-              # Object with schema name: Parameter
-            ],
-            "type": "A String", # The parameter type. Valid values are: - boolean: The value represents a boolean, represented as 'true' or 'false' - integer: The value represents a 64-bit signed integer value, in base 10 - list: A list of parameters should be specified - map: A map of parameters should be specified - template: The value represents any text; this can include variable references (even variable references that might return non-string types) - trigger_reference: The value represents a trigger, represented as the trigger id - tag_reference: The value represents a tag, represented as the tag name @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-            "value": "A String", # A parameter's value (may contain variable references such as "{{myVariable}}") as appropriate to the specified type. @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-          },
-        ],
         "path": "A String", # GTM Zone's API relative path.
         "tagManagerUrl": "A String", # Auto generated link to the tag manager UI
         "typeRestriction": { # Represents a Zone's type restrictions. # This Zone's type restrictions.
@@ -2984,19 +2971,6 @@ 
Method Details

         "fingerprint": "A String", # The fingerprint of the GTM Zone as computed at storage time. This value is recomputed whenever the zone is modified.
         "name": "A String", # Zone display name.
         "notes": "A String", # User notes on how to apply this zone in the container.
-        "parameter": [ # Additional parameters.
-          { # Represents a Google Tag Manager Parameter.
-            "key": "A String", # The named key that uniquely identifies a parameter. Required for top-level parameters, as well as map values. Ignored for list values. @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-            "list": [ # This list parameter's parameters (keys will be ignored). @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-              # Object with schema name: Parameter
-            ],
-            "map": [ # This map parameter's parameters (must have keys; keys must be unique). @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-              # Object with schema name: Parameter
-            ],
-            "type": "A String", # The parameter type. Valid values are: - boolean: The value represents a boolean, represented as 'true' or 'false' - integer: The value represents a 64-bit signed integer value, in base 10 - list: A list of parameters should be specified - map: A map of parameters should be specified - template: The value represents any text; this can include variable references (even variable references that might return non-string types) - trigger_reference: The value represents a trigger, represented as the trigger id - tag_reference: The value represents a tag, represented as the tag name @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-            "value": "A String", # A parameter's value (may contain variable references such as "{{myVariable}}") as appropriate to the specified type. @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-          },
-        ],
         "path": "A String", # GTM Zone's API relative path.
         "tagManagerUrl": "A String", # Auto generated link to the tag manager UI
         "typeRestriction": { # Represents a Zone's type restrictions. # This Zone's type restrictions.
diff --git a/docs/dyn/tagmanager_v2.accounts.containers.workspaces.zones.html b/docs/dyn/tagmanager_v2.accounts.containers.workspaces.zones.html
index d7401dc0fdc..1cf8316799c 100644
--- a/docs/dyn/tagmanager_v2.accounts.containers.workspaces.zones.html
+++ b/docs/dyn/tagmanager_v2.accounts.containers.workspaces.zones.html
@@ -148,19 +148,6 @@ 
Method Details

   "fingerprint": "A String", # The fingerprint of the GTM Zone as computed at storage time. This value is recomputed whenever the zone is modified.
   "name": "A String", # Zone display name.
   "notes": "A String", # User notes on how to apply this zone in the container.
-  "parameter": [ # Additional parameters.
-    { # Represents a Google Tag Manager Parameter.
-      "key": "A String", # The named key that uniquely identifies a parameter. Required for top-level parameters, as well as map values. Ignored for list values. @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-      "list": [ # This list parameter's parameters (keys will be ignored). @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-        # Object with schema name: Parameter
-      ],
-      "map": [ # This map parameter's parameters (must have keys; keys must be unique). @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-        # Object with schema name: Parameter
-      ],
-      "type": "A String", # The parameter type. Valid values are: - boolean: The value represents a boolean, represented as 'true' or 'false' - integer: The value represents a 64-bit signed integer value, in base 10 - list: A list of parameters should be specified - map: A map of parameters should be specified - template: The value represents any text; this can include variable references (even variable references that might return non-string types) - trigger_reference: The value represents a trigger, represented as the trigger id - tag_reference: The value represents a tag, represented as the tag name @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-      "value": "A String", # A parameter's value (may contain variable references such as "{{myVariable}}") as appropriate to the specified type. @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-    },
-  ],
   "path": "A String", # GTM Zone's API relative path.
   "tagManagerUrl": "A String", # Auto generated link to the tag manager UI
   "typeRestriction": { # Represents a Zone's type restrictions. # This Zone's type restrictions.
@@ -216,19 +203,6 @@ 
Method Details

   "fingerprint": "A String", # The fingerprint of the GTM Zone as computed at storage time. This value is recomputed whenever the zone is modified.
   "name": "A String", # Zone display name.
   "notes": "A String", # User notes on how to apply this zone in the container.
-  "parameter": [ # Additional parameters.
-    { # Represents a Google Tag Manager Parameter.
-      "key": "A String", # The named key that uniquely identifies a parameter. Required for top-level parameters, as well as map values. Ignored for list values. @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-      "list": [ # This list parameter's parameters (keys will be ignored). @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-        # Object with schema name: Parameter
-      ],
-      "map": [ # This map parameter's parameters (must have keys; keys must be unique). @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-        # Object with schema name: Parameter
-      ],
-      "type": "A String", # The parameter type. Valid values are: - boolean: The value represents a boolean, represented as 'true' or 'false' - integer: The value represents a 64-bit signed integer value, in base 10 - list: A list of parameters should be specified - map: A map of parameters should be specified - template: The value represents any text; this can include variable references (even variable references that might return non-string types) - trigger_reference: The value represents a trigger, represented as the trigger id - tag_reference: The value represents a tag, represented as the tag name @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-      "value": "A String", # A parameter's value (may contain variable references such as "{{myVariable}}") as appropriate to the specified type. @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-    },
-  ],
   "path": "A String", # GTM Zone's API relative path.
   "tagManagerUrl": "A String", # Auto generated link to the tag manager UI
   "typeRestriction": { # Represents a Zone's type restrictions. # This Zone's type restrictions.
@@ -304,19 +278,6 @@ 
Method Details

   "fingerprint": "A String", # The fingerprint of the GTM Zone as computed at storage time. This value is recomputed whenever the zone is modified.
   "name": "A String", # Zone display name.
   "notes": "A String", # User notes on how to apply this zone in the container.
-  "parameter": [ # Additional parameters.
-    { # Represents a Google Tag Manager Parameter.
-      "key": "A String", # The named key that uniquely identifies a parameter. Required for top-level parameters, as well as map values. Ignored for list values. @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-      "list": [ # This list parameter's parameters (keys will be ignored). @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-        # Object with schema name: Parameter
-      ],
-      "map": [ # This map parameter's parameters (must have keys; keys must be unique). @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-        # Object with schema name: Parameter
-      ],
-      "type": "A String", # The parameter type. Valid values are: - boolean: The value represents a boolean, represented as 'true' or 'false' - integer: The value represents a 64-bit signed integer value, in base 10 - list: A list of parameters should be specified - map: A map of parameters should be specified - template: The value represents any text; this can include variable references (even variable references that might return non-string types) - trigger_reference: The value represents a trigger, represented as the trigger id - tag_reference: The value represents a tag, represented as the tag name @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-      "value": "A String", # A parameter's value (may contain variable references such as "{{myVariable}}") as appropriate to the specified type. @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-    },
-  ],
   "path": "A String", # GTM Zone's API relative path.
   "tagManagerUrl": "A String", # Auto generated link to the tag manager UI
   "typeRestriction": { # Represents a Zone's type restrictions. # This Zone's type restrictions.
@@ -383,19 +344,6 @@ 
Method Details

       "fingerprint": "A String", # The fingerprint of the GTM Zone as computed at storage time. This value is recomputed whenever the zone is modified.
       "name": "A String", # Zone display name.
       "notes": "A String", # User notes on how to apply this zone in the container.
-      "parameter": [ # Additional parameters.
-        { # Represents a Google Tag Manager Parameter.
-          "key": "A String", # The named key that uniquely identifies a parameter. Required for top-level parameters, as well as map values. Ignored for list values. @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-          "list": [ # This list parameter's parameters (keys will be ignored). @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-            # Object with schema name: Parameter
-          ],
-          "map": [ # This map parameter's parameters (must have keys; keys must be unique). @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-            # Object with schema name: Parameter
-          ],
-          "type": "A String", # The parameter type. Valid values are: - boolean: The value represents a boolean, represented as 'true' or 'false' - integer: The value represents a 64-bit signed integer value, in base 10 - list: A list of parameters should be specified - map: A map of parameters should be specified - template: The value represents any text; this can include variable references (even variable references that might return non-string types) - trigger_reference: The value represents a trigger, represented as the trigger id - tag_reference: The value represents a tag, represented as the tag name @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-          "value": "A String", # A parameter's value (may contain variable references such as "{{myVariable}}") as appropriate to the specified type. @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-        },
-      ],
       "path": "A String", # GTM Zone's API relative path.
       "tagManagerUrl": "A String", # Auto generated link to the tag manager UI
       "typeRestriction": { # Represents a Zone's type restrictions. # This Zone's type restrictions.
@@ -476,19 +424,6 @@ 
Method Details

     "fingerprint": "A String", # The fingerprint of the GTM Zone as computed at storage time. This value is recomputed whenever the zone is modified.
     "name": "A String", # Zone display name.
     "notes": "A String", # User notes on how to apply this zone in the container.
-    "parameter": [ # Additional parameters.
-      { # Represents a Google Tag Manager Parameter.
-        "key": "A String", # The named key that uniquely identifies a parameter. Required for top-level parameters, as well as map values. Ignored for list values. @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-        "list": [ # This list parameter's parameters (keys will be ignored). @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-          # Object with schema name: Parameter
-        ],
-        "map": [ # This map parameter's parameters (must have keys; keys must be unique). @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-          # Object with schema name: Parameter
-        ],
-        "type": "A String", # The parameter type. Valid values are: - boolean: The value represents a boolean, represented as 'true' or 'false' - integer: The value represents a 64-bit signed integer value, in base 10 - list: A list of parameters should be specified - map: A map of parameters should be specified - template: The value represents any text; this can include variable references (even variable references that might return non-string types) - trigger_reference: The value represents a trigger, represented as the trigger id - tag_reference: The value represents a tag, represented as the tag name @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-        "value": "A String", # A parameter's value (may contain variable references such as "{{myVariable}}") as appropriate to the specified type. @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-      },
-    ],
     "path": "A String", # GTM Zone's API relative path.
     "tagManagerUrl": "A String", # Auto generated link to the tag manager UI
     "typeRestriction": { # Represents a Zone's type restrictions. # This Zone's type restrictions.
@@ -547,19 +482,6 @@ 
Method Details

   "fingerprint": "A String", # The fingerprint of the GTM Zone as computed at storage time. This value is recomputed whenever the zone is modified.
   "name": "A String", # Zone display name.
   "notes": "A String", # User notes on how to apply this zone in the container.
-  "parameter": [ # Additional parameters.
-    { # Represents a Google Tag Manager Parameter.
-      "key": "A String", # The named key that uniquely identifies a parameter. Required for top-level parameters, as well as map values. Ignored for list values. @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-      "list": [ # This list parameter's parameters (keys will be ignored). @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-        # Object with schema name: Parameter
-      ],
-      "map": [ # This map parameter's parameters (must have keys; keys must be unique). @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-        # Object with schema name: Parameter
-      ],
-      "type": "A String", # The parameter type. Valid values are: - boolean: The value represents a boolean, represented as 'true' or 'false' - integer: The value represents a 64-bit signed integer value, in base 10 - list: A list of parameters should be specified - map: A map of parameters should be specified - template: The value represents any text; this can include variable references (even variable references that might return non-string types) - trigger_reference: The value represents a trigger, represented as the trigger id - tag_reference: The value represents a tag, represented as the tag name @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-      "value": "A String", # A parameter's value (may contain variable references such as "{{myVariable}}") as appropriate to the specified type. @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-    },
-  ],
   "path": "A String", # GTM Zone's API relative path.
   "tagManagerUrl": "A String", # Auto generated link to the tag manager UI
   "typeRestriction": { # Represents a Zone's type restrictions. # This Zone's type restrictions.
@@ -616,19 +538,6 @@ 
Method Details

   "fingerprint": "A String", # The fingerprint of the GTM Zone as computed at storage time. This value is recomputed whenever the zone is modified.
   "name": "A String", # Zone display name.
   "notes": "A String", # User notes on how to apply this zone in the container.
-  "parameter": [ # Additional parameters.
-    { # Represents a Google Tag Manager Parameter.
-      "key": "A String", # The named key that uniquely identifies a parameter. Required for top-level parameters, as well as map values. Ignored for list values. @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-      "list": [ # This list parameter's parameters (keys will be ignored). @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-        # Object with schema name: Parameter
-      ],
-      "map": [ # This map parameter's parameters (must have keys; keys must be unique). @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-        # Object with schema name: Parameter
-      ],
-      "type": "A String", # The parameter type. Valid values are: - boolean: The value represents a boolean, represented as 'true' or 'false' - integer: The value represents a 64-bit signed integer value, in base 10 - list: A list of parameters should be specified - map: A map of parameters should be specified - template: The value represents any text; this can include variable references (even variable references that might return non-string types) - trigger_reference: The value represents a trigger, represented as the trigger id - tag_reference: The value represents a tag, represented as the tag name @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-      "value": "A String", # A parameter's value (may contain variable references such as "{{myVariable}}") as appropriate to the specified type. @mutable tagmanager.accounts.containers.workspaces.variables.create @mutable tagmanager.accounts.containers.workspaces.variables.update @mutable tagmanager.accounts.containers.workspaces.triggers.create @mutable tagmanager.accounts.containers.workspaces.triggers.update @mutable tagmanager.accounts.containers.workspaces.tags.create @mutable tagmanager.accounts.containers.workspaces.tags.update
-    },
-  ],
   "path": "A String", # GTM Zone's API relative path.
   "tagManagerUrl": "A String", # Auto generated link to the tag manager UI
   "typeRestriction": { # Represents a Zone's type restrictions. # This Zone's type restrictions.
diff --git a/docs/dyn/transcoder_v1.projects.locations.jobTemplates.html b/docs/dyn/transcoder_v1.projects.locations.jobTemplates.html
index e21a8c455e0..e695f40748b 100644
--- a/docs/dyn/transcoder_v1.projects.locations.jobTemplates.html
+++ b/docs/dyn/transcoder_v1.projects.locations.jobTemplates.html
@@ -239,6 +239,19 @@ 
Method Details

             "enabled": True or False, # Enable deblocker. The default is `false`.
             "strength": 3.14, # Set strength of the deblocker. Enter a value between 0 and 1. The higher the value, the stronger the block removal. 0 is no deblocking. The default is 0.
           },
+          "deinterlace": { # Deinterlace configuration for input video. # Specify the video deinterlace configuration.
+            "bwdif": { # Bob Weaver Deinterlacing Filter Configuration. # Specifies the Bob Weaver Deinterlacing Filter Configuration.
+              "deinterlaceAllFrames": True or False, # Deinterlace all frames rather than just the frames identified as interlaced. The default is `false`.
+              "mode": "A String", # Specifies the deinterlacing mode to adopt. The default is `send_frame`. Supported values: - `send_frame`: Output one frame for each frame - `send_field`: Output one frame for each field
+              "parity": "A String", # The picture field parity assumed for the input interlaced video. The default is `auto`. Supported values: - `tff`: Assume the top field is first - `bff`: Assume the bottom field is first - `auto`: Enable automatic detection of field parity
+            },
+            "yadif": { # Yet Another Deinterlacing Filter Configuration. # Specifies the Yet Another Deinterlacing Filter Configuration.
+              "deinterlaceAllFrames": True or False, # Deinterlace all frames rather than just the frames identified as interlaced. The default is `false`.
+              "disableSpatialInterlacing": True or False, # Disable spacial interlacing. The default is `false`.
+              "mode": "A String", # Specifies the deinterlacing mode to adopt. The default is `send_frame`. Supported values: - `send_frame`: Output one frame for each frame - `send_field`: Output one frame for each field
+              "parity": "A String", # The picture field parity assumed for the input interlaced video. The default is `auto`. Supported values: - `tff`: Assume the top field is first - `bff`: Assume the bottom field is first - `auto`: Enable automatic detection of field parity
+            },
+          },
           "denoise": { # Denoise preprocessing configuration. **Note:** This configuration is not supported. # Denoise preprocessing configuration.
             "strength": 3.14, # Set strength of the denoise. Enter a value between 0 and 1. The higher the value, the smoother the image. 0 is no denoising. The default is 0.
             "tune": "A String", # Set the denoiser mode. The default is `standard`. Supported denoiser modes: - `standard` - `grain`
@@ -480,6 +493,19 @@ 
Method Details

             "enabled": True or False, # Enable deblocker. The default is `false`.
             "strength": 3.14, # Set strength of the deblocker. Enter a value between 0 and 1. The higher the value, the stronger the block removal. 0 is no deblocking. The default is 0.
           },
+          "deinterlace": { # Deinterlace configuration for input video. # Specify the video deinterlace configuration.
+            "bwdif": { # Bob Weaver Deinterlacing Filter Configuration. # Specifies the Bob Weaver Deinterlacing Filter Configuration.
+              "deinterlaceAllFrames": True or False, # Deinterlace all frames rather than just the frames identified as interlaced. The default is `false`.
+              "mode": "A String", # Specifies the deinterlacing mode to adopt. The default is `send_frame`. Supported values: - `send_frame`: Output one frame for each frame - `send_field`: Output one frame for each field
+              "parity": "A String", # The picture field parity assumed for the input interlaced video. The default is `auto`. Supported values: - `tff`: Assume the top field is first - `bff`: Assume the bottom field is first - `auto`: Enable automatic detection of field parity
+            },
+            "yadif": { # Yet Another Deinterlacing Filter Configuration. # Specifies the Yet Another Deinterlacing Filter Configuration.
+              "deinterlaceAllFrames": True or False, # Deinterlace all frames rather than just the frames identified as interlaced. The default is `false`.
+              "disableSpatialInterlacing": True or False, # Disable spacial interlacing. The default is `false`.
+              "mode": "A String", # Specifies the deinterlacing mode to adopt. The default is `send_frame`. Supported values: - `send_frame`: Output one frame for each frame - `send_field`: Output one frame for each field
+              "parity": "A String", # The picture field parity assumed for the input interlaced video. The default is `auto`. Supported values: - `tff`: Assume the top field is first - `bff`: Assume the bottom field is first - `auto`: Enable automatic detection of field parity
+            },
+          },
           "denoise": { # Denoise preprocessing configuration. **Note:** This configuration is not supported. # Denoise preprocessing configuration.
             "strength": 3.14, # Set strength of the denoise. Enter a value between 0 and 1. The higher the value, the smoother the image. 0 is no denoising. The default is 0.
             "tune": "A String", # Set the denoiser mode. The default is `standard`. Supported denoiser modes: - `standard` - `grain`
@@ -746,6 +772,19 @@ 
Method Details

             "enabled": True or False, # Enable deblocker. The default is `false`.
             "strength": 3.14, # Set strength of the deblocker. Enter a value between 0 and 1. The higher the value, the stronger the block removal. 0 is no deblocking. The default is 0.
           },
+          "deinterlace": { # Deinterlace configuration for input video. # Specify the video deinterlace configuration.
+            "bwdif": { # Bob Weaver Deinterlacing Filter Configuration. # Specifies the Bob Weaver Deinterlacing Filter Configuration.
+              "deinterlaceAllFrames": True or False, # Deinterlace all frames rather than just the frames identified as interlaced. The default is `false`.
+              "mode": "A String", # Specifies the deinterlacing mode to adopt. The default is `send_frame`. Supported values: - `send_frame`: Output one frame for each frame - `send_field`: Output one frame for each field
+              "parity": "A String", # The picture field parity assumed for the input interlaced video. The default is `auto`. Supported values: - `tff`: Assume the top field is first - `bff`: Assume the bottom field is first - `auto`: Enable automatic detection of field parity
+            },
+            "yadif": { # Yet Another Deinterlacing Filter Configuration. # Specifies the Yet Another Deinterlacing Filter Configuration.
+              "deinterlaceAllFrames": True or False, # Deinterlace all frames rather than just the frames identified as interlaced. The default is `false`.
+              "disableSpatialInterlacing": True or False, # Disable spacial interlacing. The default is `false`.
+              "mode": "A String", # Specifies the deinterlacing mode to adopt. The default is `send_frame`. Supported values: - `send_frame`: Output one frame for each frame - `send_field`: Output one frame for each field
+              "parity": "A String", # The picture field parity assumed for the input interlaced video. The default is `auto`. Supported values: - `tff`: Assume the top field is first - `bff`: Assume the bottom field is first - `auto`: Enable automatic detection of field parity
+            },
+          },
           "denoise": { # Denoise preprocessing configuration. **Note:** This configuration is not supported. # Denoise preprocessing configuration.
             "strength": 3.14, # Set strength of the denoise. Enter a value between 0 and 1. The higher the value, the smoother the image. 0 is no denoising. The default is 0.
             "tune": "A String", # Set the denoiser mode. The default is `standard`. Supported denoiser modes: - `standard` - `grain`
@@ -999,6 +1038,19 @@ 
Method Details

                 "enabled": True or False, # Enable deblocker. The default is `false`.
                 "strength": 3.14, # Set strength of the deblocker. Enter a value between 0 and 1. The higher the value, the stronger the block removal. 0 is no deblocking. The default is 0.
               },
+              "deinterlace": { # Deinterlace configuration for input video. # Specify the video deinterlace configuration.
+                "bwdif": { # Bob Weaver Deinterlacing Filter Configuration. # Specifies the Bob Weaver Deinterlacing Filter Configuration.
+                  "deinterlaceAllFrames": True or False, # Deinterlace all frames rather than just the frames identified as interlaced. The default is `false`.
+                  "mode": "A String", # Specifies the deinterlacing mode to adopt. The default is `send_frame`. Supported values: - `send_frame`: Output one frame for each frame - `send_field`: Output one frame for each field
+                  "parity": "A String", # The picture field parity assumed for the input interlaced video. The default is `auto`. Supported values: - `tff`: Assume the top field is first - `bff`: Assume the bottom field is first - `auto`: Enable automatic detection of field parity
+                },
+                "yadif": { # Yet Another Deinterlacing Filter Configuration. # Specifies the Yet Another Deinterlacing Filter Configuration.
+                  "deinterlaceAllFrames": True or False, # Deinterlace all frames rather than just the frames identified as interlaced. The default is `false`.
+                  "disableSpatialInterlacing": True or False, # Disable spacial interlacing. The default is `false`.
+                  "mode": "A String", # Specifies the deinterlacing mode to adopt. The default is `send_frame`. Supported values: - `send_frame`: Output one frame for each frame - `send_field`: Output one frame for each field
+                  "parity": "A String", # The picture field parity assumed for the input interlaced video. The default is `auto`. Supported values: - `tff`: Assume the top field is first - `bff`: Assume the bottom field is first - `auto`: Enable automatic detection of field parity
+                },
+              },
               "denoise": { # Denoise preprocessing configuration. **Note:** This configuration is not supported. # Denoise preprocessing configuration.
                 "strength": 3.14, # Set strength of the denoise. Enter a value between 0 and 1. The higher the value, the smoother the image. 0 is no denoising. The default is 0.
                 "tune": "A String", # Set the denoiser mode. The default is `standard`. Supported denoiser modes: - `standard` - `grain`
diff --git a/docs/dyn/transcoder_v1.projects.locations.jobs.html b/docs/dyn/transcoder_v1.projects.locations.jobs.html
index 36c08629751..6567b030789 100644
--- a/docs/dyn/transcoder_v1.projects.locations.jobs.html
+++ b/docs/dyn/transcoder_v1.projects.locations.jobs.html
@@ -239,6 +239,19 @@ 
Method Details

             "enabled": True or False, # Enable deblocker. The default is `false`.
             "strength": 3.14, # Set strength of the deblocker. Enter a value between 0 and 1. The higher the value, the stronger the block removal. 0 is no deblocking. The default is 0.
           },
+          "deinterlace": { # Deinterlace configuration for input video. # Specify the video deinterlace configuration.
+            "bwdif": { # Bob Weaver Deinterlacing Filter Configuration. # Specifies the Bob Weaver Deinterlacing Filter Configuration.
+              "deinterlaceAllFrames": True or False, # Deinterlace all frames rather than just the frames identified as interlaced. The default is `false`.
+              "mode": "A String", # Specifies the deinterlacing mode to adopt. The default is `send_frame`. Supported values: - `send_frame`: Output one frame for each frame - `send_field`: Output one frame for each field
+              "parity": "A String", # The picture field parity assumed for the input interlaced video. The default is `auto`. Supported values: - `tff`: Assume the top field is first - `bff`: Assume the bottom field is first - `auto`: Enable automatic detection of field parity
+            },
+            "yadif": { # Yet Another Deinterlacing Filter Configuration. # Specifies the Yet Another Deinterlacing Filter Configuration.
+              "deinterlaceAllFrames": True or False, # Deinterlace all frames rather than just the frames identified as interlaced. The default is `false`.
+              "disableSpatialInterlacing": True or False, # Disable spacial interlacing. The default is `false`.
+              "mode": "A String", # Specifies the deinterlacing mode to adopt. The default is `send_frame`. Supported values: - `send_frame`: Output one frame for each frame - `send_field`: Output one frame for each field
+              "parity": "A String", # The picture field parity assumed for the input interlaced video. The default is `auto`. Supported values: - `tff`: Assume the top field is first - `bff`: Assume the bottom field is first - `auto`: Enable automatic detection of field parity
+            },
+          },
           "denoise": { # Denoise preprocessing configuration. **Note:** This configuration is not supported. # Denoise preprocessing configuration.
             "strength": 3.14, # Set strength of the denoise. Enter a value between 0 and 1. The higher the value, the smoother the image. 0 is no denoising. The default is 0.
             "tune": "A String", # Set the denoiser mode. The default is `standard`. Supported denoiser modes: - `standard` - `grain`
@@ -496,6 +509,19 @@ 
Method Details

             "enabled": True or False, # Enable deblocker. The default is `false`.
             "strength": 3.14, # Set strength of the deblocker. Enter a value between 0 and 1. The higher the value, the stronger the block removal. 0 is no deblocking. The default is 0.
           },
+          "deinterlace": { # Deinterlace configuration for input video. # Specify the video deinterlace configuration.
+            "bwdif": { # Bob Weaver Deinterlacing Filter Configuration. # Specifies the Bob Weaver Deinterlacing Filter Configuration.
+              "deinterlaceAllFrames": True or False, # Deinterlace all frames rather than just the frames identified as interlaced. The default is `false`.
+              "mode": "A String", # Specifies the deinterlacing mode to adopt. The default is `send_frame`. Supported values: - `send_frame`: Output one frame for each frame - `send_field`: Output one frame for each field
+              "parity": "A String", # The picture field parity assumed for the input interlaced video. The default is `auto`. Supported values: - `tff`: Assume the top field is first - `bff`: Assume the bottom field is first - `auto`: Enable automatic detection of field parity
+            },
+            "yadif": { # Yet Another Deinterlacing Filter Configuration. # Specifies the Yet Another Deinterlacing Filter Configuration.
+              "deinterlaceAllFrames": True or False, # Deinterlace all frames rather than just the frames identified as interlaced. The default is `false`.
+              "disableSpatialInterlacing": True or False, # Disable spacial interlacing. The default is `false`.
+              "mode": "A String", # Specifies the deinterlacing mode to adopt. The default is `send_frame`. Supported values: - `send_frame`: Output one frame for each frame - `send_field`: Output one frame for each field
+              "parity": "A String", # The picture field parity assumed for the input interlaced video. The default is `auto`. Supported values: - `tff`: Assume the top field is first - `bff`: Assume the bottom field is first - `auto`: Enable automatic detection of field parity
+            },
+          },
           "denoise": { # Denoise preprocessing configuration. **Note:** This configuration is not supported. # Denoise preprocessing configuration.
             "strength": 3.14, # Set strength of the denoise. Enter a value between 0 and 1. The higher the value, the smoother the image. 0 is no denoising. The default is 0.
             "tune": "A String", # Set the denoiser mode. The default is `standard`. Supported denoiser modes: - `standard` - `grain`
@@ -779,6 +805,19 @@ 
Method Details

             "enabled": True or False, # Enable deblocker. The default is `false`.
             "strength": 3.14, # Set strength of the deblocker. Enter a value between 0 and 1. The higher the value, the stronger the block removal. 0 is no deblocking. The default is 0.
           },
+          "deinterlace": { # Deinterlace configuration for input video. # Specify the video deinterlace configuration.
+            "bwdif": { # Bob Weaver Deinterlacing Filter Configuration. # Specifies the Bob Weaver Deinterlacing Filter Configuration.
+              "deinterlaceAllFrames": True or False, # Deinterlace all frames rather than just the frames identified as interlaced. The default is `false`.
+              "mode": "A String", # Specifies the deinterlacing mode to adopt. The default is `send_frame`. Supported values: - `send_frame`: Output one frame for each frame - `send_field`: Output one frame for each field
+              "parity": "A String", # The picture field parity assumed for the input interlaced video. The default is `auto`. Supported values: - `tff`: Assume the top field is first - `bff`: Assume the bottom field is first - `auto`: Enable automatic detection of field parity
+            },
+            "yadif": { # Yet Another Deinterlacing Filter Configuration. # Specifies the Yet Another Deinterlacing Filter Configuration.
+              "deinterlaceAllFrames": True or False, # Deinterlace all frames rather than just the frames identified as interlaced. The default is `false`.
+              "disableSpatialInterlacing": True or False, # Disable spacial interlacing. The default is `false`.
+              "mode": "A String", # Specifies the deinterlacing mode to adopt. The default is `send_frame`. Supported values: - `send_frame`: Output one frame for each frame - `send_field`: Output one frame for each field
+              "parity": "A String", # The picture field parity assumed for the input interlaced video. The default is `auto`. Supported values: - `tff`: Assume the top field is first - `bff`: Assume the bottom field is first - `auto`: Enable automatic detection of field parity
+            },
+          },
           "denoise": { # Denoise preprocessing configuration. **Note:** This configuration is not supported. # Denoise preprocessing configuration.
             "strength": 3.14, # Set strength of the denoise. Enter a value between 0 and 1. The higher the value, the smoother the image. 0 is no denoising. The default is 0.
             "tune": "A String", # Set the denoiser mode. The default is `standard`. Supported denoiser modes: - `standard` - `grain`
@@ -1049,6 +1088,19 @@ 
Method Details

                 "enabled": True or False, # Enable deblocker. The default is `false`.
                 "strength": 3.14, # Set strength of the deblocker. Enter a value between 0 and 1. The higher the value, the stronger the block removal. 0 is no deblocking. The default is 0.
               },
+              "deinterlace": { # Deinterlace configuration for input video. # Specify the video deinterlace configuration.
+                "bwdif": { # Bob Weaver Deinterlacing Filter Configuration. # Specifies the Bob Weaver Deinterlacing Filter Configuration.
+                  "deinterlaceAllFrames": True or False, # Deinterlace all frames rather than just the frames identified as interlaced. The default is `false`.
+                  "mode": "A String", # Specifies the deinterlacing mode to adopt. The default is `send_frame`. Supported values: - `send_frame`: Output one frame for each frame - `send_field`: Output one frame for each field
+                  "parity": "A String", # The picture field parity assumed for the input interlaced video. The default is `auto`. Supported values: - `tff`: Assume the top field is first - `bff`: Assume the bottom field is first - `auto`: Enable automatic detection of field parity
+                },
+                "yadif": { # Yet Another Deinterlacing Filter Configuration. # Specifies the Yet Another Deinterlacing Filter Configuration.
+                  "deinterlaceAllFrames": True or False, # Deinterlace all frames rather than just the frames identified as interlaced. The default is `false`.
+                  "disableSpatialInterlacing": True or False, # Disable spacial interlacing. The default is `false`.
+                  "mode": "A String", # Specifies the deinterlacing mode to adopt. The default is `send_frame`. Supported values: - `send_frame`: Output one frame for each frame - `send_field`: Output one frame for each field
+                  "parity": "A String", # The picture field parity assumed for the input interlaced video. The default is `auto`. Supported values: - `tff`: Assume the top field is first - `bff`: Assume the bottom field is first - `auto`: Enable automatic detection of field parity
+                },
+              },
               "denoise": { # Denoise preprocessing configuration. **Note:** This configuration is not supported. # Denoise preprocessing configuration.
                 "strength": 3.14, # Set strength of the denoise. Enter a value between 0 and 1. The higher the value, the smoother the image. 0 is no denoising. The default is 0.
                 "tune": "A String", # Set the denoiser mode. The default is `standard`. Supported denoiser modes: - `standard` - `grain`
diff --git a/googleapiclient/discovery_cache/documents/acceleratedmobilepageurl.v1.json b/googleapiclient/discovery_cache/documents/acceleratedmobilepageurl.v1.json
index af06e29a7cf..7305f5dde52 100644
--- a/googleapiclient/discovery_cache/documents/acceleratedmobilepageurl.v1.json
+++ b/googleapiclient/discovery_cache/documents/acceleratedmobilepageurl.v1.json
@@ -115,7 +115,7 @@
       }
     }
   },
-  "revision": "20220813",
+  "revision": "20220819",
   "rootUrl": "https://acceleratedmobilepageurl.googleapis.com/",
   "schemas": {
     "AmpUrl": {
diff --git a/googleapiclient/discovery_cache/documents/accessapproval.v1.json b/googleapiclient/discovery_cache/documents/accessapproval.v1.json
index fe959f60eee..84256bffb96 100644
--- a/googleapiclient/discovery_cache/documents/accessapproval.v1.json
+++ b/googleapiclient/discovery_cache/documents/accessapproval.v1.json
@@ -913,7 +913,7 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220819",
   "rootUrl": "https://accessapproval.googleapis.com/",
   "schemas": {
     "AccessApprovalServiceAccount": {
diff --git a/googleapiclient/discovery_cache/documents/accesscontextmanager.v1.json b/googleapiclient/discovery_cache/documents/accesscontextmanager.v1.json
index 309f497affe..acb51217b8a 100644
--- a/googleapiclient/discovery_cache/documents/accesscontextmanager.v1.json
+++ b/googleapiclient/discovery_cache/documents/accesscontextmanager.v1.json
@@ -1083,7 +1083,7 @@
       }
     }
   },
-  "revision": "20220806",
+  "revision": "20220812",
   "rootUrl": "https://accesscontextmanager.googleapis.com/",
   "schemas": {
     "AccessContextManagerOperationMetadata": {
diff --git a/googleapiclient/discovery_cache/documents/accesscontextmanager.v1beta.json b/googleapiclient/discovery_cache/documents/accesscontextmanager.v1beta.json
index 36c6b6e9008..206ceee8a06 100644
--- a/googleapiclient/discovery_cache/documents/accesscontextmanager.v1beta.json
+++ b/googleapiclient/discovery_cache/documents/accesscontextmanager.v1beta.json
@@ -609,7 +609,7 @@
       }
     }
   },
-  "revision": "20220806",
+  "revision": "20220812",
   "rootUrl": "https://accesscontextmanager.googleapis.com/",
   "schemas": {
     "AccessContextManagerOperationMetadata": {
diff --git a/googleapiclient/discovery_cache/documents/adexchangebuyer2.v2beta1.json b/googleapiclient/discovery_cache/documents/adexchangebuyer2.v2beta1.json
index b5a953279f4..0759ff9c724 100644
--- a/googleapiclient/discovery_cache/documents/adexchangebuyer2.v2beta1.json
+++ b/googleapiclient/discovery_cache/documents/adexchangebuyer2.v2beta1.json
@@ -2568,7 +2568,7 @@
       }
     }
   },
-  "revision": "20220814",
+  "revision": "20220818",
   "rootUrl": "https://adexchangebuyer.googleapis.com/",
   "schemas": {
     "AbsoluteDateRange": {
diff --git a/googleapiclient/discovery_cache/documents/admin.datatransfer_v1.json b/googleapiclient/discovery_cache/documents/admin.datatransfer_v1.json
index fdad849b84a..003b9d5781f 100644
--- a/googleapiclient/discovery_cache/documents/admin.datatransfer_v1.json
+++ b/googleapiclient/discovery_cache/documents/admin.datatransfer_v1.json
@@ -272,7 +272,7 @@
       }
     }
   },
-  "revision": "20220809",
+  "revision": "20220816",
   "rootUrl": "https://admin.googleapis.com/",
   "schemas": {
     "Application": {
diff --git a/googleapiclient/discovery_cache/documents/admin.directory_v1.json b/googleapiclient/discovery_cache/documents/admin.directory_v1.json
index 59210de7440..86071001c5a 100644
--- a/googleapiclient/discovery_cache/documents/admin.directory_v1.json
+++ b/googleapiclient/discovery_cache/documents/admin.directory_v1.json
@@ -493,7 +493,7 @@
           ],
           "parameters": {
             "customerId": {
-              "description": "Immutable ID of the Google Workspace account",
+              "description": "Immutable. ID of the Google Workspace account",
               "location": "path",
               "required": true,
               "type": "string"
@@ -626,13 +626,13 @@
                   ],
                   "parameters": {
                     "customerId": {
-                      "description": "Immutable. Immutable ID of the Google Workspace account.",
+                      "description": "Immutable. ID of the Google Workspace account.",
                       "location": "path",
                       "required": true,
                       "type": "string"
                     },
                     "deviceId": {
-                      "description": "Immutable. Immutable ID of Chrome OS Device.",
+                      "description": "Immutable. ID of Chrome OS Device.",
                       "location": "path",
                       "required": true,
                       "type": "string"
@@ -665,20 +665,20 @@
                       ],
                       "parameters": {
                         "commandId": {
-                          "description": "Immutable. Immutable ID of Chrome OS Device Command.",
+                          "description": "Immutable. ID of Chrome OS Device Command.",
                           "format": "int64",
                           "location": "path",
                           "required": true,
                           "type": "string"
                         },
                         "customerId": {
-                          "description": "Immutable. Immutable ID of the Google Workspace account.",
+                          "description": "Immutable. ID of the Google Workspace account.",
                           "location": "path",
                           "required": true,
                           "type": "string"
                         },
                         "deviceId": {
-                          "description": "Immutable. Immutable ID of Chrome OS Device.",
+                          "description": "Immutable. ID of Chrome OS Device.",
                           "location": "path",
                           "required": true,
                           "type": "string"
@@ -1648,7 +1648,7 @@
           ]
         },
         "hasMember": {
-          "description": "Checks whether the given user is a member of the group. Membership can be direct or nested.",
+          "description": "Checks whether the given user is a member of the group. Membership can be direct or nested, but if nested, the `memberKey` and `groupKey` must be entities in the same domain or an `Invalid input` error is returned. To check for nested memberships that include entities outside of the group's domain, use the [`checkTransitiveMembership()`](https://cloud.google.com/identity/docs/reference/rest/v1/groups.memberships/checkTransitiveMembership) method in the Cloud Identity Groups API.",
           "flatPath": "admin/directory/v1/groups/{groupKey}/hasMember/{memberKey}",
           "httpMethod": "GET",
           "id": "directory.members.hasMember",
@@ -4407,7 +4407,7 @@
       }
     }
   },
-  "revision": "20220809",
+  "revision": "20220816",
   "rootUrl": "https://admin.googleapis.com/",
   "schemas": {
     "Alias": {
@@ -5333,6 +5333,7 @@
       "type": "object"
     },
     "ChromeOsDeviceAction": {
+      "description": "The data regarding an action to update the status of a Chrome OS device.",
       "id": "ChromeOsDeviceAction",
       "properties": {
         "action": {
diff --git a/googleapiclient/discovery_cache/documents/admin.reports_v1.json b/googleapiclient/discovery_cache/documents/admin.reports_v1.json
index c7909aae698..925ecf19615 100644
--- a/googleapiclient/discovery_cache/documents/admin.reports_v1.json
+++ b/googleapiclient/discovery_cache/documents/admin.reports_v1.json
@@ -623,7 +623,7 @@
       }
     }
   },
-  "revision": "20220809",
+  "revision": "20220816",
   "rootUrl": "https://admin.googleapis.com/",
   "schemas": {
     "Activities": {
diff --git a/googleapiclient/discovery_cache/documents/admob.v1.json b/googleapiclient/discovery_cache/documents/admob.v1.json
index c29b169f85d..178421796b2 100644
--- a/googleapiclient/discovery_cache/documents/admob.v1.json
+++ b/googleapiclient/discovery_cache/documents/admob.v1.json
@@ -321,7 +321,7 @@
       }
     }
   },
-  "revision": "20220813",
+  "revision": "20220822",
   "rootUrl": "https://admob.googleapis.com/",
   "schemas": {
     "AdUnit": {
diff --git a/googleapiclient/discovery_cache/documents/admob.v1beta.json b/googleapiclient/discovery_cache/documents/admob.v1beta.json
index e76b6f8cdcc..4fd00413b80 100644
--- a/googleapiclient/discovery_cache/documents/admob.v1beta.json
+++ b/googleapiclient/discovery_cache/documents/admob.v1beta.json
@@ -359,7 +359,7 @@
       }
     }
   },
-  "revision": "20220813",
+  "revision": "20220822",
   "rootUrl": "https://admob.googleapis.com/",
   "schemas": {
     "AdSource": {
diff --git a/googleapiclient/discovery_cache/documents/adsense.v2.json b/googleapiclient/discovery_cache/documents/adsense.v2.json
index 92efb024663..7d4defe75ce 100644
--- a/googleapiclient/discovery_cache/documents/adsense.v2.json
+++ b/googleapiclient/discovery_cache/documents/adsense.v2.json
@@ -134,6 +134,31 @@
             "https://www.googleapis.com/auth/adsense.readonly"
           ]
         },
+        "getAdBlockingRecoveryTag": {
+          "description": "Gets the ad blocking recovery tag of an account.",
+          "flatPath": "v2/accounts/{accountsId}/adBlockingRecoveryTag",
+          "httpMethod": "GET",
+          "id": "adsense.accounts.getAdBlockingRecoveryTag",
+          "parameterOrder": [
+            "name"
+          ],
+          "parameters": {
+            "name": {
+              "description": "Required. The name of the account to get the tag for. Format: accounts/{account}",
+              "location": "path",
+              "pattern": "^accounts/[^/]+$",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "v2/{+name}/adBlockingRecoveryTag",
+          "response": {
+            "$ref": "AdBlockingRecoveryTag"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/adsense"
+          ]
+        },
         "list": {
           "description": "Lists all accounts available to this user.",
           "flatPath": "v2/accounts",
@@ -1645,7 +1670,7 @@
       }
     }
   },
-  "revision": "20220813",
+  "revision": "20220819",
   "rootUrl": "https://adsense.googleapis.com/",
   "schemas": {
     "Account": {
@@ -1705,6 +1730,21 @@
       },
       "type": "object"
     },
+    "AdBlockingRecoveryTag": {
+      "description": "Representation of an ad blocking recovery tag. See https://support.google.com/adsense/answer/11575177.",
+      "id": "AdBlockingRecoveryTag",
+      "properties": {
+        "errorProtectionCode": {
+          "description": "Error protection code that can be used in conjunction with the tag. It'll display a message to users if an [ad blocking extension blocks their access to your site](https://support.google.com/adsense/answer/11575480).",
+          "type": "string"
+        },
+        "tag": {
+          "description": "The ad blocking recovery tag. Note that the message generated by the tag can be blocked by an ad blocking extension. If this is not your desired outcome, then you'll need to use it in conjunction with the error protection code.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
     "AdClient": {
       "description": "Representation of an ad client. An ad client represents a user's subscription with a specific AdSense product.",
       "id": "AdClient",
diff --git a/googleapiclient/discovery_cache/documents/analyticsadmin.v1alpha.json b/googleapiclient/discovery_cache/documents/analyticsadmin.v1alpha.json
index 246b6205147..0ee177731af 100644
--- a/googleapiclient/discovery_cache/documents/analyticsadmin.v1alpha.json
+++ b/googleapiclient/discovery_cache/documents/analyticsadmin.v1alpha.json
@@ -1081,7 +1081,7 @@
               ]
             },
             "get": {
-              "description": "Lookup for a single Audience. Audiences created before 2020 may not be supported.",
+              "description": "Lookup for a single Audience. Audiences created before 2020 may not be supported. Default audiences will not show filter definitions.",
               "flatPath": "v1alpha/properties/{propertiesId}/audiences/{audiencesId}",
               "httpMethod": "GET",
               "id": "analyticsadmin.properties.audiences.get",
@@ -1107,7 +1107,7 @@
               ]
             },
             "list": {
-              "description": "Lists Audiences on a property. Audiences created before 2020 may not be supported.",
+              "description": "Lists Audiences on a property. Audiences created before 2020 may not be supported. Default audiences will not show filter definitions.",
               "flatPath": "v1alpha/properties/{propertiesId}/audiences",
               "httpMethod": "GET",
               "id": "analyticsadmin.properties.audiences.list",
@@ -2802,7 +2802,7 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220819",
   "rootUrl": "https://analyticsadmin.googleapis.com/",
   "schemas": {
     "GoogleAnalyticsAdminV1alphaAccessBetweenFilter": {
@@ -3484,17 +3484,13 @@
             "OPERATION_UNSPECIFIED",
             "EQUAL",
             "LESS_THAN",
-            "LESS_THAN_OR_EQUAL",
-            "GREATER_THAN",
-            "GREATER_THAN_OR_EQUAL"
+            "GREATER_THAN"
           ],
           "enumDescriptions": [
             "Unspecified.",
             "Equal.",
             "Less than.",
-            "Less than or equal.",
-            "Greater than.",
-            "Greater than or equal."
+            "Greater than."
           ],
           "type": "string"
         },
@@ -3538,8 +3534,7 @@
             "BEGINS_WITH",
             "ENDS_WITH",
             "CONTAINS",
-            "FULL_REGEXP",
-            "PARTIAL_REGEXP"
+            "FULL_REGEXP"
           ],
           "enumDescriptions": [
             "Unspecified",
@@ -3547,8 +3542,7 @@
             "Begins with the string value.",
             "Ends with the string value.",
             "Contains the string value.",
-            "Full regular expression matches with the string value.",
-            "Partial regular expression matches with the string value."
+            "Full regular expression matches with the string value."
           ],
           "type": "string"
         },
diff --git a/googleapiclient/discovery_cache/documents/analyticsdata.v1beta.json b/googleapiclient/discovery_cache/documents/analyticsdata.v1beta.json
index b319df0899c..4d9da81080c 100644
--- a/googleapiclient/discovery_cache/documents/analyticsdata.v1beta.json
+++ b/googleapiclient/discovery_cache/documents/analyticsdata.v1beta.json
@@ -313,7 +313,7 @@
       }
     }
   },
-  "revision": "20220813",
+  "revision": "20220819",
   "rootUrl": "https://analyticsdata.googleapis.com/",
   "schemas": {
     "ActiveMetricRestriction": {
diff --git a/googleapiclient/discovery_cache/documents/analyticsreporting.v4.json b/googleapiclient/discovery_cache/documents/analyticsreporting.v4.json
index 0f16e99654e..6f562bd5bcd 100644
--- a/googleapiclient/discovery_cache/documents/analyticsreporting.v4.json
+++ b/googleapiclient/discovery_cache/documents/analyticsreporting.v4.json
@@ -155,7 +155,7 @@
       }
     }
   },
-  "revision": "20220616",
+  "revision": "20220816",
   "rootUrl": "https://analyticsreporting.googleapis.com/",
   "schemas": {
     "Activity": {
diff --git a/googleapiclient/discovery_cache/documents/androidenterprise.v1.json b/googleapiclient/discovery_cache/documents/androidenterprise.v1.json
index 9980e92de6d..f55ea8124e0 100644
--- a/googleapiclient/discovery_cache/documents/androidenterprise.v1.json
+++ b/googleapiclient/discovery_cache/documents/androidenterprise.v1.json
@@ -2610,7 +2610,7 @@
       }
     }
   },
-  "revision": "20220811",
+  "revision": "20220817",
   "rootUrl": "https://androidenterprise.googleapis.com/",
   "schemas": {
     "Administrator": {
diff --git a/googleapiclient/discovery_cache/documents/androidmanagement.v1.json b/googleapiclient/discovery_cache/documents/androidmanagement.v1.json
index 260e2ad661e..d7ad6b22dc2 100644
--- a/googleapiclient/discovery_cache/documents/androidmanagement.v1.json
+++ b/googleapiclient/discovery_cache/documents/androidmanagement.v1.json
@@ -1065,7 +1065,7 @@
       }
     }
   },
-  "revision": "20220801",
+  "revision": "20220815",
   "rootUrl": "https://androidmanagement.googleapis.com/",
   "schemas": {
     "AdbShellCommandEvent": {
diff --git a/googleapiclient/discovery_cache/documents/androidpublisher.v3.json b/googleapiclient/discovery_cache/documents/androidpublisher.v3.json
index af94991a569..a9d3fa358b6 100644
--- a/googleapiclient/discovery_cache/documents/androidpublisher.v3.json
+++ b/googleapiclient/discovery_cache/documents/androidpublisher.v3.json
@@ -3915,7 +3915,7 @@
       }
     }
   },
-  "revision": "20220813",
+  "revision": "20220820",
   "rootUrl": "https://androidpublisher.googleapis.com/",
   "schemas": {
     "AcquisitionTargetingRule": {
diff --git a/googleapiclient/discovery_cache/documents/apigateway.v1.json b/googleapiclient/discovery_cache/documents/apigateway.v1.json
index 1a80e7e35bf..30a4f643c54 100644
--- a/googleapiclient/discovery_cache/documents/apigateway.v1.json
+++ b/googleapiclient/discovery_cache/documents/apigateway.v1.json
@@ -1083,7 +1083,7 @@
       }
     }
   },
-  "revision": "20220728",
+  "revision": "20220811",
   "rootUrl": "https://apigateway.googleapis.com/",
   "schemas": {
     "ApigatewayApi": {
@@ -1336,7 +1336,7 @@
           "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)."
         },
         "members": {
-          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
+          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
           "items": {
             "type": "string"
           },
diff --git a/googleapiclient/discovery_cache/documents/apigateway.v1beta.json b/googleapiclient/discovery_cache/documents/apigateway.v1beta.json
index 413511acde0..92f2ccc8a9f 100644
--- a/googleapiclient/discovery_cache/documents/apigateway.v1beta.json
+++ b/googleapiclient/discovery_cache/documents/apigateway.v1beta.json
@@ -1083,7 +1083,7 @@
       }
     }
   },
-  "revision": "20220728",
+  "revision": "20220811",
   "rootUrl": "https://apigateway.googleapis.com/",
   "schemas": {
     "ApigatewayApi": {
@@ -1351,7 +1351,7 @@
           "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)."
         },
         "members": {
-          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
+          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
           "items": {
             "type": "string"
           },
diff --git a/googleapiclient/discovery_cache/documents/apigee.v1.json b/googleapiclient/discovery_cache/documents/apigee.v1.json
index b3bf9a7be16..a3257b73a4b 100644
--- a/googleapiclient/discovery_cache/documents/apigee.v1.json
+++ b/googleapiclient/discovery_cache/documents/apigee.v1.json
@@ -8609,7 +8609,7 @@
       }
     }
   },
-  "revision": "20220804",
+  "revision": "20220811",
   "rootUrl": "https://apigee.googleapis.com/",
   "schemas": {
     "EdgeConfigstoreBundleBadBundle": {
@@ -8956,6 +8956,20 @@
           "description": "Number of request messages permitted per app by this API product for the specified `quotaInterval` and `quotaTimeUnit`. For example, a `quota` of 50, for a `quotaInterval` of 12 and a `quotaTimeUnit` of hours means 50 requests are allowed every 12 hours.",
           "type": "string"
         },
+        "quotaCounterScope": {
+          "description": "Scope of the quota decides how the quota counter gets applied and evaluate for quota violation. If the Scope is set as PROXY, then all the operations defined for the APIproduct that are associated with the same proxy will share the same quota counter set at the APIproduct level, making it a global counter at a proxy level. If the Scope is set as OPERATION, then each operations get the counter set at the API product dedicated, making it a local counter. Note that, the QuotaCounterScope applies only when an operation does not have dedicated quota set for itself.",
+          "enum": [
+            "QUOTA_COUNTER_SCOPE_UNSPECIFIED",
+            "PROXY",
+            "OPERATION"
+          ],
+          "enumDescriptions": [
+            "When quota is not explicitly defined for each operation(REST/GraphQL), the limits set at product level will be used as a local counter for quota evaluation by all the operations, independent of proxy association.",
+            "When quota is not explicitly defined for each operation(REST/GraphQL), set at product level will be used as a global counter for quota evaluation by all the operations associated with a particular proxy.",
+            "When quota is not explicitly defined for each operation(REST/GraphQL), the limits set at product level will be used as a local counter for quota evaluation by all the operations, independent of proxy association. This behavior mimics the same as QUOTA_COUNTER_SCOPE_UNSPECIFIED."
+          ],
+          "type": "string"
+        },
         "quotaInterval": {
           "description": "Time interval over which the number of request messages is calculated.",
           "type": "string"
@@ -10752,6 +10766,31 @@
       "description": "Apigee endpoint attachment. For more information, see [Southbound networking patterns] (https://cloud.google.com/apigee/docs/api-platform/architecture/southbound-networking-patterns-endpoints).",
       "id": "GoogleCloudApigeeV1EndpointAttachment",
       "properties": {
+        "connectionState": {
+          "description": "Output only. State of the endpoint attachment connection to the service attachment.",
+          "enum": [
+            "CONNECTION_STATE_UNSPECIFIED",
+            "UNAVAILABLE",
+            "PENDING",
+            "ACCEPTED",
+            "REJECTED",
+            "CLOSED",
+            "FROZEN",
+            "NEEDS_ATTENTION"
+          ],
+          "enumDescriptions": [
+            "The connection state has not been set.",
+            "The connection state is unavailable at this time, possibly because the endpoint attachment is currently being provisioned.",
+            "The connection is pending acceptance by the PSC producer.",
+            "The connection has been accepted by the PSC producer.",
+            "The connection has been rejected by the PSC producer.",
+            "The connection has been closed by the PSC producer and will not serve traffic going forward.",
+            "The connection has been frozen by the PSC producer and will not serve traffic.",
+            "The connection has been accepted by the PSC producer, but it is not ready to serve the traffic due to producer side issues."
+          ],
+          "readOnly": true,
+          "type": "string"
+        },
         "host": {
           "description": "Output only. Host that can be used in either the HTTP target endpoint directly or as the host in target server.",
           "readOnly": true,
diff --git a/googleapiclient/discovery_cache/documents/apikeys.v2.json b/googleapiclient/discovery_cache/documents/apikeys.v2.json
index 45716e0db4e..666badc95f3 100644
--- a/googleapiclient/discovery_cache/documents/apikeys.v2.json
+++ b/googleapiclient/discovery_cache/documents/apikeys.v2.json
@@ -396,7 +396,7 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220819",
   "rootUrl": "https://apikeys.googleapis.com/",
   "schemas": {
     "Operation": {
diff --git a/googleapiclient/discovery_cache/documents/appengine.v1.json b/googleapiclient/discovery_cache/documents/appengine.v1.json
index 106b8e830c8..5f761cee024 100644
--- a/googleapiclient/discovery_cache/documents/appengine.v1.json
+++ b/googleapiclient/discovery_cache/documents/appengine.v1.json
@@ -1595,11 +1595,11 @@
       }
     }
   },
-  "revision": "20220806",
+  "revision": "20220813",
   "rootUrl": "https://appengine.googleapis.com/",
   "schemas": {
     "ApiConfigHandler": {
-      "description": "Google Cloud Endpoints (https://cloud.google.com/appengine/docs/python/endpoints/) configuration for API handlers.",
+      "description": "Cloud Endpoints (https://cloud.google.com/endpoints/) configuration for API handlers.",
       "id": "ApiConfigHandler",
       "properties": {
         "authFailAction": {
@@ -3494,7 +3494,7 @@
       "properties": {
         "apiConfig": {
           "$ref": "ApiConfigHandler",
-          "description": "Serving configuration for Google Cloud Endpoints (https://cloud.google.com/appengine/docs/python/endpoints/).Only returned in GET requests if view=FULL is set."
+          "description": "Serving configuration for Cloud Endpoints (https://cloud.google.com/endpoints/).Only returned in GET requests if view=FULL is set."
         },
         "appEngineApis": {
           "description": "Allows App Engine second generation runtimes to access the legacy bundled services.",
diff --git a/googleapiclient/discovery_cache/documents/appengine.v1alpha.json b/googleapiclient/discovery_cache/documents/appengine.v1alpha.json
index 3fdef9b6edf..d9035158e1a 100644
--- a/googleapiclient/discovery_cache/documents/appengine.v1alpha.json
+++ b/googleapiclient/discovery_cache/documents/appengine.v1alpha.json
@@ -887,7 +887,7 @@
       }
     }
   },
-  "revision": "20220806",
+  "revision": "20220813",
   "rootUrl": "https://appengine.googleapis.com/",
   "schemas": {
     "AuthorizedCertificate": {
diff --git a/googleapiclient/discovery_cache/documents/appengine.v1beta.json b/googleapiclient/discovery_cache/documents/appengine.v1beta.json
index 10590db2ba5..6683460914b 100644
--- a/googleapiclient/discovery_cache/documents/appengine.v1beta.json
+++ b/googleapiclient/discovery_cache/documents/appengine.v1beta.json
@@ -1595,7 +1595,7 @@
       }
     }
   },
-  "revision": "20220806",
+  "revision": "20220813",
   "rootUrl": "https://appengine.googleapis.com/",
   "schemas": {
     "ApiConfigHandler": {
diff --git a/googleapiclient/discovery_cache/documents/area120tables.v1alpha1.json b/googleapiclient/discovery_cache/documents/area120tables.v1alpha1.json
index f0ba5ce907e..8650fd64396 100644
--- a/googleapiclient/discovery_cache/documents/area120tables.v1alpha1.json
+++ b/googleapiclient/discovery_cache/documents/area120tables.v1alpha1.json
@@ -586,7 +586,7 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220819",
   "rootUrl": "https://area120tables.googleapis.com/",
   "schemas": {
     "BatchCreateRowsRequest": {
diff --git a/googleapiclient/discovery_cache/documents/artifactregistry.v1.json b/googleapiclient/discovery_cache/documents/artifactregistry.v1.json
index a0903d202b0..121cf83c157 100644
--- a/googleapiclient/discovery_cache/documents/artifactregistry.v1.json
+++ b/googleapiclient/discovery_cache/documents/artifactregistry.v1.json
@@ -1413,7 +1413,7 @@
       }
     }
   },
-  "revision": "20220809",
+  "revision": "20220817",
   "rootUrl": "https://artifactregistry.googleapis.com/",
   "schemas": {
     "AptArtifact": {
diff --git a/googleapiclient/discovery_cache/documents/artifactregistry.v1beta1.json b/googleapiclient/discovery_cache/documents/artifactregistry.v1beta1.json
index 29951ad87ce..845ebd3f878 100644
--- a/googleapiclient/discovery_cache/documents/artifactregistry.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/artifactregistry.v1beta1.json
@@ -929,7 +929,7 @@
       }
     }
   },
-  "revision": "20220809",
+  "revision": "20220817",
   "rootUrl": "https://artifactregistry.googleapis.com/",
   "schemas": {
     "Binding": {
diff --git a/googleapiclient/discovery_cache/documents/artifactregistry.v1beta2.json b/googleapiclient/discovery_cache/documents/artifactregistry.v1beta2.json
index 6bbfd13714a..7615490cf18 100644
--- a/googleapiclient/discovery_cache/documents/artifactregistry.v1beta2.json
+++ b/googleapiclient/discovery_cache/documents/artifactregistry.v1beta2.json
@@ -1135,7 +1135,7 @@
       }
     }
   },
-  "revision": "20220809",
+  "revision": "20220817",
   "rootUrl": "https://artifactregistry.googleapis.com/",
   "schemas": {
     "AptArtifact": {
diff --git a/googleapiclient/discovery_cache/documents/authorizedbuyersmarketplace.v1.json b/googleapiclient/discovery_cache/documents/authorizedbuyersmarketplace.v1.json
index e1dd4860e37..0600c10def1 100644
--- a/googleapiclient/discovery_cache/documents/authorizedbuyersmarketplace.v1.json
+++ b/googleapiclient/discovery_cache/documents/authorizedbuyersmarketplace.v1.json
@@ -1307,7 +1307,7 @@
       }
     }
   },
-  "revision": "20220813",
+  "revision": "20220817",
   "rootUrl": "https://authorizedbuyersmarketplace.googleapis.com/",
   "schemas": {
     "AcceptProposalRequest": {
diff --git a/googleapiclient/discovery_cache/documents/beyondcorp.v1.json b/googleapiclient/discovery_cache/documents/beyondcorp.v1.json
index eecaea82400..1e35dff728d 100644
--- a/googleapiclient/discovery_cache/documents/beyondcorp.v1.json
+++ b/googleapiclient/discovery_cache/documents/beyondcorp.v1.json
@@ -1741,7 +1741,7 @@
       }
     }
   },
-  "revision": "20220804",
+  "revision": "20220815",
   "rootUrl": "https://beyondcorp.googleapis.com/",
   "schemas": {
     "AllocatedConnection": {
diff --git a/googleapiclient/discovery_cache/documents/beyondcorp.v1alpha.json b/googleapiclient/discovery_cache/documents/beyondcorp.v1alpha.json
index c8fc0663925..4898bc3f883 100644
--- a/googleapiclient/discovery_cache/documents/beyondcorp.v1alpha.json
+++ b/googleapiclient/discovery_cache/documents/beyondcorp.v1alpha.json
@@ -2897,7 +2897,7 @@
       }
     }
   },
-  "revision": "20220804",
+  "revision": "20220815",
   "rootUrl": "https://beyondcorp.googleapis.com/",
   "schemas": {
     "AllocatedConnection": {
diff --git a/googleapiclient/discovery_cache/documents/bigquery.v2.json b/googleapiclient/discovery_cache/documents/bigquery.v2.json
index f2fc311833e..79bbdbe08fe 100644
--- a/googleapiclient/discovery_cache/documents/bigquery.v2.json
+++ b/googleapiclient/discovery_cache/documents/bigquery.v2.json
@@ -1710,7 +1710,7 @@
       }
     }
   },
-  "revision": "20220806",
+  "revision": "20220813",
   "rootUrl": "https://bigquery.googleapis.com/",
   "schemas": {
     "AggregateClassificationMetrics": {
diff --git a/googleapiclient/discovery_cache/documents/bigqueryconnection.v1beta1.json b/googleapiclient/discovery_cache/documents/bigqueryconnection.v1beta1.json
index 1bc2309cd08..9d85df88892 100644
--- a/googleapiclient/discovery_cache/documents/bigqueryconnection.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/bigqueryconnection.v1beta1.json
@@ -395,7 +395,7 @@
       }
     }
   },
-  "revision": "20220807",
+  "revision": "20220812",
   "rootUrl": "https://bigqueryconnection.googleapis.com/",
   "schemas": {
     "AuditConfig": {
diff --git a/googleapiclient/discovery_cache/documents/bigquerydatatransfer.v1.json b/googleapiclient/discovery_cache/documents/bigquerydatatransfer.v1.json
index fc340de1d84..1a91076e6b1 100644
--- a/googleapiclient/discovery_cache/documents/bigquerydatatransfer.v1.json
+++ b/googleapiclient/discovery_cache/documents/bigquerydatatransfer.v1.json
@@ -1340,7 +1340,7 @@
       }
     }
   },
-  "revision": "20220807",
+  "revision": "20220813",
   "rootUrl": "https://bigquerydatatransfer.googleapis.com/",
   "schemas": {
     "CheckValidCredsRequest": {
diff --git a/googleapiclient/discovery_cache/documents/billingbudgets.v1.json b/googleapiclient/discovery_cache/documents/billingbudgets.v1.json
index 3c88d88ed74..aef8fd3d45a 100644
--- a/googleapiclient/discovery_cache/documents/billingbudgets.v1.json
+++ b/googleapiclient/discovery_cache/documents/billingbudgets.v1.json
@@ -270,7 +270,7 @@
       }
     }
   },
-  "revision": "20220811",
+  "revision": "20220817",
   "rootUrl": "https://billingbudgets.googleapis.com/",
   "schemas": {
     "GoogleCloudBillingBudgetsV1Budget": {
diff --git a/googleapiclient/discovery_cache/documents/billingbudgets.v1beta1.json b/googleapiclient/discovery_cache/documents/billingbudgets.v1beta1.json
index cf30c76e5ca..116fdb9d7bd 100644
--- a/googleapiclient/discovery_cache/documents/billingbudgets.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/billingbudgets.v1beta1.json
@@ -264,7 +264,7 @@
       }
     }
   },
-  "revision": "20220811",
+  "revision": "20220817",
   "rootUrl": "https://billingbudgets.googleapis.com/",
   "schemas": {
     "GoogleCloudBillingBudgetsV1beta1AllUpdatesRule": {
diff --git a/googleapiclient/discovery_cache/documents/binaryauthorization.v1.json b/googleapiclient/discovery_cache/documents/binaryauthorization.v1.json
index 0bbeab4e7d0..feed8180192 100644
--- a/googleapiclient/discovery_cache/documents/binaryauthorization.v1.json
+++ b/googleapiclient/discovery_cache/documents/binaryauthorization.v1.json
@@ -551,7 +551,7 @@
       }
     }
   },
-  "revision": "20220729",
+  "revision": "20220812",
   "rootUrl": "https://binaryauthorization.googleapis.com/",
   "schemas": {
     "AdmissionRule": {
@@ -696,7 +696,7 @@
           "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)."
         },
         "members": {
-          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
+          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
           "items": {
             "type": "string"
           },
diff --git a/googleapiclient/discovery_cache/documents/binaryauthorization.v1beta1.json b/googleapiclient/discovery_cache/documents/binaryauthorization.v1beta1.json
index 75c9471a36e..cfc5bbb39f4 100644
--- a/googleapiclient/discovery_cache/documents/binaryauthorization.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/binaryauthorization.v1beta1.json
@@ -551,7 +551,7 @@
       }
     }
   },
-  "revision": "20220729",
+  "revision": "20220812",
   "rootUrl": "https://binaryauthorization.googleapis.com/",
   "schemas": {
     "AdmissionRule": {
@@ -696,7 +696,7 @@
           "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)."
         },
         "members": {
-          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
+          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
           "items": {
             "type": "string"
           },
diff --git a/googleapiclient/discovery_cache/documents/blogger.v2.json b/googleapiclient/discovery_cache/documents/blogger.v2.json
index 97f95380050..0db48701d2a 100644
--- a/googleapiclient/discovery_cache/documents/blogger.v2.json
+++ b/googleapiclient/discovery_cache/documents/blogger.v2.json
@@ -401,7 +401,7 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220817",
   "rootUrl": "https://blogger.googleapis.com/",
   "schemas": {
     "Blog": {
diff --git a/googleapiclient/discovery_cache/documents/blogger.v3.json b/googleapiclient/discovery_cache/documents/blogger.v3.json
index feadbc98f90..5b9ad8c949d 100644
--- a/googleapiclient/discovery_cache/documents/blogger.v3.json
+++ b/googleapiclient/discovery_cache/documents/blogger.v3.json
@@ -1684,7 +1684,7 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220817",
   "rootUrl": "https://blogger.googleapis.com/",
   "schemas": {
     "Blog": {
diff --git a/googleapiclient/discovery_cache/documents/books.v1.json b/googleapiclient/discovery_cache/documents/books.v1.json
index fbdf11ee294..fe3b726cdf1 100644
--- a/googleapiclient/discovery_cache/documents/books.v1.json
+++ b/googleapiclient/discovery_cache/documents/books.v1.json
@@ -2671,7 +2671,7 @@
       }
     }
   },
-  "revision": "20220810",
+  "revision": "20220816",
   "rootUrl": "https://books.googleapis.com/",
   "schemas": {
     "Annotation": {
diff --git a/googleapiclient/discovery_cache/documents/businessprofileperformance.v1.json b/googleapiclient/discovery_cache/documents/businessprofileperformance.v1.json
index 0657ff02915..fec4309177b 100644
--- a/googleapiclient/discovery_cache/documents/businessprofileperformance.v1.json
+++ b/googleapiclient/discovery_cache/documents/businessprofileperformance.v1.json
@@ -323,7 +323,7 @@
       }
     }
   },
-  "revision": "20220813",
+  "revision": "20220821",
   "rootUrl": "https://businessprofileperformance.googleapis.com/",
   "schemas": {
     "Date": {
diff --git a/googleapiclient/discovery_cache/documents/calendar.v3.json b/googleapiclient/discovery_cache/documents/calendar.v3.json
index 00acde644d9..f2b744534a9 100644
--- a/googleapiclient/discovery_cache/documents/calendar.v3.json
+++ b/googleapiclient/discovery_cache/documents/calendar.v3.json
@@ -1723,7 +1723,7 @@
       }
     }
   },
-  "revision": "20220805",
+  "revision": "20220812",
   "rootUrl": "https://www.googleapis.com/",
   "schemas": {
     "Acl": {
diff --git a/googleapiclient/discovery_cache/documents/chat.v1.json b/googleapiclient/discovery_cache/documents/chat.v1.json
index f3e1a32d471..12c0cc0a72d 100644
--- a/googleapiclient/discovery_cache/documents/chat.v1.json
+++ b/googleapiclient/discovery_cache/documents/chat.v1.json
@@ -642,7 +642,7 @@
       }
     }
   },
-  "revision": "20220811",
+  "revision": "20220818",
   "rootUrl": "https://chat.googleapis.com/",
   "schemas": {
     "ActionParameter": {
diff --git a/googleapiclient/discovery_cache/documents/chromemanagement.v1.json b/googleapiclient/discovery_cache/documents/chromemanagement.v1.json
index 9b6d65bcb0c..5d02a33f7c9 100644
--- a/googleapiclient/discovery_cache/documents/chromemanagement.v1.json
+++ b/googleapiclient/discovery_cache/documents/chromemanagement.v1.json
@@ -595,7 +595,7 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220821",
   "rootUrl": "https://chromemanagement.googleapis.com/",
   "schemas": {
     "GoogleChromeManagementV1AndroidAppInfo": {
diff --git a/googleapiclient/discovery_cache/documents/chromepolicy.v1.json b/googleapiclient/discovery_cache/documents/chromepolicy.v1.json
index f9cc5b4f982..f14ddfd9344 100644
--- a/googleapiclient/discovery_cache/documents/chromepolicy.v1.json
+++ b/googleapiclient/discovery_cache/documents/chromepolicy.v1.json
@@ -441,7 +441,7 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220821",
   "rootUrl": "https://chromepolicy.googleapis.com/",
   "schemas": {
     "ChromeCrosDpanelAutosettingsProtoPolicyApiLifecycle": {
@@ -676,7 +676,7 @@
       "type": "object"
     },
     "GoogleChromePolicyV1PolicySchema": {
-      "description": "Resource representing a policy schema. Next ID: 12",
+      "description": "Resource representing a policy schema. Next ID: 13",
       "id": "GoogleChromePolicyV1PolicySchema",
       "properties": {
         "accessRestrictions": {
@@ -719,11 +719,15 @@
           "readOnly": true,
           "type": "array"
         },
-        "policyApiLifeycle": {
+        "policyApiLifecycle": {
           "$ref": "ChromeCrosDpanelAutosettingsProtoPolicyApiLifecycle",
-          "description": "Output only. Current life cycle information.",
+          "description": "Output only. Current lifecycle information.",
           "readOnly": true
         },
+        "policyApiLifeycle": {
+          "$ref": "ChromeCrosDpanelAutosettingsProtoPolicyApiLifecycle",
+          "description": "Deprecated field because of typo."
+        },
         "policyDescription": {
           "description": "Output only. Description about the policy schema for user consumption.",
           "readOnly": true,
diff --git a/googleapiclient/discovery_cache/documents/chromeuxreport.v1.json b/googleapiclient/discovery_cache/documents/chromeuxreport.v1.json
index f953f717ca7..4038f98e301 100644
--- a/googleapiclient/discovery_cache/documents/chromeuxreport.v1.json
+++ b/googleapiclient/discovery_cache/documents/chromeuxreport.v1.json
@@ -116,7 +116,7 @@
       }
     }
   },
-  "revision": "20220811",
+  "revision": "20220818",
   "rootUrl": "https://chromeuxreport.googleapis.com/",
   "schemas": {
     "Bin": {
diff --git a/googleapiclient/discovery_cache/documents/classroom.v1.json b/googleapiclient/discovery_cache/documents/classroom.v1.json
index 193f47ed5f7..474a945aca8 100644
--- a/googleapiclient/discovery_cache/documents/classroom.v1.json
+++ b/googleapiclient/discovery_cache/documents/classroom.v1.json
@@ -2400,7 +2400,7 @@
       }
     }
   },
-  "revision": "20220809",
+  "revision": "20220816",
   "rootUrl": "https://classroom.googleapis.com/",
   "schemas": {
     "Announcement": {
diff --git a/googleapiclient/discovery_cache/documents/cloudasset.v1.json b/googleapiclient/discovery_cache/documents/cloudasset.v1.json
index d21c3f9a8dc..833f76fc9ba 100644
--- a/googleapiclient/discovery_cache/documents/cloudasset.v1.json
+++ b/googleapiclient/discovery_cache/documents/cloudasset.v1.json
@@ -929,7 +929,7 @@
       }
     }
   },
-  "revision": "20220805",
+  "revision": "20220812",
   "rootUrl": "https://cloudasset.googleapis.com/",
   "schemas": {
     "AccessSelector": {
diff --git a/googleapiclient/discovery_cache/documents/cloudasset.v1beta1.json b/googleapiclient/discovery_cache/documents/cloudasset.v1beta1.json
index 1ab2bf434c5..f4027454644 100644
--- a/googleapiclient/discovery_cache/documents/cloudasset.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/cloudasset.v1beta1.json
@@ -411,7 +411,7 @@
       }
     }
   },
-  "revision": "20220805",
+  "revision": "20220812",
   "rootUrl": "https://cloudasset.googleapis.com/",
   "schemas": {
     "AnalyzeIamPolicyLongrunningMetadata": {
diff --git a/googleapiclient/discovery_cache/documents/cloudasset.v1p1beta1.json b/googleapiclient/discovery_cache/documents/cloudasset.v1p1beta1.json
index 70d22a77d4a..67563b87068 100644
--- a/googleapiclient/discovery_cache/documents/cloudasset.v1p1beta1.json
+++ b/googleapiclient/discovery_cache/documents/cloudasset.v1p1beta1.json
@@ -207,7 +207,7 @@
       }
     }
   },
-  "revision": "20220805",
+  "revision": "20220812",
   "rootUrl": "https://cloudasset.googleapis.com/",
   "schemas": {
     "AnalyzeIamPolicyLongrunningMetadata": {
diff --git a/googleapiclient/discovery_cache/documents/cloudasset.v1p5beta1.json b/googleapiclient/discovery_cache/documents/cloudasset.v1p5beta1.json
index eac3c96e6ec..bdc8943b8e2 100644
--- a/googleapiclient/discovery_cache/documents/cloudasset.v1p5beta1.json
+++ b/googleapiclient/discovery_cache/documents/cloudasset.v1p5beta1.json
@@ -177,7 +177,7 @@
       }
     }
   },
-  "revision": "20220805",
+  "revision": "20220812",
   "rootUrl": "https://cloudasset.googleapis.com/",
   "schemas": {
     "AnalyzeIamPolicyLongrunningMetadata": {
diff --git a/googleapiclient/discovery_cache/documents/cloudasset.v1p7beta1.json b/googleapiclient/discovery_cache/documents/cloudasset.v1p7beta1.json
index 388de728d46..06ec9edbaf0 100644
--- a/googleapiclient/discovery_cache/documents/cloudasset.v1p7beta1.json
+++ b/googleapiclient/discovery_cache/documents/cloudasset.v1p7beta1.json
@@ -167,7 +167,7 @@
       }
     }
   },
-  "revision": "20220805",
+  "revision": "20220812",
   "rootUrl": "https://cloudasset.googleapis.com/",
   "schemas": {
     "AnalyzeIamPolicyLongrunningMetadata": {
diff --git a/googleapiclient/discovery_cache/documents/cloudbilling.v1.json b/googleapiclient/discovery_cache/documents/cloudbilling.v1.json
index c58c1e9f9e6..e73b578e2ba 100644
--- a/googleapiclient/discovery_cache/documents/cloudbilling.v1.json
+++ b/googleapiclient/discovery_cache/documents/cloudbilling.v1.json
@@ -521,7 +521,7 @@
       }
     }
   },
-  "revision": "20220722",
+  "revision": "20220817",
   "rootUrl": "https://cloudbilling.googleapis.com/",
   "schemas": {
     "AggregationInfo": {
@@ -644,7 +644,7 @@
           "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)."
         },
         "members": {
-          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
+          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
           "items": {
             "type": "string"
           },
diff --git a/googleapiclient/discovery_cache/documents/cloudbuild.v1.json b/googleapiclient/discovery_cache/documents/cloudbuild.v1.json
index 969fefb74ca..d2f51fa56c4 100644
--- a/googleapiclient/discovery_cache/documents/cloudbuild.v1.json
+++ b/googleapiclient/discovery_cache/documents/cloudbuild.v1.json
@@ -2011,7 +2011,7 @@
       }
     }
   },
-  "revision": "20220808",
+  "revision": "20220812",
   "rootUrl": "https://cloudbuild.googleapis.com/",
   "schemas": {
     "ApprovalConfig": {
diff --git a/googleapiclient/discovery_cache/documents/cloudbuild.v1alpha1.json b/googleapiclient/discovery_cache/documents/cloudbuild.v1alpha1.json
index f7aa74060ec..6d777d5ef46 100644
--- a/googleapiclient/discovery_cache/documents/cloudbuild.v1alpha1.json
+++ b/googleapiclient/discovery_cache/documents/cloudbuild.v1alpha1.json
@@ -306,7 +306,7 @@
       }
     }
   },
-  "revision": "20220808",
+  "revision": "20220812",
   "rootUrl": "https://cloudbuild.googleapis.com/",
   "schemas": {
     "ApprovalConfig": {
diff --git a/googleapiclient/discovery_cache/documents/cloudbuild.v1alpha2.json b/googleapiclient/discovery_cache/documents/cloudbuild.v1alpha2.json
index 81daae60dc1..4d9de63bd7e 100644
--- a/googleapiclient/discovery_cache/documents/cloudbuild.v1alpha2.json
+++ b/googleapiclient/discovery_cache/documents/cloudbuild.v1alpha2.json
@@ -317,7 +317,7 @@
       }
     }
   },
-  "revision": "20220808",
+  "revision": "20220812",
   "rootUrl": "https://cloudbuild.googleapis.com/",
   "schemas": {
     "ApprovalConfig": {
diff --git a/googleapiclient/discovery_cache/documents/cloudbuild.v1beta1.json b/googleapiclient/discovery_cache/documents/cloudbuild.v1beta1.json
index 16ca9a82c7b..af5d031fc14 100644
--- a/googleapiclient/discovery_cache/documents/cloudbuild.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/cloudbuild.v1beta1.json
@@ -322,7 +322,7 @@
       }
     }
   },
-  "revision": "20220808",
+  "revision": "20220812",
   "rootUrl": "https://cloudbuild.googleapis.com/",
   "schemas": {
     "ApprovalConfig": {
diff --git a/googleapiclient/discovery_cache/documents/cloudchannel.v1.json b/googleapiclient/discovery_cache/documents/cloudchannel.v1.json
index a68b85e5247..de582051460 100644
--- a/googleapiclient/discovery_cache/documents/cloudchannel.v1.json
+++ b/googleapiclient/discovery_cache/documents/cloudchannel.v1.json
@@ -1901,7 +1901,7 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220819",
   "rootUrl": "https://cloudchannel.googleapis.com/",
   "schemas": {
     "GoogleCloudChannelV1ActivateEntitlementRequest": {
diff --git a/googleapiclient/discovery_cache/documents/clouddebugger.v2.json b/googleapiclient/discovery_cache/documents/clouddebugger.v2.json
index 2cae5dc20da..5a8ba4040c6 100644
--- a/googleapiclient/discovery_cache/documents/clouddebugger.v2.json
+++ b/googleapiclient/discovery_cache/documents/clouddebugger.v2.json
@@ -448,7 +448,7 @@
       }
     }
   },
-  "revision": "20220805",
+  "revision": "20220812",
   "rootUrl": "https://clouddebugger.googleapis.com/",
   "schemas": {
     "AliasContext": {
diff --git a/googleapiclient/discovery_cache/documents/clouddeploy.v1.json b/googleapiclient/discovery_cache/documents/clouddeploy.v1.json
index 2ea08d70026..37d86ea1502 100644
--- a/googleapiclient/discovery_cache/documents/clouddeploy.v1.json
+++ b/googleapiclient/discovery_cache/documents/clouddeploy.v1.json
@@ -1229,7 +1229,7 @@
       }
     }
   },
-  "revision": "20220725",
+  "revision": "20220818",
   "rootUrl": "https://clouddeploy.googleapis.com/",
   "schemas": {
     "AbandonReleaseRequest": {
@@ -1329,7 +1329,7 @@
           "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)."
         },
         "members": {
-          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
+          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
           "items": {
             "type": "string"
           },
@@ -2158,7 +2158,7 @@
           "type": "string"
         },
         "deployFailureCause": {
-          "description": "Output only. The reason this deploy failed. This will always be unspecified while the deploy in progress.",
+          "description": "Output only. The reason this rollout failed. This will always be unspecified while the rollout is in progress.",
           "enum": [
             "FAILURE_CAUSE_UNSPECIFIED",
             "CLOUD_BUILD_UNAVAILABLE",
@@ -2204,7 +2204,7 @@
           "type": "string"
         },
         "failureReason": {
-          "description": "Output only. Reason the build failed. Empty if the build succeeded.",
+          "description": "Output only. Additional information about the rollout failure, if available.",
           "readOnly": true,
           "type": "string"
         },
diff --git a/googleapiclient/discovery_cache/documents/clouderrorreporting.v1beta1.json b/googleapiclient/discovery_cache/documents/clouderrorreporting.v1beta1.json
index 03737807390..a16a2a5a3db 100644
--- a/googleapiclient/discovery_cache/documents/clouderrorreporting.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/clouderrorreporting.v1beta1.json
@@ -430,7 +430,7 @@
       }
     }
   },
-  "revision": "20220804",
+  "revision": "20220810",
   "rootUrl": "https://clouderrorreporting.googleapis.com/",
   "schemas": {
     "DeleteEventsResponse": {
diff --git a/googleapiclient/discovery_cache/documents/cloudfunctions.v1.json b/googleapiclient/discovery_cache/documents/cloudfunctions.v1.json
index ceb773dc513..dedffa7196a 100644
--- a/googleapiclient/discovery_cache/documents/cloudfunctions.v1.json
+++ b/googleapiclient/discovery_cache/documents/cloudfunctions.v1.json
@@ -546,7 +546,7 @@
       }
     }
   },
-  "revision": "20220805",
+  "revision": "20220811",
   "rootUrl": "https://cloudfunctions.googleapis.com/",
   "schemas": {
     "AuditConfig": {
diff --git a/googleapiclient/discovery_cache/documents/cloudfunctions.v2.json b/googleapiclient/discovery_cache/documents/cloudfunctions.v2.json
index 95aecd942a4..f52abf09d48 100644
--- a/googleapiclient/discovery_cache/documents/cloudfunctions.v2.json
+++ b/googleapiclient/discovery_cache/documents/cloudfunctions.v2.json
@@ -571,7 +571,7 @@
       }
     }
   },
-  "revision": "20220805",
+  "revision": "20220811",
   "rootUrl": "https://cloudfunctions.googleapis.com/",
   "schemas": {
     "AuditConfig": {
diff --git a/googleapiclient/discovery_cache/documents/cloudfunctions.v2alpha.json b/googleapiclient/discovery_cache/documents/cloudfunctions.v2alpha.json
index d93aba0860c..500c20ecf6c 100644
--- a/googleapiclient/discovery_cache/documents/cloudfunctions.v2alpha.json
+++ b/googleapiclient/discovery_cache/documents/cloudfunctions.v2alpha.json
@@ -571,7 +571,7 @@
       }
     }
   },
-  "revision": "20220805",
+  "revision": "20220811",
   "rootUrl": "https://cloudfunctions.googleapis.com/",
   "schemas": {
     "AuditConfig": {
diff --git a/googleapiclient/discovery_cache/documents/cloudfunctions.v2beta.json b/googleapiclient/discovery_cache/documents/cloudfunctions.v2beta.json
index 84bd2c2e6db..9c8eea9c4d3 100644
--- a/googleapiclient/discovery_cache/documents/cloudfunctions.v2beta.json
+++ b/googleapiclient/discovery_cache/documents/cloudfunctions.v2beta.json
@@ -571,7 +571,7 @@
       }
     }
   },
-  "revision": "20220805",
+  "revision": "20220811",
   "rootUrl": "https://cloudfunctions.googleapis.com/",
   "schemas": {
     "AuditConfig": {
diff --git a/googleapiclient/discovery_cache/documents/cloudidentity.v1.json b/googleapiclient/discovery_cache/documents/cloudidentity.v1.json
index 659aa80dc8a..82e9bf5d9aa 100644
--- a/googleapiclient/discovery_cache/documents/cloudidentity.v1.json
+++ b/googleapiclient/discovery_cache/documents/cloudidentity.v1.json
@@ -1608,7 +1608,7 @@
       }
     }
   },
-  "revision": "20220808",
+  "revision": "20220815",
   "rootUrl": "https://cloudidentity.googleapis.com/",
   "schemas": {
     "CancelUserInvitationRequest": {
diff --git a/googleapiclient/discovery_cache/documents/cloudidentity.v1beta1.json b/googleapiclient/discovery_cache/documents/cloudidentity.v1beta1.json
index 3e43df92643..147ab612090 100644
--- a/googleapiclient/discovery_cache/documents/cloudidentity.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/cloudidentity.v1beta1.json
@@ -1597,7 +1597,7 @@
       }
     }
   },
-  "revision": "20220808",
+  "revision": "20220815",
   "rootUrl": "https://cloudidentity.googleapis.com/",
   "schemas": {
     "AndroidAttributes": {
diff --git a/googleapiclient/discovery_cache/documents/cloudprofiler.v2.json b/googleapiclient/discovery_cache/documents/cloudprofiler.v2.json
index e6b3b1d922c..cf9901fa2ae 100644
--- a/googleapiclient/discovery_cache/documents/cloudprofiler.v2.json
+++ b/googleapiclient/discovery_cache/documents/cloudprofiler.v2.json
@@ -216,7 +216,7 @@
       }
     }
   },
-  "revision": "20220808",
+  "revision": "20220813",
   "rootUrl": "https://cloudprofiler.googleapis.com/",
   "schemas": {
     "CreateProfileRequest": {
diff --git a/googleapiclient/discovery_cache/documents/cloudresourcemanager.v1.json b/googleapiclient/discovery_cache/documents/cloudresourcemanager.v1.json
index d535f72bccd..e43278f9b7c 100644
--- a/googleapiclient/discovery_cache/documents/cloudresourcemanager.v1.json
+++ b/googleapiclient/discovery_cache/documents/cloudresourcemanager.v1.json
@@ -1171,7 +1171,7 @@
       }
     }
   },
-  "revision": "20220814",
+  "revision": "20220821",
   "rootUrl": "https://cloudresourcemanager.googleapis.com/",
   "schemas": {
     "Ancestor": {
diff --git a/googleapiclient/discovery_cache/documents/cloudresourcemanager.v1beta1.json b/googleapiclient/discovery_cache/documents/cloudresourcemanager.v1beta1.json
index 3a6afdd834a..d159d0dec52 100644
--- a/googleapiclient/discovery_cache/documents/cloudresourcemanager.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/cloudresourcemanager.v1beta1.json
@@ -566,7 +566,7 @@
       }
     }
   },
-  "revision": "20220814",
+  "revision": "20220821",
   "rootUrl": "https://cloudresourcemanager.googleapis.com/",
   "schemas": {
     "Ancestor": {
diff --git a/googleapiclient/discovery_cache/documents/cloudresourcemanager.v2.json b/googleapiclient/discovery_cache/documents/cloudresourcemanager.v2.json
index 7c34fe58c1a..1c0991e7bf1 100644
--- a/googleapiclient/discovery_cache/documents/cloudresourcemanager.v2.json
+++ b/googleapiclient/discovery_cache/documents/cloudresourcemanager.v2.json
@@ -450,7 +450,7 @@
       }
     }
   },
-  "revision": "20220814",
+  "revision": "20220821",
   "rootUrl": "https://cloudresourcemanager.googleapis.com/",
   "schemas": {
     "AuditConfig": {
diff --git a/googleapiclient/discovery_cache/documents/cloudresourcemanager.v2beta1.json b/googleapiclient/discovery_cache/documents/cloudresourcemanager.v2beta1.json
index b009aae3f84..6367965e2d2 100644
--- a/googleapiclient/discovery_cache/documents/cloudresourcemanager.v2beta1.json
+++ b/googleapiclient/discovery_cache/documents/cloudresourcemanager.v2beta1.json
@@ -450,7 +450,7 @@
       }
     }
   },
-  "revision": "20220814",
+  "revision": "20220821",
   "rootUrl": "https://cloudresourcemanager.googleapis.com/",
   "schemas": {
     "AuditConfig": {
diff --git a/googleapiclient/discovery_cache/documents/cloudresourcemanager.v3.json b/googleapiclient/discovery_cache/documents/cloudresourcemanager.v3.json
index 3a00718feea..9597f112e9d 100644
--- a/googleapiclient/discovery_cache/documents/cloudresourcemanager.v3.json
+++ b/googleapiclient/discovery_cache/documents/cloudresourcemanager.v3.json
@@ -1760,7 +1760,7 @@
       }
     }
   },
-  "revision": "20220814",
+  "revision": "20220821",
   "rootUrl": "https://cloudresourcemanager.googleapis.com/",
   "schemas": {
     "AuditConfig": {
diff --git a/googleapiclient/discovery_cache/documents/cloudsearch.v1.json b/googleapiclient/discovery_cache/documents/cloudsearch.v1.json
index c148c4871ba..abde2d0e969 100644
--- a/googleapiclient/discovery_cache/documents/cloudsearch.v1.json
+++ b/googleapiclient/discovery_cache/documents/cloudsearch.v1.json
@@ -2059,7 +2059,7 @@
       }
     }
   },
-  "revision": "20220808",
+  "revision": "20220816",
   "rootUrl": "https://cloudsearch.googleapis.com/",
   "schemas": {
     "AbuseReportingConfig": {
@@ -5468,13 +5468,6 @@
           "readOnly": true,
           "type": "array"
         },
-        "supportedCaptionLanguages": {
-          "description": "Supported caption languages in BCP 47 language code format, e.g.'en-US'.",
-          "items": {
-            "type": "string"
-          },
-          "type": "array"
-        },
         "transcriptionSessionInfo": {
           "$ref": "TranscriptionSessionInfo",
           "description": "Information about active transcription session in the ongoing conference."
@@ -15699,10 +15692,6 @@
         "uri": {
           "description": "The uri for whiteboard document.",
           "type": "string"
-        },
-        "whiteboardUri": {
-          "description": "This field is deprecated and will be removed. Please use \"uri\" instead.",
-          "type": "string"
         }
       },
       "type": "object"
diff --git a/googleapiclient/discovery_cache/documents/cloudtasks.v2.json b/googleapiclient/discovery_cache/documents/cloudtasks.v2.json
index cf32ea5bd7f..d387a63b5d9 100644
--- a/googleapiclient/discovery_cache/documents/cloudtasks.v2.json
+++ b/googleapiclient/discovery_cache/documents/cloudtasks.v2.json
@@ -685,7 +685,7 @@
       }
     }
   },
-  "revision": "20220815",
+  "revision": "20220822",
   "rootUrl": "https://cloudtasks.googleapis.com/",
   "schemas": {
     "AppEngineHttpRequest": {
diff --git a/googleapiclient/discovery_cache/documents/cloudtasks.v2beta2.json b/googleapiclient/discovery_cache/documents/cloudtasks.v2beta2.json
index 7e7ddcf26c8..1b7d285aa59 100644
--- a/googleapiclient/discovery_cache/documents/cloudtasks.v2beta2.json
+++ b/googleapiclient/discovery_cache/documents/cloudtasks.v2beta2.json
@@ -837,7 +837,7 @@
       }
     }
   },
-  "revision": "20220815",
+  "revision": "20220822",
   "rootUrl": "https://cloudtasks.googleapis.com/",
   "schemas": {
     "AcknowledgeTaskRequest": {
diff --git a/googleapiclient/discovery_cache/documents/cloudtasks.v2beta3.json b/googleapiclient/discovery_cache/documents/cloudtasks.v2beta3.json
index 9e5185ba8f4..ff8b21e9d35 100644
--- a/googleapiclient/discovery_cache/documents/cloudtasks.v2beta3.json
+++ b/googleapiclient/discovery_cache/documents/cloudtasks.v2beta3.json
@@ -697,7 +697,7 @@
       }
     }
   },
-  "revision": "20220815",
+  "revision": "20220822",
   "rootUrl": "https://cloudtasks.googleapis.com/",
   "schemas": {
     "AppEngineHttpQueue": {
diff --git a/googleapiclient/discovery_cache/documents/cloudtrace.v1.json b/googleapiclient/discovery_cache/documents/cloudtrace.v1.json
index f7b83a3b1d9..efb209e171d 100644
--- a/googleapiclient/discovery_cache/documents/cloudtrace.v1.json
+++ b/googleapiclient/discovery_cache/documents/cloudtrace.v1.json
@@ -257,7 +257,7 @@
       }
     }
   },
-  "revision": "20220728",
+  "revision": "20220817",
   "rootUrl": "https://cloudtrace.googleapis.com/",
   "schemas": {
     "Empty": {
diff --git a/googleapiclient/discovery_cache/documents/cloudtrace.v2.json b/googleapiclient/discovery_cache/documents/cloudtrace.v2.json
index 82a34da7160..b20fa1b9535 100644
--- a/googleapiclient/discovery_cache/documents/cloudtrace.v2.json
+++ b/googleapiclient/discovery_cache/documents/cloudtrace.v2.json
@@ -181,7 +181,7 @@
       }
     }
   },
-  "revision": "20220728",
+  "revision": "20220817",
   "rootUrl": "https://cloudtrace.googleapis.com/",
   "schemas": {
     "Annotation": {
diff --git a/googleapiclient/discovery_cache/documents/cloudtrace.v2beta1.json b/googleapiclient/discovery_cache/documents/cloudtrace.v2beta1.json
index 2e9afbc608e..6463ea891b6 100644
--- a/googleapiclient/discovery_cache/documents/cloudtrace.v2beta1.json
+++ b/googleapiclient/discovery_cache/documents/cloudtrace.v2beta1.json
@@ -273,7 +273,7 @@
       }
     }
   },
-  "revision": "20220728",
+  "revision": "20220817",
   "rootUrl": "https://cloudtrace.googleapis.com/",
   "schemas": {
     "Empty": {
diff --git a/googleapiclient/discovery_cache/documents/composer.v1.json b/googleapiclient/discovery_cache/documents/composer.v1.json
index d648cef820b..47365be2bb9 100644
--- a/googleapiclient/discovery_cache/documents/composer.v1.json
+++ b/googleapiclient/discovery_cache/documents/composer.v1.json
@@ -406,7 +406,7 @@
       }
     }
   },
-  "revision": "20220808",
+  "revision": "20220817",
   "rootUrl": "https://composer.googleapis.com/",
   "schemas": {
     "AllowedIpRange": {
diff --git a/googleapiclient/discovery_cache/documents/composer.v1beta1.json b/googleapiclient/discovery_cache/documents/composer.v1beta1.json
index dd0914f6bd0..81bf0473b37 100644
--- a/googleapiclient/discovery_cache/documents/composer.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/composer.v1beta1.json
@@ -518,7 +518,7 @@
       }
     }
   },
-  "revision": "20220808",
+  "revision": "20220817",
   "rootUrl": "https://composer.googleapis.com/",
   "schemas": {
     "AllowedIpRange": {
diff --git a/googleapiclient/discovery_cache/documents/compute.beta.json b/googleapiclient/discovery_cache/documents/compute.beta.json
index 390a4a4bfac..28a2e4b65c5 100644
--- a/googleapiclient/discovery_cache/documents/compute.beta.json
+++ b/googleapiclient/discovery_cache/documents/compute.beta.json
@@ -35452,7 +35452,7 @@
       }
     }
   },
-  "revision": "20220726",
+  "revision": "20220809",
   "rootUrl": "https://compute.googleapis.com/",
   "schemas": {
     "AcceleratorConfig": {
@@ -39178,7 +39178,7 @@
           "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)."
         },
         "members": {
-          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
+          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
           "items": {
             "type": "string"
           },
@@ -52130,6 +52130,9 @@
           ],
           "type": "string"
         },
+        "pscData": {
+          "$ref": "NetworkEndpointGroupPscData"
+        },
         "pscTargetService": {
           "description": "The target service url used to set up private service connection to a Google API or a PSC Producer Service Attachment. An example value is: \"asia-northeast3-cloudkms.googleapis.com\"",
           "type": "string"
@@ -52485,6 +52488,42 @@
       },
       "type": "object"
     },
+    "NetworkEndpointGroupPscData": {
+      "description": "All data that is specifically relevant to only network endpoint groups of type PRIVATE_SERVICE_CONNECT.",
+      "id": "NetworkEndpointGroupPscData",
+      "properties": {
+        "consumerPscAddress": {
+          "description": "[Output Only] Address allocated from given subnetwork for PSC. This IP address acts as a VIP for a PSC NEG, allowing it to act as an endpoint in L7 PSC-XLB.",
+          "type": "string"
+        },
+        "pscConnectionId": {
+          "description": "[Output Only] The PSC connection id of the PSC Network Endpoint Group Consumer.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "pscConnectionStatus": {
+          "description": "[Output Only] The connection status of the PSC Forwarding Rule.",
+          "enum": [
+            "ACCEPTED",
+            "CLOSED",
+            "NEEDS_ATTENTION",
+            "PENDING",
+            "REJECTED",
+            "STATUS_UNSPECIFIED"
+          ],
+          "enumDescriptions": [
+            "The connection has been accepted by the producer.",
+            "The connection has been closed by the producer and will not serve traffic going forward.",
+            "The connection has been accepted by the producer, but the producer needs to take further action before the forwarding rule can serve traffic.",
+            "The connection is pending acceptance by the producer.",
+            "The connection has been rejected by the producer.",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
     "NetworkEndpointGroupServerlessDeployment": {
       "description": "Configuration for a serverless network endpoint group (NEG). The platform must be provided. Note: The target backend service must be in the same project and located in the same region as the Serverless NEG.",
       "id": "NetworkEndpointGroupServerlessDeployment",
@@ -59189,6 +59228,13 @@
           "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
           "type": "string"
         },
+        "resourcePolicies": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "Resource policies to be added to this reservation. The key is defined by user, and the value is resource policy url. This is to define placement policy with reservation.",
+          "type": "object"
+        },
         "satisfiesPzs": {
           "description": "[Output Only] Reserved for future use.",
           "type": "boolean"
@@ -63124,6 +63170,10 @@
           "$ref": "SecurityPolicyRuleMatcher",
           "description": "A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced."
         },
+        "preconfiguredWafConfig": {
+          "$ref": "SecurityPolicyRulePreconfiguredWafConfig",
+          "description": "Preconfigured WAF configuration to be applied for the rule. If the rule does not evaluate preconfigured WAF rules, i.e., if evaluatePreconfiguredWaf() is not used, this field will have no effect."
+        },
         "preview": {
           "description": "If set to true, the specified action is not enforced.",
           "type": "boolean"
@@ -63266,6 +63316,92 @@
       },
       "type": "object"
     },
+    "SecurityPolicyRulePreconfiguredWafConfig": {
+      "id": "SecurityPolicyRulePreconfiguredWafConfig",
+      "properties": {
+        "exclusions": {
+          "description": "A list of exclusions to apply during preconfigured WAF evaluation.",
+          "items": {
+            "$ref": "SecurityPolicyRulePreconfiguredWafConfigExclusion"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "SecurityPolicyRulePreconfiguredWafConfigExclusion": {
+      "id": "SecurityPolicyRulePreconfiguredWafConfigExclusion",
+      "properties": {
+        "requestCookiesToExclude": {
+          "description": "A list of request cookie names whose value will be excluded from inspection during preconfigured WAF evaluation.",
+          "items": {
+            "$ref": "SecurityPolicyRulePreconfiguredWafConfigExclusionFieldParams"
+          },
+          "type": "array"
+        },
+        "requestHeadersToExclude": {
+          "description": "A list of request header names whose value will be excluded from inspection during preconfigured WAF evaluation.",
+          "items": {
+            "$ref": "SecurityPolicyRulePreconfiguredWafConfigExclusionFieldParams"
+          },
+          "type": "array"
+        },
+        "requestQueryParamsToExclude": {
+          "description": "A list of request query parameter names whose value will be excluded from inspection during preconfigured WAF evaluation. Note that the parameter can be in the query string or in the POST body.",
+          "items": {
+            "$ref": "SecurityPolicyRulePreconfiguredWafConfigExclusionFieldParams"
+          },
+          "type": "array"
+        },
+        "requestUrisToExclude": {
+          "description": "A list of request URIs from the request line to be excluded from inspection during preconfigured WAF evaluation. When specifying this field, the query or fragment part should be excluded.",
+          "items": {
+            "$ref": "SecurityPolicyRulePreconfiguredWafConfigExclusionFieldParams"
+          },
+          "type": "array"
+        },
+        "targetRuleIds": {
+          "description": "A list of target rule IDs under the WAF rule set to apply the preconfigured WAF exclusion. If omitted, it refers to all the rule IDs under the WAF rule set.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "targetRuleSet": {
+          "description": "Target WAF rule set to apply the preconfigured WAF exclusion.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "SecurityPolicyRulePreconfiguredWafConfigExclusionFieldParams": {
+      "id": "SecurityPolicyRulePreconfiguredWafConfigExclusionFieldParams",
+      "properties": {
+        "op": {
+          "description": "The match operator for the field.",
+          "enum": [
+            "CONTAINS",
+            "ENDS_WITH",
+            "EQUALS",
+            "EQUALS_ANY",
+            "STARTS_WITH"
+          ],
+          "enumDescriptions": [
+            "The operator matches if the field value contains the specified value.",
+            "The operator matches if the field value ends with the specified value.",
+            "The operator matches if the field value equals the specified value.",
+            "The operator matches if the field value is any value.",
+            "The operator matches if the field value starts with the specified value."
+          ],
+          "type": "string"
+        },
+        "val": {
+          "description": "The value of the field.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
     "SecurityPolicyRuleRateLimitOptions": {
       "id": "SecurityPolicyRuleRateLimitOptions",
       "properties": {
diff --git a/googleapiclient/discovery_cache/documents/contactcenterinsights.v1.json b/googleapiclient/discovery_cache/documents/contactcenterinsights.v1.json
index 8a5d8046dfb..f543fd0728f 100644
--- a/googleapiclient/discovery_cache/documents/contactcenterinsights.v1.json
+++ b/googleapiclient/discovery_cache/documents/contactcenterinsights.v1.json
@@ -1275,7 +1275,7 @@
       }
     }
   },
-  "revision": "20220806",
+  "revision": "20220812",
   "rootUrl": "https://contactcenterinsights.googleapis.com/",
   "schemas": {
     "GoogleCloudContactcenterinsightsV1Analysis": {
diff --git a/googleapiclient/discovery_cache/documents/containeranalysis.v1.json b/googleapiclient/discovery_cache/documents/containeranalysis.v1.json
index 53864b91c9d..7061c215e13 100644
--- a/googleapiclient/discovery_cache/documents/containeranalysis.v1.json
+++ b/googleapiclient/discovery_cache/documents/containeranalysis.v1.json
@@ -755,7 +755,7 @@
       }
     }
   },
-  "revision": "20220805",
+  "revision": "20220812",
   "rootUrl": "https://containeranalysis.googleapis.com/",
   "schemas": {
     "AliasContext": {
diff --git a/googleapiclient/discovery_cache/documents/containeranalysis.v1alpha1.json b/googleapiclient/discovery_cache/documents/containeranalysis.v1alpha1.json
index 419148e49c5..596bab352c8 100644
--- a/googleapiclient/discovery_cache/documents/containeranalysis.v1alpha1.json
+++ b/googleapiclient/discovery_cache/documents/containeranalysis.v1alpha1.json
@@ -1229,7 +1229,7 @@
       }
     }
   },
-  "revision": "20220805",
+  "revision": "20220812",
   "rootUrl": "https://containeranalysis.googleapis.com/",
   "schemas": {
     "AnalysisCompleted": {
diff --git a/googleapiclient/discovery_cache/documents/containeranalysis.v1beta1.json b/googleapiclient/discovery_cache/documents/containeranalysis.v1beta1.json
index ce2e8332673..b49c17a0a85 100644
--- a/googleapiclient/discovery_cache/documents/containeranalysis.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/containeranalysis.v1beta1.json
@@ -853,7 +853,7 @@
       }
     }
   },
-  "revision": "20220805",
+  "revision": "20220812",
   "rootUrl": "https://containeranalysis.googleapis.com/",
   "schemas": {
     "AliasContext": {
diff --git a/googleapiclient/discovery_cache/documents/content.v2.1.json b/googleapiclient/discovery_cache/documents/content.v2.1.json
index 42f11a553e2..a8529d4ab03 100644
--- a/googleapiclient/discovery_cache/documents/content.v2.1.json
+++ b/googleapiclient/discovery_cache/documents/content.v2.1.json
@@ -5908,7 +5908,7 @@
       }
     }
   },
-  "revision": "20220805",
+  "revision": "20220818",
   "rootUrl": "https://shoppingcontent.googleapis.com/",
   "schemas": {
     "Account": {
@@ -5957,7 +5957,7 @@
           "description": "The Business Profile which is linked or in the process of being linked with the Merchant Center account."
         },
         "id": {
-          "description": "Required for update. Merchant Center account ID.",
+          "description": "Required. 64-bit Merchant Center account ID.",
           "format": "uint64",
           "type": "string"
         },
diff --git a/googleapiclient/discovery_cache/documents/customsearch.v1.json b/googleapiclient/discovery_cache/documents/customsearch.v1.json
index 9d71f8ca5b3..91527f1c9b9 100644
--- a/googleapiclient/discovery_cache/documents/customsearch.v1.json
+++ b/googleapiclient/discovery_cache/documents/customsearch.v1.json
@@ -674,7 +674,7 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220819",
   "rootUrl": "https://customsearch.googleapis.com/",
   "schemas": {
     "Promotion": {
diff --git a/googleapiclient/discovery_cache/documents/dataflow.v1b3.json b/googleapiclient/discovery_cache/documents/dataflow.v1b3.json
index 37b8d6c7bae..301feaef72e 100644
--- a/googleapiclient/discovery_cache/documents/dataflow.v1b3.json
+++ b/googleapiclient/discovery_cache/documents/dataflow.v1b3.json
@@ -2225,7 +2225,7 @@
       }
     }
   },
-  "revision": "20220806",
+  "revision": "20220812",
   "rootUrl": "https://dataflow.googleapis.com/",
   "schemas": {
     "ApproximateProgress": {
@@ -3349,6 +3349,10 @@
           "description": "If true, when processing time is spent almost entirely on garbage collection (GC), saves a heap dump before ending the thread or process. If false, ends the thread or process without saving a heap dump. Does not save a heap dump when the Java Virtual Machine (JVM) has an out of memory error during processing. The location of the heap file is either echoed back to the user, or the user is given the opportunity to download the heap file.",
           "type": "boolean"
         },
+        "enableLauncherVmSerialPortLogging": {
+          "description": "If true serial port logging will be enabled for the launcher VM.",
+          "type": "boolean"
+        },
         "enableStreamingEngine": {
           "description": "Whether to enable Streaming Engine for the job.",
           "type": "boolean"
diff --git a/googleapiclient/discovery_cache/documents/datapipelines.v1.json b/googleapiclient/discovery_cache/documents/datapipelines.v1.json
index d40c6faf872..2eda28bebc9 100644
--- a/googleapiclient/discovery_cache/documents/datapipelines.v1.json
+++ b/googleapiclient/discovery_cache/documents/datapipelines.v1.json
@@ -371,7 +371,7 @@
       }
     }
   },
-  "revision": "20220730",
+  "revision": "20220806",
   "rootUrl": "https://datapipelines.googleapis.com/",
   "schemas": {
     "GoogleCloudDatapipelinesV1DataflowJobDetails": {
diff --git a/googleapiclient/discovery_cache/documents/dataplex.v1.json b/googleapiclient/discovery_cache/documents/dataplex.v1.json
index eebf26e595c..c75368e1456 100644
--- a/googleapiclient/discovery_cache/documents/dataplex.v1.json
+++ b/googleapiclient/discovery_cache/documents/dataplex.v1.json
@@ -2764,7 +2764,7 @@
       }
     }
   },
-  "revision": "20220725",
+  "revision": "20220818",
   "rootUrl": "https://dataplex.googleapis.com/",
   "schemas": {
     "Empty": {
@@ -5485,7 +5485,7 @@
           "description": "The condition that is associated with this binding.If the condition evaluates to true, then this binding applies to the current request.If the condition evaluates to false, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding.To learn which resources support conditions in their IAM policies, see the IAM documentation (https://cloud.google.com/iam/help/conditions/resource-policies)."
         },
         "members": {
-          "description": "Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.",
+          "description": "Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a Google service account. For example, my-other-app@appspot.gserviceaccount.com. serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]: An identifier for a Kubernetes service account (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, my-project.svc.id.goog[my-namespace/my-kubernetes-sa]. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.",
           "items": {
             "type": "string"
           },
diff --git a/googleapiclient/discovery_cache/documents/dataproc.v1.json b/googleapiclient/discovery_cache/documents/dataproc.v1.json
index 7fa0077d58d..0c0820ff417 100644
--- a/googleapiclient/discovery_cache/documents/dataproc.v1.json
+++ b/googleapiclient/discovery_cache/documents/dataproc.v1.json
@@ -2444,7 +2444,7 @@
       }
     }
   },
-  "revision": "20220804",
+  "revision": "20220814",
   "rootUrl": "https://dataproc.googleapis.com/",
   "schemas": {
     "AcceleratorConfig": {
@@ -3250,6 +3250,11 @@
       "description": "Execution configuration for a workload.",
       "id": "ExecutionConfig",
       "properties": {
+        "idleTtl": {
+          "description": "Optional. The duration to keep the underlying cluster alive while idling Passing this threshold will cause the cluster to be terminated. Minimum value is 30 minutes; maximum value is 14 days (see JSON representation of Duration (https://developers.google.com/protocol-buffers/docs/proto3#json)).",
+          "format": "google-duration",
+          "type": "string"
+        },
         "kmsKey": {
           "description": "Optional. The Cloud KMS key to use for encryption.",
           "type": "string"
diff --git a/googleapiclient/discovery_cache/documents/datastream.v1.json b/googleapiclient/discovery_cache/documents/datastream.v1.json
index 447a739d97c..3fee2cd65c5 100644
--- a/googleapiclient/discovery_cache/documents/datastream.v1.json
+++ b/googleapiclient/discovery_cache/documents/datastream.v1.json
@@ -1217,7 +1217,7 @@
       }
     }
   },
-  "revision": "20220807",
+  "revision": "20220810",
   "rootUrl": "https://datastream.googleapis.com/",
   "schemas": {
     "AvroFileFormat": {
diff --git a/googleapiclient/discovery_cache/documents/datastream.v1alpha1.json b/googleapiclient/discovery_cache/documents/datastream.v1alpha1.json
index 54499abf717..b3f07d84045 100644
--- a/googleapiclient/discovery_cache/documents/datastream.v1alpha1.json
+++ b/googleapiclient/discovery_cache/documents/datastream.v1alpha1.json
@@ -1196,7 +1196,7 @@
       }
     }
   },
-  "revision": "20220807",
+  "revision": "20220810",
   "rootUrl": "https://datastream.googleapis.com/",
   "schemas": {
     "AvroFileFormat": {
diff --git a/googleapiclient/discovery_cache/documents/dfareporting.v3.5.json b/googleapiclient/discovery_cache/documents/dfareporting.v3.5.json
index f6e6beb41cb..ebcdc6b607b 100644
--- a/googleapiclient/discovery_cache/documents/dfareporting.v3.5.json
+++ b/googleapiclient/discovery_cache/documents/dfareporting.v3.5.json
@@ -14,8 +14,8 @@
       }
     }
   },
-  "basePath": "",
-  "baseUrl": "https://dfareporting.googleapis.com/",
+  "basePath": "/dfareporting/v3.5/",
+  "baseUrl": "https://dfareporting.googleapis.com/dfareporting/v3.5/",
   "batchPath": "batch",
   "canonicalName": "Dfareporting",
   "description": "Build applications to efficiently manage large or complex trafficking, reporting, and attribution workflows for Campaign Manager 360.",
@@ -115,7 +115,7 @@
       "methods": {
         "get": {
           "description": "Gets the account's active ad summary by account ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/accountActiveAdSummaries/{summaryAccountId}",
+          "flatPath": "userprofiles/{profileId}/accountActiveAdSummaries/{summaryAccountId}",
           "httpMethod": "GET",
           "id": "dfareporting.accountActiveAdSummaries.get",
           "parameterOrder": [
@@ -138,7 +138,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/accountActiveAdSummaries/{summaryAccountId}",
+          "path": "userprofiles/{profileId}/accountActiveAdSummaries/{summaryAccountId}",
           "response": {
             "$ref": "AccountActiveAdSummary"
           },
@@ -152,7 +152,7 @@
       "methods": {
         "get": {
           "description": "Gets one account permission group by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/accountPermissionGroups/{id}",
+          "flatPath": "userprofiles/{profileId}/accountPermissionGroups/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.accountPermissionGroups.get",
           "parameterOrder": [
@@ -175,7 +175,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/accountPermissionGroups/{id}",
+          "path": "userprofiles/{profileId}/accountPermissionGroups/{id}",
           "response": {
             "$ref": "AccountPermissionGroup"
           },
@@ -185,7 +185,7 @@
         },
         "list": {
           "description": "Retrieves the list of account permission groups.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/accountPermissionGroups",
+          "flatPath": "userprofiles/{profileId}/accountPermissionGroups",
           "httpMethod": "GET",
           "id": "dfareporting.accountPermissionGroups.list",
           "parameterOrder": [
@@ -200,7 +200,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/accountPermissionGroups",
+          "path": "userprofiles/{profileId}/accountPermissionGroups",
           "response": {
             "$ref": "AccountPermissionGroupsListResponse"
           },
@@ -214,7 +214,7 @@
       "methods": {
         "get": {
           "description": "Gets one account permission by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/accountPermissions/{id}",
+          "flatPath": "userprofiles/{profileId}/accountPermissions/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.accountPermissions.get",
           "parameterOrder": [
@@ -237,7 +237,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/accountPermissions/{id}",
+          "path": "userprofiles/{profileId}/accountPermissions/{id}",
           "response": {
             "$ref": "AccountPermission"
           },
@@ -247,7 +247,7 @@
         },
         "list": {
           "description": "Retrieves the list of account permissions.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/accountPermissions",
+          "flatPath": "userprofiles/{profileId}/accountPermissions",
           "httpMethod": "GET",
           "id": "dfareporting.accountPermissions.list",
           "parameterOrder": [
@@ -262,7 +262,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/accountPermissions",
+          "path": "userprofiles/{profileId}/accountPermissions",
           "response": {
             "$ref": "AccountPermissionsListResponse"
           },
@@ -276,7 +276,7 @@
       "methods": {
         "get": {
           "description": "Gets one account user profile by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/accountUserProfiles/{id}",
+          "flatPath": "userprofiles/{profileId}/accountUserProfiles/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.accountUserProfiles.get",
           "parameterOrder": [
@@ -299,7 +299,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/accountUserProfiles/{id}",
+          "path": "userprofiles/{profileId}/accountUserProfiles/{id}",
           "response": {
             "$ref": "AccountUserProfile"
           },
@@ -309,7 +309,7 @@
         },
         "insert": {
           "description": "Inserts a new account user profile.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/accountUserProfiles",
+          "flatPath": "userprofiles/{profileId}/accountUserProfiles",
           "httpMethod": "POST",
           "id": "dfareporting.accountUserProfiles.insert",
           "parameterOrder": [
@@ -324,7 +324,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/accountUserProfiles",
+          "path": "userprofiles/{profileId}/accountUserProfiles",
           "request": {
             "$ref": "AccountUserProfile"
           },
@@ -337,7 +337,7 @@
         },
         "list": {
           "description": "Retrieves a list of account user profiles, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/accountUserProfiles",
+          "flatPath": "userprofiles/{profileId}/accountUserProfiles",
           "httpMethod": "GET",
           "id": "dfareporting.accountUserProfiles.list",
           "parameterOrder": [
@@ -423,7 +423,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/accountUserProfiles",
+          "path": "userprofiles/{profileId}/accountUserProfiles",
           "response": {
             "$ref": "AccountUserProfilesListResponse"
           },
@@ -433,7 +433,7 @@
         },
         "patch": {
           "description": "Updates an existing account user profile. This method supports patch semantics.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/accountUserProfiles",
+          "flatPath": "userprofiles/{profileId}/accountUserProfiles",
           "httpMethod": "PATCH",
           "id": "dfareporting.accountUserProfiles.patch",
           "parameterOrder": [
@@ -456,7 +456,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/accountUserProfiles",
+          "path": "userprofiles/{profileId}/accountUserProfiles",
           "request": {
             "$ref": "AccountUserProfile"
           },
@@ -469,7 +469,7 @@
         },
         "update": {
           "description": "Updates an existing account user profile.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/accountUserProfiles",
+          "flatPath": "userprofiles/{profileId}/accountUserProfiles",
           "httpMethod": "PUT",
           "id": "dfareporting.accountUserProfiles.update",
           "parameterOrder": [
@@ -484,7 +484,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/accountUserProfiles",
+          "path": "userprofiles/{profileId}/accountUserProfiles",
           "request": {
             "$ref": "AccountUserProfile"
           },
@@ -501,7 +501,7 @@
       "methods": {
         "get": {
           "description": "Gets one account by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/accounts/{id}",
+          "flatPath": "userprofiles/{profileId}/accounts/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.accounts.get",
           "parameterOrder": [
@@ -524,7 +524,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/accounts/{id}",
+          "path": "userprofiles/{profileId}/accounts/{id}",
           "response": {
             "$ref": "Account"
           },
@@ -534,7 +534,7 @@
         },
         "list": {
           "description": "Retrieves the list of accounts, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/accounts",
+          "flatPath": "userprofiles/{profileId}/accounts",
           "httpMethod": "GET",
           "id": "dfareporting.accounts.list",
           "parameterOrder": [
@@ -608,7 +608,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/accounts",
+          "path": "userprofiles/{profileId}/accounts",
           "response": {
             "$ref": "AccountsListResponse"
           },
@@ -618,7 +618,7 @@
         },
         "patch": {
           "description": "Updates an existing account. This method supports patch semantics.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/accounts",
+          "flatPath": "userprofiles/{profileId}/accounts",
           "httpMethod": "PATCH",
           "id": "dfareporting.accounts.patch",
           "parameterOrder": [
@@ -641,7 +641,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/accounts",
+          "path": "userprofiles/{profileId}/accounts",
           "request": {
             "$ref": "Account"
           },
@@ -654,7 +654,7 @@
         },
         "update": {
           "description": "Updates an existing account.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/accounts",
+          "flatPath": "userprofiles/{profileId}/accounts",
           "httpMethod": "PUT",
           "id": "dfareporting.accounts.update",
           "parameterOrder": [
@@ -669,7 +669,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/accounts",
+          "path": "userprofiles/{profileId}/accounts",
           "request": {
             "$ref": "Account"
           },
@@ -686,7 +686,7 @@
       "methods": {
         "get": {
           "description": "Gets one ad by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/ads/{id}",
+          "flatPath": "userprofiles/{profileId}/ads/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.ads.get",
           "parameterOrder": [
@@ -709,7 +709,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/ads/{id}",
+          "path": "userprofiles/{profileId}/ads/{id}",
           "response": {
             "$ref": "Ad"
           },
@@ -719,7 +719,7 @@
         },
         "insert": {
           "description": "Inserts a new ad.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/ads",
+          "flatPath": "userprofiles/{profileId}/ads",
           "httpMethod": "POST",
           "id": "dfareporting.ads.insert",
           "parameterOrder": [
@@ -734,7 +734,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/ads",
+          "path": "userprofiles/{profileId}/ads",
           "request": {
             "$ref": "Ad"
           },
@@ -747,7 +747,7 @@
         },
         "list": {
           "description": "Retrieves a list of ads, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/ads",
+          "flatPath": "userprofiles/{profileId}/ads",
           "httpMethod": "GET",
           "id": "dfareporting.ads.list",
           "parameterOrder": [
@@ -950,7 +950,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/ads",
+          "path": "userprofiles/{profileId}/ads",
           "response": {
             "$ref": "AdsListResponse"
           },
@@ -960,7 +960,7 @@
         },
         "patch": {
           "description": "Updates an existing ad. This method supports patch semantics.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/ads",
+          "flatPath": "userprofiles/{profileId}/ads",
           "httpMethod": "PATCH",
           "id": "dfareporting.ads.patch",
           "parameterOrder": [
@@ -983,7 +983,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/ads",
+          "path": "userprofiles/{profileId}/ads",
           "request": {
             "$ref": "Ad"
           },
@@ -996,7 +996,7 @@
         },
         "update": {
           "description": "Updates an existing ad.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/ads",
+          "flatPath": "userprofiles/{profileId}/ads",
           "httpMethod": "PUT",
           "id": "dfareporting.ads.update",
           "parameterOrder": [
@@ -1011,7 +1011,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/ads",
+          "path": "userprofiles/{profileId}/ads",
           "request": {
             "$ref": "Ad"
           },
@@ -1028,7 +1028,7 @@
       "methods": {
         "delete": {
           "description": "Deletes an existing advertiser group.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/advertiserGroups/{id}",
+          "flatPath": "userprofiles/{profileId}/advertiserGroups/{id}",
           "httpMethod": "DELETE",
           "id": "dfareporting.advertiserGroups.delete",
           "parameterOrder": [
@@ -1051,14 +1051,14 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/advertiserGroups/{id}",
+          "path": "userprofiles/{profileId}/advertiserGroups/{id}",
           "scopes": [
             "https://www.googleapis.com/auth/dfatrafficking"
           ]
         },
         "get": {
           "description": "Gets one advertiser group by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/advertiserGroups/{id}",
+          "flatPath": "userprofiles/{profileId}/advertiserGroups/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.advertiserGroups.get",
           "parameterOrder": [
@@ -1081,7 +1081,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/advertiserGroups/{id}",
+          "path": "userprofiles/{profileId}/advertiserGroups/{id}",
           "response": {
             "$ref": "AdvertiserGroup"
           },
@@ -1091,7 +1091,7 @@
         },
         "insert": {
           "description": "Inserts a new advertiser group.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/advertiserGroups",
+          "flatPath": "userprofiles/{profileId}/advertiserGroups",
           "httpMethod": "POST",
           "id": "dfareporting.advertiserGroups.insert",
           "parameterOrder": [
@@ -1106,7 +1106,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/advertiserGroups",
+          "path": "userprofiles/{profileId}/advertiserGroups",
           "request": {
             "$ref": "AdvertiserGroup"
           },
@@ -1119,7 +1119,7 @@
         },
         "list": {
           "description": "Retrieves a list of advertiser groups, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/advertiserGroups",
+          "flatPath": "userprofiles/{profileId}/advertiserGroups",
           "httpMethod": "GET",
           "id": "dfareporting.advertiserGroups.list",
           "parameterOrder": [
@@ -1188,7 +1188,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/advertiserGroups",
+          "path": "userprofiles/{profileId}/advertiserGroups",
           "response": {
             "$ref": "AdvertiserGroupsListResponse"
           },
@@ -1198,7 +1198,7 @@
         },
         "patch": {
           "description": "Updates an existing advertiser group. This method supports patch semantics.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/advertiserGroups",
+          "flatPath": "userprofiles/{profileId}/advertiserGroups",
           "httpMethod": "PATCH",
           "id": "dfareporting.advertiserGroups.patch",
           "parameterOrder": [
@@ -1221,7 +1221,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/advertiserGroups",
+          "path": "userprofiles/{profileId}/advertiserGroups",
           "request": {
             "$ref": "AdvertiserGroup"
           },
@@ -1234,7 +1234,7 @@
         },
         "update": {
           "description": "Updates an existing advertiser group.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/advertiserGroups",
+          "flatPath": "userprofiles/{profileId}/advertiserGroups",
           "httpMethod": "PUT",
           "id": "dfareporting.advertiserGroups.update",
           "parameterOrder": [
@@ -1249,7 +1249,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/advertiserGroups",
+          "path": "userprofiles/{profileId}/advertiserGroups",
           "request": {
             "$ref": "AdvertiserGroup"
           },
@@ -1266,7 +1266,7 @@
       "methods": {
         "get": {
           "description": "Gets one landing page by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/advertiserLandingPages/{id}",
+          "flatPath": "userprofiles/{profileId}/advertiserLandingPages/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.advertiserLandingPages.get",
           "parameterOrder": [
@@ -1289,7 +1289,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/advertiserLandingPages/{id}",
+          "path": "userprofiles/{profileId}/advertiserLandingPages/{id}",
           "response": {
             "$ref": "LandingPage"
           },
@@ -1299,7 +1299,7 @@
         },
         "insert": {
           "description": "Inserts a new landing page.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/advertiserLandingPages",
+          "flatPath": "userprofiles/{profileId}/advertiserLandingPages",
           "httpMethod": "POST",
           "id": "dfareporting.advertiserLandingPages.insert",
           "parameterOrder": [
@@ -1314,7 +1314,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/advertiserLandingPages",
+          "path": "userprofiles/{profileId}/advertiserLandingPages",
           "request": {
             "$ref": "LandingPage"
           },
@@ -1327,7 +1327,7 @@
         },
         "list": {
           "description": "Retrieves a list of landing pages.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/advertiserLandingPages",
+          "flatPath": "userprofiles/{profileId}/advertiserLandingPages",
           "httpMethod": "GET",
           "id": "dfareporting.advertiserLandingPages.list",
           "parameterOrder": [
@@ -1421,7 +1421,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/advertiserLandingPages",
+          "path": "userprofiles/{profileId}/advertiserLandingPages",
           "response": {
             "$ref": "AdvertiserLandingPagesListResponse"
           },
@@ -1431,7 +1431,7 @@
         },
         "patch": {
           "description": "Updates an existing advertiser landing page. This method supports patch semantics.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/advertiserLandingPages",
+          "flatPath": "userprofiles/{profileId}/advertiserLandingPages",
           "httpMethod": "PATCH",
           "id": "dfareporting.advertiserLandingPages.patch",
           "parameterOrder": [
@@ -1454,7 +1454,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/advertiserLandingPages",
+          "path": "userprofiles/{profileId}/advertiserLandingPages",
           "request": {
             "$ref": "LandingPage"
           },
@@ -1467,7 +1467,7 @@
         },
         "update": {
           "description": "Updates an existing landing page.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/advertiserLandingPages",
+          "flatPath": "userprofiles/{profileId}/advertiserLandingPages",
           "httpMethod": "PUT",
           "id": "dfareporting.advertiserLandingPages.update",
           "parameterOrder": [
@@ -1482,7 +1482,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/advertiserLandingPages",
+          "path": "userprofiles/{profileId}/advertiserLandingPages",
           "request": {
             "$ref": "LandingPage"
           },
@@ -1499,7 +1499,7 @@
       "methods": {
         "get": {
           "description": "Gets one advertiser by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/advertisers/{id}",
+          "flatPath": "userprofiles/{profileId}/advertisers/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.advertisers.get",
           "parameterOrder": [
@@ -1522,7 +1522,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/advertisers/{id}",
+          "path": "userprofiles/{profileId}/advertisers/{id}",
           "response": {
             "$ref": "Advertiser"
           },
@@ -1532,7 +1532,7 @@
         },
         "insert": {
           "description": "Inserts a new advertiser.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/advertisers",
+          "flatPath": "userprofiles/{profileId}/advertisers",
           "httpMethod": "POST",
           "id": "dfareporting.advertisers.insert",
           "parameterOrder": [
@@ -1547,7 +1547,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/advertisers",
+          "path": "userprofiles/{profileId}/advertisers",
           "request": {
             "$ref": "Advertiser"
           },
@@ -1560,7 +1560,7 @@
         },
         "list": {
           "description": "Retrieves a list of advertisers, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/advertisers",
+          "flatPath": "userprofiles/{profileId}/advertisers",
           "httpMethod": "GET",
           "id": "dfareporting.advertisers.list",
           "parameterOrder": [
@@ -1672,7 +1672,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/advertisers",
+          "path": "userprofiles/{profileId}/advertisers",
           "response": {
             "$ref": "AdvertisersListResponse"
           },
@@ -1682,7 +1682,7 @@
         },
         "patch": {
           "description": "Updates an existing advertiser. This method supports patch semantics.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/advertisers",
+          "flatPath": "userprofiles/{profileId}/advertisers",
           "httpMethod": "PATCH",
           "id": "dfareporting.advertisers.patch",
           "parameterOrder": [
@@ -1705,7 +1705,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/advertisers",
+          "path": "userprofiles/{profileId}/advertisers",
           "request": {
             "$ref": "Advertiser"
           },
@@ -1718,7 +1718,7 @@
         },
         "update": {
           "description": "Updates an existing advertiser.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/advertisers",
+          "flatPath": "userprofiles/{profileId}/advertisers",
           "httpMethod": "PUT",
           "id": "dfareporting.advertisers.update",
           "parameterOrder": [
@@ -1733,7 +1733,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/advertisers",
+          "path": "userprofiles/{profileId}/advertisers",
           "request": {
             "$ref": "Advertiser"
           },
@@ -1750,7 +1750,7 @@
       "methods": {
         "list": {
           "description": "Retrieves a list of browsers.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/browsers",
+          "flatPath": "userprofiles/{profileId}/browsers",
           "httpMethod": "GET",
           "id": "dfareporting.browsers.list",
           "parameterOrder": [
@@ -1765,7 +1765,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/browsers",
+          "path": "userprofiles/{profileId}/browsers",
           "response": {
             "$ref": "BrowsersListResponse"
           },
@@ -1779,7 +1779,7 @@
       "methods": {
         "insert": {
           "description": "Associates a creative with the specified campaign. This method creates a default ad with dimensions matching the creative in the campaign if such a default ad does not exist already.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/campaigns/{campaignId}/campaignCreativeAssociations",
+          "flatPath": "userprofiles/{profileId}/campaigns/{campaignId}/campaignCreativeAssociations",
           "httpMethod": "POST",
           "id": "dfareporting.campaignCreativeAssociations.insert",
           "parameterOrder": [
@@ -1802,7 +1802,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/campaigns/{campaignId}/campaignCreativeAssociations",
+          "path": "userprofiles/{profileId}/campaigns/{campaignId}/campaignCreativeAssociations",
           "request": {
             "$ref": "CampaignCreativeAssociation"
           },
@@ -1815,7 +1815,7 @@
         },
         "list": {
           "description": "Retrieves the list of creative IDs associated with the specified campaign. This method supports paging.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/campaigns/{campaignId}/campaignCreativeAssociations",
+          "flatPath": "userprofiles/{profileId}/campaigns/{campaignId}/campaignCreativeAssociations",
           "httpMethod": "GET",
           "id": "dfareporting.campaignCreativeAssociations.list",
           "parameterOrder": [
@@ -1866,7 +1866,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/campaigns/{campaignId}/campaignCreativeAssociations",
+          "path": "userprofiles/{profileId}/campaigns/{campaignId}/campaignCreativeAssociations",
           "response": {
             "$ref": "CampaignCreativeAssociationsListResponse"
           },
@@ -1880,7 +1880,7 @@
       "methods": {
         "get": {
           "description": "Gets one campaign by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/campaigns/{id}",
+          "flatPath": "userprofiles/{profileId}/campaigns/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.campaigns.get",
           "parameterOrder": [
@@ -1903,7 +1903,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/campaigns/{id}",
+          "path": "userprofiles/{profileId}/campaigns/{id}",
           "response": {
             "$ref": "Campaign"
           },
@@ -1913,7 +1913,7 @@
         },
         "insert": {
           "description": "Inserts a new campaign.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/campaigns",
+          "flatPath": "userprofiles/{profileId}/campaigns",
           "httpMethod": "POST",
           "id": "dfareporting.campaigns.insert",
           "parameterOrder": [
@@ -1928,7 +1928,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/campaigns",
+          "path": "userprofiles/{profileId}/campaigns",
           "request": {
             "$ref": "Campaign"
           },
@@ -1941,7 +1941,7 @@
         },
         "list": {
           "description": "Retrieves a list of campaigns, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/campaigns",
+          "flatPath": "userprofiles/{profileId}/campaigns",
           "httpMethod": "GET",
           "id": "dfareporting.campaigns.list",
           "parameterOrder": [
@@ -2053,7 +2053,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/campaigns",
+          "path": "userprofiles/{profileId}/campaigns",
           "response": {
             "$ref": "CampaignsListResponse"
           },
@@ -2063,7 +2063,7 @@
         },
         "patch": {
           "description": "Updates an existing campaign. This method supports patch semantics.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/campaigns",
+          "flatPath": "userprofiles/{profileId}/campaigns",
           "httpMethod": "PATCH",
           "id": "dfareporting.campaigns.patch",
           "parameterOrder": [
@@ -2086,7 +2086,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/campaigns",
+          "path": "userprofiles/{profileId}/campaigns",
           "request": {
             "$ref": "Campaign"
           },
@@ -2099,7 +2099,7 @@
         },
         "update": {
           "description": "Updates an existing campaign.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/campaigns",
+          "flatPath": "userprofiles/{profileId}/campaigns",
           "httpMethod": "PUT",
           "id": "dfareporting.campaigns.update",
           "parameterOrder": [
@@ -2114,7 +2114,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/campaigns",
+          "path": "userprofiles/{profileId}/campaigns",
           "request": {
             "$ref": "Campaign"
           },
@@ -2131,7 +2131,7 @@
       "methods": {
         "get": {
           "description": "Gets one change log by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/changeLogs/{id}",
+          "flatPath": "userprofiles/{profileId}/changeLogs/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.changeLogs.get",
           "parameterOrder": [
@@ -2154,7 +2154,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/changeLogs/{id}",
+          "path": "userprofiles/{profileId}/changeLogs/{id}",
           "response": {
             "$ref": "ChangeLog"
           },
@@ -2164,7 +2164,7 @@
         },
         "list": {
           "description": "Retrieves a list of change logs. This method supports paging.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/changeLogs",
+          "flatPath": "userprofiles/{profileId}/changeLogs",
           "httpMethod": "GET",
           "id": "dfareporting.changeLogs.list",
           "parameterOrder": [
@@ -2363,7 +2363,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/changeLogs",
+          "path": "userprofiles/{profileId}/changeLogs",
           "response": {
             "$ref": "ChangeLogsListResponse"
           },
@@ -2377,7 +2377,7 @@
       "methods": {
         "list": {
           "description": "Retrieves a list of cities, possibly filtered.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/cities",
+          "flatPath": "userprofiles/{profileId}/cities",
           "httpMethod": "GET",
           "id": "dfareporting.cities.list",
           "parameterOrder": [
@@ -2418,7 +2418,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/cities",
+          "path": "userprofiles/{profileId}/cities",
           "response": {
             "$ref": "CitiesListResponse"
           },
@@ -2432,7 +2432,7 @@
       "methods": {
         "get": {
           "description": "Gets one connection type by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/connectionTypes/{id}",
+          "flatPath": "userprofiles/{profileId}/connectionTypes/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.connectionTypes.get",
           "parameterOrder": [
@@ -2455,7 +2455,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/connectionTypes/{id}",
+          "path": "userprofiles/{profileId}/connectionTypes/{id}",
           "response": {
             "$ref": "ConnectionType"
           },
@@ -2465,7 +2465,7 @@
         },
         "list": {
           "description": "Retrieves a list of connection types.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/connectionTypes",
+          "flatPath": "userprofiles/{profileId}/connectionTypes",
           "httpMethod": "GET",
           "id": "dfareporting.connectionTypes.list",
           "parameterOrder": [
@@ -2480,7 +2480,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/connectionTypes",
+          "path": "userprofiles/{profileId}/connectionTypes",
           "response": {
             "$ref": "ConnectionTypesListResponse"
           },
@@ -2494,7 +2494,7 @@
       "methods": {
         "delete": {
           "description": "Deletes an existing content category.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/contentCategories/{id}",
+          "flatPath": "userprofiles/{profileId}/contentCategories/{id}",
           "httpMethod": "DELETE",
           "id": "dfareporting.contentCategories.delete",
           "parameterOrder": [
@@ -2517,14 +2517,14 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/contentCategories/{id}",
+          "path": "userprofiles/{profileId}/contentCategories/{id}",
           "scopes": [
             "https://www.googleapis.com/auth/dfatrafficking"
           ]
         },
         "get": {
           "description": "Gets one content category by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/contentCategories/{id}",
+          "flatPath": "userprofiles/{profileId}/contentCategories/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.contentCategories.get",
           "parameterOrder": [
@@ -2547,7 +2547,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/contentCategories/{id}",
+          "path": "userprofiles/{profileId}/contentCategories/{id}",
           "response": {
             "$ref": "ContentCategory"
           },
@@ -2557,7 +2557,7 @@
         },
         "insert": {
           "description": "Inserts a new content category.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/contentCategories",
+          "flatPath": "userprofiles/{profileId}/contentCategories",
           "httpMethod": "POST",
           "id": "dfareporting.contentCategories.insert",
           "parameterOrder": [
@@ -2572,7 +2572,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/contentCategories",
+          "path": "userprofiles/{profileId}/contentCategories",
           "request": {
             "$ref": "ContentCategory"
           },
@@ -2585,7 +2585,7 @@
         },
         "list": {
           "description": "Retrieves a list of content categories, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/contentCategories",
+          "flatPath": "userprofiles/{profileId}/contentCategories",
           "httpMethod": "GET",
           "id": "dfareporting.contentCategories.list",
           "parameterOrder": [
@@ -2654,7 +2654,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/contentCategories",
+          "path": "userprofiles/{profileId}/contentCategories",
           "response": {
             "$ref": "ContentCategoriesListResponse"
           },
@@ -2664,7 +2664,7 @@
         },
         "patch": {
           "description": "Updates an existing content category. This method supports patch semantics.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/contentCategories",
+          "flatPath": "userprofiles/{profileId}/contentCategories",
           "httpMethod": "PATCH",
           "id": "dfareporting.contentCategories.patch",
           "parameterOrder": [
@@ -2687,7 +2687,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/contentCategories",
+          "path": "userprofiles/{profileId}/contentCategories",
           "request": {
             "$ref": "ContentCategory"
           },
@@ -2700,7 +2700,7 @@
         },
         "update": {
           "description": "Updates an existing content category.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/contentCategories",
+          "flatPath": "userprofiles/{profileId}/contentCategories",
           "httpMethod": "PUT",
           "id": "dfareporting.contentCategories.update",
           "parameterOrder": [
@@ -2715,7 +2715,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/contentCategories",
+          "path": "userprofiles/{profileId}/contentCategories",
           "request": {
             "$ref": "ContentCategory"
           },
@@ -2732,7 +2732,7 @@
       "methods": {
         "batchinsert": {
           "description": "Inserts conversions.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/conversions/batchinsert",
+          "flatPath": "userprofiles/{profileId}/conversions/batchinsert",
           "httpMethod": "POST",
           "id": "dfareporting.conversions.batchinsert",
           "parameterOrder": [
@@ -2747,7 +2747,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/conversions/batchinsert",
+          "path": "userprofiles/{profileId}/conversions/batchinsert",
           "request": {
             "$ref": "ConversionsBatchInsertRequest"
           },
@@ -2760,7 +2760,7 @@
         },
         "batchupdate": {
           "description": "Updates existing conversions.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/conversions/batchupdate",
+          "flatPath": "userprofiles/{profileId}/conversions/batchupdate",
           "httpMethod": "POST",
           "id": "dfareporting.conversions.batchupdate",
           "parameterOrder": [
@@ -2775,7 +2775,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/conversions/batchupdate",
+          "path": "userprofiles/{profileId}/conversions/batchupdate",
           "request": {
             "$ref": "ConversionsBatchUpdateRequest"
           },
@@ -2792,7 +2792,7 @@
       "methods": {
         "get": {
           "description": "Gets one country by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/countries/{dartId}",
+          "flatPath": "userprofiles/{profileId}/countries/{dartId}",
           "httpMethod": "GET",
           "id": "dfareporting.countries.get",
           "parameterOrder": [
@@ -2815,7 +2815,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/countries/{dartId}",
+          "path": "userprofiles/{profileId}/countries/{dartId}",
           "response": {
             "$ref": "Country"
           },
@@ -2825,7 +2825,7 @@
         },
         "list": {
           "description": "Retrieves a list of countries.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/countries",
+          "flatPath": "userprofiles/{profileId}/countries",
           "httpMethod": "GET",
           "id": "dfareporting.countries.list",
           "parameterOrder": [
@@ -2840,7 +2840,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/countries",
+          "path": "userprofiles/{profileId}/countries",
           "response": {
             "$ref": "CountriesListResponse"
           },
@@ -2854,7 +2854,7 @@
       "methods": {
         "insert": {
           "description": "Inserts a new creative asset.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/creativeAssets/{advertiserId}/creativeAssets",
+          "flatPath": "userprofiles/{profileId}/creativeAssets/{advertiserId}/creativeAssets",
           "httpMethod": "POST",
           "id": "dfareporting.creativeAssets.insert",
           "mediaUpload": {
@@ -2889,7 +2889,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/creativeAssets/{advertiserId}/creativeAssets",
+          "path": "userprofiles/{profileId}/creativeAssets/{advertiserId}/creativeAssets",
           "request": {
             "$ref": "CreativeAssetMetadata"
           },
@@ -2907,7 +2907,7 @@
       "methods": {
         "delete": {
           "description": "Deletes an existing creative field value.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues/{id}",
+          "flatPath": "userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues/{id}",
           "httpMethod": "DELETE",
           "id": "dfareporting.creativeFieldValues.delete",
           "parameterOrder": [
@@ -2938,14 +2938,14 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues/{id}",
+          "path": "userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues/{id}",
           "scopes": [
             "https://www.googleapis.com/auth/dfatrafficking"
           ]
         },
         "get": {
           "description": "Gets one creative field value by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues/{id}",
+          "flatPath": "userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.creativeFieldValues.get",
           "parameterOrder": [
@@ -2976,7 +2976,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues/{id}",
+          "path": "userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues/{id}",
           "response": {
             "$ref": "CreativeFieldValue"
           },
@@ -2986,7 +2986,7 @@
         },
         "insert": {
           "description": "Inserts a new creative field value.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues",
+          "flatPath": "userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues",
           "httpMethod": "POST",
           "id": "dfareporting.creativeFieldValues.insert",
           "parameterOrder": [
@@ -3009,7 +3009,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues",
+          "path": "userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues",
           "request": {
             "$ref": "CreativeFieldValue"
           },
@@ -3022,7 +3022,7 @@
         },
         "list": {
           "description": "Retrieves a list of creative field values, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues",
+          "flatPath": "userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues",
           "httpMethod": "GET",
           "id": "dfareporting.creativeFieldValues.list",
           "parameterOrder": [
@@ -3099,7 +3099,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues",
+          "path": "userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues",
           "response": {
             "$ref": "CreativeFieldValuesListResponse"
           },
@@ -3109,7 +3109,7 @@
         },
         "patch": {
           "description": "Updates an existing creative field value. This method supports patch semantics.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues",
+          "flatPath": "userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues",
           "httpMethod": "PATCH",
           "id": "dfareporting.creativeFieldValues.patch",
           "parameterOrder": [
@@ -3140,7 +3140,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues",
+          "path": "userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues",
           "request": {
             "$ref": "CreativeFieldValue"
           },
@@ -3153,7 +3153,7 @@
         },
         "update": {
           "description": "Updates an existing creative field value.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues",
+          "flatPath": "userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues",
           "httpMethod": "PUT",
           "id": "dfareporting.creativeFieldValues.update",
           "parameterOrder": [
@@ -3176,7 +3176,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues",
+          "path": "userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues",
           "request": {
             "$ref": "CreativeFieldValue"
           },
@@ -3193,7 +3193,7 @@
       "methods": {
         "delete": {
           "description": "Deletes an existing creative field.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/creativeFields/{id}",
+          "flatPath": "userprofiles/{profileId}/creativeFields/{id}",
           "httpMethod": "DELETE",
           "id": "dfareporting.creativeFields.delete",
           "parameterOrder": [
@@ -3216,14 +3216,14 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/creativeFields/{id}",
+          "path": "userprofiles/{profileId}/creativeFields/{id}",
           "scopes": [
             "https://www.googleapis.com/auth/dfatrafficking"
           ]
         },
         "get": {
           "description": "Gets one creative field by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/creativeFields/{id}",
+          "flatPath": "userprofiles/{profileId}/creativeFields/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.creativeFields.get",
           "parameterOrder": [
@@ -3246,7 +3246,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/creativeFields/{id}",
+          "path": "userprofiles/{profileId}/creativeFields/{id}",
           "response": {
             "$ref": "CreativeField"
           },
@@ -3256,7 +3256,7 @@
         },
         "insert": {
           "description": "Inserts a new creative field.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/creativeFields",
+          "flatPath": "userprofiles/{profileId}/creativeFields",
           "httpMethod": "POST",
           "id": "dfareporting.creativeFields.insert",
           "parameterOrder": [
@@ -3271,7 +3271,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/creativeFields",
+          "path": "userprofiles/{profileId}/creativeFields",
           "request": {
             "$ref": "CreativeField"
           },
@@ -3284,7 +3284,7 @@
         },
         "list": {
           "description": "Retrieves a list of creative fields, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/creativeFields",
+          "flatPath": "userprofiles/{profileId}/creativeFields",
           "httpMethod": "GET",
           "id": "dfareporting.creativeFields.list",
           "parameterOrder": [
@@ -3360,7 +3360,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/creativeFields",
+          "path": "userprofiles/{profileId}/creativeFields",
           "response": {
             "$ref": "CreativeFieldsListResponse"
           },
@@ -3370,7 +3370,7 @@
         },
         "patch": {
           "description": "Updates an existing creative field. This method supports patch semantics.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/creativeFields",
+          "flatPath": "userprofiles/{profileId}/creativeFields",
           "httpMethod": "PATCH",
           "id": "dfareporting.creativeFields.patch",
           "parameterOrder": [
@@ -3393,7 +3393,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/creativeFields",
+          "path": "userprofiles/{profileId}/creativeFields",
           "request": {
             "$ref": "CreativeField"
           },
@@ -3406,7 +3406,7 @@
         },
         "update": {
           "description": "Updates an existing creative field.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/creativeFields",
+          "flatPath": "userprofiles/{profileId}/creativeFields",
           "httpMethod": "PUT",
           "id": "dfareporting.creativeFields.update",
           "parameterOrder": [
@@ -3421,7 +3421,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/creativeFields",
+          "path": "userprofiles/{profileId}/creativeFields",
           "request": {
             "$ref": "CreativeField"
           },
@@ -3438,7 +3438,7 @@
       "methods": {
         "get": {
           "description": "Gets one creative group by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/creativeGroups/{id}",
+          "flatPath": "userprofiles/{profileId}/creativeGroups/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.creativeGroups.get",
           "parameterOrder": [
@@ -3461,7 +3461,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/creativeGroups/{id}",
+          "path": "userprofiles/{profileId}/creativeGroups/{id}",
           "response": {
             "$ref": "CreativeGroup"
           },
@@ -3471,7 +3471,7 @@
         },
         "insert": {
           "description": "Inserts a new creative group.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/creativeGroups",
+          "flatPath": "userprofiles/{profileId}/creativeGroups",
           "httpMethod": "POST",
           "id": "dfareporting.creativeGroups.insert",
           "parameterOrder": [
@@ -3486,7 +3486,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/creativeGroups",
+          "path": "userprofiles/{profileId}/creativeGroups",
           "request": {
             "$ref": "CreativeGroup"
           },
@@ -3499,7 +3499,7 @@
         },
         "list": {
           "description": "Retrieves a list of creative groups, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/creativeGroups",
+          "flatPath": "userprofiles/{profileId}/creativeGroups",
           "httpMethod": "GET",
           "id": "dfareporting.creativeGroups.list",
           "parameterOrder": [
@@ -3583,7 +3583,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/creativeGroups",
+          "path": "userprofiles/{profileId}/creativeGroups",
           "response": {
             "$ref": "CreativeGroupsListResponse"
           },
@@ -3593,7 +3593,7 @@
         },
         "patch": {
           "description": "Updates an existing creative group. This method supports patch semantics.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/creativeGroups",
+          "flatPath": "userprofiles/{profileId}/creativeGroups",
           "httpMethod": "PATCH",
           "id": "dfareporting.creativeGroups.patch",
           "parameterOrder": [
@@ -3616,7 +3616,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/creativeGroups",
+          "path": "userprofiles/{profileId}/creativeGroups",
           "request": {
             "$ref": "CreativeGroup"
           },
@@ -3629,7 +3629,7 @@
         },
         "update": {
           "description": "Updates an existing creative group.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/creativeGroups",
+          "flatPath": "userprofiles/{profileId}/creativeGroups",
           "httpMethod": "PUT",
           "id": "dfareporting.creativeGroups.update",
           "parameterOrder": [
@@ -3644,7 +3644,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/creativeGroups",
+          "path": "userprofiles/{profileId}/creativeGroups",
           "request": {
             "$ref": "CreativeGroup"
           },
@@ -3661,7 +3661,7 @@
       "methods": {
         "get": {
           "description": "Gets one creative by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/creatives/{id}",
+          "flatPath": "userprofiles/{profileId}/creatives/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.creatives.get",
           "parameterOrder": [
@@ -3684,7 +3684,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/creatives/{id}",
+          "path": "userprofiles/{profileId}/creatives/{id}",
           "response": {
             "$ref": "Creative"
           },
@@ -3694,7 +3694,7 @@
         },
         "insert": {
           "description": "Inserts a new creative.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/creatives",
+          "flatPath": "userprofiles/{profileId}/creatives",
           "httpMethod": "POST",
           "id": "dfareporting.creatives.insert",
           "parameterOrder": [
@@ -3709,7 +3709,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/creatives",
+          "path": "userprofiles/{profileId}/creatives",
           "request": {
             "$ref": "Creative"
           },
@@ -3722,7 +3722,7 @@
         },
         "list": {
           "description": "Retrieves a list of creatives, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/creatives",
+          "flatPath": "userprofiles/{profileId}/creatives",
           "httpMethod": "GET",
           "id": "dfareporting.creatives.list",
           "parameterOrder": [
@@ -3907,7 +3907,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/creatives",
+          "path": "userprofiles/{profileId}/creatives",
           "response": {
             "$ref": "CreativesListResponse"
           },
@@ -3917,7 +3917,7 @@
         },
         "patch": {
           "description": "Updates an existing creative. This method supports patch semantics.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/creatives",
+          "flatPath": "userprofiles/{profileId}/creatives",
           "httpMethod": "PATCH",
           "id": "dfareporting.creatives.patch",
           "parameterOrder": [
@@ -3940,7 +3940,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/creatives",
+          "path": "userprofiles/{profileId}/creatives",
           "request": {
             "$ref": "Creative"
           },
@@ -3953,7 +3953,7 @@
         },
         "update": {
           "description": "Updates an existing creative.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/creatives",
+          "flatPath": "userprofiles/{profileId}/creatives",
           "httpMethod": "PUT",
           "id": "dfareporting.creatives.update",
           "parameterOrder": [
@@ -3968,7 +3968,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/creatives",
+          "path": "userprofiles/{profileId}/creatives",
           "request": {
             "$ref": "Creative"
           },
@@ -3985,7 +3985,7 @@
       "methods": {
         "query": {
           "description": "Retrieves list of report dimension values for a list of filters.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/dimensionvalues/query",
+          "flatPath": "userprofiles/{profileId}/dimensionvalues/query",
           "httpMethod": "POST",
           "id": "dfareporting.dimensionValues.query",
           "parameterOrder": [
@@ -4014,7 +4014,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/dimensionvalues/query",
+          "path": "userprofiles/{profileId}/dimensionvalues/query",
           "request": {
             "$ref": "DimensionValueRequest"
           },
@@ -4031,7 +4031,7 @@
       "methods": {
         "get": {
           "description": "Gets one directory site by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/directorySites/{id}",
+          "flatPath": "userprofiles/{profileId}/directorySites/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.directorySites.get",
           "parameterOrder": [
@@ -4054,7 +4054,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/directorySites/{id}",
+          "path": "userprofiles/{profileId}/directorySites/{id}",
           "response": {
             "$ref": "DirectorySite"
           },
@@ -4064,7 +4064,7 @@
         },
         "insert": {
           "description": "Inserts a new directory site.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/directorySites",
+          "flatPath": "userprofiles/{profileId}/directorySites",
           "httpMethod": "POST",
           "id": "dfareporting.directorySites.insert",
           "parameterOrder": [
@@ -4079,7 +4079,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/directorySites",
+          "path": "userprofiles/{profileId}/directorySites",
           "request": {
             "$ref": "DirectorySite"
           },
@@ -4092,7 +4092,7 @@
         },
         "list": {
           "description": "Retrieves a list of directory sites, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/directorySites",
+          "flatPath": "userprofiles/{profileId}/directorySites",
           "httpMethod": "GET",
           "id": "dfareporting.directorySites.list",
           "parameterOrder": [
@@ -4186,7 +4186,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/directorySites",
+          "path": "userprofiles/{profileId}/directorySites",
           "response": {
             "$ref": "DirectorySitesListResponse"
           },
@@ -4200,7 +4200,7 @@
       "methods": {
         "delete": {
           "description": "Deletes an existing dynamic targeting key.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/dynamicTargetingKeys/{objectId}",
+          "flatPath": "userprofiles/{profileId}/dynamicTargetingKeys/{objectId}",
           "httpMethod": "DELETE",
           "id": "dfareporting.dynamicTargetingKeys.delete",
           "parameterOrder": [
@@ -4249,14 +4249,14 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/dynamicTargetingKeys/{objectId}",
+          "path": "userprofiles/{profileId}/dynamicTargetingKeys/{objectId}",
           "scopes": [
             "https://www.googleapis.com/auth/dfatrafficking"
           ]
         },
         "insert": {
           "description": "Inserts a new dynamic targeting key. Keys must be created at the advertiser level before being assigned to the advertiser's ads, creatives, or placements. There is a maximum of 1000 keys per advertiser, out of which a maximum of 20 keys can be assigned per ad, creative, or placement.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/dynamicTargetingKeys",
+          "flatPath": "userprofiles/{profileId}/dynamicTargetingKeys",
           "httpMethod": "POST",
           "id": "dfareporting.dynamicTargetingKeys.insert",
           "parameterOrder": [
@@ -4271,7 +4271,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/dynamicTargetingKeys",
+          "path": "userprofiles/{profileId}/dynamicTargetingKeys",
           "request": {
             "$ref": "DynamicTargetingKey"
           },
@@ -4284,7 +4284,7 @@
         },
         "list": {
           "description": "Retrieves a list of dynamic targeting keys.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/dynamicTargetingKeys",
+          "flatPath": "userprofiles/{profileId}/dynamicTargetingKeys",
           "httpMethod": "GET",
           "id": "dfareporting.dynamicTargetingKeys.list",
           "parameterOrder": [
@@ -4334,7 +4334,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/dynamicTargetingKeys",
+          "path": "userprofiles/{profileId}/dynamicTargetingKeys",
           "response": {
             "$ref": "DynamicTargetingKeysListResponse"
           },
@@ -4348,7 +4348,7 @@
       "methods": {
         "delete": {
           "description": "Deletes an existing event tag.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/eventTags/{id}",
+          "flatPath": "userprofiles/{profileId}/eventTags/{id}",
           "httpMethod": "DELETE",
           "id": "dfareporting.eventTags.delete",
           "parameterOrder": [
@@ -4371,14 +4371,14 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/eventTags/{id}",
+          "path": "userprofiles/{profileId}/eventTags/{id}",
           "scopes": [
             "https://www.googleapis.com/auth/dfatrafficking"
           ]
         },
         "get": {
           "description": "Gets one event tag by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/eventTags/{id}",
+          "flatPath": "userprofiles/{profileId}/eventTags/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.eventTags.get",
           "parameterOrder": [
@@ -4401,7 +4401,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/eventTags/{id}",
+          "path": "userprofiles/{profileId}/eventTags/{id}",
           "response": {
             "$ref": "EventTag"
           },
@@ -4411,7 +4411,7 @@
         },
         "insert": {
           "description": "Inserts a new event tag.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/eventTags",
+          "flatPath": "userprofiles/{profileId}/eventTags",
           "httpMethod": "POST",
           "id": "dfareporting.eventTags.insert",
           "parameterOrder": [
@@ -4426,7 +4426,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/eventTags",
+          "path": "userprofiles/{profileId}/eventTags",
           "request": {
             "$ref": "EventTag"
           },
@@ -4439,7 +4439,7 @@
         },
         "list": {
           "description": "Retrieves a list of event tags, possibly filtered.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/eventTags",
+          "flatPath": "userprofiles/{profileId}/eventTags",
           "httpMethod": "GET",
           "id": "dfareporting.eventTags.list",
           "parameterOrder": [
@@ -4538,7 +4538,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/eventTags",
+          "path": "userprofiles/{profileId}/eventTags",
           "response": {
             "$ref": "EventTagsListResponse"
           },
@@ -4548,7 +4548,7 @@
         },
         "patch": {
           "description": "Updates an existing event tag. This method supports patch semantics.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/eventTags",
+          "flatPath": "userprofiles/{profileId}/eventTags",
           "httpMethod": "PATCH",
           "id": "dfareporting.eventTags.patch",
           "parameterOrder": [
@@ -4571,7 +4571,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/eventTags",
+          "path": "userprofiles/{profileId}/eventTags",
           "request": {
             "$ref": "EventTag"
           },
@@ -4584,7 +4584,7 @@
         },
         "update": {
           "description": "Updates an existing event tag.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/eventTags",
+          "flatPath": "userprofiles/{profileId}/eventTags",
           "httpMethod": "PUT",
           "id": "dfareporting.eventTags.update",
           "parameterOrder": [
@@ -4599,7 +4599,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/eventTags",
+          "path": "userprofiles/{profileId}/eventTags",
           "request": {
             "$ref": "EventTag"
           },
@@ -4616,7 +4616,7 @@
       "methods": {
         "get": {
           "description": "Retrieves a report file by its report ID and file ID. This method supports media download.",
-          "flatPath": "dfareporting/v3.5/reports/{reportId}/files/{fileId}",
+          "flatPath": "reports/{reportId}/files/{fileId}",
           "httpMethod": "GET",
           "id": "dfareporting.files.get",
           "parameterOrder": [
@@ -4639,7 +4639,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/reports/{reportId}/files/{fileId}",
+          "path": "reports/{reportId}/files/{fileId}",
           "response": {
             "$ref": "File"
           },
@@ -4650,7 +4650,7 @@
         },
         "list": {
           "description": "Lists files for a user profile.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/files",
+          "flatPath": "userprofiles/{profileId}/files",
           "httpMethod": "GET",
           "id": "dfareporting.files.list",
           "parameterOrder": [
@@ -4723,7 +4723,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/files",
+          "path": "userprofiles/{profileId}/files",
           "response": {
             "$ref": "FileList"
           },
@@ -4737,7 +4737,7 @@
       "methods": {
         "delete": {
           "description": "Deletes an existing floodlight activity.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/floodlightActivities/{id}",
+          "flatPath": "userprofiles/{profileId}/floodlightActivities/{id}",
           "httpMethod": "DELETE",
           "id": "dfareporting.floodlightActivities.delete",
           "parameterOrder": [
@@ -4760,14 +4760,14 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/floodlightActivities/{id}",
+          "path": "userprofiles/{profileId}/floodlightActivities/{id}",
           "scopes": [
             "https://www.googleapis.com/auth/dfatrafficking"
           ]
         },
         "generatetag": {
           "description": "Generates a tag for a floodlight activity.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/floodlightActivities/generatetag",
+          "flatPath": "userprofiles/{profileId}/floodlightActivities/generatetag",
           "httpMethod": "POST",
           "id": "dfareporting.floodlightActivities.generatetag",
           "parameterOrder": [
@@ -4788,7 +4788,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/floodlightActivities/generatetag",
+          "path": "userprofiles/{profileId}/floodlightActivities/generatetag",
           "response": {
             "$ref": "FloodlightActivitiesGenerateTagResponse"
           },
@@ -4798,7 +4798,7 @@
         },
         "get": {
           "description": "Gets one floodlight activity by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/floodlightActivities/{id}",
+          "flatPath": "userprofiles/{profileId}/floodlightActivities/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.floodlightActivities.get",
           "parameterOrder": [
@@ -4821,7 +4821,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/floodlightActivities/{id}",
+          "path": "userprofiles/{profileId}/floodlightActivities/{id}",
           "response": {
             "$ref": "FloodlightActivity"
           },
@@ -4831,7 +4831,7 @@
         },
         "insert": {
           "description": "Inserts a new floodlight activity.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/floodlightActivities",
+          "flatPath": "userprofiles/{profileId}/floodlightActivities",
           "httpMethod": "POST",
           "id": "dfareporting.floodlightActivities.insert",
           "parameterOrder": [
@@ -4846,7 +4846,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/floodlightActivities",
+          "path": "userprofiles/{profileId}/floodlightActivities",
           "request": {
             "$ref": "FloodlightActivity"
           },
@@ -4859,7 +4859,7 @@
         },
         "list": {
           "description": "Retrieves a list of floodlight activities, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/floodlightActivities",
+          "flatPath": "userprofiles/{profileId}/floodlightActivities",
           "httpMethod": "GET",
           "id": "dfareporting.floodlightActivities.list",
           "parameterOrder": [
@@ -4975,7 +4975,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/floodlightActivities",
+          "path": "userprofiles/{profileId}/floodlightActivities",
           "response": {
             "$ref": "FloodlightActivitiesListResponse"
           },
@@ -4985,7 +4985,7 @@
         },
         "patch": {
           "description": "Updates an existing floodlight activity. This method supports patch semantics.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/floodlightActivities",
+          "flatPath": "userprofiles/{profileId}/floodlightActivities",
           "httpMethod": "PATCH",
           "id": "dfareporting.floodlightActivities.patch",
           "parameterOrder": [
@@ -5008,7 +5008,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/floodlightActivities",
+          "path": "userprofiles/{profileId}/floodlightActivities",
           "request": {
             "$ref": "FloodlightActivity"
           },
@@ -5021,7 +5021,7 @@
         },
         "update": {
           "description": "Updates an existing floodlight activity.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/floodlightActivities",
+          "flatPath": "userprofiles/{profileId}/floodlightActivities",
           "httpMethod": "PUT",
           "id": "dfareporting.floodlightActivities.update",
           "parameterOrder": [
@@ -5036,7 +5036,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/floodlightActivities",
+          "path": "userprofiles/{profileId}/floodlightActivities",
           "request": {
             "$ref": "FloodlightActivity"
           },
@@ -5053,7 +5053,7 @@
       "methods": {
         "get": {
           "description": "Gets one floodlight activity group by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/floodlightActivityGroups/{id}",
+          "flatPath": "userprofiles/{profileId}/floodlightActivityGroups/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.floodlightActivityGroups.get",
           "parameterOrder": [
@@ -5076,7 +5076,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/floodlightActivityGroups/{id}",
+          "path": "userprofiles/{profileId}/floodlightActivityGroups/{id}",
           "response": {
             "$ref": "FloodlightActivityGroup"
           },
@@ -5086,7 +5086,7 @@
         },
         "insert": {
           "description": "Inserts a new floodlight activity group.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/floodlightActivityGroups",
+          "flatPath": "userprofiles/{profileId}/floodlightActivityGroups",
           "httpMethod": "POST",
           "id": "dfareporting.floodlightActivityGroups.insert",
           "parameterOrder": [
@@ -5101,7 +5101,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/floodlightActivityGroups",
+          "path": "userprofiles/{profileId}/floodlightActivityGroups",
           "request": {
             "$ref": "FloodlightActivityGroup"
           },
@@ -5114,7 +5114,7 @@
         },
         "list": {
           "description": "Retrieves a list of floodlight activity groups, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/floodlightActivityGroups",
+          "flatPath": "userprofiles/{profileId}/floodlightActivityGroups",
           "httpMethod": "GET",
           "id": "dfareporting.floodlightActivityGroups.list",
           "parameterOrder": [
@@ -5208,7 +5208,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/floodlightActivityGroups",
+          "path": "userprofiles/{profileId}/floodlightActivityGroups",
           "response": {
             "$ref": "FloodlightActivityGroupsListResponse"
           },
@@ -5218,7 +5218,7 @@
         },
         "patch": {
           "description": "Updates an existing floodlight activity group. This method supports patch semantics.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/floodlightActivityGroups",
+          "flatPath": "userprofiles/{profileId}/floodlightActivityGroups",
           "httpMethod": "PATCH",
           "id": "dfareporting.floodlightActivityGroups.patch",
           "parameterOrder": [
@@ -5241,7 +5241,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/floodlightActivityGroups",
+          "path": "userprofiles/{profileId}/floodlightActivityGroups",
           "request": {
             "$ref": "FloodlightActivityGroup"
           },
@@ -5254,7 +5254,7 @@
         },
         "update": {
           "description": "Updates an existing floodlight activity group.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/floodlightActivityGroups",
+          "flatPath": "userprofiles/{profileId}/floodlightActivityGroups",
           "httpMethod": "PUT",
           "id": "dfareporting.floodlightActivityGroups.update",
           "parameterOrder": [
@@ -5269,7 +5269,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/floodlightActivityGroups",
+          "path": "userprofiles/{profileId}/floodlightActivityGroups",
           "request": {
             "$ref": "FloodlightActivityGroup"
           },
@@ -5286,7 +5286,7 @@
       "methods": {
         "get": {
           "description": "Gets one floodlight configuration by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/floodlightConfigurations/{id}",
+          "flatPath": "userprofiles/{profileId}/floodlightConfigurations/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.floodlightConfigurations.get",
           "parameterOrder": [
@@ -5309,7 +5309,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/floodlightConfigurations/{id}",
+          "path": "userprofiles/{profileId}/floodlightConfigurations/{id}",
           "response": {
             "$ref": "FloodlightConfiguration"
           },
@@ -5319,7 +5319,7 @@
         },
         "list": {
           "description": "Retrieves a list of floodlight configurations, possibly filtered.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/floodlightConfigurations",
+          "flatPath": "userprofiles/{profileId}/floodlightConfigurations",
           "httpMethod": "GET",
           "id": "dfareporting.floodlightConfigurations.list",
           "parameterOrder": [
@@ -5341,7 +5341,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/floodlightConfigurations",
+          "path": "userprofiles/{profileId}/floodlightConfigurations",
           "response": {
             "$ref": "FloodlightConfigurationsListResponse"
           },
@@ -5351,7 +5351,7 @@
         },
         "patch": {
           "description": "Updates an existing floodlight configuration. This method supports patch semantics.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/floodlightConfigurations",
+          "flatPath": "userprofiles/{profileId}/floodlightConfigurations",
           "httpMethod": "PATCH",
           "id": "dfareporting.floodlightConfigurations.patch",
           "parameterOrder": [
@@ -5374,7 +5374,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/floodlightConfigurations",
+          "path": "userprofiles/{profileId}/floodlightConfigurations",
           "request": {
             "$ref": "FloodlightConfiguration"
           },
@@ -5387,7 +5387,7 @@
         },
         "update": {
           "description": "Updates an existing floodlight configuration.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/floodlightConfigurations",
+          "flatPath": "userprofiles/{profileId}/floodlightConfigurations",
           "httpMethod": "PUT",
           "id": "dfareporting.floodlightConfigurations.update",
           "parameterOrder": [
@@ -5402,7 +5402,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/floodlightConfigurations",
+          "path": "userprofiles/{profileId}/floodlightConfigurations",
           "request": {
             "$ref": "FloodlightConfiguration"
           },
@@ -5419,7 +5419,7 @@
       "methods": {
         "get": {
           "description": "Gets one inventory item by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/projects/{projectId}/inventoryItems/{id}",
+          "flatPath": "userprofiles/{profileId}/projects/{projectId}/inventoryItems/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.inventoryItems.get",
           "parameterOrder": [
@@ -5450,7 +5450,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/projects/{projectId}/inventoryItems/{id}",
+          "path": "userprofiles/{profileId}/projects/{projectId}/inventoryItems/{id}",
           "response": {
             "$ref": "InventoryItem"
           },
@@ -5460,7 +5460,7 @@
         },
         "list": {
           "description": "Retrieves a list of inventory items, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/projects/{projectId}/inventoryItems",
+          "flatPath": "userprofiles/{profileId}/projects/{projectId}/inventoryItems",
           "httpMethod": "GET",
           "id": "dfareporting.inventoryItems.list",
           "parameterOrder": [
@@ -5564,7 +5564,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/projects/{projectId}/inventoryItems",
+          "path": "userprofiles/{profileId}/projects/{projectId}/inventoryItems",
           "response": {
             "$ref": "InventoryItemsListResponse"
           },
@@ -5578,7 +5578,7 @@
       "methods": {
         "list": {
           "description": "Retrieves a list of languages.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/languages",
+          "flatPath": "userprofiles/{profileId}/languages",
           "httpMethod": "GET",
           "id": "dfareporting.languages.list",
           "parameterOrder": [
@@ -5593,7 +5593,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/languages",
+          "path": "userprofiles/{profileId}/languages",
           "response": {
             "$ref": "LanguagesListResponse"
           },
@@ -5607,7 +5607,7 @@
       "methods": {
         "list": {
           "description": "Retrieves a list of metros.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/metros",
+          "flatPath": "userprofiles/{profileId}/metros",
           "httpMethod": "GET",
           "id": "dfareporting.metros.list",
           "parameterOrder": [
@@ -5622,7 +5622,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/metros",
+          "path": "userprofiles/{profileId}/metros",
           "response": {
             "$ref": "MetrosListResponse"
           },
@@ -5636,7 +5636,7 @@
       "methods": {
         "get": {
           "description": "Gets one mobile app by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/mobileApps/{id}",
+          "flatPath": "userprofiles/{profileId}/mobileApps/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.mobileApps.get",
           "parameterOrder": [
@@ -5658,7 +5658,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/mobileApps/{id}",
+          "path": "userprofiles/{profileId}/mobileApps/{id}",
           "response": {
             "$ref": "MobileApp"
           },
@@ -5668,7 +5668,7 @@
         },
         "list": {
           "description": "Retrieves list of available mobile apps.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/mobileApps",
+          "flatPath": "userprofiles/{profileId}/mobileApps",
           "httpMethod": "GET",
           "id": "dfareporting.mobileApps.list",
           "parameterOrder": [
@@ -5740,7 +5740,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/mobileApps",
+          "path": "userprofiles/{profileId}/mobileApps",
           "response": {
             "$ref": "MobileAppsListResponse"
           },
@@ -5754,7 +5754,7 @@
       "methods": {
         "get": {
           "description": "Gets one mobile carrier by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/mobileCarriers/{id}",
+          "flatPath": "userprofiles/{profileId}/mobileCarriers/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.mobileCarriers.get",
           "parameterOrder": [
@@ -5777,7 +5777,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/mobileCarriers/{id}",
+          "path": "userprofiles/{profileId}/mobileCarriers/{id}",
           "response": {
             "$ref": "MobileCarrier"
           },
@@ -5787,7 +5787,7 @@
         },
         "list": {
           "description": "Retrieves a list of mobile carriers.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/mobileCarriers",
+          "flatPath": "userprofiles/{profileId}/mobileCarriers",
           "httpMethod": "GET",
           "id": "dfareporting.mobileCarriers.list",
           "parameterOrder": [
@@ -5802,7 +5802,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/mobileCarriers",
+          "path": "userprofiles/{profileId}/mobileCarriers",
           "response": {
             "$ref": "MobileCarriersListResponse"
           },
@@ -5816,7 +5816,7 @@
       "methods": {
         "get": {
           "description": "Gets one operating system version by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/operatingSystemVersions/{id}",
+          "flatPath": "userprofiles/{profileId}/operatingSystemVersions/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.operatingSystemVersions.get",
           "parameterOrder": [
@@ -5839,7 +5839,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/operatingSystemVersions/{id}",
+          "path": "userprofiles/{profileId}/operatingSystemVersions/{id}",
           "response": {
             "$ref": "OperatingSystemVersion"
           },
@@ -5849,7 +5849,7 @@
         },
         "list": {
           "description": "Retrieves a list of operating system versions.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/operatingSystemVersions",
+          "flatPath": "userprofiles/{profileId}/operatingSystemVersions",
           "httpMethod": "GET",
           "id": "dfareporting.operatingSystemVersions.list",
           "parameterOrder": [
@@ -5864,7 +5864,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/operatingSystemVersions",
+          "path": "userprofiles/{profileId}/operatingSystemVersions",
           "response": {
             "$ref": "OperatingSystemVersionsListResponse"
           },
@@ -5878,7 +5878,7 @@
       "methods": {
         "get": {
           "description": "Gets one operating system by DART ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/operatingSystems/{dartId}",
+          "flatPath": "userprofiles/{profileId}/operatingSystems/{dartId}",
           "httpMethod": "GET",
           "id": "dfareporting.operatingSystems.get",
           "parameterOrder": [
@@ -5901,7 +5901,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/operatingSystems/{dartId}",
+          "path": "userprofiles/{profileId}/operatingSystems/{dartId}",
           "response": {
             "$ref": "OperatingSystem"
           },
@@ -5911,7 +5911,7 @@
         },
         "list": {
           "description": "Retrieves a list of operating systems.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/operatingSystems",
+          "flatPath": "userprofiles/{profileId}/operatingSystems",
           "httpMethod": "GET",
           "id": "dfareporting.operatingSystems.list",
           "parameterOrder": [
@@ -5926,7 +5926,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/operatingSystems",
+          "path": "userprofiles/{profileId}/operatingSystems",
           "response": {
             "$ref": "OperatingSystemsListResponse"
           },
@@ -5940,7 +5940,7 @@
       "methods": {
         "get": {
           "description": "Gets one order document by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/projects/{projectId}/orderDocuments/{id}",
+          "flatPath": "userprofiles/{profileId}/projects/{projectId}/orderDocuments/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.orderDocuments.get",
           "parameterOrder": [
@@ -5971,7 +5971,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/projects/{projectId}/orderDocuments/{id}",
+          "path": "userprofiles/{profileId}/projects/{projectId}/orderDocuments/{id}",
           "response": {
             "$ref": "OrderDocument"
           },
@@ -5981,7 +5981,7 @@
         },
         "list": {
           "description": "Retrieves a list of order documents, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/projects/{projectId}/orderDocuments",
+          "flatPath": "userprofiles/{profileId}/projects/{projectId}/orderDocuments",
           "httpMethod": "GET",
           "id": "dfareporting.orderDocuments.list",
           "parameterOrder": [
@@ -6077,7 +6077,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/projects/{projectId}/orderDocuments",
+          "path": "userprofiles/{profileId}/projects/{projectId}/orderDocuments",
           "response": {
             "$ref": "OrderDocumentsListResponse"
           },
@@ -6091,7 +6091,7 @@
       "methods": {
         "get": {
           "description": "Gets one order by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/projects/{projectId}/orders/{id}",
+          "flatPath": "userprofiles/{profileId}/projects/{projectId}/orders/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.orders.get",
           "parameterOrder": [
@@ -6122,7 +6122,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/projects/{projectId}/orders/{id}",
+          "path": "userprofiles/{profileId}/projects/{projectId}/orders/{id}",
           "response": {
             "$ref": "Order"
           },
@@ -6132,7 +6132,7 @@
         },
         "list": {
           "description": "Retrieves a list of orders, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/projects/{projectId}/orders",
+          "flatPath": "userprofiles/{profileId}/projects/{projectId}/orders",
           "httpMethod": "GET",
           "id": "dfareporting.orders.list",
           "parameterOrder": [
@@ -6216,7 +6216,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/projects/{projectId}/orders",
+          "path": "userprofiles/{profileId}/projects/{projectId}/orders",
           "response": {
             "$ref": "OrdersListResponse"
           },
@@ -6230,7 +6230,7 @@
       "methods": {
         "get": {
           "description": "Gets one placement group by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/placementGroups/{id}",
+          "flatPath": "userprofiles/{profileId}/placementGroups/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.placementGroups.get",
           "parameterOrder": [
@@ -6253,7 +6253,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/placementGroups/{id}",
+          "path": "userprofiles/{profileId}/placementGroups/{id}",
           "response": {
             "$ref": "PlacementGroup"
           },
@@ -6263,7 +6263,7 @@
         },
         "insert": {
           "description": "Inserts a new placement group.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/placementGroups",
+          "flatPath": "userprofiles/{profileId}/placementGroups",
           "httpMethod": "POST",
           "id": "dfareporting.placementGroups.insert",
           "parameterOrder": [
@@ -6278,7 +6278,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/placementGroups",
+          "path": "userprofiles/{profileId}/placementGroups",
           "request": {
             "$ref": "PlacementGroup"
           },
@@ -6291,7 +6291,7 @@
         },
         "list": {
           "description": "Retrieves a list of placement groups, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/placementGroups",
+          "flatPath": "userprofiles/{profileId}/placementGroups",
           "httpMethod": "GET",
           "id": "dfareporting.placementGroups.list",
           "parameterOrder": [
@@ -6462,7 +6462,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/placementGroups",
+          "path": "userprofiles/{profileId}/placementGroups",
           "response": {
             "$ref": "PlacementGroupsListResponse"
           },
@@ -6472,7 +6472,7 @@
         },
         "patch": {
           "description": "Updates an existing placement group. This method supports patch semantics.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/placementGroups",
+          "flatPath": "userprofiles/{profileId}/placementGroups",
           "httpMethod": "PATCH",
           "id": "dfareporting.placementGroups.patch",
           "parameterOrder": [
@@ -6495,7 +6495,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/placementGroups",
+          "path": "userprofiles/{profileId}/placementGroups",
           "request": {
             "$ref": "PlacementGroup"
           },
@@ -6508,7 +6508,7 @@
         },
         "update": {
           "description": "Updates an existing placement group.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/placementGroups",
+          "flatPath": "userprofiles/{profileId}/placementGroups",
           "httpMethod": "PUT",
           "id": "dfareporting.placementGroups.update",
           "parameterOrder": [
@@ -6523,7 +6523,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/placementGroups",
+          "path": "userprofiles/{profileId}/placementGroups",
           "request": {
             "$ref": "PlacementGroup"
           },
@@ -6540,7 +6540,7 @@
       "methods": {
         "delete": {
           "description": "Deletes an existing placement strategy.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/placementStrategies/{id}",
+          "flatPath": "userprofiles/{profileId}/placementStrategies/{id}",
           "httpMethod": "DELETE",
           "id": "dfareporting.placementStrategies.delete",
           "parameterOrder": [
@@ -6563,14 +6563,14 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/placementStrategies/{id}",
+          "path": "userprofiles/{profileId}/placementStrategies/{id}",
           "scopes": [
             "https://www.googleapis.com/auth/dfatrafficking"
           ]
         },
         "get": {
           "description": "Gets one placement strategy by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/placementStrategies/{id}",
+          "flatPath": "userprofiles/{profileId}/placementStrategies/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.placementStrategies.get",
           "parameterOrder": [
@@ -6593,7 +6593,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/placementStrategies/{id}",
+          "path": "userprofiles/{profileId}/placementStrategies/{id}",
           "response": {
             "$ref": "PlacementStrategy"
           },
@@ -6603,7 +6603,7 @@
         },
         "insert": {
           "description": "Inserts a new placement strategy.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/placementStrategies",
+          "flatPath": "userprofiles/{profileId}/placementStrategies",
           "httpMethod": "POST",
           "id": "dfareporting.placementStrategies.insert",
           "parameterOrder": [
@@ -6618,7 +6618,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/placementStrategies",
+          "path": "userprofiles/{profileId}/placementStrategies",
           "request": {
             "$ref": "PlacementStrategy"
           },
@@ -6631,7 +6631,7 @@
         },
         "list": {
           "description": "Retrieves a list of placement strategies, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/placementStrategies",
+          "flatPath": "userprofiles/{profileId}/placementStrategies",
           "httpMethod": "GET",
           "id": "dfareporting.placementStrategies.list",
           "parameterOrder": [
@@ -6700,7 +6700,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/placementStrategies",
+          "path": "userprofiles/{profileId}/placementStrategies",
           "response": {
             "$ref": "PlacementStrategiesListResponse"
           },
@@ -6710,7 +6710,7 @@
         },
         "patch": {
           "description": "Updates an existing placement strategy. This method supports patch semantics.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/placementStrategies",
+          "flatPath": "userprofiles/{profileId}/placementStrategies",
           "httpMethod": "PATCH",
           "id": "dfareporting.placementStrategies.patch",
           "parameterOrder": [
@@ -6733,7 +6733,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/placementStrategies",
+          "path": "userprofiles/{profileId}/placementStrategies",
           "request": {
             "$ref": "PlacementStrategy"
           },
@@ -6746,7 +6746,7 @@
         },
         "update": {
           "description": "Updates an existing placement strategy.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/placementStrategies",
+          "flatPath": "userprofiles/{profileId}/placementStrategies",
           "httpMethod": "PUT",
           "id": "dfareporting.placementStrategies.update",
           "parameterOrder": [
@@ -6761,7 +6761,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/placementStrategies",
+          "path": "userprofiles/{profileId}/placementStrategies",
           "request": {
             "$ref": "PlacementStrategy"
           },
@@ -6778,7 +6778,7 @@
       "methods": {
         "generatetags": {
           "description": "Generates tags for a placement.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/placements/generatetags",
+          "flatPath": "userprofiles/{profileId}/placements/generatetags",
           "httpMethod": "POST",
           "id": "dfareporting.placements.generatetags",
           "parameterOrder": [
@@ -6856,7 +6856,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/placements/generatetags",
+          "path": "userprofiles/{profileId}/placements/generatetags",
           "response": {
             "$ref": "PlacementsGenerateTagsResponse"
           },
@@ -6866,7 +6866,7 @@
         },
         "get": {
           "description": "Gets one placement by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/placements/{id}",
+          "flatPath": "userprofiles/{profileId}/placements/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.placements.get",
           "parameterOrder": [
@@ -6889,7 +6889,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/placements/{id}",
+          "path": "userprofiles/{profileId}/placements/{id}",
           "response": {
             "$ref": "Placement"
           },
@@ -6899,7 +6899,7 @@
         },
         "insert": {
           "description": "Inserts a new placement.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/placements",
+          "flatPath": "userprofiles/{profileId}/placements",
           "httpMethod": "POST",
           "id": "dfareporting.placements.insert",
           "parameterOrder": [
@@ -6914,7 +6914,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/placements",
+          "path": "userprofiles/{profileId}/placements",
           "request": {
             "$ref": "Placement"
           },
@@ -6927,7 +6927,7 @@
         },
         "list": {
           "description": "Retrieves a list of placements, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/placements",
+          "flatPath": "userprofiles/{profileId}/placements",
           "httpMethod": "GET",
           "id": "dfareporting.placements.list",
           "parameterOrder": [
@@ -7134,7 +7134,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/placements",
+          "path": "userprofiles/{profileId}/placements",
           "response": {
             "$ref": "PlacementsListResponse"
           },
@@ -7144,7 +7144,7 @@
         },
         "patch": {
           "description": "Updates an existing placement. This method supports patch semantics.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/placements",
+          "flatPath": "userprofiles/{profileId}/placements",
           "httpMethod": "PATCH",
           "id": "dfareporting.placements.patch",
           "parameterOrder": [
@@ -7167,7 +7167,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/placements",
+          "path": "userprofiles/{profileId}/placements",
           "request": {
             "$ref": "Placement"
           },
@@ -7180,7 +7180,7 @@
         },
         "update": {
           "description": "Updates an existing placement.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/placements",
+          "flatPath": "userprofiles/{profileId}/placements",
           "httpMethod": "PUT",
           "id": "dfareporting.placements.update",
           "parameterOrder": [
@@ -7195,7 +7195,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/placements",
+          "path": "userprofiles/{profileId}/placements",
           "request": {
             "$ref": "Placement"
           },
@@ -7212,7 +7212,7 @@
       "methods": {
         "get": {
           "description": "Gets one platform type by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/platformTypes/{id}",
+          "flatPath": "userprofiles/{profileId}/platformTypes/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.platformTypes.get",
           "parameterOrder": [
@@ -7235,7 +7235,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/platformTypes/{id}",
+          "path": "userprofiles/{profileId}/platformTypes/{id}",
           "response": {
             "$ref": "PlatformType"
           },
@@ -7245,7 +7245,7 @@
         },
         "list": {
           "description": "Retrieves a list of platform types.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/platformTypes",
+          "flatPath": "userprofiles/{profileId}/platformTypes",
           "httpMethod": "GET",
           "id": "dfareporting.platformTypes.list",
           "parameterOrder": [
@@ -7260,7 +7260,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/platformTypes",
+          "path": "userprofiles/{profileId}/platformTypes",
           "response": {
             "$ref": "PlatformTypesListResponse"
           },
@@ -7274,7 +7274,7 @@
       "methods": {
         "get": {
           "description": "Gets one postal code by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/postalCodes/{code}",
+          "flatPath": "userprofiles/{profileId}/postalCodes/{code}",
           "httpMethod": "GET",
           "id": "dfareporting.postalCodes.get",
           "parameterOrder": [
@@ -7296,7 +7296,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/postalCodes/{code}",
+          "path": "userprofiles/{profileId}/postalCodes/{code}",
           "response": {
             "$ref": "PostalCode"
           },
@@ -7306,7 +7306,7 @@
         },
         "list": {
           "description": "Retrieves a list of postal codes.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/postalCodes",
+          "flatPath": "userprofiles/{profileId}/postalCodes",
           "httpMethod": "GET",
           "id": "dfareporting.postalCodes.list",
           "parameterOrder": [
@@ -7321,7 +7321,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/postalCodes",
+          "path": "userprofiles/{profileId}/postalCodes",
           "response": {
             "$ref": "PostalCodesListResponse"
           },
@@ -7335,7 +7335,7 @@
       "methods": {
         "get": {
           "description": "Gets one project by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/projects/{id}",
+          "flatPath": "userprofiles/{profileId}/projects/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.projects.get",
           "parameterOrder": [
@@ -7358,7 +7358,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/projects/{id}",
+          "path": "userprofiles/{profileId}/projects/{id}",
           "response": {
             "$ref": "Project"
           },
@@ -7368,7 +7368,7 @@
         },
         "list": {
           "description": "Retrieves a list of projects, possibly filtered. This method supports paging .",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/projects",
+          "flatPath": "userprofiles/{profileId}/projects",
           "httpMethod": "GET",
           "id": "dfareporting.projects.list",
           "parameterOrder": [
@@ -7444,7 +7444,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/projects",
+          "path": "userprofiles/{profileId}/projects",
           "response": {
             "$ref": "ProjectsListResponse"
           },
@@ -7458,7 +7458,7 @@
       "methods": {
         "list": {
           "description": "Retrieves a list of regions.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/regions",
+          "flatPath": "userprofiles/{profileId}/regions",
           "httpMethod": "GET",
           "id": "dfareporting.regions.list",
           "parameterOrder": [
@@ -7473,7 +7473,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/regions",
+          "path": "userprofiles/{profileId}/regions",
           "response": {
             "$ref": "RegionsListResponse"
           },
@@ -7487,7 +7487,7 @@
       "methods": {
         "get": {
           "description": "Gets one remarketing list share by remarketing list ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/remarketingListShares/{remarketingListId}",
+          "flatPath": "userprofiles/{profileId}/remarketingListShares/{remarketingListId}",
           "httpMethod": "GET",
           "id": "dfareporting.remarketingListShares.get",
           "parameterOrder": [
@@ -7510,7 +7510,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/remarketingListShares/{remarketingListId}",
+          "path": "userprofiles/{profileId}/remarketingListShares/{remarketingListId}",
           "response": {
             "$ref": "RemarketingListShare"
           },
@@ -7520,7 +7520,7 @@
         },
         "patch": {
           "description": "Updates an existing remarketing list share. This method supports patch semantics.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/remarketingListShares",
+          "flatPath": "userprofiles/{profileId}/remarketingListShares",
           "httpMethod": "PATCH",
           "id": "dfareporting.remarketingListShares.patch",
           "parameterOrder": [
@@ -7543,7 +7543,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/remarketingListShares",
+          "path": "userprofiles/{profileId}/remarketingListShares",
           "request": {
             "$ref": "RemarketingListShare"
           },
@@ -7556,7 +7556,7 @@
         },
         "update": {
           "description": "Updates an existing remarketing list share.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/remarketingListShares",
+          "flatPath": "userprofiles/{profileId}/remarketingListShares",
           "httpMethod": "PUT",
           "id": "dfareporting.remarketingListShares.update",
           "parameterOrder": [
@@ -7571,7 +7571,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/remarketingListShares",
+          "path": "userprofiles/{profileId}/remarketingListShares",
           "request": {
             "$ref": "RemarketingListShare"
           },
@@ -7588,7 +7588,7 @@
       "methods": {
         "get": {
           "description": "Gets one remarketing list by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/remarketingLists/{id}",
+          "flatPath": "userprofiles/{profileId}/remarketingLists/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.remarketingLists.get",
           "parameterOrder": [
@@ -7611,7 +7611,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/remarketingLists/{id}",
+          "path": "userprofiles/{profileId}/remarketingLists/{id}",
           "response": {
             "$ref": "RemarketingList"
           },
@@ -7621,7 +7621,7 @@
         },
         "insert": {
           "description": "Inserts a new remarketing list.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/remarketingLists",
+          "flatPath": "userprofiles/{profileId}/remarketingLists",
           "httpMethod": "POST",
           "id": "dfareporting.remarketingLists.insert",
           "parameterOrder": [
@@ -7636,7 +7636,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/remarketingLists",
+          "path": "userprofiles/{profileId}/remarketingLists",
           "request": {
             "$ref": "RemarketingList"
           },
@@ -7649,7 +7649,7 @@
         },
         "list": {
           "description": "Retrieves a list of remarketing lists, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/remarketingLists",
+          "flatPath": "userprofiles/{profileId}/remarketingLists",
           "httpMethod": "GET",
           "id": "dfareporting.remarketingLists.list",
           "parameterOrder": [
@@ -7730,7 +7730,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/remarketingLists",
+          "path": "userprofiles/{profileId}/remarketingLists",
           "response": {
             "$ref": "RemarketingListsListResponse"
           },
@@ -7740,7 +7740,7 @@
         },
         "patch": {
           "description": "Updates an existing remarketing list. This method supports patch semantics.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/remarketingLists",
+          "flatPath": "userprofiles/{profileId}/remarketingLists",
           "httpMethod": "PATCH",
           "id": "dfareporting.remarketingLists.patch",
           "parameterOrder": [
@@ -7763,7 +7763,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/remarketingLists",
+          "path": "userprofiles/{profileId}/remarketingLists",
           "request": {
             "$ref": "RemarketingList"
           },
@@ -7776,7 +7776,7 @@
         },
         "update": {
           "description": "Updates an existing remarketing list.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/remarketingLists",
+          "flatPath": "userprofiles/{profileId}/remarketingLists",
           "httpMethod": "PUT",
           "id": "dfareporting.remarketingLists.update",
           "parameterOrder": [
@@ -7791,7 +7791,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/remarketingLists",
+          "path": "userprofiles/{profileId}/remarketingLists",
           "request": {
             "$ref": "RemarketingList"
           },
@@ -7808,7 +7808,7 @@
       "methods": {
         "delete": {
           "description": "Deletes a report by its ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/reports/{reportId}",
+          "flatPath": "userprofiles/{profileId}/reports/{reportId}",
           "httpMethod": "DELETE",
           "id": "dfareporting.reports.delete",
           "parameterOrder": [
@@ -7831,14 +7831,14 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/reports/{reportId}",
+          "path": "userprofiles/{profileId}/reports/{reportId}",
           "scopes": [
             "https://www.googleapis.com/auth/dfareporting"
           ]
         },
         "get": {
           "description": "Retrieves a report by its ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/reports/{reportId}",
+          "flatPath": "userprofiles/{profileId}/reports/{reportId}",
           "httpMethod": "GET",
           "id": "dfareporting.reports.get",
           "parameterOrder": [
@@ -7861,7 +7861,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/reports/{reportId}",
+          "path": "userprofiles/{profileId}/reports/{reportId}",
           "response": {
             "$ref": "Report"
           },
@@ -7871,7 +7871,7 @@
         },
         "insert": {
           "description": "Creates a report.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/reports",
+          "flatPath": "userprofiles/{profileId}/reports",
           "httpMethod": "POST",
           "id": "dfareporting.reports.insert",
           "parameterOrder": [
@@ -7886,7 +7886,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/reports",
+          "path": "userprofiles/{profileId}/reports",
           "request": {
             "$ref": "Report"
           },
@@ -7899,7 +7899,7 @@
         },
         "list": {
           "description": "Retrieves list of reports.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/reports",
+          "flatPath": "userprofiles/{profileId}/reports",
           "httpMethod": "GET",
           "id": "dfareporting.reports.list",
           "parameterOrder": [
@@ -7972,7 +7972,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/reports",
+          "path": "userprofiles/{profileId}/reports",
           "response": {
             "$ref": "ReportList"
           },
@@ -7982,7 +7982,7 @@
         },
         "patch": {
           "description": "Updates an existing report. This method supports patch semantics.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/reports/{reportId}",
+          "flatPath": "userprofiles/{profileId}/reports/{reportId}",
           "httpMethod": "PATCH",
           "id": "dfareporting.reports.patch",
           "parameterOrder": [
@@ -8005,7 +8005,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/reports/{reportId}",
+          "path": "userprofiles/{profileId}/reports/{reportId}",
           "request": {
             "$ref": "Report"
           },
@@ -8018,7 +8018,7 @@
         },
         "run": {
           "description": "Runs a report.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/reports/{reportId}/run",
+          "flatPath": "userprofiles/{profileId}/reports/{reportId}/run",
           "httpMethod": "POST",
           "id": "dfareporting.reports.run",
           "parameterOrder": [
@@ -8047,7 +8047,7 @@
               "type": "boolean"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/reports/{reportId}/run",
+          "path": "userprofiles/{profileId}/reports/{reportId}/run",
           "response": {
             "$ref": "File"
           },
@@ -8057,7 +8057,7 @@
         },
         "update": {
           "description": "Updates a report.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/reports/{reportId}",
+          "flatPath": "userprofiles/{profileId}/reports/{reportId}",
           "httpMethod": "PUT",
           "id": "dfareporting.reports.update",
           "parameterOrder": [
@@ -8080,7 +8080,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/reports/{reportId}",
+          "path": "userprofiles/{profileId}/reports/{reportId}",
           "request": {
             "$ref": "Report"
           },
@@ -8097,7 +8097,7 @@
           "methods": {
             "query": {
               "description": "Returns the fields that are compatible to be selected in the respective sections of a report criteria, given the fields already selected in the input report and user permissions.",
-              "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/reports/compatiblefields/query",
+              "flatPath": "userprofiles/{profileId}/reports/compatiblefields/query",
               "httpMethod": "POST",
               "id": "dfareporting.reports.compatibleFields.query",
               "parameterOrder": [
@@ -8112,7 +8112,7 @@
                   "type": "string"
                 }
               },
-              "path": "dfareporting/v3.5/userprofiles/{profileId}/reports/compatiblefields/query",
+              "path": "userprofiles/{profileId}/reports/compatiblefields/query",
               "request": {
                 "$ref": "Report"
               },
@@ -8129,7 +8129,7 @@
           "methods": {
             "get": {
               "description": "Retrieves a report file by its report ID and file ID. This method supports media download.",
-              "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/reports/{reportId}/files/{fileId}",
+              "flatPath": "userprofiles/{profileId}/reports/{reportId}/files/{fileId}",
               "httpMethod": "GET",
               "id": "dfareporting.reports.files.get",
               "parameterOrder": [
@@ -8160,7 +8160,7 @@
                   "type": "string"
                 }
               },
-              "path": "dfareporting/v3.5/userprofiles/{profileId}/reports/{reportId}/files/{fileId}",
+              "path": "userprofiles/{profileId}/reports/{reportId}/files/{fileId}",
               "response": {
                 "$ref": "File"
               },
@@ -8171,7 +8171,7 @@
             },
             "list": {
               "description": "Lists files for a report.",
-              "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/reports/{reportId}/files",
+              "flatPath": "userprofiles/{profileId}/reports/{reportId}/files",
               "httpMethod": "GET",
               "id": "dfareporting.reports.files.list",
               "parameterOrder": [
@@ -8236,7 +8236,7 @@
                   "type": "string"
                 }
               },
-              "path": "dfareporting/v3.5/userprofiles/{profileId}/reports/{reportId}/files",
+              "path": "userprofiles/{profileId}/reports/{reportId}/files",
               "response": {
                 "$ref": "FileList"
               },
@@ -8252,7 +8252,7 @@
       "methods": {
         "get": {
           "description": "Gets one site by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/sites/{id}",
+          "flatPath": "userprofiles/{profileId}/sites/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.sites.get",
           "parameterOrder": [
@@ -8275,7 +8275,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/sites/{id}",
+          "path": "userprofiles/{profileId}/sites/{id}",
           "response": {
             "$ref": "Site"
           },
@@ -8285,7 +8285,7 @@
         },
         "insert": {
           "description": "Inserts a new site.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/sites",
+          "flatPath": "userprofiles/{profileId}/sites",
           "httpMethod": "POST",
           "id": "dfareporting.sites.insert",
           "parameterOrder": [
@@ -8300,7 +8300,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/sites",
+          "path": "userprofiles/{profileId}/sites",
           "request": {
             "$ref": "Site"
           },
@@ -8313,7 +8313,7 @@
         },
         "list": {
           "description": "Retrieves a list of sites, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/sites",
+          "flatPath": "userprofiles/{profileId}/sites",
           "httpMethod": "GET",
           "id": "dfareporting.sites.list",
           "parameterOrder": [
@@ -8432,7 +8432,7 @@
               "type": "boolean"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/sites",
+          "path": "userprofiles/{profileId}/sites",
           "response": {
             "$ref": "SitesListResponse"
           },
@@ -8442,7 +8442,7 @@
         },
         "patch": {
           "description": "Updates an existing site. This method supports patch semantics.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/sites",
+          "flatPath": "userprofiles/{profileId}/sites",
           "httpMethod": "PATCH",
           "id": "dfareporting.sites.patch",
           "parameterOrder": [
@@ -8465,7 +8465,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/sites",
+          "path": "userprofiles/{profileId}/sites",
           "request": {
             "$ref": "Site"
           },
@@ -8478,7 +8478,7 @@
         },
         "update": {
           "description": "Updates an existing site.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/sites",
+          "flatPath": "userprofiles/{profileId}/sites",
           "httpMethod": "PUT",
           "id": "dfareporting.sites.update",
           "parameterOrder": [
@@ -8493,7 +8493,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/sites",
+          "path": "userprofiles/{profileId}/sites",
           "request": {
             "$ref": "Site"
           },
@@ -8510,7 +8510,7 @@
       "methods": {
         "get": {
           "description": "Gets one size by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/sizes/{id}",
+          "flatPath": "userprofiles/{profileId}/sizes/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.sizes.get",
           "parameterOrder": [
@@ -8533,7 +8533,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/sizes/{id}",
+          "path": "userprofiles/{profileId}/sizes/{id}",
           "response": {
             "$ref": "Size"
           },
@@ -8543,7 +8543,7 @@
         },
         "insert": {
           "description": "Inserts a new size.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/sizes",
+          "flatPath": "userprofiles/{profileId}/sizes",
           "httpMethod": "POST",
           "id": "dfareporting.sizes.insert",
           "parameterOrder": [
@@ -8558,7 +8558,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/sizes",
+          "path": "userprofiles/{profileId}/sizes",
           "request": {
             "$ref": "Size"
           },
@@ -8571,7 +8571,7 @@
         },
         "list": {
           "description": "Retrieves a list of sizes, possibly filtered. Retrieved sizes are globally unique and may include values not currently in use by your account. Due to this, the list of sizes returned by this method may differ from the list seen in the Trafficking UI.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/sizes",
+          "flatPath": "userprofiles/{profileId}/sizes",
           "httpMethod": "GET",
           "id": "dfareporting.sizes.list",
           "parameterOrder": [
@@ -8614,7 +8614,7 @@
               "type": "integer"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/sizes",
+          "path": "userprofiles/{profileId}/sizes",
           "response": {
             "$ref": "SizesListResponse"
           },
@@ -8628,7 +8628,7 @@
       "methods": {
         "get": {
           "description": "Gets one subaccount by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/subaccounts/{id}",
+          "flatPath": "userprofiles/{profileId}/subaccounts/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.subaccounts.get",
           "parameterOrder": [
@@ -8651,7 +8651,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/subaccounts/{id}",
+          "path": "userprofiles/{profileId}/subaccounts/{id}",
           "response": {
             "$ref": "Subaccount"
           },
@@ -8661,7 +8661,7 @@
         },
         "insert": {
           "description": "Inserts a new subaccount.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/subaccounts",
+          "flatPath": "userprofiles/{profileId}/subaccounts",
           "httpMethod": "POST",
           "id": "dfareporting.subaccounts.insert",
           "parameterOrder": [
@@ -8676,7 +8676,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/subaccounts",
+          "path": "userprofiles/{profileId}/subaccounts",
           "request": {
             "$ref": "Subaccount"
           },
@@ -8689,7 +8689,7 @@
         },
         "list": {
           "description": "Gets a list of subaccounts, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/subaccounts",
+          "flatPath": "userprofiles/{profileId}/subaccounts",
           "httpMethod": "GET",
           "id": "dfareporting.subaccounts.list",
           "parameterOrder": [
@@ -8758,7 +8758,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/subaccounts",
+          "path": "userprofiles/{profileId}/subaccounts",
           "response": {
             "$ref": "SubaccountsListResponse"
           },
@@ -8768,7 +8768,7 @@
         },
         "patch": {
           "description": "Updates an existing subaccount. This method supports patch semantics.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/subaccounts",
+          "flatPath": "userprofiles/{profileId}/subaccounts",
           "httpMethod": "PATCH",
           "id": "dfareporting.subaccounts.patch",
           "parameterOrder": [
@@ -8791,7 +8791,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/subaccounts",
+          "path": "userprofiles/{profileId}/subaccounts",
           "request": {
             "$ref": "Subaccount"
           },
@@ -8804,7 +8804,7 @@
         },
         "update": {
           "description": "Updates an existing subaccount.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/subaccounts",
+          "flatPath": "userprofiles/{profileId}/subaccounts",
           "httpMethod": "PUT",
           "id": "dfareporting.subaccounts.update",
           "parameterOrder": [
@@ -8819,7 +8819,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/subaccounts",
+          "path": "userprofiles/{profileId}/subaccounts",
           "request": {
             "$ref": "Subaccount"
           },
@@ -8836,7 +8836,7 @@
       "methods": {
         "get": {
           "description": "Gets one remarketing list by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/targetableRemarketingLists/{id}",
+          "flatPath": "userprofiles/{profileId}/targetableRemarketingLists/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.targetableRemarketingLists.get",
           "parameterOrder": [
@@ -8859,7 +8859,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/targetableRemarketingLists/{id}",
+          "path": "userprofiles/{profileId}/targetableRemarketingLists/{id}",
           "response": {
             "$ref": "TargetableRemarketingList"
           },
@@ -8869,7 +8869,7 @@
         },
         "list": {
           "description": "Retrieves a list of targetable remarketing lists, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/targetableRemarketingLists",
+          "flatPath": "userprofiles/{profileId}/targetableRemarketingLists",
           "httpMethod": "GET",
           "id": "dfareporting.targetableRemarketingLists.list",
           "parameterOrder": [
@@ -8944,7 +8944,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/targetableRemarketingLists",
+          "path": "userprofiles/{profileId}/targetableRemarketingLists",
           "response": {
             "$ref": "TargetableRemarketingListsListResponse"
           },
@@ -8958,7 +8958,7 @@
       "methods": {
         "get": {
           "description": "Gets one targeting template by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/targetingTemplates/{id}",
+          "flatPath": "userprofiles/{profileId}/targetingTemplates/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.targetingTemplates.get",
           "parameterOrder": [
@@ -8981,7 +8981,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/targetingTemplates/{id}",
+          "path": "userprofiles/{profileId}/targetingTemplates/{id}",
           "response": {
             "$ref": "TargetingTemplate"
           },
@@ -8991,7 +8991,7 @@
         },
         "insert": {
           "description": "Inserts a new targeting template.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/targetingTemplates",
+          "flatPath": "userprofiles/{profileId}/targetingTemplates",
           "httpMethod": "POST",
           "id": "dfareporting.targetingTemplates.insert",
           "parameterOrder": [
@@ -9006,7 +9006,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/targetingTemplates",
+          "path": "userprofiles/{profileId}/targetingTemplates",
           "request": {
             "$ref": "TargetingTemplate"
           },
@@ -9019,7 +9019,7 @@
         },
         "list": {
           "description": "Retrieves a list of targeting templates, optionally filtered. This method supports paging.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/targetingTemplates",
+          "flatPath": "userprofiles/{profileId}/targetingTemplates",
           "httpMethod": "GET",
           "id": "dfareporting.targetingTemplates.list",
           "parameterOrder": [
@@ -9094,7 +9094,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/targetingTemplates",
+          "path": "userprofiles/{profileId}/targetingTemplates",
           "response": {
             "$ref": "TargetingTemplatesListResponse"
           },
@@ -9104,7 +9104,7 @@
         },
         "patch": {
           "description": "Updates an existing targeting template. This method supports patch semantics.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/targetingTemplates",
+          "flatPath": "userprofiles/{profileId}/targetingTemplates",
           "httpMethod": "PATCH",
           "id": "dfareporting.targetingTemplates.patch",
           "parameterOrder": [
@@ -9127,7 +9127,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/targetingTemplates",
+          "path": "userprofiles/{profileId}/targetingTemplates",
           "request": {
             "$ref": "TargetingTemplate"
           },
@@ -9140,7 +9140,7 @@
         },
         "update": {
           "description": "Updates an existing targeting template.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/targetingTemplates",
+          "flatPath": "userprofiles/{profileId}/targetingTemplates",
           "httpMethod": "PUT",
           "id": "dfareporting.targetingTemplates.update",
           "parameterOrder": [
@@ -9155,7 +9155,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/targetingTemplates",
+          "path": "userprofiles/{profileId}/targetingTemplates",
           "request": {
             "$ref": "TargetingTemplate"
           },
@@ -9172,7 +9172,7 @@
       "methods": {
         "get": {
           "description": "Gets one user profile by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}",
+          "flatPath": "userprofiles/{profileId}",
           "httpMethod": "GET",
           "id": "dfareporting.userProfiles.get",
           "parameterOrder": [
@@ -9187,7 +9187,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}",
+          "path": "userprofiles/{profileId}",
           "response": {
             "$ref": "UserProfile"
           },
@@ -9199,12 +9199,12 @@
         },
         "list": {
           "description": "Retrieves list of user profiles for a user.",
-          "flatPath": "dfareporting/v3.5/userprofiles",
+          "flatPath": "userprofiles",
           "httpMethod": "GET",
           "id": "dfareporting.userProfiles.list",
           "parameterOrder": [],
           "parameters": {},
-          "path": "dfareporting/v3.5/userprofiles",
+          "path": "userprofiles",
           "response": {
             "$ref": "UserProfileList"
           },
@@ -9220,7 +9220,7 @@
       "methods": {
         "get": {
           "description": "Gets one user role permission group by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/userRolePermissionGroups/{id}",
+          "flatPath": "userprofiles/{profileId}/userRolePermissionGroups/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.userRolePermissionGroups.get",
           "parameterOrder": [
@@ -9243,7 +9243,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/userRolePermissionGroups/{id}",
+          "path": "userprofiles/{profileId}/userRolePermissionGroups/{id}",
           "response": {
             "$ref": "UserRolePermissionGroup"
           },
@@ -9253,7 +9253,7 @@
         },
         "list": {
           "description": "Gets a list of all supported user role permission groups.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/userRolePermissionGroups",
+          "flatPath": "userprofiles/{profileId}/userRolePermissionGroups",
           "httpMethod": "GET",
           "id": "dfareporting.userRolePermissionGroups.list",
           "parameterOrder": [
@@ -9268,7 +9268,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/userRolePermissionGroups",
+          "path": "userprofiles/{profileId}/userRolePermissionGroups",
           "response": {
             "$ref": "UserRolePermissionGroupsListResponse"
           },
@@ -9282,7 +9282,7 @@
       "methods": {
         "get": {
           "description": "Gets one user role permission by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/userRolePermissions/{id}",
+          "flatPath": "userprofiles/{profileId}/userRolePermissions/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.userRolePermissions.get",
           "parameterOrder": [
@@ -9305,7 +9305,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/userRolePermissions/{id}",
+          "path": "userprofiles/{profileId}/userRolePermissions/{id}",
           "response": {
             "$ref": "UserRolePermission"
           },
@@ -9315,7 +9315,7 @@
         },
         "list": {
           "description": "Gets a list of user role permissions, possibly filtered.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/userRolePermissions",
+          "flatPath": "userprofiles/{profileId}/userRolePermissions",
           "httpMethod": "GET",
           "id": "dfareporting.userRolePermissions.list",
           "parameterOrder": [
@@ -9337,7 +9337,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/userRolePermissions",
+          "path": "userprofiles/{profileId}/userRolePermissions",
           "response": {
             "$ref": "UserRolePermissionsListResponse"
           },
@@ -9351,7 +9351,7 @@
       "methods": {
         "delete": {
           "description": "Deletes an existing user role.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/userRoles/{id}",
+          "flatPath": "userprofiles/{profileId}/userRoles/{id}",
           "httpMethod": "DELETE",
           "id": "dfareporting.userRoles.delete",
           "parameterOrder": [
@@ -9374,14 +9374,14 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/userRoles/{id}",
+          "path": "userprofiles/{profileId}/userRoles/{id}",
           "scopes": [
             "https://www.googleapis.com/auth/dfatrafficking"
           ]
         },
         "get": {
           "description": "Gets one user role by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/userRoles/{id}",
+          "flatPath": "userprofiles/{profileId}/userRoles/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.userRoles.get",
           "parameterOrder": [
@@ -9404,7 +9404,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/userRoles/{id}",
+          "path": "userprofiles/{profileId}/userRoles/{id}",
           "response": {
             "$ref": "UserRole"
           },
@@ -9414,7 +9414,7 @@
         },
         "insert": {
           "description": "Inserts a new user role.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/userRoles",
+          "flatPath": "userprofiles/{profileId}/userRoles",
           "httpMethod": "POST",
           "id": "dfareporting.userRoles.insert",
           "parameterOrder": [
@@ -9429,7 +9429,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/userRoles",
+          "path": "userprofiles/{profileId}/userRoles",
           "request": {
             "$ref": "UserRole"
           },
@@ -9442,7 +9442,7 @@
         },
         "list": {
           "description": "Retrieves a list of user roles, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/userRoles",
+          "flatPath": "userprofiles/{profileId}/userRoles",
           "httpMethod": "GET",
           "id": "dfareporting.userRoles.list",
           "parameterOrder": [
@@ -9522,7 +9522,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/userRoles",
+          "path": "userprofiles/{profileId}/userRoles",
           "response": {
             "$ref": "UserRolesListResponse"
           },
@@ -9532,7 +9532,7 @@
         },
         "patch": {
           "description": "Updates an existing user role. This method supports patch semantics.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/userRoles",
+          "flatPath": "userprofiles/{profileId}/userRoles",
           "httpMethod": "PATCH",
           "id": "dfareporting.userRoles.patch",
           "parameterOrder": [
@@ -9555,7 +9555,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/userRoles",
+          "path": "userprofiles/{profileId}/userRoles",
           "request": {
             "$ref": "UserRole"
           },
@@ -9568,7 +9568,7 @@
         },
         "update": {
           "description": "Updates an existing user role.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/userRoles",
+          "flatPath": "userprofiles/{profileId}/userRoles",
           "httpMethod": "PUT",
           "id": "dfareporting.userRoles.update",
           "parameterOrder": [
@@ -9583,7 +9583,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/userRoles",
+          "path": "userprofiles/{profileId}/userRoles",
           "request": {
             "$ref": "UserRole"
           },
@@ -9600,7 +9600,7 @@
       "methods": {
         "get": {
           "description": "Gets one video format by ID.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/videoFormats/{id}",
+          "flatPath": "userprofiles/{profileId}/videoFormats/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.videoFormats.get",
           "parameterOrder": [
@@ -9623,7 +9623,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/videoFormats/{id}",
+          "path": "userprofiles/{profileId}/videoFormats/{id}",
           "response": {
             "$ref": "VideoFormat"
           },
@@ -9633,7 +9633,7 @@
         },
         "list": {
           "description": "Lists available video formats.",
-          "flatPath": "dfareporting/v3.5/userprofiles/{profileId}/videoFormats",
+          "flatPath": "userprofiles/{profileId}/videoFormats",
           "httpMethod": "GET",
           "id": "dfareporting.videoFormats.list",
           "parameterOrder": [
@@ -9648,7 +9648,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v3.5/userprofiles/{profileId}/videoFormats",
+          "path": "userprofiles/{profileId}/videoFormats",
           "response": {
             "$ref": "VideoFormatsListResponse"
           },
@@ -9659,7 +9659,7 @@
       }
     }
   },
-  "revision": "20220628",
+  "revision": "20220815",
   "rootUrl": "https://dfareporting.googleapis.com/",
   "schemas": {
     "Account": {
@@ -20598,7 +20598,7 @@
       "type": "object"
     }
   },
-  "servicePath": "",
+  "servicePath": "dfareporting/v3.5/",
   "title": "Campaign Manager 360 API",
   "version": "v3.5"
 }
\ No newline at end of file
diff --git a/googleapiclient/discovery_cache/documents/dfareporting.v4.json b/googleapiclient/discovery_cache/documents/dfareporting.v4.json
index e236fa1a736..3f89839434b 100644
--- a/googleapiclient/discovery_cache/documents/dfareporting.v4.json
+++ b/googleapiclient/discovery_cache/documents/dfareporting.v4.json
@@ -14,8 +14,8 @@
       }
     }
   },
-  "basePath": "",
-  "baseUrl": "https://dfareporting.googleapis.com/",
+  "basePath": "/dfareporting/v4/",
+  "baseUrl": "https://dfareporting.googleapis.com/dfareporting/v4/",
   "batchPath": "batch",
   "canonicalName": "Dfareporting",
   "description": "Build applications to efficiently manage large or complex trafficking, reporting, and attribution workflows for Campaign Manager 360.",
@@ -115,7 +115,7 @@
       "methods": {
         "get": {
           "description": "Gets the account's active ad summary by account ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/accountActiveAdSummaries/{summaryAccountId}",
+          "flatPath": "userprofiles/{profileId}/accountActiveAdSummaries/{summaryAccountId}",
           "httpMethod": "GET",
           "id": "dfareporting.accountActiveAdSummaries.get",
           "parameterOrder": [
@@ -138,7 +138,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/accountActiveAdSummaries/{summaryAccountId}",
+          "path": "userprofiles/{profileId}/accountActiveAdSummaries/{summaryAccountId}",
           "response": {
             "$ref": "AccountActiveAdSummary"
           },
@@ -152,7 +152,7 @@
       "methods": {
         "get": {
           "description": "Gets one account permission group by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/accountPermissionGroups/{id}",
+          "flatPath": "userprofiles/{profileId}/accountPermissionGroups/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.accountPermissionGroups.get",
           "parameterOrder": [
@@ -175,7 +175,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/accountPermissionGroups/{id}",
+          "path": "userprofiles/{profileId}/accountPermissionGroups/{id}",
           "response": {
             "$ref": "AccountPermissionGroup"
           },
@@ -185,7 +185,7 @@
         },
         "list": {
           "description": "Retrieves the list of account permission groups.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/accountPermissionGroups",
+          "flatPath": "userprofiles/{profileId}/accountPermissionGroups",
           "httpMethod": "GET",
           "id": "dfareporting.accountPermissionGroups.list",
           "parameterOrder": [
@@ -200,7 +200,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/accountPermissionGroups",
+          "path": "userprofiles/{profileId}/accountPermissionGroups",
           "response": {
             "$ref": "AccountPermissionGroupsListResponse"
           },
@@ -214,7 +214,7 @@
       "methods": {
         "get": {
           "description": "Gets one account permission by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/accountPermissions/{id}",
+          "flatPath": "userprofiles/{profileId}/accountPermissions/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.accountPermissions.get",
           "parameterOrder": [
@@ -237,7 +237,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/accountPermissions/{id}",
+          "path": "userprofiles/{profileId}/accountPermissions/{id}",
           "response": {
             "$ref": "AccountPermission"
           },
@@ -247,7 +247,7 @@
         },
         "list": {
           "description": "Retrieves the list of account permissions.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/accountPermissions",
+          "flatPath": "userprofiles/{profileId}/accountPermissions",
           "httpMethod": "GET",
           "id": "dfareporting.accountPermissions.list",
           "parameterOrder": [
@@ -262,7 +262,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/accountPermissions",
+          "path": "userprofiles/{profileId}/accountPermissions",
           "response": {
             "$ref": "AccountPermissionsListResponse"
           },
@@ -276,7 +276,7 @@
       "methods": {
         "get": {
           "description": "Gets one account user profile by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/accountUserProfiles/{id}",
+          "flatPath": "userprofiles/{profileId}/accountUserProfiles/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.accountUserProfiles.get",
           "parameterOrder": [
@@ -299,7 +299,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/accountUserProfiles/{id}",
+          "path": "userprofiles/{profileId}/accountUserProfiles/{id}",
           "response": {
             "$ref": "AccountUserProfile"
           },
@@ -309,7 +309,7 @@
         },
         "insert": {
           "description": "Inserts a new account user profile.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/accountUserProfiles",
+          "flatPath": "userprofiles/{profileId}/accountUserProfiles",
           "httpMethod": "POST",
           "id": "dfareporting.accountUserProfiles.insert",
           "parameterOrder": [
@@ -324,7 +324,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/accountUserProfiles",
+          "path": "userprofiles/{profileId}/accountUserProfiles",
           "request": {
             "$ref": "AccountUserProfile"
           },
@@ -337,7 +337,7 @@
         },
         "list": {
           "description": "Retrieves a list of account user profiles, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/accountUserProfiles",
+          "flatPath": "userprofiles/{profileId}/accountUserProfiles",
           "httpMethod": "GET",
           "id": "dfareporting.accountUserProfiles.list",
           "parameterOrder": [
@@ -423,7 +423,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/accountUserProfiles",
+          "path": "userprofiles/{profileId}/accountUserProfiles",
           "response": {
             "$ref": "AccountUserProfilesListResponse"
           },
@@ -433,7 +433,7 @@
         },
         "patch": {
           "description": "Updates an existing account user profile. This method supports patch semantics.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/accountUserProfiles",
+          "flatPath": "userprofiles/{profileId}/accountUserProfiles",
           "httpMethod": "PATCH",
           "id": "dfareporting.accountUserProfiles.patch",
           "parameterOrder": [
@@ -456,7 +456,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/accountUserProfiles",
+          "path": "userprofiles/{profileId}/accountUserProfiles",
           "request": {
             "$ref": "AccountUserProfile"
           },
@@ -469,7 +469,7 @@
         },
         "update": {
           "description": "Updates an existing account user profile.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/accountUserProfiles",
+          "flatPath": "userprofiles/{profileId}/accountUserProfiles",
           "httpMethod": "PUT",
           "id": "dfareporting.accountUserProfiles.update",
           "parameterOrder": [
@@ -484,7 +484,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/accountUserProfiles",
+          "path": "userprofiles/{profileId}/accountUserProfiles",
           "request": {
             "$ref": "AccountUserProfile"
           },
@@ -501,7 +501,7 @@
       "methods": {
         "get": {
           "description": "Gets one account by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/accounts/{id}",
+          "flatPath": "userprofiles/{profileId}/accounts/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.accounts.get",
           "parameterOrder": [
@@ -524,7 +524,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/accounts/{id}",
+          "path": "userprofiles/{profileId}/accounts/{id}",
           "response": {
             "$ref": "Account"
           },
@@ -534,7 +534,7 @@
         },
         "list": {
           "description": "Retrieves the list of accounts, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/accounts",
+          "flatPath": "userprofiles/{profileId}/accounts",
           "httpMethod": "GET",
           "id": "dfareporting.accounts.list",
           "parameterOrder": [
@@ -608,7 +608,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/accounts",
+          "path": "userprofiles/{profileId}/accounts",
           "response": {
             "$ref": "AccountsListResponse"
           },
@@ -618,7 +618,7 @@
         },
         "patch": {
           "description": "Updates an existing account. This method supports patch semantics.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/accounts",
+          "flatPath": "userprofiles/{profileId}/accounts",
           "httpMethod": "PATCH",
           "id": "dfareporting.accounts.patch",
           "parameterOrder": [
@@ -641,7 +641,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/accounts",
+          "path": "userprofiles/{profileId}/accounts",
           "request": {
             "$ref": "Account"
           },
@@ -654,7 +654,7 @@
         },
         "update": {
           "description": "Updates an existing account.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/accounts",
+          "flatPath": "userprofiles/{profileId}/accounts",
           "httpMethod": "PUT",
           "id": "dfareporting.accounts.update",
           "parameterOrder": [
@@ -669,7 +669,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/accounts",
+          "path": "userprofiles/{profileId}/accounts",
           "request": {
             "$ref": "Account"
           },
@@ -686,7 +686,7 @@
       "methods": {
         "get": {
           "description": "Gets one ad by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/ads/{id}",
+          "flatPath": "userprofiles/{profileId}/ads/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.ads.get",
           "parameterOrder": [
@@ -709,7 +709,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/ads/{id}",
+          "path": "userprofiles/{profileId}/ads/{id}",
           "response": {
             "$ref": "Ad"
           },
@@ -719,7 +719,7 @@
         },
         "insert": {
           "description": "Inserts a new ad.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/ads",
+          "flatPath": "userprofiles/{profileId}/ads",
           "httpMethod": "POST",
           "id": "dfareporting.ads.insert",
           "parameterOrder": [
@@ -734,7 +734,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/ads",
+          "path": "userprofiles/{profileId}/ads",
           "request": {
             "$ref": "Ad"
           },
@@ -747,7 +747,7 @@
         },
         "list": {
           "description": "Retrieves a list of ads, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/ads",
+          "flatPath": "userprofiles/{profileId}/ads",
           "httpMethod": "GET",
           "id": "dfareporting.ads.list",
           "parameterOrder": [
@@ -950,7 +950,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/ads",
+          "path": "userprofiles/{profileId}/ads",
           "response": {
             "$ref": "AdsListResponse"
           },
@@ -960,7 +960,7 @@
         },
         "patch": {
           "description": "Updates an existing ad. This method supports patch semantics.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/ads",
+          "flatPath": "userprofiles/{profileId}/ads",
           "httpMethod": "PATCH",
           "id": "dfareporting.ads.patch",
           "parameterOrder": [
@@ -983,7 +983,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/ads",
+          "path": "userprofiles/{profileId}/ads",
           "request": {
             "$ref": "Ad"
           },
@@ -996,7 +996,7 @@
         },
         "update": {
           "description": "Updates an existing ad.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/ads",
+          "flatPath": "userprofiles/{profileId}/ads",
           "httpMethod": "PUT",
           "id": "dfareporting.ads.update",
           "parameterOrder": [
@@ -1011,7 +1011,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/ads",
+          "path": "userprofiles/{profileId}/ads",
           "request": {
             "$ref": "Ad"
           },
@@ -1028,7 +1028,7 @@
       "methods": {
         "delete": {
           "description": "Deletes an existing advertiser group.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/advertiserGroups/{id}",
+          "flatPath": "userprofiles/{profileId}/advertiserGroups/{id}",
           "httpMethod": "DELETE",
           "id": "dfareporting.advertiserGroups.delete",
           "parameterOrder": [
@@ -1051,14 +1051,14 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/advertiserGroups/{id}",
+          "path": "userprofiles/{profileId}/advertiserGroups/{id}",
           "scopes": [
             "https://www.googleapis.com/auth/dfatrafficking"
           ]
         },
         "get": {
           "description": "Gets one advertiser group by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/advertiserGroups/{id}",
+          "flatPath": "userprofiles/{profileId}/advertiserGroups/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.advertiserGroups.get",
           "parameterOrder": [
@@ -1081,7 +1081,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/advertiserGroups/{id}",
+          "path": "userprofiles/{profileId}/advertiserGroups/{id}",
           "response": {
             "$ref": "AdvertiserGroup"
           },
@@ -1091,7 +1091,7 @@
         },
         "insert": {
           "description": "Inserts a new advertiser group.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/advertiserGroups",
+          "flatPath": "userprofiles/{profileId}/advertiserGroups",
           "httpMethod": "POST",
           "id": "dfareporting.advertiserGroups.insert",
           "parameterOrder": [
@@ -1106,7 +1106,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/advertiserGroups",
+          "path": "userprofiles/{profileId}/advertiserGroups",
           "request": {
             "$ref": "AdvertiserGroup"
           },
@@ -1119,7 +1119,7 @@
         },
         "list": {
           "description": "Retrieves a list of advertiser groups, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/advertiserGroups",
+          "flatPath": "userprofiles/{profileId}/advertiserGroups",
           "httpMethod": "GET",
           "id": "dfareporting.advertiserGroups.list",
           "parameterOrder": [
@@ -1188,7 +1188,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/advertiserGroups",
+          "path": "userprofiles/{profileId}/advertiserGroups",
           "response": {
             "$ref": "AdvertiserGroupsListResponse"
           },
@@ -1198,7 +1198,7 @@
         },
         "patch": {
           "description": "Updates an existing advertiser group. This method supports patch semantics.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/advertiserGroups",
+          "flatPath": "userprofiles/{profileId}/advertiserGroups",
           "httpMethod": "PATCH",
           "id": "dfareporting.advertiserGroups.patch",
           "parameterOrder": [
@@ -1221,7 +1221,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/advertiserGroups",
+          "path": "userprofiles/{profileId}/advertiserGroups",
           "request": {
             "$ref": "AdvertiserGroup"
           },
@@ -1234,7 +1234,7 @@
         },
         "update": {
           "description": "Updates an existing advertiser group.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/advertiserGroups",
+          "flatPath": "userprofiles/{profileId}/advertiserGroups",
           "httpMethod": "PUT",
           "id": "dfareporting.advertiserGroups.update",
           "parameterOrder": [
@@ -1249,7 +1249,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/advertiserGroups",
+          "path": "userprofiles/{profileId}/advertiserGroups",
           "request": {
             "$ref": "AdvertiserGroup"
           },
@@ -1266,7 +1266,7 @@
       "methods": {
         "list": {
           "description": "Retrieves a list of invoices for a particular issue month. The api only works if the billing profile invoice level is set to either advertiser or campaign non-consolidated invoice level.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/advertisers/{advertiserId}/invoices",
+          "flatPath": "userprofiles/{profileId}/advertisers/{advertiserId}/invoices",
           "httpMethod": "GET",
           "id": "dfareporting.advertiserInvoices.list",
           "parameterOrder": [
@@ -1308,7 +1308,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/advertisers/{advertiserId}/invoices",
+          "path": "userprofiles/{profileId}/advertisers/{advertiserId}/invoices",
           "response": {
             "$ref": "AdvertiserInvoicesListResponse"
           },
@@ -1322,7 +1322,7 @@
       "methods": {
         "get": {
           "description": "Gets one landing page by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/advertiserLandingPages/{id}",
+          "flatPath": "userprofiles/{profileId}/advertiserLandingPages/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.advertiserLandingPages.get",
           "parameterOrder": [
@@ -1345,7 +1345,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/advertiserLandingPages/{id}",
+          "path": "userprofiles/{profileId}/advertiserLandingPages/{id}",
           "response": {
             "$ref": "LandingPage"
           },
@@ -1355,7 +1355,7 @@
         },
         "insert": {
           "description": "Inserts a new landing page.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/advertiserLandingPages",
+          "flatPath": "userprofiles/{profileId}/advertiserLandingPages",
           "httpMethod": "POST",
           "id": "dfareporting.advertiserLandingPages.insert",
           "parameterOrder": [
@@ -1370,7 +1370,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/advertiserLandingPages",
+          "path": "userprofiles/{profileId}/advertiserLandingPages",
           "request": {
             "$ref": "LandingPage"
           },
@@ -1383,7 +1383,7 @@
         },
         "list": {
           "description": "Retrieves a list of landing pages.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/advertiserLandingPages",
+          "flatPath": "userprofiles/{profileId}/advertiserLandingPages",
           "httpMethod": "GET",
           "id": "dfareporting.advertiserLandingPages.list",
           "parameterOrder": [
@@ -1477,7 +1477,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/advertiserLandingPages",
+          "path": "userprofiles/{profileId}/advertiserLandingPages",
           "response": {
             "$ref": "AdvertiserLandingPagesListResponse"
           },
@@ -1487,7 +1487,7 @@
         },
         "patch": {
           "description": "Updates an existing advertiser landing page. This method supports patch semantics.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/advertiserLandingPages",
+          "flatPath": "userprofiles/{profileId}/advertiserLandingPages",
           "httpMethod": "PATCH",
           "id": "dfareporting.advertiserLandingPages.patch",
           "parameterOrder": [
@@ -1510,7 +1510,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/advertiserLandingPages",
+          "path": "userprofiles/{profileId}/advertiserLandingPages",
           "request": {
             "$ref": "LandingPage"
           },
@@ -1523,7 +1523,7 @@
         },
         "update": {
           "description": "Updates an existing landing page.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/advertiserLandingPages",
+          "flatPath": "userprofiles/{profileId}/advertiserLandingPages",
           "httpMethod": "PUT",
           "id": "dfareporting.advertiserLandingPages.update",
           "parameterOrder": [
@@ -1538,7 +1538,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/advertiserLandingPages",
+          "path": "userprofiles/{profileId}/advertiserLandingPages",
           "request": {
             "$ref": "LandingPage"
           },
@@ -1555,7 +1555,7 @@
       "methods": {
         "get": {
           "description": "Gets one advertiser by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/advertisers/{id}",
+          "flatPath": "userprofiles/{profileId}/advertisers/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.advertisers.get",
           "parameterOrder": [
@@ -1578,7 +1578,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/advertisers/{id}",
+          "path": "userprofiles/{profileId}/advertisers/{id}",
           "response": {
             "$ref": "Advertiser"
           },
@@ -1588,7 +1588,7 @@
         },
         "insert": {
           "description": "Inserts a new advertiser.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/advertisers",
+          "flatPath": "userprofiles/{profileId}/advertisers",
           "httpMethod": "POST",
           "id": "dfareporting.advertisers.insert",
           "parameterOrder": [
@@ -1603,7 +1603,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/advertisers",
+          "path": "userprofiles/{profileId}/advertisers",
           "request": {
             "$ref": "Advertiser"
           },
@@ -1616,7 +1616,7 @@
         },
         "list": {
           "description": "Retrieves a list of advertisers, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/advertisers",
+          "flatPath": "userprofiles/{profileId}/advertisers",
           "httpMethod": "GET",
           "id": "dfareporting.advertisers.list",
           "parameterOrder": [
@@ -1728,7 +1728,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/advertisers",
+          "path": "userprofiles/{profileId}/advertisers",
           "response": {
             "$ref": "AdvertisersListResponse"
           },
@@ -1738,7 +1738,7 @@
         },
         "patch": {
           "description": "Updates an existing advertiser. This method supports patch semantics.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/advertisers",
+          "flatPath": "userprofiles/{profileId}/advertisers",
           "httpMethod": "PATCH",
           "id": "dfareporting.advertisers.patch",
           "parameterOrder": [
@@ -1761,7 +1761,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/advertisers",
+          "path": "userprofiles/{profileId}/advertisers",
           "request": {
             "$ref": "Advertiser"
           },
@@ -1774,7 +1774,7 @@
         },
         "update": {
           "description": "Updates an existing advertiser.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/advertisers",
+          "flatPath": "userprofiles/{profileId}/advertisers",
           "httpMethod": "PUT",
           "id": "dfareporting.advertisers.update",
           "parameterOrder": [
@@ -1789,7 +1789,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/advertisers",
+          "path": "userprofiles/{profileId}/advertisers",
           "request": {
             "$ref": "Advertiser"
           },
@@ -1806,7 +1806,7 @@
       "methods": {
         "insert": {
           "description": "Inserts a new billing assignment and returns the new assignment. Only one of advertiser_id or campaign_id is support per request. If the new assignment has no effect (assigning a campaign to the parent advertiser billing profile or assigning an advertiser to the account billing profile), no assignment will be returned.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/billingProfiles/{billingProfileId}/billingAssignments",
+          "flatPath": "userprofiles/{profileId}/billingProfiles/{billingProfileId}/billingAssignments",
           "httpMethod": "POST",
           "id": "dfareporting.billingAssignments.insert",
           "parameterOrder": [
@@ -1829,7 +1829,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/billingProfiles/{billingProfileId}/billingAssignments",
+          "path": "userprofiles/{profileId}/billingProfiles/{billingProfileId}/billingAssignments",
           "request": {
             "$ref": "BillingAssignment"
           },
@@ -1842,7 +1842,7 @@
         },
         "list": {
           "description": "Retrieves a list of billing assignments.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/billingProfiles/{billingProfileId}/billingAssignments",
+          "flatPath": "userprofiles/{profileId}/billingProfiles/{billingProfileId}/billingAssignments",
           "httpMethod": "GET",
           "id": "dfareporting.billingAssignments.list",
           "parameterOrder": [
@@ -1865,7 +1865,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/billingProfiles/{billingProfileId}/billingAssignments",
+          "path": "userprofiles/{profileId}/billingProfiles/{billingProfileId}/billingAssignments",
           "response": {
             "$ref": "BillingAssignmentsListResponse"
           },
@@ -1879,7 +1879,7 @@
       "methods": {
         "get": {
           "description": "Gets one billing profile by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/billingProfiles/{id}",
+          "flatPath": "userprofiles/{profileId}/billingProfiles/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.billingProfiles.get",
           "parameterOrder": [
@@ -1902,7 +1902,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/billingProfiles/{id}",
+          "path": "userprofiles/{profileId}/billingProfiles/{id}",
           "response": {
             "$ref": "BillingProfile"
           },
@@ -1912,7 +1912,7 @@
         },
         "list": {
           "description": "Retrieves a list of billing profiles, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/billingProfiles",
+          "flatPath": "userprofiles/{profileId}/billingProfiles",
           "httpMethod": "GET",
           "id": "dfareporting.billingProfiles.list",
           "parameterOrder": [
@@ -2014,7 +2014,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/billingProfiles",
+          "path": "userprofiles/{profileId}/billingProfiles",
           "response": {
             "$ref": "BillingProfilesListResponse"
           },
@@ -2024,7 +2024,7 @@
         },
         "update": {
           "description": "Updates an existing billing profile.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/billingProfiles",
+          "flatPath": "userprofiles/{profileId}/billingProfiles",
           "httpMethod": "PUT",
           "id": "dfareporting.billingProfiles.update",
           "parameterOrder": [
@@ -2039,7 +2039,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/billingProfiles",
+          "path": "userprofiles/{profileId}/billingProfiles",
           "request": {
             "$ref": "BillingProfile"
           },
@@ -2056,7 +2056,7 @@
       "methods": {
         "list": {
           "description": "Retrieves a list of billing rates. This method supports paging.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/billingProfiles/{billingProfileId}/billingRates",
+          "flatPath": "userprofiles/{profileId}/billingProfiles/{billingProfileId}/billingRates",
           "httpMethod": "GET",
           "id": "dfareporting.billingRates.list",
           "parameterOrder": [
@@ -2079,7 +2079,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/billingProfiles/{billingProfileId}/billingRates",
+          "path": "userprofiles/{profileId}/billingProfiles/{billingProfileId}/billingRates",
           "response": {
             "$ref": "BillingRatesListResponse"
           },
@@ -2093,7 +2093,7 @@
       "methods": {
         "list": {
           "description": "Retrieves a list of browsers.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/browsers",
+          "flatPath": "userprofiles/{profileId}/browsers",
           "httpMethod": "GET",
           "id": "dfareporting.browsers.list",
           "parameterOrder": [
@@ -2108,7 +2108,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/browsers",
+          "path": "userprofiles/{profileId}/browsers",
           "response": {
             "$ref": "BrowsersListResponse"
           },
@@ -2122,7 +2122,7 @@
       "methods": {
         "insert": {
           "description": "Associates a creative with the specified campaign. This method creates a default ad with dimensions matching the creative in the campaign if such a default ad does not exist already.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/campaigns/{campaignId}/campaignCreativeAssociations",
+          "flatPath": "userprofiles/{profileId}/campaigns/{campaignId}/campaignCreativeAssociations",
           "httpMethod": "POST",
           "id": "dfareporting.campaignCreativeAssociations.insert",
           "parameterOrder": [
@@ -2145,7 +2145,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/campaigns/{campaignId}/campaignCreativeAssociations",
+          "path": "userprofiles/{profileId}/campaigns/{campaignId}/campaignCreativeAssociations",
           "request": {
             "$ref": "CampaignCreativeAssociation"
           },
@@ -2158,7 +2158,7 @@
         },
         "list": {
           "description": "Retrieves the list of creative IDs associated with the specified campaign. This method supports paging.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/campaigns/{campaignId}/campaignCreativeAssociations",
+          "flatPath": "userprofiles/{profileId}/campaigns/{campaignId}/campaignCreativeAssociations",
           "httpMethod": "GET",
           "id": "dfareporting.campaignCreativeAssociations.list",
           "parameterOrder": [
@@ -2209,7 +2209,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/campaigns/{campaignId}/campaignCreativeAssociations",
+          "path": "userprofiles/{profileId}/campaigns/{campaignId}/campaignCreativeAssociations",
           "response": {
             "$ref": "CampaignCreativeAssociationsListResponse"
           },
@@ -2223,7 +2223,7 @@
       "methods": {
         "get": {
           "description": "Gets one campaign by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/campaigns/{id}",
+          "flatPath": "userprofiles/{profileId}/campaigns/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.campaigns.get",
           "parameterOrder": [
@@ -2246,7 +2246,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/campaigns/{id}",
+          "path": "userprofiles/{profileId}/campaigns/{id}",
           "response": {
             "$ref": "Campaign"
           },
@@ -2256,7 +2256,7 @@
         },
         "insert": {
           "description": "Inserts a new campaign.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/campaigns",
+          "flatPath": "userprofiles/{profileId}/campaigns",
           "httpMethod": "POST",
           "id": "dfareporting.campaigns.insert",
           "parameterOrder": [
@@ -2271,7 +2271,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/campaigns",
+          "path": "userprofiles/{profileId}/campaigns",
           "request": {
             "$ref": "Campaign"
           },
@@ -2284,7 +2284,7 @@
         },
         "list": {
           "description": "Retrieves a list of campaigns, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/campaigns",
+          "flatPath": "userprofiles/{profileId}/campaigns",
           "httpMethod": "GET",
           "id": "dfareporting.campaigns.list",
           "parameterOrder": [
@@ -2396,7 +2396,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/campaigns",
+          "path": "userprofiles/{profileId}/campaigns",
           "response": {
             "$ref": "CampaignsListResponse"
           },
@@ -2406,7 +2406,7 @@
         },
         "patch": {
           "description": "Updates an existing campaign. This method supports patch semantics.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/campaigns",
+          "flatPath": "userprofiles/{profileId}/campaigns",
           "httpMethod": "PATCH",
           "id": "dfareporting.campaigns.patch",
           "parameterOrder": [
@@ -2429,7 +2429,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/campaigns",
+          "path": "userprofiles/{profileId}/campaigns",
           "request": {
             "$ref": "Campaign"
           },
@@ -2442,7 +2442,7 @@
         },
         "update": {
           "description": "Updates an existing campaign.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/campaigns",
+          "flatPath": "userprofiles/{profileId}/campaigns",
           "httpMethod": "PUT",
           "id": "dfareporting.campaigns.update",
           "parameterOrder": [
@@ -2457,7 +2457,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/campaigns",
+          "path": "userprofiles/{profileId}/campaigns",
           "request": {
             "$ref": "Campaign"
           },
@@ -2474,7 +2474,7 @@
       "methods": {
         "get": {
           "description": "Gets one change log by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/changeLogs/{id}",
+          "flatPath": "userprofiles/{profileId}/changeLogs/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.changeLogs.get",
           "parameterOrder": [
@@ -2497,7 +2497,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/changeLogs/{id}",
+          "path": "userprofiles/{profileId}/changeLogs/{id}",
           "response": {
             "$ref": "ChangeLog"
           },
@@ -2507,7 +2507,7 @@
         },
         "list": {
           "description": "Retrieves a list of change logs. This method supports paging.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/changeLogs",
+          "flatPath": "userprofiles/{profileId}/changeLogs",
           "httpMethod": "GET",
           "id": "dfareporting.changeLogs.list",
           "parameterOrder": [
@@ -2706,7 +2706,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/changeLogs",
+          "path": "userprofiles/{profileId}/changeLogs",
           "response": {
             "$ref": "ChangeLogsListResponse"
           },
@@ -2720,7 +2720,7 @@
       "methods": {
         "list": {
           "description": "Retrieves a list of cities, possibly filtered.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/cities",
+          "flatPath": "userprofiles/{profileId}/cities",
           "httpMethod": "GET",
           "id": "dfareporting.cities.list",
           "parameterOrder": [
@@ -2761,7 +2761,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/cities",
+          "path": "userprofiles/{profileId}/cities",
           "response": {
             "$ref": "CitiesListResponse"
           },
@@ -2775,7 +2775,7 @@
       "methods": {
         "get": {
           "description": "Gets one connection type by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/connectionTypes/{id}",
+          "flatPath": "userprofiles/{profileId}/connectionTypes/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.connectionTypes.get",
           "parameterOrder": [
@@ -2798,7 +2798,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/connectionTypes/{id}",
+          "path": "userprofiles/{profileId}/connectionTypes/{id}",
           "response": {
             "$ref": "ConnectionType"
           },
@@ -2808,7 +2808,7 @@
         },
         "list": {
           "description": "Retrieves a list of connection types.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/connectionTypes",
+          "flatPath": "userprofiles/{profileId}/connectionTypes",
           "httpMethod": "GET",
           "id": "dfareporting.connectionTypes.list",
           "parameterOrder": [
@@ -2823,7 +2823,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/connectionTypes",
+          "path": "userprofiles/{profileId}/connectionTypes",
           "response": {
             "$ref": "ConnectionTypesListResponse"
           },
@@ -2837,7 +2837,7 @@
       "methods": {
         "delete": {
           "description": "Deletes an existing content category.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/contentCategories/{id}",
+          "flatPath": "userprofiles/{profileId}/contentCategories/{id}",
           "httpMethod": "DELETE",
           "id": "dfareporting.contentCategories.delete",
           "parameterOrder": [
@@ -2860,14 +2860,14 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/contentCategories/{id}",
+          "path": "userprofiles/{profileId}/contentCategories/{id}",
           "scopes": [
             "https://www.googleapis.com/auth/dfatrafficking"
           ]
         },
         "get": {
           "description": "Gets one content category by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/contentCategories/{id}",
+          "flatPath": "userprofiles/{profileId}/contentCategories/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.contentCategories.get",
           "parameterOrder": [
@@ -2890,7 +2890,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/contentCategories/{id}",
+          "path": "userprofiles/{profileId}/contentCategories/{id}",
           "response": {
             "$ref": "ContentCategory"
           },
@@ -2900,7 +2900,7 @@
         },
         "insert": {
           "description": "Inserts a new content category.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/contentCategories",
+          "flatPath": "userprofiles/{profileId}/contentCategories",
           "httpMethod": "POST",
           "id": "dfareporting.contentCategories.insert",
           "parameterOrder": [
@@ -2915,7 +2915,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/contentCategories",
+          "path": "userprofiles/{profileId}/contentCategories",
           "request": {
             "$ref": "ContentCategory"
           },
@@ -2928,7 +2928,7 @@
         },
         "list": {
           "description": "Retrieves a list of content categories, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/contentCategories",
+          "flatPath": "userprofiles/{profileId}/contentCategories",
           "httpMethod": "GET",
           "id": "dfareporting.contentCategories.list",
           "parameterOrder": [
@@ -2997,7 +2997,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/contentCategories",
+          "path": "userprofiles/{profileId}/contentCategories",
           "response": {
             "$ref": "ContentCategoriesListResponse"
           },
@@ -3007,7 +3007,7 @@
         },
         "patch": {
           "description": "Updates an existing content category. This method supports patch semantics.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/contentCategories",
+          "flatPath": "userprofiles/{profileId}/contentCategories",
           "httpMethod": "PATCH",
           "id": "dfareporting.contentCategories.patch",
           "parameterOrder": [
@@ -3030,7 +3030,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/contentCategories",
+          "path": "userprofiles/{profileId}/contentCategories",
           "request": {
             "$ref": "ContentCategory"
           },
@@ -3043,7 +3043,7 @@
         },
         "update": {
           "description": "Updates an existing content category.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/contentCategories",
+          "flatPath": "userprofiles/{profileId}/contentCategories",
           "httpMethod": "PUT",
           "id": "dfareporting.contentCategories.update",
           "parameterOrder": [
@@ -3058,7 +3058,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/contentCategories",
+          "path": "userprofiles/{profileId}/contentCategories",
           "request": {
             "$ref": "ContentCategory"
           },
@@ -3075,7 +3075,7 @@
       "methods": {
         "batchinsert": {
           "description": "Inserts conversions.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/conversions/batchinsert",
+          "flatPath": "userprofiles/{profileId}/conversions/batchinsert",
           "httpMethod": "POST",
           "id": "dfareporting.conversions.batchinsert",
           "parameterOrder": [
@@ -3090,7 +3090,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/conversions/batchinsert",
+          "path": "userprofiles/{profileId}/conversions/batchinsert",
           "request": {
             "$ref": "ConversionsBatchInsertRequest"
           },
@@ -3103,7 +3103,7 @@
         },
         "batchupdate": {
           "description": "Updates existing conversions.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/conversions/batchupdate",
+          "flatPath": "userprofiles/{profileId}/conversions/batchupdate",
           "httpMethod": "POST",
           "id": "dfareporting.conversions.batchupdate",
           "parameterOrder": [
@@ -3118,7 +3118,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/conversions/batchupdate",
+          "path": "userprofiles/{profileId}/conversions/batchupdate",
           "request": {
             "$ref": "ConversionsBatchUpdateRequest"
           },
@@ -3135,7 +3135,7 @@
       "methods": {
         "get": {
           "description": "Gets one country by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/countries/{dartId}",
+          "flatPath": "userprofiles/{profileId}/countries/{dartId}",
           "httpMethod": "GET",
           "id": "dfareporting.countries.get",
           "parameterOrder": [
@@ -3158,7 +3158,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/countries/{dartId}",
+          "path": "userprofiles/{profileId}/countries/{dartId}",
           "response": {
             "$ref": "Country"
           },
@@ -3168,7 +3168,7 @@
         },
         "list": {
           "description": "Retrieves a list of countries.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/countries",
+          "flatPath": "userprofiles/{profileId}/countries",
           "httpMethod": "GET",
           "id": "dfareporting.countries.list",
           "parameterOrder": [
@@ -3183,7 +3183,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/countries",
+          "path": "userprofiles/{profileId}/countries",
           "response": {
             "$ref": "CountriesListResponse"
           },
@@ -3197,7 +3197,7 @@
       "methods": {
         "insert": {
           "description": "Inserts a new creative asset.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/creativeAssets/{advertiserId}/creativeAssets",
+          "flatPath": "userprofiles/{profileId}/creativeAssets/{advertiserId}/creativeAssets",
           "httpMethod": "POST",
           "id": "dfareporting.creativeAssets.insert",
           "mediaUpload": {
@@ -3232,7 +3232,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/creativeAssets/{advertiserId}/creativeAssets",
+          "path": "userprofiles/{profileId}/creativeAssets/{advertiserId}/creativeAssets",
           "request": {
             "$ref": "CreativeAssetMetadata"
           },
@@ -3250,7 +3250,7 @@
       "methods": {
         "delete": {
           "description": "Deletes an existing creative field value.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues/{id}",
+          "flatPath": "userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues/{id}",
           "httpMethod": "DELETE",
           "id": "dfareporting.creativeFieldValues.delete",
           "parameterOrder": [
@@ -3281,14 +3281,14 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues/{id}",
+          "path": "userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues/{id}",
           "scopes": [
             "https://www.googleapis.com/auth/dfatrafficking"
           ]
         },
         "get": {
           "description": "Gets one creative field value by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues/{id}",
+          "flatPath": "userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.creativeFieldValues.get",
           "parameterOrder": [
@@ -3319,7 +3319,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues/{id}",
+          "path": "userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues/{id}",
           "response": {
             "$ref": "CreativeFieldValue"
           },
@@ -3329,7 +3329,7 @@
         },
         "insert": {
           "description": "Inserts a new creative field value.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues",
+          "flatPath": "userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues",
           "httpMethod": "POST",
           "id": "dfareporting.creativeFieldValues.insert",
           "parameterOrder": [
@@ -3352,7 +3352,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues",
+          "path": "userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues",
           "request": {
             "$ref": "CreativeFieldValue"
           },
@@ -3365,7 +3365,7 @@
         },
         "list": {
           "description": "Retrieves a list of creative field values, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues",
+          "flatPath": "userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues",
           "httpMethod": "GET",
           "id": "dfareporting.creativeFieldValues.list",
           "parameterOrder": [
@@ -3442,7 +3442,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues",
+          "path": "userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues",
           "response": {
             "$ref": "CreativeFieldValuesListResponse"
           },
@@ -3452,7 +3452,7 @@
         },
         "patch": {
           "description": "Updates an existing creative field value. This method supports patch semantics.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues",
+          "flatPath": "userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues",
           "httpMethod": "PATCH",
           "id": "dfareporting.creativeFieldValues.patch",
           "parameterOrder": [
@@ -3483,7 +3483,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues",
+          "path": "userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues",
           "request": {
             "$ref": "CreativeFieldValue"
           },
@@ -3496,7 +3496,7 @@
         },
         "update": {
           "description": "Updates an existing creative field value.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues",
+          "flatPath": "userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues",
           "httpMethod": "PUT",
           "id": "dfareporting.creativeFieldValues.update",
           "parameterOrder": [
@@ -3519,7 +3519,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues",
+          "path": "userprofiles/{profileId}/creativeFields/{creativeFieldId}/creativeFieldValues",
           "request": {
             "$ref": "CreativeFieldValue"
           },
@@ -3536,7 +3536,7 @@
       "methods": {
         "delete": {
           "description": "Deletes an existing creative field.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/creativeFields/{id}",
+          "flatPath": "userprofiles/{profileId}/creativeFields/{id}",
           "httpMethod": "DELETE",
           "id": "dfareporting.creativeFields.delete",
           "parameterOrder": [
@@ -3559,14 +3559,14 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/creativeFields/{id}",
+          "path": "userprofiles/{profileId}/creativeFields/{id}",
           "scopes": [
             "https://www.googleapis.com/auth/dfatrafficking"
           ]
         },
         "get": {
           "description": "Gets one creative field by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/creativeFields/{id}",
+          "flatPath": "userprofiles/{profileId}/creativeFields/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.creativeFields.get",
           "parameterOrder": [
@@ -3589,7 +3589,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/creativeFields/{id}",
+          "path": "userprofiles/{profileId}/creativeFields/{id}",
           "response": {
             "$ref": "CreativeField"
           },
@@ -3599,7 +3599,7 @@
         },
         "insert": {
           "description": "Inserts a new creative field.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/creativeFields",
+          "flatPath": "userprofiles/{profileId}/creativeFields",
           "httpMethod": "POST",
           "id": "dfareporting.creativeFields.insert",
           "parameterOrder": [
@@ -3614,7 +3614,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/creativeFields",
+          "path": "userprofiles/{profileId}/creativeFields",
           "request": {
             "$ref": "CreativeField"
           },
@@ -3627,7 +3627,7 @@
         },
         "list": {
           "description": "Retrieves a list of creative fields, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/creativeFields",
+          "flatPath": "userprofiles/{profileId}/creativeFields",
           "httpMethod": "GET",
           "id": "dfareporting.creativeFields.list",
           "parameterOrder": [
@@ -3703,7 +3703,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/creativeFields",
+          "path": "userprofiles/{profileId}/creativeFields",
           "response": {
             "$ref": "CreativeFieldsListResponse"
           },
@@ -3713,7 +3713,7 @@
         },
         "patch": {
           "description": "Updates an existing creative field. This method supports patch semantics.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/creativeFields",
+          "flatPath": "userprofiles/{profileId}/creativeFields",
           "httpMethod": "PATCH",
           "id": "dfareporting.creativeFields.patch",
           "parameterOrder": [
@@ -3736,7 +3736,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/creativeFields",
+          "path": "userprofiles/{profileId}/creativeFields",
           "request": {
             "$ref": "CreativeField"
           },
@@ -3749,7 +3749,7 @@
         },
         "update": {
           "description": "Updates an existing creative field.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/creativeFields",
+          "flatPath": "userprofiles/{profileId}/creativeFields",
           "httpMethod": "PUT",
           "id": "dfareporting.creativeFields.update",
           "parameterOrder": [
@@ -3764,7 +3764,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/creativeFields",
+          "path": "userprofiles/{profileId}/creativeFields",
           "request": {
             "$ref": "CreativeField"
           },
@@ -3781,7 +3781,7 @@
       "methods": {
         "get": {
           "description": "Gets one creative group by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/creativeGroups/{id}",
+          "flatPath": "userprofiles/{profileId}/creativeGroups/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.creativeGroups.get",
           "parameterOrder": [
@@ -3804,7 +3804,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/creativeGroups/{id}",
+          "path": "userprofiles/{profileId}/creativeGroups/{id}",
           "response": {
             "$ref": "CreativeGroup"
           },
@@ -3814,7 +3814,7 @@
         },
         "insert": {
           "description": "Inserts a new creative group.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/creativeGroups",
+          "flatPath": "userprofiles/{profileId}/creativeGroups",
           "httpMethod": "POST",
           "id": "dfareporting.creativeGroups.insert",
           "parameterOrder": [
@@ -3829,7 +3829,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/creativeGroups",
+          "path": "userprofiles/{profileId}/creativeGroups",
           "request": {
             "$ref": "CreativeGroup"
           },
@@ -3842,7 +3842,7 @@
         },
         "list": {
           "description": "Retrieves a list of creative groups, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/creativeGroups",
+          "flatPath": "userprofiles/{profileId}/creativeGroups",
           "httpMethod": "GET",
           "id": "dfareporting.creativeGroups.list",
           "parameterOrder": [
@@ -3926,7 +3926,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/creativeGroups",
+          "path": "userprofiles/{profileId}/creativeGroups",
           "response": {
             "$ref": "CreativeGroupsListResponse"
           },
@@ -3936,7 +3936,7 @@
         },
         "patch": {
           "description": "Updates an existing creative group. This method supports patch semantics.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/creativeGroups",
+          "flatPath": "userprofiles/{profileId}/creativeGroups",
           "httpMethod": "PATCH",
           "id": "dfareporting.creativeGroups.patch",
           "parameterOrder": [
@@ -3959,7 +3959,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/creativeGroups",
+          "path": "userprofiles/{profileId}/creativeGroups",
           "request": {
             "$ref": "CreativeGroup"
           },
@@ -3972,7 +3972,7 @@
         },
         "update": {
           "description": "Updates an existing creative group.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/creativeGroups",
+          "flatPath": "userprofiles/{profileId}/creativeGroups",
           "httpMethod": "PUT",
           "id": "dfareporting.creativeGroups.update",
           "parameterOrder": [
@@ -3987,7 +3987,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/creativeGroups",
+          "path": "userprofiles/{profileId}/creativeGroups",
           "request": {
             "$ref": "CreativeGroup"
           },
@@ -4004,7 +4004,7 @@
       "methods": {
         "get": {
           "description": "Gets one creative by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/creatives/{id}",
+          "flatPath": "userprofiles/{profileId}/creatives/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.creatives.get",
           "parameterOrder": [
@@ -4027,7 +4027,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/creatives/{id}",
+          "path": "userprofiles/{profileId}/creatives/{id}",
           "response": {
             "$ref": "Creative"
           },
@@ -4037,7 +4037,7 @@
         },
         "insert": {
           "description": "Inserts a new creative.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/creatives",
+          "flatPath": "userprofiles/{profileId}/creatives",
           "httpMethod": "POST",
           "id": "dfareporting.creatives.insert",
           "parameterOrder": [
@@ -4052,7 +4052,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/creatives",
+          "path": "userprofiles/{profileId}/creatives",
           "request": {
             "$ref": "Creative"
           },
@@ -4065,7 +4065,7 @@
         },
         "list": {
           "description": "Retrieves a list of creatives, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/creatives",
+          "flatPath": "userprofiles/{profileId}/creatives",
           "httpMethod": "GET",
           "id": "dfareporting.creatives.list",
           "parameterOrder": [
@@ -4250,7 +4250,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/creatives",
+          "path": "userprofiles/{profileId}/creatives",
           "response": {
             "$ref": "CreativesListResponse"
           },
@@ -4260,7 +4260,7 @@
         },
         "patch": {
           "description": "Updates an existing creative. This method supports patch semantics.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/creatives",
+          "flatPath": "userprofiles/{profileId}/creatives",
           "httpMethod": "PATCH",
           "id": "dfareporting.creatives.patch",
           "parameterOrder": [
@@ -4283,7 +4283,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/creatives",
+          "path": "userprofiles/{profileId}/creatives",
           "request": {
             "$ref": "Creative"
           },
@@ -4296,7 +4296,7 @@
         },
         "update": {
           "description": "Updates an existing creative.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/creatives",
+          "flatPath": "userprofiles/{profileId}/creatives",
           "httpMethod": "PUT",
           "id": "dfareporting.creatives.update",
           "parameterOrder": [
@@ -4311,7 +4311,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/creatives",
+          "path": "userprofiles/{profileId}/creatives",
           "request": {
             "$ref": "Creative"
           },
@@ -4328,7 +4328,7 @@
       "methods": {
         "query": {
           "description": "Retrieves list of report dimension values for a list of filters.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/dimensionvalues/query",
+          "flatPath": "userprofiles/{profileId}/dimensionvalues/query",
           "httpMethod": "POST",
           "id": "dfareporting.dimensionValues.query",
           "parameterOrder": [
@@ -4357,7 +4357,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/dimensionvalues/query",
+          "path": "userprofiles/{profileId}/dimensionvalues/query",
           "request": {
             "$ref": "DimensionValueRequest"
           },
@@ -4374,7 +4374,7 @@
       "methods": {
         "get": {
           "description": "Gets one directory site by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/directorySites/{id}",
+          "flatPath": "userprofiles/{profileId}/directorySites/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.directorySites.get",
           "parameterOrder": [
@@ -4397,7 +4397,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/directorySites/{id}",
+          "path": "userprofiles/{profileId}/directorySites/{id}",
           "response": {
             "$ref": "DirectorySite"
           },
@@ -4407,7 +4407,7 @@
         },
         "insert": {
           "description": "Inserts a new directory site.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/directorySites",
+          "flatPath": "userprofiles/{profileId}/directorySites",
           "httpMethod": "POST",
           "id": "dfareporting.directorySites.insert",
           "parameterOrder": [
@@ -4422,7 +4422,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/directorySites",
+          "path": "userprofiles/{profileId}/directorySites",
           "request": {
             "$ref": "DirectorySite"
           },
@@ -4435,7 +4435,7 @@
         },
         "list": {
           "description": "Retrieves a list of directory sites, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/directorySites",
+          "flatPath": "userprofiles/{profileId}/directorySites",
           "httpMethod": "GET",
           "id": "dfareporting.directorySites.list",
           "parameterOrder": [
@@ -4529,7 +4529,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/directorySites",
+          "path": "userprofiles/{profileId}/directorySites",
           "response": {
             "$ref": "DirectorySitesListResponse"
           },
@@ -4543,7 +4543,7 @@
       "methods": {
         "delete": {
           "description": "Deletes an existing dynamic targeting key.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/dynamicTargetingKeys/{objectId}",
+          "flatPath": "userprofiles/{profileId}/dynamicTargetingKeys/{objectId}",
           "httpMethod": "DELETE",
           "id": "dfareporting.dynamicTargetingKeys.delete",
           "parameterOrder": [
@@ -4592,14 +4592,14 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/dynamicTargetingKeys/{objectId}",
+          "path": "userprofiles/{profileId}/dynamicTargetingKeys/{objectId}",
           "scopes": [
             "https://www.googleapis.com/auth/dfatrafficking"
           ]
         },
         "insert": {
           "description": "Inserts a new dynamic targeting key. Keys must be created at the advertiser level before being assigned to the advertiser's ads, creatives, or placements. There is a maximum of 1000 keys per advertiser, out of which a maximum of 20 keys can be assigned per ad, creative, or placement.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/dynamicTargetingKeys",
+          "flatPath": "userprofiles/{profileId}/dynamicTargetingKeys",
           "httpMethod": "POST",
           "id": "dfareporting.dynamicTargetingKeys.insert",
           "parameterOrder": [
@@ -4614,7 +4614,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/dynamicTargetingKeys",
+          "path": "userprofiles/{profileId}/dynamicTargetingKeys",
           "request": {
             "$ref": "DynamicTargetingKey"
           },
@@ -4627,7 +4627,7 @@
         },
         "list": {
           "description": "Retrieves a list of dynamic targeting keys.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/dynamicTargetingKeys",
+          "flatPath": "userprofiles/{profileId}/dynamicTargetingKeys",
           "httpMethod": "GET",
           "id": "dfareporting.dynamicTargetingKeys.list",
           "parameterOrder": [
@@ -4677,7 +4677,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/dynamicTargetingKeys",
+          "path": "userprofiles/{profileId}/dynamicTargetingKeys",
           "response": {
             "$ref": "DynamicTargetingKeysListResponse"
           },
@@ -4691,7 +4691,7 @@
       "methods": {
         "delete": {
           "description": "Deletes an existing event tag.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/eventTags/{id}",
+          "flatPath": "userprofiles/{profileId}/eventTags/{id}",
           "httpMethod": "DELETE",
           "id": "dfareporting.eventTags.delete",
           "parameterOrder": [
@@ -4714,14 +4714,14 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/eventTags/{id}",
+          "path": "userprofiles/{profileId}/eventTags/{id}",
           "scopes": [
             "https://www.googleapis.com/auth/dfatrafficking"
           ]
         },
         "get": {
           "description": "Gets one event tag by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/eventTags/{id}",
+          "flatPath": "userprofiles/{profileId}/eventTags/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.eventTags.get",
           "parameterOrder": [
@@ -4744,7 +4744,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/eventTags/{id}",
+          "path": "userprofiles/{profileId}/eventTags/{id}",
           "response": {
             "$ref": "EventTag"
           },
@@ -4754,7 +4754,7 @@
         },
         "insert": {
           "description": "Inserts a new event tag.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/eventTags",
+          "flatPath": "userprofiles/{profileId}/eventTags",
           "httpMethod": "POST",
           "id": "dfareporting.eventTags.insert",
           "parameterOrder": [
@@ -4769,7 +4769,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/eventTags",
+          "path": "userprofiles/{profileId}/eventTags",
           "request": {
             "$ref": "EventTag"
           },
@@ -4782,7 +4782,7 @@
         },
         "list": {
           "description": "Retrieves a list of event tags, possibly filtered.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/eventTags",
+          "flatPath": "userprofiles/{profileId}/eventTags",
           "httpMethod": "GET",
           "id": "dfareporting.eventTags.list",
           "parameterOrder": [
@@ -4881,7 +4881,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/eventTags",
+          "path": "userprofiles/{profileId}/eventTags",
           "response": {
             "$ref": "EventTagsListResponse"
           },
@@ -4891,7 +4891,7 @@
         },
         "patch": {
           "description": "Updates an existing event tag. This method supports patch semantics.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/eventTags",
+          "flatPath": "userprofiles/{profileId}/eventTags",
           "httpMethod": "PATCH",
           "id": "dfareporting.eventTags.patch",
           "parameterOrder": [
@@ -4914,7 +4914,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/eventTags",
+          "path": "userprofiles/{profileId}/eventTags",
           "request": {
             "$ref": "EventTag"
           },
@@ -4927,7 +4927,7 @@
         },
         "update": {
           "description": "Updates an existing event tag.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/eventTags",
+          "flatPath": "userprofiles/{profileId}/eventTags",
           "httpMethod": "PUT",
           "id": "dfareporting.eventTags.update",
           "parameterOrder": [
@@ -4942,7 +4942,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/eventTags",
+          "path": "userprofiles/{profileId}/eventTags",
           "request": {
             "$ref": "EventTag"
           },
@@ -4959,7 +4959,7 @@
       "methods": {
         "get": {
           "description": "Retrieves a report file by its report ID and file ID. This method supports media download.",
-          "flatPath": "dfareporting/v4/reports/{reportId}/files/{fileId}",
+          "flatPath": "reports/{reportId}/files/{fileId}",
           "httpMethod": "GET",
           "id": "dfareporting.files.get",
           "parameterOrder": [
@@ -4982,7 +4982,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/reports/{reportId}/files/{fileId}",
+          "path": "reports/{reportId}/files/{fileId}",
           "response": {
             "$ref": "File"
           },
@@ -4993,7 +4993,7 @@
         },
         "list": {
           "description": "Lists files for a user profile.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/files",
+          "flatPath": "userprofiles/{profileId}/files",
           "httpMethod": "GET",
           "id": "dfareporting.files.list",
           "parameterOrder": [
@@ -5066,7 +5066,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/files",
+          "path": "userprofiles/{profileId}/files",
           "response": {
             "$ref": "FileList"
           },
@@ -5080,7 +5080,7 @@
       "methods": {
         "delete": {
           "description": "Deletes an existing floodlight activity.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/floodlightActivities/{id}",
+          "flatPath": "userprofiles/{profileId}/floodlightActivities/{id}",
           "httpMethod": "DELETE",
           "id": "dfareporting.floodlightActivities.delete",
           "parameterOrder": [
@@ -5103,14 +5103,14 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/floodlightActivities/{id}",
+          "path": "userprofiles/{profileId}/floodlightActivities/{id}",
           "scopes": [
             "https://www.googleapis.com/auth/dfatrafficking"
           ]
         },
         "generatetag": {
           "description": "Generates a tag for a floodlight activity.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/floodlightActivities/generatetag",
+          "flatPath": "userprofiles/{profileId}/floodlightActivities/generatetag",
           "httpMethod": "POST",
           "id": "dfareporting.floodlightActivities.generatetag",
           "parameterOrder": [
@@ -5131,7 +5131,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/floodlightActivities/generatetag",
+          "path": "userprofiles/{profileId}/floodlightActivities/generatetag",
           "response": {
             "$ref": "FloodlightActivitiesGenerateTagResponse"
           },
@@ -5141,7 +5141,7 @@
         },
         "get": {
           "description": "Gets one floodlight activity by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/floodlightActivities/{id}",
+          "flatPath": "userprofiles/{profileId}/floodlightActivities/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.floodlightActivities.get",
           "parameterOrder": [
@@ -5164,7 +5164,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/floodlightActivities/{id}",
+          "path": "userprofiles/{profileId}/floodlightActivities/{id}",
           "response": {
             "$ref": "FloodlightActivity"
           },
@@ -5174,7 +5174,7 @@
         },
         "insert": {
           "description": "Inserts a new floodlight activity.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/floodlightActivities",
+          "flatPath": "userprofiles/{profileId}/floodlightActivities",
           "httpMethod": "POST",
           "id": "dfareporting.floodlightActivities.insert",
           "parameterOrder": [
@@ -5189,7 +5189,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/floodlightActivities",
+          "path": "userprofiles/{profileId}/floodlightActivities",
           "request": {
             "$ref": "FloodlightActivity"
           },
@@ -5202,7 +5202,7 @@
         },
         "list": {
           "description": "Retrieves a list of floodlight activities, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/floodlightActivities",
+          "flatPath": "userprofiles/{profileId}/floodlightActivities",
           "httpMethod": "GET",
           "id": "dfareporting.floodlightActivities.list",
           "parameterOrder": [
@@ -5318,7 +5318,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/floodlightActivities",
+          "path": "userprofiles/{profileId}/floodlightActivities",
           "response": {
             "$ref": "FloodlightActivitiesListResponse"
           },
@@ -5328,7 +5328,7 @@
         },
         "patch": {
           "description": "Updates an existing floodlight activity. This method supports patch semantics.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/floodlightActivities",
+          "flatPath": "userprofiles/{profileId}/floodlightActivities",
           "httpMethod": "PATCH",
           "id": "dfareporting.floodlightActivities.patch",
           "parameterOrder": [
@@ -5351,7 +5351,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/floodlightActivities",
+          "path": "userprofiles/{profileId}/floodlightActivities",
           "request": {
             "$ref": "FloodlightActivity"
           },
@@ -5364,7 +5364,7 @@
         },
         "update": {
           "description": "Updates an existing floodlight activity.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/floodlightActivities",
+          "flatPath": "userprofiles/{profileId}/floodlightActivities",
           "httpMethod": "PUT",
           "id": "dfareporting.floodlightActivities.update",
           "parameterOrder": [
@@ -5379,7 +5379,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/floodlightActivities",
+          "path": "userprofiles/{profileId}/floodlightActivities",
           "request": {
             "$ref": "FloodlightActivity"
           },
@@ -5396,7 +5396,7 @@
       "methods": {
         "get": {
           "description": "Gets one floodlight activity group by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/floodlightActivityGroups/{id}",
+          "flatPath": "userprofiles/{profileId}/floodlightActivityGroups/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.floodlightActivityGroups.get",
           "parameterOrder": [
@@ -5419,7 +5419,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/floodlightActivityGroups/{id}",
+          "path": "userprofiles/{profileId}/floodlightActivityGroups/{id}",
           "response": {
             "$ref": "FloodlightActivityGroup"
           },
@@ -5429,7 +5429,7 @@
         },
         "insert": {
           "description": "Inserts a new floodlight activity group.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/floodlightActivityGroups",
+          "flatPath": "userprofiles/{profileId}/floodlightActivityGroups",
           "httpMethod": "POST",
           "id": "dfareporting.floodlightActivityGroups.insert",
           "parameterOrder": [
@@ -5444,7 +5444,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/floodlightActivityGroups",
+          "path": "userprofiles/{profileId}/floodlightActivityGroups",
           "request": {
             "$ref": "FloodlightActivityGroup"
           },
@@ -5457,7 +5457,7 @@
         },
         "list": {
           "description": "Retrieves a list of floodlight activity groups, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/floodlightActivityGroups",
+          "flatPath": "userprofiles/{profileId}/floodlightActivityGroups",
           "httpMethod": "GET",
           "id": "dfareporting.floodlightActivityGroups.list",
           "parameterOrder": [
@@ -5551,7 +5551,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/floodlightActivityGroups",
+          "path": "userprofiles/{profileId}/floodlightActivityGroups",
           "response": {
             "$ref": "FloodlightActivityGroupsListResponse"
           },
@@ -5561,7 +5561,7 @@
         },
         "patch": {
           "description": "Updates an existing floodlight activity group. This method supports patch semantics.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/floodlightActivityGroups",
+          "flatPath": "userprofiles/{profileId}/floodlightActivityGroups",
           "httpMethod": "PATCH",
           "id": "dfareporting.floodlightActivityGroups.patch",
           "parameterOrder": [
@@ -5584,7 +5584,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/floodlightActivityGroups",
+          "path": "userprofiles/{profileId}/floodlightActivityGroups",
           "request": {
             "$ref": "FloodlightActivityGroup"
           },
@@ -5597,7 +5597,7 @@
         },
         "update": {
           "description": "Updates an existing floodlight activity group.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/floodlightActivityGroups",
+          "flatPath": "userprofiles/{profileId}/floodlightActivityGroups",
           "httpMethod": "PUT",
           "id": "dfareporting.floodlightActivityGroups.update",
           "parameterOrder": [
@@ -5612,7 +5612,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/floodlightActivityGroups",
+          "path": "userprofiles/{profileId}/floodlightActivityGroups",
           "request": {
             "$ref": "FloodlightActivityGroup"
           },
@@ -5629,7 +5629,7 @@
       "methods": {
         "get": {
           "description": "Gets one floodlight configuration by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/floodlightConfigurations/{id}",
+          "flatPath": "userprofiles/{profileId}/floodlightConfigurations/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.floodlightConfigurations.get",
           "parameterOrder": [
@@ -5652,7 +5652,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/floodlightConfigurations/{id}",
+          "path": "userprofiles/{profileId}/floodlightConfigurations/{id}",
           "response": {
             "$ref": "FloodlightConfiguration"
           },
@@ -5662,7 +5662,7 @@
         },
         "list": {
           "description": "Retrieves a list of floodlight configurations, possibly filtered.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/floodlightConfigurations",
+          "flatPath": "userprofiles/{profileId}/floodlightConfigurations",
           "httpMethod": "GET",
           "id": "dfareporting.floodlightConfigurations.list",
           "parameterOrder": [
@@ -5684,7 +5684,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/floodlightConfigurations",
+          "path": "userprofiles/{profileId}/floodlightConfigurations",
           "response": {
             "$ref": "FloodlightConfigurationsListResponse"
           },
@@ -5694,7 +5694,7 @@
         },
         "patch": {
           "description": "Updates an existing floodlight configuration. This method supports patch semantics.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/floodlightConfigurations",
+          "flatPath": "userprofiles/{profileId}/floodlightConfigurations",
           "httpMethod": "PATCH",
           "id": "dfareporting.floodlightConfigurations.patch",
           "parameterOrder": [
@@ -5717,7 +5717,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/floodlightConfigurations",
+          "path": "userprofiles/{profileId}/floodlightConfigurations",
           "request": {
             "$ref": "FloodlightConfiguration"
           },
@@ -5730,7 +5730,7 @@
         },
         "update": {
           "description": "Updates an existing floodlight configuration.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/floodlightConfigurations",
+          "flatPath": "userprofiles/{profileId}/floodlightConfigurations",
           "httpMethod": "PUT",
           "id": "dfareporting.floodlightConfigurations.update",
           "parameterOrder": [
@@ -5745,7 +5745,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/floodlightConfigurations",
+          "path": "userprofiles/{profileId}/floodlightConfigurations",
           "request": {
             "$ref": "FloodlightConfiguration"
           },
@@ -5762,7 +5762,7 @@
       "methods": {
         "get": {
           "description": "Gets one inventory item by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/projects/{projectId}/inventoryItems/{id}",
+          "flatPath": "userprofiles/{profileId}/projects/{projectId}/inventoryItems/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.inventoryItems.get",
           "parameterOrder": [
@@ -5793,7 +5793,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/projects/{projectId}/inventoryItems/{id}",
+          "path": "userprofiles/{profileId}/projects/{projectId}/inventoryItems/{id}",
           "response": {
             "$ref": "InventoryItem"
           },
@@ -5803,7 +5803,7 @@
         },
         "list": {
           "description": "Retrieves a list of inventory items, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/projects/{projectId}/inventoryItems",
+          "flatPath": "userprofiles/{profileId}/projects/{projectId}/inventoryItems",
           "httpMethod": "GET",
           "id": "dfareporting.inventoryItems.list",
           "parameterOrder": [
@@ -5907,7 +5907,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/projects/{projectId}/inventoryItems",
+          "path": "userprofiles/{profileId}/projects/{projectId}/inventoryItems",
           "response": {
             "$ref": "InventoryItemsListResponse"
           },
@@ -5921,7 +5921,7 @@
       "methods": {
         "list": {
           "description": "Retrieves a list of languages.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/languages",
+          "flatPath": "userprofiles/{profileId}/languages",
           "httpMethod": "GET",
           "id": "dfareporting.languages.list",
           "parameterOrder": [
@@ -5936,7 +5936,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/languages",
+          "path": "userprofiles/{profileId}/languages",
           "response": {
             "$ref": "LanguagesListResponse"
           },
@@ -5950,7 +5950,7 @@
       "methods": {
         "list": {
           "description": "Retrieves a list of metros.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/metros",
+          "flatPath": "userprofiles/{profileId}/metros",
           "httpMethod": "GET",
           "id": "dfareporting.metros.list",
           "parameterOrder": [
@@ -5965,7 +5965,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/metros",
+          "path": "userprofiles/{profileId}/metros",
           "response": {
             "$ref": "MetrosListResponse"
           },
@@ -5979,7 +5979,7 @@
       "methods": {
         "get": {
           "description": "Gets one mobile app by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/mobileApps/{id}",
+          "flatPath": "userprofiles/{profileId}/mobileApps/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.mobileApps.get",
           "parameterOrder": [
@@ -6001,7 +6001,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/mobileApps/{id}",
+          "path": "userprofiles/{profileId}/mobileApps/{id}",
           "response": {
             "$ref": "MobileApp"
           },
@@ -6011,7 +6011,7 @@
         },
         "list": {
           "description": "Retrieves list of available mobile apps.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/mobileApps",
+          "flatPath": "userprofiles/{profileId}/mobileApps",
           "httpMethod": "GET",
           "id": "dfareporting.mobileApps.list",
           "parameterOrder": [
@@ -6083,7 +6083,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/mobileApps",
+          "path": "userprofiles/{profileId}/mobileApps",
           "response": {
             "$ref": "MobileAppsListResponse"
           },
@@ -6097,7 +6097,7 @@
       "methods": {
         "get": {
           "description": "Gets one mobile carrier by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/mobileCarriers/{id}",
+          "flatPath": "userprofiles/{profileId}/mobileCarriers/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.mobileCarriers.get",
           "parameterOrder": [
@@ -6120,7 +6120,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/mobileCarriers/{id}",
+          "path": "userprofiles/{profileId}/mobileCarriers/{id}",
           "response": {
             "$ref": "MobileCarrier"
           },
@@ -6130,7 +6130,7 @@
         },
         "list": {
           "description": "Retrieves a list of mobile carriers.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/mobileCarriers",
+          "flatPath": "userprofiles/{profileId}/mobileCarriers",
           "httpMethod": "GET",
           "id": "dfareporting.mobileCarriers.list",
           "parameterOrder": [
@@ -6145,7 +6145,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/mobileCarriers",
+          "path": "userprofiles/{profileId}/mobileCarriers",
           "response": {
             "$ref": "MobileCarriersListResponse"
           },
@@ -6159,7 +6159,7 @@
       "methods": {
         "get": {
           "description": "Gets one operating system version by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/operatingSystemVersions/{id}",
+          "flatPath": "userprofiles/{profileId}/operatingSystemVersions/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.operatingSystemVersions.get",
           "parameterOrder": [
@@ -6182,7 +6182,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/operatingSystemVersions/{id}",
+          "path": "userprofiles/{profileId}/operatingSystemVersions/{id}",
           "response": {
             "$ref": "OperatingSystemVersion"
           },
@@ -6192,7 +6192,7 @@
         },
         "list": {
           "description": "Retrieves a list of operating system versions.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/operatingSystemVersions",
+          "flatPath": "userprofiles/{profileId}/operatingSystemVersions",
           "httpMethod": "GET",
           "id": "dfareporting.operatingSystemVersions.list",
           "parameterOrder": [
@@ -6207,7 +6207,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/operatingSystemVersions",
+          "path": "userprofiles/{profileId}/operatingSystemVersions",
           "response": {
             "$ref": "OperatingSystemVersionsListResponse"
           },
@@ -6221,7 +6221,7 @@
       "methods": {
         "get": {
           "description": "Gets one operating system by DART ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/operatingSystems/{dartId}",
+          "flatPath": "userprofiles/{profileId}/operatingSystems/{dartId}",
           "httpMethod": "GET",
           "id": "dfareporting.operatingSystems.get",
           "parameterOrder": [
@@ -6244,7 +6244,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/operatingSystems/{dartId}",
+          "path": "userprofiles/{profileId}/operatingSystems/{dartId}",
           "response": {
             "$ref": "OperatingSystem"
           },
@@ -6254,7 +6254,7 @@
         },
         "list": {
           "description": "Retrieves a list of operating systems.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/operatingSystems",
+          "flatPath": "userprofiles/{profileId}/operatingSystems",
           "httpMethod": "GET",
           "id": "dfareporting.operatingSystems.list",
           "parameterOrder": [
@@ -6269,7 +6269,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/operatingSystems",
+          "path": "userprofiles/{profileId}/operatingSystems",
           "response": {
             "$ref": "OperatingSystemsListResponse"
           },
@@ -6283,7 +6283,7 @@
       "methods": {
         "get": {
           "description": "Gets one order document by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/projects/{projectId}/orderDocuments/{id}",
+          "flatPath": "userprofiles/{profileId}/projects/{projectId}/orderDocuments/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.orderDocuments.get",
           "parameterOrder": [
@@ -6314,7 +6314,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/projects/{projectId}/orderDocuments/{id}",
+          "path": "userprofiles/{profileId}/projects/{projectId}/orderDocuments/{id}",
           "response": {
             "$ref": "OrderDocument"
           },
@@ -6324,7 +6324,7 @@
         },
         "list": {
           "description": "Retrieves a list of order documents, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/projects/{projectId}/orderDocuments",
+          "flatPath": "userprofiles/{profileId}/projects/{projectId}/orderDocuments",
           "httpMethod": "GET",
           "id": "dfareporting.orderDocuments.list",
           "parameterOrder": [
@@ -6420,7 +6420,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/projects/{projectId}/orderDocuments",
+          "path": "userprofiles/{profileId}/projects/{projectId}/orderDocuments",
           "response": {
             "$ref": "OrderDocumentsListResponse"
           },
@@ -6434,7 +6434,7 @@
       "methods": {
         "get": {
           "description": "Gets one order by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/projects/{projectId}/orders/{id}",
+          "flatPath": "userprofiles/{profileId}/projects/{projectId}/orders/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.orders.get",
           "parameterOrder": [
@@ -6465,7 +6465,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/projects/{projectId}/orders/{id}",
+          "path": "userprofiles/{profileId}/projects/{projectId}/orders/{id}",
           "response": {
             "$ref": "Order"
           },
@@ -6475,7 +6475,7 @@
         },
         "list": {
           "description": "Retrieves a list of orders, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/projects/{projectId}/orders",
+          "flatPath": "userprofiles/{profileId}/projects/{projectId}/orders",
           "httpMethod": "GET",
           "id": "dfareporting.orders.list",
           "parameterOrder": [
@@ -6559,7 +6559,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/projects/{projectId}/orders",
+          "path": "userprofiles/{profileId}/projects/{projectId}/orders",
           "response": {
             "$ref": "OrdersListResponse"
           },
@@ -6573,7 +6573,7 @@
       "methods": {
         "get": {
           "description": "Gets one placement group by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/placementGroups/{id}",
+          "flatPath": "userprofiles/{profileId}/placementGroups/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.placementGroups.get",
           "parameterOrder": [
@@ -6596,7 +6596,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/placementGroups/{id}",
+          "path": "userprofiles/{profileId}/placementGroups/{id}",
           "response": {
             "$ref": "PlacementGroup"
           },
@@ -6606,7 +6606,7 @@
         },
         "insert": {
           "description": "Inserts a new placement group.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/placementGroups",
+          "flatPath": "userprofiles/{profileId}/placementGroups",
           "httpMethod": "POST",
           "id": "dfareporting.placementGroups.insert",
           "parameterOrder": [
@@ -6621,7 +6621,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/placementGroups",
+          "path": "userprofiles/{profileId}/placementGroups",
           "request": {
             "$ref": "PlacementGroup"
           },
@@ -6634,7 +6634,7 @@
         },
         "list": {
           "description": "Retrieves a list of placement groups, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/placementGroups",
+          "flatPath": "userprofiles/{profileId}/placementGroups",
           "httpMethod": "GET",
           "id": "dfareporting.placementGroups.list",
           "parameterOrder": [
@@ -6820,7 +6820,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/placementGroups",
+          "path": "userprofiles/{profileId}/placementGroups",
           "response": {
             "$ref": "PlacementGroupsListResponse"
           },
@@ -6830,7 +6830,7 @@
         },
         "patch": {
           "description": "Updates an existing placement group. This method supports patch semantics.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/placementGroups",
+          "flatPath": "userprofiles/{profileId}/placementGroups",
           "httpMethod": "PATCH",
           "id": "dfareporting.placementGroups.patch",
           "parameterOrder": [
@@ -6853,7 +6853,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/placementGroups",
+          "path": "userprofiles/{profileId}/placementGroups",
           "request": {
             "$ref": "PlacementGroup"
           },
@@ -6866,7 +6866,7 @@
         },
         "update": {
           "description": "Updates an existing placement group.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/placementGroups",
+          "flatPath": "userprofiles/{profileId}/placementGroups",
           "httpMethod": "PUT",
           "id": "dfareporting.placementGroups.update",
           "parameterOrder": [
@@ -6881,7 +6881,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/placementGroups",
+          "path": "userprofiles/{profileId}/placementGroups",
           "request": {
             "$ref": "PlacementGroup"
           },
@@ -6898,7 +6898,7 @@
       "methods": {
         "delete": {
           "description": "Deletes an existing placement strategy.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/placementStrategies/{id}",
+          "flatPath": "userprofiles/{profileId}/placementStrategies/{id}",
           "httpMethod": "DELETE",
           "id": "dfareporting.placementStrategies.delete",
           "parameterOrder": [
@@ -6921,14 +6921,14 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/placementStrategies/{id}",
+          "path": "userprofiles/{profileId}/placementStrategies/{id}",
           "scopes": [
             "https://www.googleapis.com/auth/dfatrafficking"
           ]
         },
         "get": {
           "description": "Gets one placement strategy by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/placementStrategies/{id}",
+          "flatPath": "userprofiles/{profileId}/placementStrategies/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.placementStrategies.get",
           "parameterOrder": [
@@ -6951,7 +6951,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/placementStrategies/{id}",
+          "path": "userprofiles/{profileId}/placementStrategies/{id}",
           "response": {
             "$ref": "PlacementStrategy"
           },
@@ -6961,7 +6961,7 @@
         },
         "insert": {
           "description": "Inserts a new placement strategy.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/placementStrategies",
+          "flatPath": "userprofiles/{profileId}/placementStrategies",
           "httpMethod": "POST",
           "id": "dfareporting.placementStrategies.insert",
           "parameterOrder": [
@@ -6976,7 +6976,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/placementStrategies",
+          "path": "userprofiles/{profileId}/placementStrategies",
           "request": {
             "$ref": "PlacementStrategy"
           },
@@ -6989,7 +6989,7 @@
         },
         "list": {
           "description": "Retrieves a list of placement strategies, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/placementStrategies",
+          "flatPath": "userprofiles/{profileId}/placementStrategies",
           "httpMethod": "GET",
           "id": "dfareporting.placementStrategies.list",
           "parameterOrder": [
@@ -7058,7 +7058,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/placementStrategies",
+          "path": "userprofiles/{profileId}/placementStrategies",
           "response": {
             "$ref": "PlacementStrategiesListResponse"
           },
@@ -7068,7 +7068,7 @@
         },
         "patch": {
           "description": "Updates an existing placement strategy. This method supports patch semantics.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/placementStrategies",
+          "flatPath": "userprofiles/{profileId}/placementStrategies",
           "httpMethod": "PATCH",
           "id": "dfareporting.placementStrategies.patch",
           "parameterOrder": [
@@ -7091,7 +7091,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/placementStrategies",
+          "path": "userprofiles/{profileId}/placementStrategies",
           "request": {
             "$ref": "PlacementStrategy"
           },
@@ -7104,7 +7104,7 @@
         },
         "update": {
           "description": "Updates an existing placement strategy.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/placementStrategies",
+          "flatPath": "userprofiles/{profileId}/placementStrategies",
           "httpMethod": "PUT",
           "id": "dfareporting.placementStrategies.update",
           "parameterOrder": [
@@ -7119,7 +7119,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/placementStrategies",
+          "path": "userprofiles/{profileId}/placementStrategies",
           "request": {
             "$ref": "PlacementStrategy"
           },
@@ -7136,7 +7136,7 @@
       "methods": {
         "generatetags": {
           "description": "Generates tags for a placement.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/placements/generatetags",
+          "flatPath": "userprofiles/{profileId}/placements/generatetags",
           "httpMethod": "POST",
           "id": "dfareporting.placements.generatetags",
           "parameterOrder": [
@@ -7214,7 +7214,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/placements/generatetags",
+          "path": "userprofiles/{profileId}/placements/generatetags",
           "response": {
             "$ref": "PlacementsGenerateTagsResponse"
           },
@@ -7224,7 +7224,7 @@
         },
         "get": {
           "description": "Gets one placement by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/placements/{id}",
+          "flatPath": "userprofiles/{profileId}/placements/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.placements.get",
           "parameterOrder": [
@@ -7247,7 +7247,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/placements/{id}",
+          "path": "userprofiles/{profileId}/placements/{id}",
           "response": {
             "$ref": "Placement"
           },
@@ -7257,7 +7257,7 @@
         },
         "insert": {
           "description": "Inserts a new placement.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/placements",
+          "flatPath": "userprofiles/{profileId}/placements",
           "httpMethod": "POST",
           "id": "dfareporting.placements.insert",
           "parameterOrder": [
@@ -7272,7 +7272,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/placements",
+          "path": "userprofiles/{profileId}/placements",
           "request": {
             "$ref": "Placement"
           },
@@ -7285,7 +7285,7 @@
         },
         "list": {
           "description": "Retrieves a list of placements, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/placements",
+          "flatPath": "userprofiles/{profileId}/placements",
           "httpMethod": "GET",
           "id": "dfareporting.placements.list",
           "parameterOrder": [
@@ -7507,7 +7507,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/placements",
+          "path": "userprofiles/{profileId}/placements",
           "response": {
             "$ref": "PlacementsListResponse"
           },
@@ -7517,7 +7517,7 @@
         },
         "patch": {
           "description": "Updates an existing placement. This method supports patch semantics.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/placements",
+          "flatPath": "userprofiles/{profileId}/placements",
           "httpMethod": "PATCH",
           "id": "dfareporting.placements.patch",
           "parameterOrder": [
@@ -7540,7 +7540,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/placements",
+          "path": "userprofiles/{profileId}/placements",
           "request": {
             "$ref": "Placement"
           },
@@ -7553,7 +7553,7 @@
         },
         "update": {
           "description": "Updates an existing placement.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/placements",
+          "flatPath": "userprofiles/{profileId}/placements",
           "httpMethod": "PUT",
           "id": "dfareporting.placements.update",
           "parameterOrder": [
@@ -7568,7 +7568,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/placements",
+          "path": "userprofiles/{profileId}/placements",
           "request": {
             "$ref": "Placement"
           },
@@ -7585,7 +7585,7 @@
       "methods": {
         "get": {
           "description": "Gets one platform type by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/platformTypes/{id}",
+          "flatPath": "userprofiles/{profileId}/platformTypes/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.platformTypes.get",
           "parameterOrder": [
@@ -7608,7 +7608,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/platformTypes/{id}",
+          "path": "userprofiles/{profileId}/platformTypes/{id}",
           "response": {
             "$ref": "PlatformType"
           },
@@ -7618,7 +7618,7 @@
         },
         "list": {
           "description": "Retrieves a list of platform types.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/platformTypes",
+          "flatPath": "userprofiles/{profileId}/platformTypes",
           "httpMethod": "GET",
           "id": "dfareporting.platformTypes.list",
           "parameterOrder": [
@@ -7633,7 +7633,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/platformTypes",
+          "path": "userprofiles/{profileId}/platformTypes",
           "response": {
             "$ref": "PlatformTypesListResponse"
           },
@@ -7647,7 +7647,7 @@
       "methods": {
         "get": {
           "description": "Gets one postal code by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/postalCodes/{code}",
+          "flatPath": "userprofiles/{profileId}/postalCodes/{code}",
           "httpMethod": "GET",
           "id": "dfareporting.postalCodes.get",
           "parameterOrder": [
@@ -7669,7 +7669,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/postalCodes/{code}",
+          "path": "userprofiles/{profileId}/postalCodes/{code}",
           "response": {
             "$ref": "PostalCode"
           },
@@ -7679,7 +7679,7 @@
         },
         "list": {
           "description": "Retrieves a list of postal codes.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/postalCodes",
+          "flatPath": "userprofiles/{profileId}/postalCodes",
           "httpMethod": "GET",
           "id": "dfareporting.postalCodes.list",
           "parameterOrder": [
@@ -7694,7 +7694,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/postalCodes",
+          "path": "userprofiles/{profileId}/postalCodes",
           "response": {
             "$ref": "PostalCodesListResponse"
           },
@@ -7708,7 +7708,7 @@
       "methods": {
         "get": {
           "description": "Gets one project by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/projects/{id}",
+          "flatPath": "userprofiles/{profileId}/projects/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.projects.get",
           "parameterOrder": [
@@ -7731,7 +7731,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/projects/{id}",
+          "path": "userprofiles/{profileId}/projects/{id}",
           "response": {
             "$ref": "Project"
           },
@@ -7741,7 +7741,7 @@
         },
         "list": {
           "description": "Retrieves a list of projects, possibly filtered. This method supports paging .",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/projects",
+          "flatPath": "userprofiles/{profileId}/projects",
           "httpMethod": "GET",
           "id": "dfareporting.projects.list",
           "parameterOrder": [
@@ -7817,7 +7817,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/projects",
+          "path": "userprofiles/{profileId}/projects",
           "response": {
             "$ref": "ProjectsListResponse"
           },
@@ -7831,7 +7831,7 @@
       "methods": {
         "list": {
           "description": "Retrieves a list of regions.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/regions",
+          "flatPath": "userprofiles/{profileId}/regions",
           "httpMethod": "GET",
           "id": "dfareporting.regions.list",
           "parameterOrder": [
@@ -7846,7 +7846,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/regions",
+          "path": "userprofiles/{profileId}/regions",
           "response": {
             "$ref": "RegionsListResponse"
           },
@@ -7860,7 +7860,7 @@
       "methods": {
         "get": {
           "description": "Gets one remarketing list share by remarketing list ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/remarketingListShares/{remarketingListId}",
+          "flatPath": "userprofiles/{profileId}/remarketingListShares/{remarketingListId}",
           "httpMethod": "GET",
           "id": "dfareporting.remarketingListShares.get",
           "parameterOrder": [
@@ -7883,7 +7883,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/remarketingListShares/{remarketingListId}",
+          "path": "userprofiles/{profileId}/remarketingListShares/{remarketingListId}",
           "response": {
             "$ref": "RemarketingListShare"
           },
@@ -7893,7 +7893,7 @@
         },
         "patch": {
           "description": "Updates an existing remarketing list share. This method supports patch semantics.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/remarketingListShares",
+          "flatPath": "userprofiles/{profileId}/remarketingListShares",
           "httpMethod": "PATCH",
           "id": "dfareporting.remarketingListShares.patch",
           "parameterOrder": [
@@ -7916,7 +7916,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/remarketingListShares",
+          "path": "userprofiles/{profileId}/remarketingListShares",
           "request": {
             "$ref": "RemarketingListShare"
           },
@@ -7929,7 +7929,7 @@
         },
         "update": {
           "description": "Updates an existing remarketing list share.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/remarketingListShares",
+          "flatPath": "userprofiles/{profileId}/remarketingListShares",
           "httpMethod": "PUT",
           "id": "dfareporting.remarketingListShares.update",
           "parameterOrder": [
@@ -7944,7 +7944,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/remarketingListShares",
+          "path": "userprofiles/{profileId}/remarketingListShares",
           "request": {
             "$ref": "RemarketingListShare"
           },
@@ -7961,7 +7961,7 @@
       "methods": {
         "get": {
           "description": "Gets one remarketing list by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/remarketingLists/{id}",
+          "flatPath": "userprofiles/{profileId}/remarketingLists/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.remarketingLists.get",
           "parameterOrder": [
@@ -7984,7 +7984,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/remarketingLists/{id}",
+          "path": "userprofiles/{profileId}/remarketingLists/{id}",
           "response": {
             "$ref": "RemarketingList"
           },
@@ -7994,7 +7994,7 @@
         },
         "insert": {
           "description": "Inserts a new remarketing list.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/remarketingLists",
+          "flatPath": "userprofiles/{profileId}/remarketingLists",
           "httpMethod": "POST",
           "id": "dfareporting.remarketingLists.insert",
           "parameterOrder": [
@@ -8009,7 +8009,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/remarketingLists",
+          "path": "userprofiles/{profileId}/remarketingLists",
           "request": {
             "$ref": "RemarketingList"
           },
@@ -8022,7 +8022,7 @@
         },
         "list": {
           "description": "Retrieves a list of remarketing lists, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/remarketingLists",
+          "flatPath": "userprofiles/{profileId}/remarketingLists",
           "httpMethod": "GET",
           "id": "dfareporting.remarketingLists.list",
           "parameterOrder": [
@@ -8103,7 +8103,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/remarketingLists",
+          "path": "userprofiles/{profileId}/remarketingLists",
           "response": {
             "$ref": "RemarketingListsListResponse"
           },
@@ -8113,7 +8113,7 @@
         },
         "patch": {
           "description": "Updates an existing remarketing list. This method supports patch semantics.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/remarketingLists",
+          "flatPath": "userprofiles/{profileId}/remarketingLists",
           "httpMethod": "PATCH",
           "id": "dfareporting.remarketingLists.patch",
           "parameterOrder": [
@@ -8136,7 +8136,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/remarketingLists",
+          "path": "userprofiles/{profileId}/remarketingLists",
           "request": {
             "$ref": "RemarketingList"
           },
@@ -8149,7 +8149,7 @@
         },
         "update": {
           "description": "Updates an existing remarketing list.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/remarketingLists",
+          "flatPath": "userprofiles/{profileId}/remarketingLists",
           "httpMethod": "PUT",
           "id": "dfareporting.remarketingLists.update",
           "parameterOrder": [
@@ -8164,7 +8164,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/remarketingLists",
+          "path": "userprofiles/{profileId}/remarketingLists",
           "request": {
             "$ref": "RemarketingList"
           },
@@ -8181,7 +8181,7 @@
       "methods": {
         "delete": {
           "description": "Deletes a report by its ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/reports/{reportId}",
+          "flatPath": "userprofiles/{profileId}/reports/{reportId}",
           "httpMethod": "DELETE",
           "id": "dfareporting.reports.delete",
           "parameterOrder": [
@@ -8204,14 +8204,14 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/reports/{reportId}",
+          "path": "userprofiles/{profileId}/reports/{reportId}",
           "scopes": [
             "https://www.googleapis.com/auth/dfareporting"
           ]
         },
         "get": {
           "description": "Retrieves a report by its ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/reports/{reportId}",
+          "flatPath": "userprofiles/{profileId}/reports/{reportId}",
           "httpMethod": "GET",
           "id": "dfareporting.reports.get",
           "parameterOrder": [
@@ -8234,7 +8234,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/reports/{reportId}",
+          "path": "userprofiles/{profileId}/reports/{reportId}",
           "response": {
             "$ref": "Report"
           },
@@ -8244,7 +8244,7 @@
         },
         "insert": {
           "description": "Creates a report.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/reports",
+          "flatPath": "userprofiles/{profileId}/reports",
           "httpMethod": "POST",
           "id": "dfareporting.reports.insert",
           "parameterOrder": [
@@ -8259,7 +8259,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/reports",
+          "path": "userprofiles/{profileId}/reports",
           "request": {
             "$ref": "Report"
           },
@@ -8272,7 +8272,7 @@
         },
         "list": {
           "description": "Retrieves list of reports.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/reports",
+          "flatPath": "userprofiles/{profileId}/reports",
           "httpMethod": "GET",
           "id": "dfareporting.reports.list",
           "parameterOrder": [
@@ -8345,7 +8345,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/reports",
+          "path": "userprofiles/{profileId}/reports",
           "response": {
             "$ref": "ReportList"
           },
@@ -8355,7 +8355,7 @@
         },
         "patch": {
           "description": "Updates an existing report. This method supports patch semantics.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/reports/{reportId}",
+          "flatPath": "userprofiles/{profileId}/reports/{reportId}",
           "httpMethod": "PATCH",
           "id": "dfareporting.reports.patch",
           "parameterOrder": [
@@ -8378,7 +8378,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/reports/{reportId}",
+          "path": "userprofiles/{profileId}/reports/{reportId}",
           "request": {
             "$ref": "Report"
           },
@@ -8391,7 +8391,7 @@
         },
         "run": {
           "description": "Runs a report.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/reports/{reportId}/run",
+          "flatPath": "userprofiles/{profileId}/reports/{reportId}/run",
           "httpMethod": "POST",
           "id": "dfareporting.reports.run",
           "parameterOrder": [
@@ -8420,7 +8420,7 @@
               "type": "boolean"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/reports/{reportId}/run",
+          "path": "userprofiles/{profileId}/reports/{reportId}/run",
           "response": {
             "$ref": "File"
           },
@@ -8430,7 +8430,7 @@
         },
         "update": {
           "description": "Updates a report.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/reports/{reportId}",
+          "flatPath": "userprofiles/{profileId}/reports/{reportId}",
           "httpMethod": "PUT",
           "id": "dfareporting.reports.update",
           "parameterOrder": [
@@ -8453,7 +8453,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/reports/{reportId}",
+          "path": "userprofiles/{profileId}/reports/{reportId}",
           "request": {
             "$ref": "Report"
           },
@@ -8470,7 +8470,7 @@
           "methods": {
             "query": {
               "description": "Returns the fields that are compatible to be selected in the respective sections of a report criteria, given the fields already selected in the input report and user permissions.",
-              "flatPath": "dfareporting/v4/userprofiles/{profileId}/reports/compatiblefields/query",
+              "flatPath": "userprofiles/{profileId}/reports/compatiblefields/query",
               "httpMethod": "POST",
               "id": "dfareporting.reports.compatibleFields.query",
               "parameterOrder": [
@@ -8485,7 +8485,7 @@
                   "type": "string"
                 }
               },
-              "path": "dfareporting/v4/userprofiles/{profileId}/reports/compatiblefields/query",
+              "path": "userprofiles/{profileId}/reports/compatiblefields/query",
               "request": {
                 "$ref": "Report"
               },
@@ -8502,7 +8502,7 @@
           "methods": {
             "get": {
               "description": "Retrieves a report file by its report ID and file ID. This method supports media download.",
-              "flatPath": "dfareporting/v4/userprofiles/{profileId}/reports/{reportId}/files/{fileId}",
+              "flatPath": "userprofiles/{profileId}/reports/{reportId}/files/{fileId}",
               "httpMethod": "GET",
               "id": "dfareporting.reports.files.get",
               "parameterOrder": [
@@ -8533,7 +8533,7 @@
                   "type": "string"
                 }
               },
-              "path": "dfareporting/v4/userprofiles/{profileId}/reports/{reportId}/files/{fileId}",
+              "path": "userprofiles/{profileId}/reports/{reportId}/files/{fileId}",
               "response": {
                 "$ref": "File"
               },
@@ -8544,7 +8544,7 @@
             },
             "list": {
               "description": "Lists files for a report.",
-              "flatPath": "dfareporting/v4/userprofiles/{profileId}/reports/{reportId}/files",
+              "flatPath": "userprofiles/{profileId}/reports/{reportId}/files",
               "httpMethod": "GET",
               "id": "dfareporting.reports.files.list",
               "parameterOrder": [
@@ -8609,7 +8609,7 @@
                   "type": "string"
                 }
               },
-              "path": "dfareporting/v4/userprofiles/{profileId}/reports/{reportId}/files",
+              "path": "userprofiles/{profileId}/reports/{reportId}/files",
               "response": {
                 "$ref": "FileList"
               },
@@ -8625,7 +8625,7 @@
       "methods": {
         "get": {
           "description": "Gets one site by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/sites/{id}",
+          "flatPath": "userprofiles/{profileId}/sites/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.sites.get",
           "parameterOrder": [
@@ -8648,7 +8648,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/sites/{id}",
+          "path": "userprofiles/{profileId}/sites/{id}",
           "response": {
             "$ref": "Site"
           },
@@ -8658,7 +8658,7 @@
         },
         "insert": {
           "description": "Inserts a new site.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/sites",
+          "flatPath": "userprofiles/{profileId}/sites",
           "httpMethod": "POST",
           "id": "dfareporting.sites.insert",
           "parameterOrder": [
@@ -8673,7 +8673,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/sites",
+          "path": "userprofiles/{profileId}/sites",
           "request": {
             "$ref": "Site"
           },
@@ -8686,7 +8686,7 @@
         },
         "list": {
           "description": "Retrieves a list of sites, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/sites",
+          "flatPath": "userprofiles/{profileId}/sites",
           "httpMethod": "GET",
           "id": "dfareporting.sites.list",
           "parameterOrder": [
@@ -8805,7 +8805,7 @@
               "type": "boolean"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/sites",
+          "path": "userprofiles/{profileId}/sites",
           "response": {
             "$ref": "SitesListResponse"
           },
@@ -8815,7 +8815,7 @@
         },
         "patch": {
           "description": "Updates an existing site. This method supports patch semantics.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/sites",
+          "flatPath": "userprofiles/{profileId}/sites",
           "httpMethod": "PATCH",
           "id": "dfareporting.sites.patch",
           "parameterOrder": [
@@ -8838,7 +8838,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/sites",
+          "path": "userprofiles/{profileId}/sites",
           "request": {
             "$ref": "Site"
           },
@@ -8851,7 +8851,7 @@
         },
         "update": {
           "description": "Updates an existing site.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/sites",
+          "flatPath": "userprofiles/{profileId}/sites",
           "httpMethod": "PUT",
           "id": "dfareporting.sites.update",
           "parameterOrder": [
@@ -8866,7 +8866,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/sites",
+          "path": "userprofiles/{profileId}/sites",
           "request": {
             "$ref": "Site"
           },
@@ -8883,7 +8883,7 @@
       "methods": {
         "get": {
           "description": "Gets one size by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/sizes/{id}",
+          "flatPath": "userprofiles/{profileId}/sizes/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.sizes.get",
           "parameterOrder": [
@@ -8906,7 +8906,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/sizes/{id}",
+          "path": "userprofiles/{profileId}/sizes/{id}",
           "response": {
             "$ref": "Size"
           },
@@ -8916,7 +8916,7 @@
         },
         "insert": {
           "description": "Inserts a new size.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/sizes",
+          "flatPath": "userprofiles/{profileId}/sizes",
           "httpMethod": "POST",
           "id": "dfareporting.sizes.insert",
           "parameterOrder": [
@@ -8931,7 +8931,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/sizes",
+          "path": "userprofiles/{profileId}/sizes",
           "request": {
             "$ref": "Size"
           },
@@ -8944,7 +8944,7 @@
         },
         "list": {
           "description": "Retrieves a list of sizes, possibly filtered. Retrieved sizes are globally unique and may include values not currently in use by your account. Due to this, the list of sizes returned by this method may differ from the list seen in the Trafficking UI.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/sizes",
+          "flatPath": "userprofiles/{profileId}/sizes",
           "httpMethod": "GET",
           "id": "dfareporting.sizes.list",
           "parameterOrder": [
@@ -8987,7 +8987,7 @@
               "type": "integer"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/sizes",
+          "path": "userprofiles/{profileId}/sizes",
           "response": {
             "$ref": "SizesListResponse"
           },
@@ -9001,7 +9001,7 @@
       "methods": {
         "get": {
           "description": "Gets one subaccount by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/subaccounts/{id}",
+          "flatPath": "userprofiles/{profileId}/subaccounts/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.subaccounts.get",
           "parameterOrder": [
@@ -9024,7 +9024,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/subaccounts/{id}",
+          "path": "userprofiles/{profileId}/subaccounts/{id}",
           "response": {
             "$ref": "Subaccount"
           },
@@ -9034,7 +9034,7 @@
         },
         "insert": {
           "description": "Inserts a new subaccount.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/subaccounts",
+          "flatPath": "userprofiles/{profileId}/subaccounts",
           "httpMethod": "POST",
           "id": "dfareporting.subaccounts.insert",
           "parameterOrder": [
@@ -9049,7 +9049,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/subaccounts",
+          "path": "userprofiles/{profileId}/subaccounts",
           "request": {
             "$ref": "Subaccount"
           },
@@ -9062,7 +9062,7 @@
         },
         "list": {
           "description": "Gets a list of subaccounts, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/subaccounts",
+          "flatPath": "userprofiles/{profileId}/subaccounts",
           "httpMethod": "GET",
           "id": "dfareporting.subaccounts.list",
           "parameterOrder": [
@@ -9131,7 +9131,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/subaccounts",
+          "path": "userprofiles/{profileId}/subaccounts",
           "response": {
             "$ref": "SubaccountsListResponse"
           },
@@ -9141,7 +9141,7 @@
         },
         "patch": {
           "description": "Updates an existing subaccount. This method supports patch semantics.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/subaccounts",
+          "flatPath": "userprofiles/{profileId}/subaccounts",
           "httpMethod": "PATCH",
           "id": "dfareporting.subaccounts.patch",
           "parameterOrder": [
@@ -9164,7 +9164,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/subaccounts",
+          "path": "userprofiles/{profileId}/subaccounts",
           "request": {
             "$ref": "Subaccount"
           },
@@ -9177,7 +9177,7 @@
         },
         "update": {
           "description": "Updates an existing subaccount.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/subaccounts",
+          "flatPath": "userprofiles/{profileId}/subaccounts",
           "httpMethod": "PUT",
           "id": "dfareporting.subaccounts.update",
           "parameterOrder": [
@@ -9192,7 +9192,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/subaccounts",
+          "path": "userprofiles/{profileId}/subaccounts",
           "request": {
             "$ref": "Subaccount"
           },
@@ -9209,7 +9209,7 @@
       "methods": {
         "get": {
           "description": "Gets one remarketing list by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/targetableRemarketingLists/{id}",
+          "flatPath": "userprofiles/{profileId}/targetableRemarketingLists/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.targetableRemarketingLists.get",
           "parameterOrder": [
@@ -9232,7 +9232,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/targetableRemarketingLists/{id}",
+          "path": "userprofiles/{profileId}/targetableRemarketingLists/{id}",
           "response": {
             "$ref": "TargetableRemarketingList"
           },
@@ -9242,7 +9242,7 @@
         },
         "list": {
           "description": "Retrieves a list of targetable remarketing lists, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/targetableRemarketingLists",
+          "flatPath": "userprofiles/{profileId}/targetableRemarketingLists",
           "httpMethod": "GET",
           "id": "dfareporting.targetableRemarketingLists.list",
           "parameterOrder": [
@@ -9317,7 +9317,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/targetableRemarketingLists",
+          "path": "userprofiles/{profileId}/targetableRemarketingLists",
           "response": {
             "$ref": "TargetableRemarketingListsListResponse"
           },
@@ -9331,7 +9331,7 @@
       "methods": {
         "get": {
           "description": "Gets one targeting template by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/targetingTemplates/{id}",
+          "flatPath": "userprofiles/{profileId}/targetingTemplates/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.targetingTemplates.get",
           "parameterOrder": [
@@ -9354,7 +9354,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/targetingTemplates/{id}",
+          "path": "userprofiles/{profileId}/targetingTemplates/{id}",
           "response": {
             "$ref": "TargetingTemplate"
           },
@@ -9364,7 +9364,7 @@
         },
         "insert": {
           "description": "Inserts a new targeting template.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/targetingTemplates",
+          "flatPath": "userprofiles/{profileId}/targetingTemplates",
           "httpMethod": "POST",
           "id": "dfareporting.targetingTemplates.insert",
           "parameterOrder": [
@@ -9379,7 +9379,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/targetingTemplates",
+          "path": "userprofiles/{profileId}/targetingTemplates",
           "request": {
             "$ref": "TargetingTemplate"
           },
@@ -9392,7 +9392,7 @@
         },
         "list": {
           "description": "Retrieves a list of targeting templates, optionally filtered. This method supports paging.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/targetingTemplates",
+          "flatPath": "userprofiles/{profileId}/targetingTemplates",
           "httpMethod": "GET",
           "id": "dfareporting.targetingTemplates.list",
           "parameterOrder": [
@@ -9467,7 +9467,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/targetingTemplates",
+          "path": "userprofiles/{profileId}/targetingTemplates",
           "response": {
             "$ref": "TargetingTemplatesListResponse"
           },
@@ -9477,7 +9477,7 @@
         },
         "patch": {
           "description": "Updates an existing targeting template. This method supports patch semantics.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/targetingTemplates",
+          "flatPath": "userprofiles/{profileId}/targetingTemplates",
           "httpMethod": "PATCH",
           "id": "dfareporting.targetingTemplates.patch",
           "parameterOrder": [
@@ -9500,7 +9500,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/targetingTemplates",
+          "path": "userprofiles/{profileId}/targetingTemplates",
           "request": {
             "$ref": "TargetingTemplate"
           },
@@ -9513,7 +9513,7 @@
         },
         "update": {
           "description": "Updates an existing targeting template.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/targetingTemplates",
+          "flatPath": "userprofiles/{profileId}/targetingTemplates",
           "httpMethod": "PUT",
           "id": "dfareporting.targetingTemplates.update",
           "parameterOrder": [
@@ -9528,7 +9528,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/targetingTemplates",
+          "path": "userprofiles/{profileId}/targetingTemplates",
           "request": {
             "$ref": "TargetingTemplate"
           },
@@ -9545,7 +9545,7 @@
       "methods": {
         "get": {
           "description": "Gets one user profile by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}",
+          "flatPath": "userprofiles/{profileId}",
           "httpMethod": "GET",
           "id": "dfareporting.userProfiles.get",
           "parameterOrder": [
@@ -9560,7 +9560,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}",
+          "path": "userprofiles/{profileId}",
           "response": {
             "$ref": "UserProfile"
           },
@@ -9572,12 +9572,12 @@
         },
         "list": {
           "description": "Retrieves list of user profiles for a user.",
-          "flatPath": "dfareporting/v4/userprofiles",
+          "flatPath": "userprofiles",
           "httpMethod": "GET",
           "id": "dfareporting.userProfiles.list",
           "parameterOrder": [],
           "parameters": {},
-          "path": "dfareporting/v4/userprofiles",
+          "path": "userprofiles",
           "response": {
             "$ref": "UserProfileList"
           },
@@ -9593,7 +9593,7 @@
       "methods": {
         "get": {
           "description": "Gets one user role permission group by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/userRolePermissionGroups/{id}",
+          "flatPath": "userprofiles/{profileId}/userRolePermissionGroups/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.userRolePermissionGroups.get",
           "parameterOrder": [
@@ -9616,7 +9616,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/userRolePermissionGroups/{id}",
+          "path": "userprofiles/{profileId}/userRolePermissionGroups/{id}",
           "response": {
             "$ref": "UserRolePermissionGroup"
           },
@@ -9626,7 +9626,7 @@
         },
         "list": {
           "description": "Gets a list of all supported user role permission groups.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/userRolePermissionGroups",
+          "flatPath": "userprofiles/{profileId}/userRolePermissionGroups",
           "httpMethod": "GET",
           "id": "dfareporting.userRolePermissionGroups.list",
           "parameterOrder": [
@@ -9641,7 +9641,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/userRolePermissionGroups",
+          "path": "userprofiles/{profileId}/userRolePermissionGroups",
           "response": {
             "$ref": "UserRolePermissionGroupsListResponse"
           },
@@ -9655,7 +9655,7 @@
       "methods": {
         "get": {
           "description": "Gets one user role permission by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/userRolePermissions/{id}",
+          "flatPath": "userprofiles/{profileId}/userRolePermissions/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.userRolePermissions.get",
           "parameterOrder": [
@@ -9678,7 +9678,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/userRolePermissions/{id}",
+          "path": "userprofiles/{profileId}/userRolePermissions/{id}",
           "response": {
             "$ref": "UserRolePermission"
           },
@@ -9688,7 +9688,7 @@
         },
         "list": {
           "description": "Gets a list of user role permissions, possibly filtered.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/userRolePermissions",
+          "flatPath": "userprofiles/{profileId}/userRolePermissions",
           "httpMethod": "GET",
           "id": "dfareporting.userRolePermissions.list",
           "parameterOrder": [
@@ -9710,7 +9710,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/userRolePermissions",
+          "path": "userprofiles/{profileId}/userRolePermissions",
           "response": {
             "$ref": "UserRolePermissionsListResponse"
           },
@@ -9724,7 +9724,7 @@
       "methods": {
         "delete": {
           "description": "Deletes an existing user role.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/userRoles/{id}",
+          "flatPath": "userprofiles/{profileId}/userRoles/{id}",
           "httpMethod": "DELETE",
           "id": "dfareporting.userRoles.delete",
           "parameterOrder": [
@@ -9747,14 +9747,14 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/userRoles/{id}",
+          "path": "userprofiles/{profileId}/userRoles/{id}",
           "scopes": [
             "https://www.googleapis.com/auth/dfatrafficking"
           ]
         },
         "get": {
           "description": "Gets one user role by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/userRoles/{id}",
+          "flatPath": "userprofiles/{profileId}/userRoles/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.userRoles.get",
           "parameterOrder": [
@@ -9777,7 +9777,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/userRoles/{id}",
+          "path": "userprofiles/{profileId}/userRoles/{id}",
           "response": {
             "$ref": "UserRole"
           },
@@ -9787,7 +9787,7 @@
         },
         "insert": {
           "description": "Inserts a new user role.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/userRoles",
+          "flatPath": "userprofiles/{profileId}/userRoles",
           "httpMethod": "POST",
           "id": "dfareporting.userRoles.insert",
           "parameterOrder": [
@@ -9802,7 +9802,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/userRoles",
+          "path": "userprofiles/{profileId}/userRoles",
           "request": {
             "$ref": "UserRole"
           },
@@ -9815,7 +9815,7 @@
         },
         "list": {
           "description": "Retrieves a list of user roles, possibly filtered. This method supports paging.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/userRoles",
+          "flatPath": "userprofiles/{profileId}/userRoles",
           "httpMethod": "GET",
           "id": "dfareporting.userRoles.list",
           "parameterOrder": [
@@ -9895,7 +9895,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/userRoles",
+          "path": "userprofiles/{profileId}/userRoles",
           "response": {
             "$ref": "UserRolesListResponse"
           },
@@ -9905,7 +9905,7 @@
         },
         "patch": {
           "description": "Updates an existing user role. This method supports patch semantics.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/userRoles",
+          "flatPath": "userprofiles/{profileId}/userRoles",
           "httpMethod": "PATCH",
           "id": "dfareporting.userRoles.patch",
           "parameterOrder": [
@@ -9928,7 +9928,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/userRoles",
+          "path": "userprofiles/{profileId}/userRoles",
           "request": {
             "$ref": "UserRole"
           },
@@ -9941,7 +9941,7 @@
         },
         "update": {
           "description": "Updates an existing user role.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/userRoles",
+          "flatPath": "userprofiles/{profileId}/userRoles",
           "httpMethod": "PUT",
           "id": "dfareporting.userRoles.update",
           "parameterOrder": [
@@ -9956,7 +9956,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/userRoles",
+          "path": "userprofiles/{profileId}/userRoles",
           "request": {
             "$ref": "UserRole"
           },
@@ -9973,7 +9973,7 @@
       "methods": {
         "get": {
           "description": "Gets one video format by ID.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/videoFormats/{id}",
+          "flatPath": "userprofiles/{profileId}/videoFormats/{id}",
           "httpMethod": "GET",
           "id": "dfareporting.videoFormats.get",
           "parameterOrder": [
@@ -9996,7 +9996,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/videoFormats/{id}",
+          "path": "userprofiles/{profileId}/videoFormats/{id}",
           "response": {
             "$ref": "VideoFormat"
           },
@@ -10006,7 +10006,7 @@
         },
         "list": {
           "description": "Lists available video formats.",
-          "flatPath": "dfareporting/v4/userprofiles/{profileId}/videoFormats",
+          "flatPath": "userprofiles/{profileId}/videoFormats",
           "httpMethod": "GET",
           "id": "dfareporting.videoFormats.list",
           "parameterOrder": [
@@ -10021,7 +10021,7 @@
               "type": "string"
             }
           },
-          "path": "dfareporting/v4/userprofiles/{profileId}/videoFormats",
+          "path": "userprofiles/{profileId}/videoFormats",
           "response": {
             "$ref": "VideoFormatsListResponse"
           },
@@ -10032,7 +10032,7 @@
       }
     }
   },
-  "revision": "20220628",
+  "revision": "20220815",
   "rootUrl": "https://dfareporting.googleapis.com/",
   "schemas": {
     "Account": {
@@ -21472,7 +21472,7 @@
       "type": "object"
     }
   },
-  "servicePath": "",
+  "servicePath": "dfareporting/v4/",
   "title": "Campaign Manager 360 API",
   "version": "v4"
 }
\ No newline at end of file
diff --git a/googleapiclient/discovery_cache/documents/dialogflow.v2.json b/googleapiclient/discovery_cache/documents/dialogflow.v2.json
index d1b0e3c98dc..0fee3f59673 100644
--- a/googleapiclient/discovery_cache/documents/dialogflow.v2.json
+++ b/googleapiclient/discovery_cache/documents/dialogflow.v2.json
@@ -8077,7 +8077,7 @@
       }
     }
   },
-  "revision": "20220811",
+  "revision": "20220817",
   "rootUrl": "https://dialogflow.googleapis.com/",
   "schemas": {
     "GoogleCloudDialogflowCxV3AudioInput": {
diff --git a/googleapiclient/discovery_cache/documents/dialogflow.v2beta1.json b/googleapiclient/discovery_cache/documents/dialogflow.v2beta1.json
index f3edf1e6566..ee4f2ca5be8 100644
--- a/googleapiclient/discovery_cache/documents/dialogflow.v2beta1.json
+++ b/googleapiclient/discovery_cache/documents/dialogflow.v2beta1.json
@@ -7441,7 +7441,7 @@
       }
     }
   },
-  "revision": "20220811",
+  "revision": "20220817",
   "rootUrl": "https://dialogflow.googleapis.com/",
   "schemas": {
     "GoogleCloudDialogflowCxV3AudioInput": {
diff --git a/googleapiclient/discovery_cache/documents/dialogflow.v3.json b/googleapiclient/discovery_cache/documents/dialogflow.v3.json
index 1bef80e96f9..d70ed590b4b 100644
--- a/googleapiclient/discovery_cache/documents/dialogflow.v3.json
+++ b/googleapiclient/discovery_cache/documents/dialogflow.v3.json
@@ -3820,7 +3820,7 @@
       }
     }
   },
-  "revision": "20220811",
+  "revision": "20220817",
   "rootUrl": "https://dialogflow.googleapis.com/",
   "schemas": {
     "GoogleCloudDialogflowCxV3AdvancedSettings": {
diff --git a/googleapiclient/discovery_cache/documents/dialogflow.v3beta1.json b/googleapiclient/discovery_cache/documents/dialogflow.v3beta1.json
index 27196d284d5..9e91bc416ce 100644
--- a/googleapiclient/discovery_cache/documents/dialogflow.v3beta1.json
+++ b/googleapiclient/discovery_cache/documents/dialogflow.v3beta1.json
@@ -3820,7 +3820,7 @@
       }
     }
   },
-  "revision": "20220811",
+  "revision": "20220817",
   "rootUrl": "https://dialogflow.googleapis.com/",
   "schemas": {
     "GoogleCloudDialogflowCxV3AudioInput": {
diff --git a/googleapiclient/discovery_cache/documents/digitalassetlinks.v1.json b/googleapiclient/discovery_cache/documents/digitalassetlinks.v1.json
index d5818014470..b8d1e9c2c3b 100644
--- a/googleapiclient/discovery_cache/documents/digitalassetlinks.v1.json
+++ b/googleapiclient/discovery_cache/documents/digitalassetlinks.v1.json
@@ -199,7 +199,7 @@
       }
     }
   },
-  "revision": "20220809",
+  "revision": "20220816",
   "rootUrl": "https://digitalassetlinks.googleapis.com/",
   "schemas": {
     "AndroidAppAsset": {
diff --git a/googleapiclient/discovery_cache/documents/displayvideo.v1.json b/googleapiclient/discovery_cache/documents/displayvideo.v1.json
index 9f558187b24..81a38b1b1bc 100644
--- a/googleapiclient/discovery_cache/documents/displayvideo.v1.json
+++ b/googleapiclient/discovery_cache/documents/displayvideo.v1.json
@@ -1706,7 +1706,7 @@
                   "type": "string"
                 },
                 "insertionOrderId": {
-                  "description": "The ID of the insertion order we need to delete.",
+                  "description": "The ID of the insertion order to delete.",
                   "format": "int64",
                   "location": "path",
                   "pattern": "^[^/]+$",
@@ -2405,7 +2405,7 @@
                   "type": "string"
                 },
                 "lineItemId": {
-                  "description": "The ID of the line item we need to fetch.",
+                  "description": "The ID of the line item to delete.",
                   "format": "int64",
                   "location": "path",
                   "pattern": "^[^/]+$",
@@ -4452,7 +4452,7 @@
                       "type": "string"
                     },
                     "targetingType": {
-                      "description": "Required. Identifies the type of this assigned targeting option. Supported targeting types: * `TARGETING_TYPE_CHANNEL` * `TARGETING_TYPE_DIGITAL_CONTENT_LABEL_EXCLUSION` * `TARGETING_TYPE_OMID` * `TARGETING_TYPE_SENSITIVE_CATEGORY_EXCLUSION`",
+                      "description": "Required. Identifies the type of this assigned targeting option. Supported targeting types: * `TARGETING_TYPE_CHANNEL` * `TARGETING_TYPE_DIGITAL_CONTENT_LABEL_EXCLUSION` * `TARGETING_TYPE_OMID` * `TARGETING_TYPE_SENSITIVE_CATEGORY_EXCLUSION` * `TARGETING_TYPE_YOUTUBE_VIDEO` * `TARGETING_TYPE_YOUTUBE_CHANNEL`",
                       "enum": [
                         "TARGETING_TYPE_UNSPECIFIED",
                         "TARGETING_TYPE_CHANNEL",
@@ -4603,7 +4603,7 @@
                       "type": "string"
                     },
                     "targetingType": {
-                      "description": "Required. Identifies the type of assigned targeting options to list. Supported targeting types: * `TARGETING_TYPE_CHANNEL` * `TARGETING_TYPE_DIGITAL_CONTENT_LABEL_EXCLUSION` * `TARGETING_TYPE_OMID` * `TARGETING_TYPE_SENSITIVE_CATEGORY_EXCLUSION`",
+                      "description": "Required. Identifies the type of assigned targeting options to list. Supported targeting types: * `TARGETING_TYPE_CHANNEL` * `TARGETING_TYPE_DIGITAL_CONTENT_LABEL_EXCLUSION` * `TARGETING_TYPE_OMID` * `TARGETING_TYPE_SENSITIVE_CATEGORY_EXCLUSION` * `TARGETING_TYPE_YOUTUBE_VIDEO` * `TARGETING_TYPE_YOUTUBE_CHANNEL`",
                       "enum": [
                         "TARGETING_TYPE_UNSPECIFIED",
                         "TARGETING_TYPE_CHANNEL",
@@ -8146,7 +8146,7 @@
       }
     }
   },
-  "revision": "20220804",
+  "revision": "20220818",
   "rootUrl": "https://displayvideo.googleapis.com/",
   "schemas": {
     "ActivateManualTriggerRequest": {
@@ -8497,7 +8497,17 @@
             "AGE_RANGE_45_54",
             "AGE_RANGE_55_64",
             "AGE_RANGE_65_PLUS",
-            "AGE_RANGE_UNKNOWN"
+            "AGE_RANGE_UNKNOWN",
+            "AGE_RANGE_18_20",
+            "AGE_RANGE_21_24",
+            "AGE_RANGE_25_29",
+            "AGE_RANGE_30_34",
+            "AGE_RANGE_35_39",
+            "AGE_RANGE_40_44",
+            "AGE_RANGE_45_49",
+            "AGE_RANGE_50_54",
+            "AGE_RANGE_55_59",
+            "AGE_RANGE_60_64"
           ],
           "enumDescriptions": [
             "Default value when age range is not specified in this version. This enum is a placeholder for default value and does not represent a real age range option.",
@@ -8507,7 +8517,17 @@
             "The age range of the audience is 45 to 54.",
             "The age range of the audience is 55 to 64.",
             "The age range of the audience is 65 and up.",
-            "The age range of the audience is unknown."
+            "The age range of the audience is unknown.",
+            "The age range of the audience is 18 to 20, only supported for the AdGroup of YouTube Programmatic Reservation line item.",
+            "The age range of the audience is 21 to 24, only supported for the AdGroup of YouTube Programmatic Reservation line item.",
+            "The age range of the audience is 25 to 29, only supported for the AdGroup of YouTube Programmatic Reservation line item.",
+            "The age range of the audience is 30 to 34, only supported for the AdGroup of YouTube Programmatic Reservation line item.",
+            "The age range of the audience is 35 to 39, only supported for the AdGroup of YouTube Programmatic Reservation line item.",
+            "The age range of the audience is 40 to 44, only supported for the AdGroup of YouTube Programmatic Reservation line item.",
+            "The age range of the audience is 45 to 49, only supported for the AdGroup of YouTube Programmatic Reservation line item.",
+            "The age range of the audience is 50 to 54, only supported for the AdGroup of YouTube Programmatic Reservation line item.",
+            "The age range of the audience is 55 to 59, only supported for the AdGroup of YouTube Programmatic Reservation line item.",
+            "The age range of the audience is 60 to 64, only supported for the AdGroup of YouTube Programmatic Reservation line item."
           ],
           "type": "string"
         },
@@ -8532,7 +8552,17 @@
             "AGE_RANGE_45_54",
             "AGE_RANGE_55_64",
             "AGE_RANGE_65_PLUS",
-            "AGE_RANGE_UNKNOWN"
+            "AGE_RANGE_UNKNOWN",
+            "AGE_RANGE_18_20",
+            "AGE_RANGE_21_24",
+            "AGE_RANGE_25_29",
+            "AGE_RANGE_30_34",
+            "AGE_RANGE_35_39",
+            "AGE_RANGE_40_44",
+            "AGE_RANGE_45_49",
+            "AGE_RANGE_50_54",
+            "AGE_RANGE_55_59",
+            "AGE_RANGE_60_64"
           ],
           "enumDescriptions": [
             "Default value when age range is not specified in this version. This enum is a placeholder for default value and does not represent a real age range option.",
@@ -8542,7 +8572,17 @@
             "The age range of the audience is 45 to 54.",
             "The age range of the audience is 55 to 64.",
             "The age range of the audience is 65 and up.",
-            "The age range of the audience is unknown."
+            "The age range of the audience is unknown.",
+            "The age range of the audience is 18 to 20, only supported for the AdGroup of YouTube Programmatic Reservation line item.",
+            "The age range of the audience is 21 to 24, only supported for the AdGroup of YouTube Programmatic Reservation line item.",
+            "The age range of the audience is 25 to 29, only supported for the AdGroup of YouTube Programmatic Reservation line item.",
+            "The age range of the audience is 30 to 34, only supported for the AdGroup of YouTube Programmatic Reservation line item.",
+            "The age range of the audience is 35 to 39, only supported for the AdGroup of YouTube Programmatic Reservation line item.",
+            "The age range of the audience is 40 to 44, only supported for the AdGroup of YouTube Programmatic Reservation line item.",
+            "The age range of the audience is 45 to 49, only supported for the AdGroup of YouTube Programmatic Reservation line item.",
+            "The age range of the audience is 50 to 54, only supported for the AdGroup of YouTube Programmatic Reservation line item.",
+            "The age range of the audience is 55 to 59, only supported for the AdGroup of YouTube Programmatic Reservation line item.",
+            "The age range of the audience is 60 to 64, only supported for the AdGroup of YouTube Programmatic Reservation line item."
           ],
           "readOnly": true,
           "type": "string"
@@ -12572,9 +12612,12 @@
             "EXCHANGE_WAZE",
             "EXCHANGE_SOUNDCAST",
             "EXCHANGE_SHARETHROUGH",
+            "EXCHANGE_FYBER",
             "EXCHANGE_RED_FOR_PUBLISHERS",
             "EXCHANGE_MEDIANET",
-            "EXCHANGE_TAPJOY"
+            "EXCHANGE_TAPJOY",
+            "EXCHANGE_VISTAR",
+            "EXCHANGE_DAX"
           ],
           "enumDescriptions": [
             "Exchange is not specified or is unknown in this version.",
@@ -12640,9 +12683,12 @@
             "Waze.",
             "SoundCast.",
             "Sharethrough.",
+            "Fyber.",
             "Red For Publishers.",
             "Media.net.",
-            "Tapjoy."
+            "Tapjoy.",
+            "Vistar.",
+            "DAX."
           ],
           "type": "string"
         },
@@ -12734,9 +12780,12 @@
             "EXCHANGE_WAZE",
             "EXCHANGE_SOUNDCAST",
             "EXCHANGE_SHARETHROUGH",
+            "EXCHANGE_FYBER",
             "EXCHANGE_RED_FOR_PUBLISHERS",
             "EXCHANGE_MEDIANET",
-            "EXCHANGE_TAPJOY"
+            "EXCHANGE_TAPJOY",
+            "EXCHANGE_VISTAR",
+            "EXCHANGE_DAX"
           ],
           "enumDescriptions": [
             "Exchange is not specified or is unknown in this version.",
@@ -12802,9 +12851,12 @@
             "Waze.",
             "SoundCast.",
             "Sharethrough.",
+            "Fyber.",
             "Red For Publishers.",
             "Media.net.",
-            "Tapjoy."
+            "Tapjoy.",
+            "Vistar.",
+            "DAX."
           ],
           "type": "string"
         },
@@ -12897,9 +12949,12 @@
             "EXCHANGE_WAZE",
             "EXCHANGE_SOUNDCAST",
             "EXCHANGE_SHARETHROUGH",
+            "EXCHANGE_FYBER",
             "EXCHANGE_RED_FOR_PUBLISHERS",
             "EXCHANGE_MEDIANET",
-            "EXCHANGE_TAPJOY"
+            "EXCHANGE_TAPJOY",
+            "EXCHANGE_VISTAR",
+            "EXCHANGE_DAX"
           ],
           "enumDescriptions": [
             "Exchange is not specified or is unknown in this version.",
@@ -12965,9 +13020,12 @@
             "Waze.",
             "SoundCast.",
             "Sharethrough.",
+            "Fyber.",
             "Red For Publishers.",
             "Media.net.",
-            "Tapjoy."
+            "Tapjoy.",
+            "Vistar.",
+            "DAX."
           ],
           "readOnly": true,
           "type": "string"
@@ -13801,9 +13859,12 @@
             "EXCHANGE_WAZE",
             "EXCHANGE_SOUNDCAST",
             "EXCHANGE_SHARETHROUGH",
+            "EXCHANGE_FYBER",
             "EXCHANGE_RED_FOR_PUBLISHERS",
             "EXCHANGE_MEDIANET",
-            "EXCHANGE_TAPJOY"
+            "EXCHANGE_TAPJOY",
+            "EXCHANGE_VISTAR",
+            "EXCHANGE_DAX"
           ],
           "enumDescriptions": [
             "Exchange is not specified or is unknown in this version.",
@@ -13869,9 +13930,12 @@
             "Waze.",
             "SoundCast.",
             "Sharethrough.",
+            "Fyber.",
             "Red For Publishers.",
             "Media.net.",
-            "Tapjoy."
+            "Tapjoy.",
+            "Vistar.",
+            "DAX."
           ],
           "type": "string"
         },
@@ -14636,9 +14700,12 @@
             "EXCHANGE_WAZE",
             "EXCHANGE_SOUNDCAST",
             "EXCHANGE_SHARETHROUGH",
+            "EXCHANGE_FYBER",
             "EXCHANGE_RED_FOR_PUBLISHERS",
             "EXCHANGE_MEDIANET",
-            "EXCHANGE_TAPJOY"
+            "EXCHANGE_TAPJOY",
+            "EXCHANGE_VISTAR",
+            "EXCHANGE_DAX"
           ],
           "enumDescriptions": [
             "Exchange is not specified or is unknown in this version.",
@@ -14704,9 +14771,12 @@
             "Waze.",
             "SoundCast.",
             "Sharethrough.",
+            "Fyber.",
             "Red For Publishers.",
             "Media.net.",
-            "Tapjoy."
+            "Tapjoy.",
+            "Vistar.",
+            "DAX."
           ],
           "type": "string"
         },
diff --git a/googleapiclient/discovery_cache/documents/dlp.v2.json b/googleapiclient/discovery_cache/documents/dlp.v2.json
index b048dd71c51..87f5cad511f 100644
--- a/googleapiclient/discovery_cache/documents/dlp.v2.json
+++ b/googleapiclient/discovery_cache/documents/dlp.v2.json
@@ -1178,7 +1178,7 @@
                       "type": "string"
                     },
                     "parent": {
-                      "description": "Required. Parent resource name. The format of this value varies depending on the scope of the request (project or organization) and whether you have [specified a processing location](https://cloud.google.com/dlp/docs/specifying-location): + Projects scope, location specified: `projects/`PROJECT_ID`/locations/`LOCATION_ID + Projects scope, no location specified (defaults to global): `projects/`PROJECT_ID + Organizations scope, location specified: `organizations/`ORG_ID`/locations/`LOCATION_ID + Organizations scope, no location specified (defaults to global): `organizations/`ORG_ID The following example `parent` string specifies a parent project with the identifier `example-project`, and specifies the `europe-west3` location for processing data: parent=projects/example-project/locations/europe-west3",
+                      "description": "Required. Parent resource name. The format of this value varies depending on the scope of the request (project or organization) and whether you have [specified a processing location](https://cloud.google.com/dlp/docs/specifying-location): + Projects scope, location specified: `projects/`PROJECT_ID`/locations/`LOCATION_ID + Projects scope, no location specified (defaults to global): `projects/`PROJECT_ID The following example `parent` string specifies a parent project with the identifier `example-project`, and specifies the `europe-west3` location for processing data: parent=projects/example-project/locations/europe-west3",
                       "location": "path",
                       "pattern": "^organizations/[^/]+/locations/[^/]+$",
                       "required": true,
@@ -1336,7 +1336,7 @@
                   "type": "string"
                 },
                 "parent": {
-                  "description": "Required. Parent resource name. The format of this value varies depending on the scope of the request (project or organization) and whether you have [specified a processing location](https://cloud.google.com/dlp/docs/specifying-location): + Projects scope, location specified: `projects/`PROJECT_ID`/locations/`LOCATION_ID + Projects scope, no location specified (defaults to global): `projects/`PROJECT_ID + Organizations scope, location specified: `organizations/`ORG_ID`/locations/`LOCATION_ID + Organizations scope, no location specified (defaults to global): `organizations/`ORG_ID The following example `parent` string specifies a parent project with the identifier `example-project`, and specifies the `europe-west3` location for processing data: parent=projects/example-project/locations/europe-west3",
+                  "description": "Required. Parent resource name. The format of this value varies depending on the scope of the request (project or organization) and whether you have [specified a processing location](https://cloud.google.com/dlp/docs/specifying-location): + Projects scope, location specified: `projects/`PROJECT_ID`/locations/`LOCATION_ID + Projects scope, no location specified (defaults to global): `projects/`PROJECT_ID The following example `parent` string specifies a parent project with the identifier `example-project`, and specifies the `europe-west3` location for processing data: parent=projects/example-project/locations/europe-west3",
                   "location": "path",
                   "pattern": "^organizations/[^/]+$",
                   "required": true,
@@ -3206,7 +3206,7 @@
                       "type": "string"
                     },
                     "parent": {
-                      "description": "Required. Parent resource name. The format of this value varies depending on the scope of the request (project or organization) and whether you have [specified a processing location](https://cloud.google.com/dlp/docs/specifying-location): + Projects scope, location specified: `projects/`PROJECT_ID`/locations/`LOCATION_ID + Projects scope, no location specified (defaults to global): `projects/`PROJECT_ID + Organizations scope, location specified: `organizations/`ORG_ID`/locations/`LOCATION_ID + Organizations scope, no location specified (defaults to global): `organizations/`ORG_ID The following example `parent` string specifies a parent project with the identifier `example-project`, and specifies the `europe-west3` location for processing data: parent=projects/example-project/locations/europe-west3",
+                      "description": "Required. Parent resource name. The format of this value varies depending on the scope of the request (project or organization) and whether you have [specified a processing location](https://cloud.google.com/dlp/docs/specifying-location): + Projects scope, location specified: `projects/`PROJECT_ID`/locations/`LOCATION_ID + Projects scope, no location specified (defaults to global): `projects/`PROJECT_ID The following example `parent` string specifies a parent project with the identifier `example-project`, and specifies the `europe-west3` location for processing data: parent=projects/example-project/locations/europe-west3",
                       "location": "path",
                       "pattern": "^projects/[^/]+/locations/[^/]+$",
                       "required": true,
@@ -3364,7 +3364,7 @@
                   "type": "string"
                 },
                 "parent": {
-                  "description": "Required. Parent resource name. The format of this value varies depending on the scope of the request (project or organization) and whether you have [specified a processing location](https://cloud.google.com/dlp/docs/specifying-location): + Projects scope, location specified: `projects/`PROJECT_ID`/locations/`LOCATION_ID + Projects scope, no location specified (defaults to global): `projects/`PROJECT_ID + Organizations scope, location specified: `organizations/`ORG_ID`/locations/`LOCATION_ID + Organizations scope, no location specified (defaults to global): `organizations/`ORG_ID The following example `parent` string specifies a parent project with the identifier `example-project`, and specifies the `europe-west3` location for processing data: parent=projects/example-project/locations/europe-west3",
+                  "description": "Required. Parent resource name. The format of this value varies depending on the scope of the request (project or organization) and whether you have [specified a processing location](https://cloud.google.com/dlp/docs/specifying-location): + Projects scope, location specified: `projects/`PROJECT_ID`/locations/`LOCATION_ID + Projects scope, no location specified (defaults to global): `projects/`PROJECT_ID The following example `parent` string specifies a parent project with the identifier `example-project`, and specifies the `europe-west3` location for processing data: parent=projects/example-project/locations/europe-west3",
                   "location": "path",
                   "pattern": "^projects/[^/]+$",
                   "required": true,
@@ -3412,7 +3412,7 @@
       }
     }
   },
-  "revision": "20220806",
+  "revision": "20220812",
   "rootUrl": "https://dlp.googleapis.com/",
   "schemas": {
     "GooglePrivacyDlpV2Action": {
@@ -3421,7 +3421,7 @@
       "properties": {
         "deidentify": {
           "$ref": "GooglePrivacyDlpV2Deidentify",
-          "description": "Create a de-identified copy of the input data. Applicable for non-image data only. The de-identified copy is in the same location as the original data."
+          "description": "Create a de-identified copy of the input data."
         },
         "jobNotificationEmails": {
           "$ref": "GooglePrivacyDlpV2JobNotificationEmails",
@@ -3456,6 +3456,18 @@
       "properties": {},
       "type": "object"
     },
+    "GooglePrivacyDlpV2AllInfoTypes": {
+      "description": "Apply transformation to all findings.",
+      "id": "GooglePrivacyDlpV2AllInfoTypes",
+      "properties": {},
+      "type": "object"
+    },
+    "GooglePrivacyDlpV2AllText": {
+      "description": "Apply to all text.",
+      "id": "GooglePrivacyDlpV2AllText",
+      "properties": {},
+      "type": "object"
+    },
     "GooglePrivacyDlpV2AnalyzeDataSourceRiskDetails": {
       "description": "Result of a risk analysis operation request.",
       "id": "GooglePrivacyDlpV2AnalyzeDataSourceRiskDetails",
@@ -4636,11 +4648,11 @@
       "type": "object"
     },
     "GooglePrivacyDlpV2Deidentify": {
-      "description": "Create a de-identified copy of the requested table or files. . A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect",
+      "description": "Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect",
       "id": "GooglePrivacyDlpV2Deidentify",
       "properties": {
         "cloudStorageOutput": {
-          "description": "Required. User settable GCS bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output GCS bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket",
+          "description": "Required. User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket",
           "type": "string"
         },
         "fileTypesToTransform": {
@@ -4691,6 +4703,10 @@
       "description": "The configuration that controls how the data will change.",
       "id": "GooglePrivacyDlpV2DeidentifyConfig",
       "properties": {
+        "imageTransformations": {
+          "$ref": "GooglePrivacyDlpV2ImageTransformations",
+          "description": "Treat the dataset as an image and redact."
+        },
         "infoTypeTransformations": {
           "$ref": "GooglePrivacyDlpV2InfoTypeTransformations",
           "description": "Treat the dataset as free-form text and apply the same free text transformation everywhere."
@@ -5472,6 +5488,42 @@
       },
       "type": "object"
     },
+    "GooglePrivacyDlpV2ImageTransformation": {
+      "description": "Configuration for determining how redaction of images should occur.",
+      "id": "GooglePrivacyDlpV2ImageTransformation",
+      "properties": {
+        "allInfoTypes": {
+          "$ref": "GooglePrivacyDlpV2AllInfoTypes",
+          "description": "Apply transformation to all findings not specified in other ImageTransformation's selected_info_types. Only one instance is allowed within the ImageTransformations message."
+        },
+        "allText": {
+          "$ref": "GooglePrivacyDlpV2AllText",
+          "description": "Apply transformation to all text that doesn't match an infoType. Only one instance is allowed within the ImageTransformations message."
+        },
+        "redactionColor": {
+          "$ref": "GooglePrivacyDlpV2Color",
+          "description": "The color to use when redacting content from an image. If not specified, the default is black."
+        },
+        "selectedInfoTypes": {
+          "$ref": "GooglePrivacyDlpV2SelectedInfoTypes",
+          "description": "Apply transformation to the selected info_types."
+        }
+      },
+      "type": "object"
+    },
+    "GooglePrivacyDlpV2ImageTransformations": {
+      "description": "A type of transformation that is applied over images.",
+      "id": "GooglePrivacyDlpV2ImageTransformations",
+      "properties": {
+        "transforms": {
+          "items": {
+            "$ref": "GooglePrivacyDlpV2ImageTransformation"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
     "GooglePrivacyDlpV2InfoType": {
       "description": "Type of information detected by the API.",
       "id": "GooglePrivacyDlpV2InfoType",
@@ -5997,7 +6049,7 @@
       "type": "object"
     },
     "GooglePrivacyDlpV2JobNotificationEmails": {
-      "description": "Enable email notification to project owners and editors on jobs's completion/failure.",
+      "description": "Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts).",
       "id": "GooglePrivacyDlpV2JobNotificationEmails",
       "properties": {},
       "type": "object"
@@ -7135,6 +7187,25 @@
       },
       "type": "object"
     },
+    "GooglePrivacyDlpV2RecordTransformation": {
+      "id": "GooglePrivacyDlpV2RecordTransformation",
+      "properties": {
+        "containerTimestamp": {
+          "description": "Findings container modification timestamp, if applicable.",
+          "format": "google-datetime",
+          "type": "string"
+        },
+        "containerVersion": {
+          "description": "Container version, if available (\"generation\" for Cloud Storage).",
+          "type": "string"
+        },
+        "fieldId": {
+          "$ref": "GooglePrivacyDlpV2FieldId",
+          "description": "For record transformations, provide a field."
+        }
+      },
+      "type": "object"
+    },
     "GooglePrivacyDlpV2RecordTransformations": {
       "description": "A type of transformation that is applied over structured data such as a table.",
       "id": "GooglePrivacyDlpV2RecordTransformations",
@@ -7418,6 +7489,20 @@
       },
       "type": "object"
     },
+    "GooglePrivacyDlpV2SelectedInfoTypes": {
+      "description": "Apply transformation to the selected info_types.",
+      "id": "GooglePrivacyDlpV2SelectedInfoTypes",
+      "properties": {
+        "infoTypes": {
+          "description": "Required. InfoTypes to apply the transformation to. Required. Provided InfoType must be unique within the ImageTransformations message.",
+          "items": {
+            "$ref": "GooglePrivacyDlpV2InfoType"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
     "GooglePrivacyDlpV2SensitivityScore": {
       "description": "Score is a summary of all elements in the data profile. A higher number means more sensitive.",
       "id": "GooglePrivacyDlpV2SensitivityScore",
@@ -7971,6 +8056,98 @@
       },
       "type": "object"
     },
+    "GooglePrivacyDlpV2TransformationDescription": {
+      "description": "A flattened description of a `PrimitiveTransformation` or `RecordSuppression`.",
+      "id": "GooglePrivacyDlpV2TransformationDescription",
+      "properties": {
+        "condition": {
+          "description": "A human-readable string representation of the `RecordCondition` corresponding to this transformation. Set if a `RecordCondition` was used to determine whether or not to apply this transformation. Examples: * (age_field > 85) * (age_field <= 18) * (zip_field exists) * (zip_field == 01234) && (city_field != \"Springville\") * (zip_field == 01234) && (age_field <= 18) && (city_field exists)",
+          "type": "string"
+        },
+        "description": {
+          "description": "A description of the transformation. This is empty for a RECORD_SUPPRESSION, or is the output of calling toString() on the `PrimitiveTransformation` protocol buffer message for any other type of transformation.",
+          "type": "string"
+        },
+        "infoType": {
+          "$ref": "GooglePrivacyDlpV2InfoType",
+          "description": "Set if the transformation was limited to a specific `InfoType`."
+        },
+        "type": {
+          "description": "The transformation type.",
+          "enum": [
+            "TRANSFORMATION_TYPE_UNSPECIFIED",
+            "RECORD_SUPPRESSION",
+            "REPLACE_VALUE",
+            "REPLACE_DICTIONARY",
+            "REDACT",
+            "CHARACTER_MASK",
+            "CRYPTO_REPLACE_FFX_FPE",
+            "FIXED_SIZE_BUCKETING",
+            "BUCKETING",
+            "REPLACE_WITH_INFO_TYPE",
+            "TIME_PART",
+            "CRYPTO_HASH",
+            "DATE_SHIFT",
+            "CRYPTO_DETERMINISTIC_CONFIG",
+            "REDACT_IMAGE"
+          ],
+          "enumDescriptions": [
+            "Unused",
+            "Record suppression",
+            "Replace value",
+            "Replace value using a dictionary.",
+            "Redact",
+            "Character mask",
+            "FFX-FPE",
+            "Fixed size bucketing",
+            "Bucketing",
+            "Replace with info type",
+            "Time part",
+            "Crypto hash",
+            "Date shift",
+            "Deterministic crypto",
+            "Redact image"
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GooglePrivacyDlpV2TransformationDetails": {
+      "description": "Details about a single transformation. This object contains a description of the transformation, information about whether the transformation was successfully applied, and the precise location where the transformation occurred. These details are stored in a user-specified BigQuery table.",
+      "id": "GooglePrivacyDlpV2TransformationDetails",
+      "properties": {
+        "containerName": {
+          "description": "The top level name of the container where the transformation is located (this will be the source file name or table name).",
+          "type": "string"
+        },
+        "resourceName": {
+          "description": "The name of the job that completed the transformation.",
+          "type": "string"
+        },
+        "statusDetails": {
+          "$ref": "GooglePrivacyDlpV2TransformationResultStatus",
+          "description": "Status of the transformation, if transformation was not successful, this will specify what caused it to fail, otherwise it will show that the transformation was successful."
+        },
+        "transformation": {
+          "description": "Description of transformation. This would only contain more than one element if there were multiple matching transformations and which one to apply was ambiguous. Not set for states that contain no transformation, currently only state that contains no transformation is TransformationResultStateType.METADATA_UNRETRIEVABLE.",
+          "items": {
+            "$ref": "GooglePrivacyDlpV2TransformationDescription"
+          },
+          "type": "array"
+        },
+        "transformationLocation": {
+          "$ref": "GooglePrivacyDlpV2TransformationLocation",
+          "description": "The precise location of the transformed content in the original container."
+        },
+        "transformedBytes": {
+          "description": "The number of bytes that were transformed. If transformation was unsuccessful or did not take place because there was no content to transform, this will be zero.",
+          "format": "int64",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
     "GooglePrivacyDlpV2TransformationDetailsStorageConfig": {
       "description": "Config for storing transformation details.",
       "id": "GooglePrivacyDlpV2TransformationDetailsStorageConfig",
@@ -7997,6 +8174,37 @@
       },
       "type": "object"
     },
+    "GooglePrivacyDlpV2TransformationLocation": {
+      "description": "Specifies the location of a transformation.",
+      "id": "GooglePrivacyDlpV2TransformationLocation",
+      "properties": {
+        "containerType": {
+          "description": "Information about the functionality of the container where this finding occurred, if available.",
+          "enum": [
+            "TRANSFORM_UNKNOWN_CONTAINER",
+            "TRANSFORM_BODY",
+            "TRANSFORM_METADATA",
+            "TRANSFORM_TABLE"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "findingId": {
+          "description": "For infotype transformations, link to the corresponding findings ID so that location information does not need to be duplicated. Each findings ID correlates to an entry in the findings output table, this table only gets created when users specify to save findings (add the save findings action to the request).",
+          "type": "string"
+        },
+        "recordTransformation": {
+          "$ref": "GooglePrivacyDlpV2RecordTransformation",
+          "description": "For record transformations, provide a field and container information."
+        }
+      },
+      "type": "object"
+    },
     "GooglePrivacyDlpV2TransformationOverview": {
       "description": "Overview of the modifications that occurred.",
       "id": "GooglePrivacyDlpV2TransformationOverview",
@@ -8016,6 +8224,34 @@
       },
       "type": "object"
     },
+    "GooglePrivacyDlpV2TransformationResultStatus": {
+      "id": "GooglePrivacyDlpV2TransformationResultStatus",
+      "properties": {
+        "details": {
+          "$ref": "GoogleRpcStatus",
+          "description": "Detailed error codes and messages"
+        },
+        "resultStatusType": {
+          "description": "Transformation result status type, this will be either SUCCESS, or it will be the reason for why the transformation was not completely successful.",
+          "enum": [
+            "STATE_TYPE_UNSPECIFIED",
+            "INVALID_TRANSFORM",
+            "BIGQUERY_MAX_ROW_SIZE_EXCEEDED",
+            "METADATA_UNRETRIEVABLE",
+            "SUCCESS"
+          ],
+          "enumDescriptions": [
+            "",
+            "This will be set when a finding could not be transformed (i.e. outside user set bucket range).",
+            "This will be set when a BigQuery transformation was successful but could not be stored back in BigQuery because the transformed row exceeds BigQuery's max row size.",
+            "This will be set when there is a finding in the custom metadata of a file, but at the write time of the transformed file, this key / value pair is unretrievable.",
+            "This will be set when the transformation and storing of it is successful."
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
     "GooglePrivacyDlpV2TransformationSummary": {
       "description": "Summary of a single transformation. Only one of 'transformation', 'field_transformation', or 'record_suppress' will be set.",
       "id": "GooglePrivacyDlpV2TransformationSummary",
diff --git a/googleapiclient/discovery_cache/documents/dns.v1.json b/googleapiclient/discovery_cache/documents/dns.v1.json
index dd95433ac99..4727be678f6 100644
--- a/googleapiclient/discovery_cache/documents/dns.v1.json
+++ b/googleapiclient/discovery_cache/documents/dns.v1.json
@@ -1824,7 +1824,7 @@
       }
     }
   },
-  "revision": "20220804",
+  "revision": "20220817",
   "rootUrl": "https://dns.googleapis.com/",
   "schemas": {
     "Change": {
diff --git a/googleapiclient/discovery_cache/documents/dns.v1beta2.json b/googleapiclient/discovery_cache/documents/dns.v1beta2.json
index a7f6d364455..71ba76d1dd9 100644
--- a/googleapiclient/discovery_cache/documents/dns.v1beta2.json
+++ b/googleapiclient/discovery_cache/documents/dns.v1beta2.json
@@ -1821,7 +1821,7 @@
       }
     }
   },
-  "revision": "20220804",
+  "revision": "20220817",
   "rootUrl": "https://dns.googleapis.com/",
   "schemas": {
     "Change": {
diff --git a/googleapiclient/discovery_cache/documents/docs.v1.json b/googleapiclient/discovery_cache/documents/docs.v1.json
index 8c05241a828..fb06659ff7f 100644
--- a/googleapiclient/discovery_cache/documents/docs.v1.json
+++ b/googleapiclient/discovery_cache/documents/docs.v1.json
@@ -216,7 +216,7 @@
       }
     }
   },
-  "revision": "20220802",
+  "revision": "20220816",
   "rootUrl": "https://docs.googleapis.com/",
   "schemas": {
     "AutoText": {
diff --git a/googleapiclient/discovery_cache/documents/documentai.v1.json b/googleapiclient/discovery_cache/documents/documentai.v1.json
index b1b89ba10df..e6f1df1355e 100644
--- a/googleapiclient/discovery_cache/documents/documentai.v1.json
+++ b/googleapiclient/discovery_cache/documents/documentai.v1.json
@@ -1069,7 +1069,7 @@
       }
     }
   },
-  "revision": "20220808",
+  "revision": "20220815",
   "rootUrl": "https://documentai.googleapis.com/",
   "schemas": {
     "GoogleCloudDocumentaiUiv1beta3BatchDeleteDocumentsMetadata": {
@@ -1085,6 +1085,11 @@
             "$ref": "GoogleCloudDocumentaiUiv1beta3BatchDeleteDocumentsMetadataIndividualBatchDeleteStatus"
           },
           "type": "array"
+        },
+        "totalDocumentCount": {
+          "description": "Total number of documents deleting from dataset.",
+          "format": "int32",
+          "type": "integer"
         }
       },
       "type": "object"
@@ -1099,7 +1104,7 @@
         },
         "status": {
           "$ref": "GoogleRpcStatus",
-          "description": "The status of deleting the document."
+          "description": "The status of deleting the document in storage."
         }
       },
       "type": "object"
@@ -1412,6 +1417,13 @@
           "$ref": "GoogleCloudDocumentaiUiv1beta3CommonOperationMetadata",
           "description": "The basic metadata of the long running operation."
         },
+        "importConfigValidationResults": {
+          "description": "Validation statuses of the batch documents import config.",
+          "items": {
+            "$ref": "GoogleCloudDocumentaiUiv1beta3ImportDocumentsMetadataImportConfigValidationResult"
+          },
+          "type": "array"
+        },
         "individualImportStatuses": {
           "description": "The list of response details of each document.",
           "items": {
@@ -1427,6 +1439,21 @@
       },
       "type": "object"
     },
+    "GoogleCloudDocumentaiUiv1beta3ImportDocumentsMetadataImportConfigValidationResult": {
+      "description": "The validation status of each import config. Status is ok if the configuration is valid and the specified documents are valid for importing. Otherwise status will be set as errors.",
+      "id": "GoogleCloudDocumentaiUiv1beta3ImportDocumentsMetadataImportConfigValidationResult",
+      "properties": {
+        "inputGcsSource": {
+          "description": "The source Cloud Storage URI specified in the import config.",
+          "type": "string"
+        },
+        "status": {
+          "$ref": "GoogleRpcStatus",
+          "description": "The validation status of import config."
+        }
+      },
+      "type": "object"
+    },
     "GoogleCloudDocumentaiUiv1beta3ImportDocumentsMetadataIndividualImportStatus": {
       "description": "The status of each individual document in the import process.",
       "id": "GoogleCloudDocumentaiUiv1beta3ImportDocumentsMetadataIndividualImportStatus",
@@ -1460,6 +1487,20 @@
           "$ref": "GoogleCloudDocumentaiUiv1beta3CommonOperationMetadata",
           "description": "The basic metadata of the long running operation."
         },
+        "datasetResyncStatuses": {
+          "description": "The list of dataset resync statuses. Not checked when `dataset_documents` is specified in ResyncRequest.",
+          "items": {
+            "$ref": "GoogleCloudDocumentaiUiv1beta3ResyncDatasetMetadataDatasetResyncStatus"
+          },
+          "type": "array"
+        },
+        "individualDocumentResyncStatuses": {
+          "description": "The list of document resync statuses. The same document could have multiple `individual_document_resync_statuses` if it has multiple inconsistencies.",
+          "items": {
+            "$ref": "GoogleCloudDocumentaiUiv1beta3ResyncDatasetMetadataIndividualDocumentResyncStatus"
+          },
+          "type": "array"
+        },
         "newlyAddedDocuments": {
           "description": "Returns the newly added document Cloud Storage prefix if the documents are founded in Cloud Storage while not in Document Service storage.",
           "items": {
@@ -1470,6 +1511,60 @@
       },
       "type": "object"
     },
+    "GoogleCloudDocumentaiUiv1beta3ResyncDatasetMetadataDatasetResyncStatus": {
+      "description": "Resync status against inconsistency types on the dataset level.",
+      "id": "GoogleCloudDocumentaiUiv1beta3ResyncDatasetMetadataDatasetResyncStatus",
+      "properties": {
+        "datasetInconsistencyType": {
+          "description": "The type of the inconsistency of the dataset.",
+          "enum": [
+            "DATASET_INCONSISTENCY_TYPE_UNSPECIFIED",
+            "DATASET_INCONSISTENCY_TYPE_NO_STORAGE_MARKER"
+          ],
+          "enumDescriptions": [
+            "Default value.",
+            "The marker file under the dataset folder is not found."
+          ],
+          "type": "string"
+        },
+        "status": {
+          "$ref": "GoogleRpcStatus",
+          "description": "The status of resyncing the dataset with regards to the detected inconsistency. Empty if `validate_only` is true in the request."
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudDocumentaiUiv1beta3ResyncDatasetMetadataIndividualDocumentResyncStatus": {
+      "description": "Resync status for each document per inconsistency type.",
+      "id": "GoogleCloudDocumentaiUiv1beta3ResyncDatasetMetadataIndividualDocumentResyncStatus",
+      "properties": {
+        "documentId": {
+          "$ref": "GoogleCloudDocumentaiUiv1beta3DocumentId",
+          "description": "The document identifier."
+        },
+        "documentInconsistencyType": {
+          "description": "The type of document inconsistency.",
+          "enum": [
+            "DOCUMENT_INCONSISTENCY_TYPE_UNSPECIFIED",
+            "DOCUMENT_INCONSISTENCY_TYPE_INVALID_DOCPROTO",
+            "DOCUMENT_INCONSISTENCY_TYPE_MISMATCHED_METADATA",
+            "DOCUMENT_INCONSISTENCY_TYPE_NO_PAGE_IMAGE"
+          ],
+          "enumDescriptions": [
+            "Default value.",
+            "The document proto is invalid.",
+            "Indexed docproto metadata is mismatched.",
+            "The page image or thumbnails are missing."
+          ],
+          "type": "string"
+        },
+        "status": {
+          "$ref": "GoogleRpcStatus",
+          "description": "The status of resyncing the document with regards to the detected inconsistency. Empty if `validate_only` is true in the request."
+        }
+      },
+      "type": "object"
+    },
     "GoogleCloudDocumentaiUiv1beta3ResyncDatasetMetadataUpdatedDocument": {
       "description": "The proto for updated document in resync pipeline.",
       "id": "GoogleCloudDocumentaiUiv1beta3ResyncDatasetMetadataUpdatedDocument",
@@ -2012,10 +2107,6 @@
           "description": "Optional. Text value in the document e.g. `1600 Amphitheatre Pkwy`. If the entity is not present in the document, this field will be empty.",
           "type": "string"
         },
-        "nonPresent": {
-          "description": "Optional. This attribute indicates that the processing didn't actually identify this entity, but a confidence score was assigned that represent the potential that this could be a false negative. A non-present entity should have an empty mention_text and text_anchor.",
-          "type": "boolean"
-        },
         "normalizedValue": {
           "$ref": "GoogleCloudDocumentaiV1DocumentEntityNormalizedValue",
           "description": "Optional. Normalized entity value. Absent if the extracted value could not be converted or the type (e.g. address) is not supported for certain parsers. This field is also only populated for certain supported document types."
@@ -2889,7 +2980,7 @@
           "description": "If specified, lists all the possible values for this entity. This should not be more than a handful of values. If the number of values is >10 or could change frequently use the `EntityType.value_ontology` field and specify a list of all possible values in a value ontology file."
         },
         "name": {
-          "description": "Name of the type. It must be unique within the schema file and cannot be a 'Common Type'. Besides that we use the following naming conventions: - *use snake_casing* - name matching is case-insensitive - Maximum 64 characters. - Must start with a letter. - Allowed characters: ASCII letters [a-z0-9_-]. (For backward compatibility internal infrastructure and tooling can handle any ascii character) - The '/' is sometimes used to denote a property of a type. For example line_item/amount. This convention is deprecated, but will still be honored for backward compatibility.",
+          "description": "Name of the type. It must be unique within the schema file and cannot be a 'Common Type'. Besides that we use the following naming conventions: - *use snake_casing* - name matching is case-insensitive - Maximum 64 characters. - Must start with a letter. - Allowed characters: ASCII letters `[a-z0-9_-]`. (For backward compatibility internal infrastructure and tooling can handle any ascii character) - The '/' is sometimes used to denote a property of a type. For example line_item/amount. This convention is deprecated, but will still be honored for backward compatibility.",
           "type": "string"
         },
         "properties": {
@@ -3890,10 +3981,6 @@
           "description": "Optional. Text value in the document e.g. `1600 Amphitheatre Pkwy`. If the entity is not present in the document, this field will be empty.",
           "type": "string"
         },
-        "nonPresent": {
-          "description": "Optional. This attribute indicates that the processing didn't actually identify this entity, but a confidence score was assigned that represent the potential that this could be a false negative. A non-present entity should have an empty mention_text and text_anchor.",
-          "type": "boolean"
-        },
         "normalizedValue": {
           "$ref": "GoogleCloudDocumentaiV1beta1DocumentEntityNormalizedValue",
           "description": "Optional. Normalized entity value. Absent if the extracted value could not be converted or the type (e.g. address) is not supported for certain parsers. This field is also only populated for certain supported document types."
@@ -5128,10 +5215,6 @@
           "description": "Optional. Text value in the document e.g. `1600 Amphitheatre Pkwy`. If the entity is not present in the document, this field will be empty.",
           "type": "string"
         },
-        "nonPresent": {
-          "description": "Optional. This attribute indicates that the processing didn't actually identify this entity, but a confidence score was assigned that represent the potential that this could be a false negative. A non-present entity should have an empty mention_text and text_anchor.",
-          "type": "boolean"
-        },
         "normalizedValue": {
           "$ref": "GoogleCloudDocumentaiV1beta2DocumentEntityNormalizedValue",
           "description": "Optional. Normalized entity value. Absent if the extracted value could not be converted or the type (e.g. address) is not supported for certain parsers. This field is also only populated for certain supported document types."
diff --git a/googleapiclient/discovery_cache/documents/documentai.v1beta2.json b/googleapiclient/discovery_cache/documents/documentai.v1beta2.json
index 1296c15a0aa..8fe3c1b35f5 100644
--- a/googleapiclient/discovery_cache/documents/documentai.v1beta2.json
+++ b/googleapiclient/discovery_cache/documents/documentai.v1beta2.json
@@ -292,7 +292,7 @@
       }
     }
   },
-  "revision": "20220808",
+  "revision": "20220815",
   "rootUrl": "https://documentai.googleapis.com/",
   "schemas": {
     "GoogleCloudDocumentaiUiv1beta3BatchDeleteDocumentsMetadata": {
@@ -308,6 +308,11 @@
             "$ref": "GoogleCloudDocumentaiUiv1beta3BatchDeleteDocumentsMetadataIndividualBatchDeleteStatus"
           },
           "type": "array"
+        },
+        "totalDocumentCount": {
+          "description": "Total number of documents deleting from dataset.",
+          "format": "int32",
+          "type": "integer"
         }
       },
       "type": "object"
@@ -322,7 +327,7 @@
         },
         "status": {
           "$ref": "GoogleRpcStatus",
-          "description": "The status of deleting the document."
+          "description": "The status of deleting the document in storage."
         }
       },
       "type": "object"
@@ -635,6 +640,13 @@
           "$ref": "GoogleCloudDocumentaiUiv1beta3CommonOperationMetadata",
           "description": "The basic metadata of the long running operation."
         },
+        "importConfigValidationResults": {
+          "description": "Validation statuses of the batch documents import config.",
+          "items": {
+            "$ref": "GoogleCloudDocumentaiUiv1beta3ImportDocumentsMetadataImportConfigValidationResult"
+          },
+          "type": "array"
+        },
         "individualImportStatuses": {
           "description": "The list of response details of each document.",
           "items": {
@@ -650,6 +662,21 @@
       },
       "type": "object"
     },
+    "GoogleCloudDocumentaiUiv1beta3ImportDocumentsMetadataImportConfigValidationResult": {
+      "description": "The validation status of each import config. Status is ok if the configuration is valid and the specified documents are valid for importing. Otherwise status will be set as errors.",
+      "id": "GoogleCloudDocumentaiUiv1beta3ImportDocumentsMetadataImportConfigValidationResult",
+      "properties": {
+        "inputGcsSource": {
+          "description": "The source Cloud Storage URI specified in the import config.",
+          "type": "string"
+        },
+        "status": {
+          "$ref": "GoogleRpcStatus",
+          "description": "The validation status of import config."
+        }
+      },
+      "type": "object"
+    },
     "GoogleCloudDocumentaiUiv1beta3ImportDocumentsMetadataIndividualImportStatus": {
       "description": "The status of each individual document in the import process.",
       "id": "GoogleCloudDocumentaiUiv1beta3ImportDocumentsMetadataIndividualImportStatus",
@@ -683,6 +710,20 @@
           "$ref": "GoogleCloudDocumentaiUiv1beta3CommonOperationMetadata",
           "description": "The basic metadata of the long running operation."
         },
+        "datasetResyncStatuses": {
+          "description": "The list of dataset resync statuses. Not checked when `dataset_documents` is specified in ResyncRequest.",
+          "items": {
+            "$ref": "GoogleCloudDocumentaiUiv1beta3ResyncDatasetMetadataDatasetResyncStatus"
+          },
+          "type": "array"
+        },
+        "individualDocumentResyncStatuses": {
+          "description": "The list of document resync statuses. The same document could have multiple `individual_document_resync_statuses` if it has multiple inconsistencies.",
+          "items": {
+            "$ref": "GoogleCloudDocumentaiUiv1beta3ResyncDatasetMetadataIndividualDocumentResyncStatus"
+          },
+          "type": "array"
+        },
         "newlyAddedDocuments": {
           "description": "Returns the newly added document Cloud Storage prefix if the documents are founded in Cloud Storage while not in Document Service storage.",
           "items": {
@@ -693,6 +734,60 @@
       },
       "type": "object"
     },
+    "GoogleCloudDocumentaiUiv1beta3ResyncDatasetMetadataDatasetResyncStatus": {
+      "description": "Resync status against inconsistency types on the dataset level.",
+      "id": "GoogleCloudDocumentaiUiv1beta3ResyncDatasetMetadataDatasetResyncStatus",
+      "properties": {
+        "datasetInconsistencyType": {
+          "description": "The type of the inconsistency of the dataset.",
+          "enum": [
+            "DATASET_INCONSISTENCY_TYPE_UNSPECIFIED",
+            "DATASET_INCONSISTENCY_TYPE_NO_STORAGE_MARKER"
+          ],
+          "enumDescriptions": [
+            "Default value.",
+            "The marker file under the dataset folder is not found."
+          ],
+          "type": "string"
+        },
+        "status": {
+          "$ref": "GoogleRpcStatus",
+          "description": "The status of resyncing the dataset with regards to the detected inconsistency. Empty if `validate_only` is true in the request."
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudDocumentaiUiv1beta3ResyncDatasetMetadataIndividualDocumentResyncStatus": {
+      "description": "Resync status for each document per inconsistency type.",
+      "id": "GoogleCloudDocumentaiUiv1beta3ResyncDatasetMetadataIndividualDocumentResyncStatus",
+      "properties": {
+        "documentId": {
+          "$ref": "GoogleCloudDocumentaiUiv1beta3DocumentId",
+          "description": "The document identifier."
+        },
+        "documentInconsistencyType": {
+          "description": "The type of document inconsistency.",
+          "enum": [
+            "DOCUMENT_INCONSISTENCY_TYPE_UNSPECIFIED",
+            "DOCUMENT_INCONSISTENCY_TYPE_INVALID_DOCPROTO",
+            "DOCUMENT_INCONSISTENCY_TYPE_MISMATCHED_METADATA",
+            "DOCUMENT_INCONSISTENCY_TYPE_NO_PAGE_IMAGE"
+          ],
+          "enumDescriptions": [
+            "Default value.",
+            "The document proto is invalid.",
+            "Indexed docproto metadata is mismatched.",
+            "The page image or thumbnails are missing."
+          ],
+          "type": "string"
+        },
+        "status": {
+          "$ref": "GoogleRpcStatus",
+          "description": "The status of resyncing the document with regards to the detected inconsistency. Empty if `validate_only` is true in the request."
+        }
+      },
+      "type": "object"
+    },
     "GoogleCloudDocumentaiUiv1beta3ResyncDatasetMetadataUpdatedDocument": {
       "description": "The proto for updated document in resync pipeline.",
       "id": "GoogleCloudDocumentaiUiv1beta3ResyncDatasetMetadataUpdatedDocument",
@@ -1387,10 +1482,6 @@
           "description": "Optional. Text value in the document e.g. `1600 Amphitheatre Pkwy`. If the entity is not present in the document, this field will be empty.",
           "type": "string"
         },
-        "nonPresent": {
-          "description": "Optional. This attribute indicates that the processing didn't actually identify this entity, but a confidence score was assigned that represent the potential that this could be a false negative. A non-present entity should have an empty mention_text and text_anchor.",
-          "type": "boolean"
-        },
         "normalizedValue": {
           "$ref": "GoogleCloudDocumentaiV1beta1DocumentEntityNormalizedValue",
           "description": "Optional. Normalized entity value. Absent if the extracted value could not be converted or the type (e.g. address) is not supported for certain parsers. This field is also only populated for certain supported document types."
@@ -2650,10 +2741,6 @@
           "description": "Optional. Text value in the document e.g. `1600 Amphitheatre Pkwy`. If the entity is not present in the document, this field will be empty.",
           "type": "string"
         },
-        "nonPresent": {
-          "description": "Optional. This attribute indicates that the processing didn't actually identify this entity, but a confidence score was assigned that represent the potential that this could be a false negative. A non-present entity should have an empty mention_text and text_anchor.",
-          "type": "boolean"
-        },
         "normalizedValue": {
           "$ref": "GoogleCloudDocumentaiV1beta2DocumentEntityNormalizedValue",
           "description": "Optional. Normalized entity value. Absent if the extracted value could not be converted or the type (e.g. address) is not supported for certain parsers. This field is also only populated for certain supported document types."
diff --git a/googleapiclient/discovery_cache/documents/documentai.v1beta3.json b/googleapiclient/discovery_cache/documents/documentai.v1beta3.json
index d271588c80f..9d31924a091 100644
--- a/googleapiclient/discovery_cache/documents/documentai.v1beta3.json
+++ b/googleapiclient/discovery_cache/documents/documentai.v1beta3.json
@@ -836,7 +836,7 @@
       }
     }
   },
-  "revision": "20220808",
+  "revision": "20220815",
   "rootUrl": "https://documentai.googleapis.com/",
   "schemas": {
     "GoogleCloudDocumentaiUiv1beta3BatchDeleteDocumentsMetadata": {
@@ -852,6 +852,11 @@
             "$ref": "GoogleCloudDocumentaiUiv1beta3BatchDeleteDocumentsMetadataIndividualBatchDeleteStatus"
           },
           "type": "array"
+        },
+        "totalDocumentCount": {
+          "description": "Total number of documents deleting from dataset.",
+          "format": "int32",
+          "type": "integer"
         }
       },
       "type": "object"
@@ -866,7 +871,7 @@
         },
         "status": {
           "$ref": "GoogleRpcStatus",
-          "description": "The status of deleting the document."
+          "description": "The status of deleting the document in storage."
         }
       },
       "type": "object"
@@ -1179,6 +1184,13 @@
           "$ref": "GoogleCloudDocumentaiUiv1beta3CommonOperationMetadata",
           "description": "The basic metadata of the long running operation."
         },
+        "importConfigValidationResults": {
+          "description": "Validation statuses of the batch documents import config.",
+          "items": {
+            "$ref": "GoogleCloudDocumentaiUiv1beta3ImportDocumentsMetadataImportConfigValidationResult"
+          },
+          "type": "array"
+        },
         "individualImportStatuses": {
           "description": "The list of response details of each document.",
           "items": {
@@ -1194,6 +1206,21 @@
       },
       "type": "object"
     },
+    "GoogleCloudDocumentaiUiv1beta3ImportDocumentsMetadataImportConfigValidationResult": {
+      "description": "The validation status of each import config. Status is ok if the configuration is valid and the specified documents are valid for importing. Otherwise status will be set as errors.",
+      "id": "GoogleCloudDocumentaiUiv1beta3ImportDocumentsMetadataImportConfigValidationResult",
+      "properties": {
+        "inputGcsSource": {
+          "description": "The source Cloud Storage URI specified in the import config.",
+          "type": "string"
+        },
+        "status": {
+          "$ref": "GoogleRpcStatus",
+          "description": "The validation status of import config."
+        }
+      },
+      "type": "object"
+    },
     "GoogleCloudDocumentaiUiv1beta3ImportDocumentsMetadataIndividualImportStatus": {
       "description": "The status of each individual document in the import process.",
       "id": "GoogleCloudDocumentaiUiv1beta3ImportDocumentsMetadataIndividualImportStatus",
@@ -1227,6 +1254,20 @@
           "$ref": "GoogleCloudDocumentaiUiv1beta3CommonOperationMetadata",
           "description": "The basic metadata of the long running operation."
         },
+        "datasetResyncStatuses": {
+          "description": "The list of dataset resync statuses. Not checked when `dataset_documents` is specified in ResyncRequest.",
+          "items": {
+            "$ref": "GoogleCloudDocumentaiUiv1beta3ResyncDatasetMetadataDatasetResyncStatus"
+          },
+          "type": "array"
+        },
+        "individualDocumentResyncStatuses": {
+          "description": "The list of document resync statuses. The same document could have multiple `individual_document_resync_statuses` if it has multiple inconsistencies.",
+          "items": {
+            "$ref": "GoogleCloudDocumentaiUiv1beta3ResyncDatasetMetadataIndividualDocumentResyncStatus"
+          },
+          "type": "array"
+        },
         "newlyAddedDocuments": {
           "description": "Returns the newly added document Cloud Storage prefix if the documents are founded in Cloud Storage while not in Document Service storage.",
           "items": {
@@ -1237,6 +1278,60 @@
       },
       "type": "object"
     },
+    "GoogleCloudDocumentaiUiv1beta3ResyncDatasetMetadataDatasetResyncStatus": {
+      "description": "Resync status against inconsistency types on the dataset level.",
+      "id": "GoogleCloudDocumentaiUiv1beta3ResyncDatasetMetadataDatasetResyncStatus",
+      "properties": {
+        "datasetInconsistencyType": {
+          "description": "The type of the inconsistency of the dataset.",
+          "enum": [
+            "DATASET_INCONSISTENCY_TYPE_UNSPECIFIED",
+            "DATASET_INCONSISTENCY_TYPE_NO_STORAGE_MARKER"
+          ],
+          "enumDescriptions": [
+            "Default value.",
+            "The marker file under the dataset folder is not found."
+          ],
+          "type": "string"
+        },
+        "status": {
+          "$ref": "GoogleRpcStatus",
+          "description": "The status of resyncing the dataset with regards to the detected inconsistency. Empty if `validate_only` is true in the request."
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudDocumentaiUiv1beta3ResyncDatasetMetadataIndividualDocumentResyncStatus": {
+      "description": "Resync status for each document per inconsistency type.",
+      "id": "GoogleCloudDocumentaiUiv1beta3ResyncDatasetMetadataIndividualDocumentResyncStatus",
+      "properties": {
+        "documentId": {
+          "$ref": "GoogleCloudDocumentaiUiv1beta3DocumentId",
+          "description": "The document identifier."
+        },
+        "documentInconsistencyType": {
+          "description": "The type of document inconsistency.",
+          "enum": [
+            "DOCUMENT_INCONSISTENCY_TYPE_UNSPECIFIED",
+            "DOCUMENT_INCONSISTENCY_TYPE_INVALID_DOCPROTO",
+            "DOCUMENT_INCONSISTENCY_TYPE_MISMATCHED_METADATA",
+            "DOCUMENT_INCONSISTENCY_TYPE_NO_PAGE_IMAGE"
+          ],
+          "enumDescriptions": [
+            "Default value.",
+            "The document proto is invalid.",
+            "Indexed docproto metadata is mismatched.",
+            "The page image or thumbnails are missing."
+          ],
+          "type": "string"
+        },
+        "status": {
+          "$ref": "GoogleRpcStatus",
+          "description": "The status of resyncing the document with regards to the detected inconsistency. Empty if `validate_only` is true in the request."
+        }
+      },
+      "type": "object"
+    },
     "GoogleCloudDocumentaiUiv1beta3ResyncDatasetMetadataUpdatedDocument": {
       "description": "The proto for updated document in resync pipeline.",
       "id": "GoogleCloudDocumentaiUiv1beta3ResyncDatasetMetadataUpdatedDocument",
@@ -1931,10 +2026,6 @@
           "description": "Optional. Text value in the document e.g. `1600 Amphitheatre Pkwy`. If the entity is not present in the document, this field will be empty.",
           "type": "string"
         },
-        "nonPresent": {
-          "description": "Optional. This attribute indicates that the processing didn't actually identify this entity, but a confidence score was assigned that represent the potential that this could be a false negative. A non-present entity should have an empty mention_text and text_anchor.",
-          "type": "boolean"
-        },
         "normalizedValue": {
           "$ref": "GoogleCloudDocumentaiV1beta1DocumentEntityNormalizedValue",
           "description": "Optional. Normalized entity value. Absent if the extracted value could not be converted or the type (e.g. address) is not supported for certain parsers. This field is also only populated for certain supported document types."
@@ -3169,10 +3260,6 @@
           "description": "Optional. Text value in the document e.g. `1600 Amphitheatre Pkwy`. If the entity is not present in the document, this field will be empty.",
           "type": "string"
         },
-        "nonPresent": {
-          "description": "Optional. This attribute indicates that the processing didn't actually identify this entity, but a confidence score was assigned that represent the potential that this could be a false negative. A non-present entity should have an empty mention_text and text_anchor.",
-          "type": "boolean"
-        },
         "normalizedValue": {
           "$ref": "GoogleCloudDocumentaiV1beta2DocumentEntityNormalizedValue",
           "description": "Optional. Normalized entity value. Absent if the extracted value could not be converted or the type (e.g. address) is not supported for certain parsers. This field is also only populated for certain supported document types."
@@ -4678,10 +4765,6 @@
           "description": "Optional. Text value in the document e.g. `1600 Amphitheatre Pkwy`. If the entity is not present in the document, this field will be empty.",
           "type": "string"
         },
-        "nonPresent": {
-          "description": "Optional. This attribute indicates that the processing didn't actually identify this entity, but a confidence score was assigned that represent the potential that this could be a false negative. A non-present entity should have an empty mention_text and text_anchor.",
-          "type": "boolean"
-        },
         "normalizedValue": {
           "$ref": "GoogleCloudDocumentaiV1beta3DocumentEntityNormalizedValue",
           "description": "Optional. Normalized entity value. Absent if the extracted value could not be converted or the type (e.g. address) is not supported for certain parsers. This field is also only populated for certain supported document types."
@@ -5555,7 +5638,7 @@
           "description": "If specified, lists all the possible values for this entity. This should not be more than a handful of values. If the number of values is >10 or could change frequently use the `EntityType.value_ontology` field and specify a list of all possible values in a value ontology file."
         },
         "name": {
-          "description": "Name of the type. It must be unique within the schema file and cannot be a 'Common Type'. Besides that we use the following naming conventions: - *use snake_casing* - name matching is case-insensitive - Maximum 64 characters. - Must start with a letter. - Allowed characters: ASCII letters [a-z0-9_-]. (For backward compatibility internal infrastructure and tooling can handle any ascii character) - The '/' is sometimes used to denote a property of a type. For example line_item/amount. This convention is deprecated, but will still be honored for backward compatibility.",
+          "description": "Name of the type. It must be unique within the schema file and cannot be a 'Common Type'. Besides that we use the following naming conventions: - *use snake_casing* - name matching is case-insensitive - Maximum 64 characters. - Must start with a letter. - Allowed characters: ASCII letters `[a-z0-9_-]`. (For backward compatibility internal infrastructure and tooling can handle any ascii character) - The '/' is sometimes used to denote a property of a type. For example line_item/amount. This convention is deprecated, but will still be honored for backward compatibility.",
           "type": "string"
         },
         "properties": {
diff --git a/googleapiclient/discovery_cache/documents/domainsrdap.v1.json b/googleapiclient/discovery_cache/documents/domainsrdap.v1.json
index 6e8ec543413..297393908b8 100644
--- a/googleapiclient/discovery_cache/documents/domainsrdap.v1.json
+++ b/googleapiclient/discovery_cache/documents/domainsrdap.v1.json
@@ -289,7 +289,7 @@
       }
     }
   },
-  "revision": "20220813",
+  "revision": "20220822",
   "rootUrl": "https://domainsrdap.googleapis.com/",
   "schemas": {
     "HttpBody": {
diff --git a/googleapiclient/discovery_cache/documents/doubleclickbidmanager.v1.1.json b/googleapiclient/discovery_cache/documents/doubleclickbidmanager.v1.1.json
index 8132ab7e4e1..7087e47145d 100644
--- a/googleapiclient/discovery_cache/documents/doubleclickbidmanager.v1.1.json
+++ b/googleapiclient/discovery_cache/documents/doubleclickbidmanager.v1.1.json
@@ -280,7 +280,7 @@
       }
     }
   },
-  "revision": "20220803",
+  "revision": "20220812",
   "rootUrl": "https://doubleclickbidmanager.googleapis.com/",
   "schemas": {
     "ChannelGrouping": {
diff --git a/googleapiclient/discovery_cache/documents/doubleclickbidmanager.v2.json b/googleapiclient/discovery_cache/documents/doubleclickbidmanager.v2.json
index 3c3cb4d4d0c..830a64de811 100644
--- a/googleapiclient/discovery_cache/documents/doubleclickbidmanager.v2.json
+++ b/googleapiclient/discovery_cache/documents/doubleclickbidmanager.v2.json
@@ -320,7 +320,7 @@
       }
     }
   },
-  "revision": "20220803",
+  "revision": "20220812",
   "rootUrl": "https://doubleclickbidmanager.googleapis.com/",
   "schemas": {
     "ChannelGrouping": {
diff --git a/googleapiclient/discovery_cache/documents/doubleclicksearch.v2.json b/googleapiclient/discovery_cache/documents/doubleclicksearch.v2.json
index b6915513d72..d3e6e06602e 100644
--- a/googleapiclient/discovery_cache/documents/doubleclicksearch.v2.json
+++ b/googleapiclient/discovery_cache/documents/doubleclicksearch.v2.json
@@ -434,7 +434,7 @@
       }
     }
   },
-  "revision": "20220810",
+  "revision": "20220816",
   "rootUrl": "https://doubleclicksearch.googleapis.com/",
   "schemas": {
     "Availability": {
diff --git a/googleapiclient/discovery_cache/documents/drive.v2.json b/googleapiclient/discovery_cache/documents/drive.v2.json
index 404e84a197a..8b979aec1a5 100644
--- a/googleapiclient/discovery_cache/documents/drive.v2.json
+++ b/googleapiclient/discovery_cache/documents/drive.v2.json
@@ -38,7 +38,7 @@
   "description": "Manages files in Drive including uploading, downloading, searching, detecting changes, and updating sharing permissions.",
   "discoveryVersion": "v1",
   "documentationLink": "https://developers.google.com/drive/",
-  "etag": "\"uWj2hSb4GVjzdDlAnRd2gbM1ZQ8/JbfHi78DCsF8d6nzoLgyNUV6FYA\"",
+  "etag": "\"uWj2hSb4GVjzdDlAnRd2gbM1ZQ8/Pp29cn2zOwAam8Wlmn7HNXRwCW0\"",
   "icons": {
     "x16": "https://ssl.gstatic.com/docs/doclist/images/drive_icon_16.png",
     "x32": "https://ssl.gstatic.com/docs/doclist/images/drive_icon_32.png"
@@ -3668,7 +3668,7 @@
       }
     }
   },
-  "revision": "20220731",
+  "revision": "20220815",
   "rootUrl": "https://www.googleapis.com/",
   "schemas": {
     "About": {
@@ -5337,6 +5337,14 @@
           "description": "A link back to this file.",
           "type": "string"
         },
+        "sha1Checksum": {
+          "description": "The SHA1 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.",
+          "type": "string"
+        },
+        "sha256Checksum": {
+          "description": "The SHA256 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.",
+          "type": "string"
+        },
         "shareable": {
           "description": "Deprecated: use capabilities/canShare.",
           "type": "boolean"
diff --git a/googleapiclient/discovery_cache/documents/drive.v3.json b/googleapiclient/discovery_cache/documents/drive.v3.json
index 3c8aeb484ec..6211bb54eee 100644
--- a/googleapiclient/discovery_cache/documents/drive.v3.json
+++ b/googleapiclient/discovery_cache/documents/drive.v3.json
@@ -35,7 +35,7 @@
   "description": "Manages files in Drive including uploading, downloading, searching, detecting changes, and updating sharing permissions.",
   "discoveryVersion": "v1",
   "documentationLink": "https://developers.google.com/drive/",
-  "etag": "\"uWj2hSb4GVjzdDlAnRd2gbM1ZQ8/VCCFBo2z8WR1neuZtXyVMGMd-L4\"",
+  "etag": "\"uWj2hSb4GVjzdDlAnRd2gbM1ZQ8/WveG9q_CVnWogOpzbn8ICFVS5lc\"",
   "icons": {
     "x16": "https://ssl.gstatic.com/docs/doclist/images/drive_icon_16.png",
     "x32": "https://ssl.gstatic.com/docs/doclist/images/drive_icon_32.png"
@@ -2312,7 +2312,7 @@
       }
     }
   },
-  "revision": "20220731",
+  "revision": "20220815",
   "rootUrl": "https://www.googleapis.com/",
   "schemas": {
     "About": {
@@ -3412,6 +3412,14 @@
           "description": "A key needed to access the item via a shared link.",
           "type": "string"
         },
+        "sha1Checksum": {
+          "description": "The SHA1 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.",
+          "type": "string"
+        },
+        "sha256Checksum": {
+          "description": "The SHA256 checksum associated with this file, if available. This field is only populated for files with content stored in Google Drive; it is not populated for Docs Editors or shortcut files.",
+          "type": "string"
+        },
         "shared": {
           "description": "Whether the file has been shared. Not populated for items in shared drives.",
           "type": "boolean"
diff --git a/googleapiclient/discovery_cache/documents/driveactivity.v2.json b/googleapiclient/discovery_cache/documents/driveactivity.v2.json
index 76ac9499db3..71f22be3f78 100644
--- a/googleapiclient/discovery_cache/documents/driveactivity.v2.json
+++ b/googleapiclient/discovery_cache/documents/driveactivity.v2.json
@@ -132,7 +132,7 @@
       }
     }
   },
-  "revision": "20220810",
+  "revision": "20220817",
   "rootUrl": "https://driveactivity.googleapis.com/",
   "schemas": {
     "Action": {
diff --git a/googleapiclient/discovery_cache/documents/drivelabels.v2.json b/googleapiclient/discovery_cache/documents/drivelabels.v2.json
index fedeaab5b16..91a16c8a14f 100644
--- a/googleapiclient/discovery_cache/documents/drivelabels.v2.json
+++ b/googleapiclient/discovery_cache/documents/drivelabels.v2.json
@@ -217,7 +217,7 @@
       }
     }
   },
-  "revision": "20220806",
+  "revision": "20220817",
   "rootUrl": "https://drivelabels.googleapis.com/",
   "schemas": {
     "GoogleAppsDriveLabelsV2BadgeColors": {
diff --git a/googleapiclient/discovery_cache/documents/drivelabels.v2beta.json b/googleapiclient/discovery_cache/documents/drivelabels.v2beta.json
index 041fb6f0307..544a39c90ad 100644
--- a/googleapiclient/discovery_cache/documents/drivelabels.v2beta.json
+++ b/googleapiclient/discovery_cache/documents/drivelabels.v2beta.json
@@ -888,7 +888,7 @@
       }
     }
   },
-  "revision": "20220806",
+  "revision": "20220817",
   "rootUrl": "https://drivelabels.googleapis.com/",
   "schemas": {
     "GoogleAppsDriveLabelsV2betaBadgeColors": {
diff --git a/googleapiclient/discovery_cache/documents/essentialcontacts.v1.json b/googleapiclient/discovery_cache/documents/essentialcontacts.v1.json
index 4213f4d40e5..cf0eaceaec7 100644
--- a/googleapiclient/discovery_cache/documents/essentialcontacts.v1.json
+++ b/googleapiclient/discovery_cache/documents/essentialcontacts.v1.json
@@ -850,7 +850,7 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220818",
   "rootUrl": "https://essentialcontacts.googleapis.com/",
   "schemas": {
     "GoogleCloudEssentialcontactsV1ComputeContactsResponse": {
diff --git a/googleapiclient/discovery_cache/documents/eventarc.v1.json b/googleapiclient/discovery_cache/documents/eventarc.v1.json
index c44043bb564..9aac00e313b 100644
--- a/googleapiclient/discovery_cache/documents/eventarc.v1.json
+++ b/googleapiclient/discovery_cache/documents/eventarc.v1.json
@@ -1197,7 +1197,7 @@
       }
     }
   },
-  "revision": "20220727",
+  "revision": "20220819",
   "rootUrl": "https://eventarc.googleapis.com/",
   "schemas": {
     "AuditConfig": {
@@ -1257,7 +1257,7 @@
           "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)."
         },
         "members": {
-          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
+          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
           "items": {
             "type": "string"
           },
diff --git a/googleapiclient/discovery_cache/documents/eventarc.v1beta1.json b/googleapiclient/discovery_cache/documents/eventarc.v1beta1.json
index 7a868252fb0..6e8983e5280 100644
--- a/googleapiclient/discovery_cache/documents/eventarc.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/eventarc.v1beta1.json
@@ -584,7 +584,7 @@
       }
     }
   },
-  "revision": "20220727",
+  "revision": "20220812",
   "rootUrl": "https://eventarc.googleapis.com/",
   "schemas": {
     "AuditConfig": {
@@ -644,7 +644,7 @@
           "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)."
         },
         "members": {
-          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
+          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
           "items": {
             "type": "string"
           },
diff --git a/googleapiclient/discovery_cache/documents/factchecktools.v1alpha1.json b/googleapiclient/discovery_cache/documents/factchecktools.v1alpha1.json
index 525204b631b..f6339256291 100644
--- a/googleapiclient/discovery_cache/documents/factchecktools.v1alpha1.json
+++ b/googleapiclient/discovery_cache/documents/factchecktools.v1alpha1.json
@@ -304,7 +304,7 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220821",
   "rootUrl": "https://factchecktools.googleapis.com/",
   "schemas": {
     "GoogleFactcheckingFactchecktoolsV1alpha1Claim": {
diff --git a/googleapiclient/discovery_cache/documents/fcm.v1.json b/googleapiclient/discovery_cache/documents/fcm.v1.json
index 7b00d99445b..7d824d09eaf 100644
--- a/googleapiclient/discovery_cache/documents/fcm.v1.json
+++ b/googleapiclient/discovery_cache/documents/fcm.v1.json
@@ -146,7 +146,7 @@
       }
     }
   },
-  "revision": "20220801",
+  "revision": "20220815",
   "rootUrl": "https://fcm.googleapis.com/",
   "schemas": {
     "AndroidConfig": {
diff --git a/googleapiclient/discovery_cache/documents/fcmdata.v1beta1.json b/googleapiclient/discovery_cache/documents/fcmdata.v1beta1.json
index 555823fcff5..20c027bfff6 100644
--- a/googleapiclient/discovery_cache/documents/fcmdata.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/fcmdata.v1beta1.json
@@ -154,7 +154,7 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220821",
   "rootUrl": "https://fcmdata.googleapis.com/",
   "schemas": {
     "GoogleFirebaseFcmDataV1beta1AndroidDeliveryData": {
diff --git a/googleapiclient/discovery_cache/documents/firebase.v1beta1.json b/googleapiclient/discovery_cache/documents/firebase.v1beta1.json
index 891a7a10ba8..183841da377 100644
--- a/googleapiclient/discovery_cache/documents/firebase.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/firebase.v1beta1.json
@@ -341,6 +341,11 @@
               "description": "Token returned from a previous call to `ListFirebaseProjects` indicating where in the set of Projects to resume listing.",
               "location": "query",
               "type": "string"
+            },
+            "showDeleted": {
+              "description": "Optional. Controls whether Projects in the DELETING state should be returned. Defaults to false.",
+              "location": "query",
+              "type": "boolean"
             }
           },
           "path": "v1beta1/projects",
@@ -662,6 +667,34 @@
               "scopes": [
                 "https://www.googleapis.com/auth/cloud-platform"
               ]
+            },
+            "undelete": {
+              "description": "Restores the specified AndroidApp to the project.",
+              "flatPath": "v1beta1/projects/{projectsId}/androidApps/{androidAppsId}:undelete",
+              "httpMethod": "POST",
+              "id": "firebase.projects.androidApps.undelete",
+              "parameterOrder": [
+                "name"
+              ],
+              "parameters": {
+                "name": {
+                  "description": "Required. The resource name of the AndroidApp, in the format: projects/ PROJECT_IDENTIFIER/androidApps/APP_ID Since an APP_ID is a unique identifier, the Unique Resource from Sub-Collection access pattern may be used here, in the format: projects/-/androidApps/APP_ID Refer to the AndroidApp [name](../projects.androidApps#AndroidApp.FIELDS.name) field for details about PROJECT_IDENTIFIER and APP_ID values.",
+                  "location": "path",
+                  "pattern": "^projects/[^/]+/androidApps/[^/]+$",
+                  "required": true,
+                  "type": "string"
+                }
+              },
+              "path": "v1beta1/{+name}:undelete",
+              "request": {
+                "$ref": "UndeleteAndroidAppRequest"
+              },
+              "response": {
+                "$ref": "Operation"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform"
+              ]
             }
           },
           "resources": {
@@ -1023,6 +1056,34 @@
               "scopes": [
                 "https://www.googleapis.com/auth/cloud-platform"
               ]
+            },
+            "undelete": {
+              "description": "Restores the specified IosApp to the project.",
+              "flatPath": "v1beta1/projects/{projectsId}/iosApps/{iosAppsId}:undelete",
+              "httpMethod": "POST",
+              "id": "firebase.projects.iosApps.undelete",
+              "parameterOrder": [
+                "name"
+              ],
+              "parameters": {
+                "name": {
+                  "description": "Required. The resource name of the IosApp, in the format: projects/ PROJECT_IDENTIFIER/iosApps/APP_ID Since an APP_ID is a unique identifier, the Unique Resource from Sub-Collection access pattern may be used here, in the format: projects/-/iosApps/APP_ID Refer to the IosApp [name](../projects.iosApps#IosApp.FIELDS.name) field for details about PROJECT_IDENTIFIER and APP_ID values.",
+                  "location": "path",
+                  "pattern": "^projects/[^/]+/iosApps/[^/]+$",
+                  "required": true,
+                  "type": "string"
+                }
+              },
+              "path": "v1beta1/{+name}:undelete",
+              "request": {
+                "$ref": "UndeleteIosAppRequest"
+              },
+              "response": {
+                "$ref": "Operation"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform"
+              ]
             }
           }
         },
@@ -1219,13 +1280,41 @@
               "scopes": [
                 "https://www.googleapis.com/auth/cloud-platform"
               ]
+            },
+            "undelete": {
+              "description": "Restores the specified WebApp to the project.",
+              "flatPath": "v1beta1/projects/{projectsId}/webApps/{webAppsId}:undelete",
+              "httpMethod": "POST",
+              "id": "firebase.projects.webApps.undelete",
+              "parameterOrder": [
+                "name"
+              ],
+              "parameters": {
+                "name": {
+                  "description": "Required. The resource name of the WebApp, in the format: projects/ PROJECT_IDENTIFIER/webApps/APP_ID Since an APP_ID is a unique identifier, the Unique Resource from Sub-Collection access pattern may be used here, in the format: projects/-/webApps/APP_ID Refer to the WebApp [name](../projects.webApps#WebApp.FIELDS.name) field for details about PROJECT_IDENTIFIER and APP_ID values.",
+                  "location": "path",
+                  "pattern": "^projects/[^/]+/webApps/[^/]+$",
+                  "required": true,
+                  "type": "string"
+                }
+              },
+              "path": "v1beta1/{+name}:undelete",
+              "request": {
+                "$ref": "UndeleteWebAppRequest"
+              },
+              "response": {
+                "$ref": "Operation"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform"
+              ]
             }
           }
         }
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220819",
   "rootUrl": "https://firebase.googleapis.com/",
   "schemas": {
     "AddFirebaseRequest": {
@@ -1342,20 +1431,6 @@
           "readOnly": true,
           "type": "string"
         },
-        "sha1Hashes": {
-          "description": "The SHA1 certificate hashes for the AndroidApp.",
-          "items": {
-            "type": "string"
-          },
-          "type": "array"
-        },
-        "sha256Hashes": {
-          "description": "The SHA256 certificate hashes for the AndroidApp.",
-          "items": {
-            "type": "string"
-          },
-          "type": "array"
-        },
         "state": {
           "description": "Output only. The lifecycle state of the App.",
           "enum": [
@@ -2027,6 +2102,48 @@
       },
       "type": "object"
     },
+    "UndeleteAndroidAppRequest": {
+      "id": "UndeleteAndroidAppRequest",
+      "properties": {
+        "etag": {
+          "description": "Checksum provided in the AndroidApp entity, which if provided ensures the client has an up-to-date value before proceeding.",
+          "type": "string"
+        },
+        "validateOnly": {
+          "description": "If set to true, only validate the request and do not undelete the app.",
+          "type": "boolean"
+        }
+      },
+      "type": "object"
+    },
+    "UndeleteIosAppRequest": {
+      "id": "UndeleteIosAppRequest",
+      "properties": {
+        "etag": {
+          "description": "Checksum provided in the IosApp entity, which if provided ensures the client has an up-to-date value before proceeding.",
+          "type": "string"
+        },
+        "validateOnly": {
+          "description": "If set to true, only validate the request and do not undelete the app.",
+          "type": "boolean"
+        }
+      },
+      "type": "object"
+    },
+    "UndeleteWebAppRequest": {
+      "id": "UndeleteWebAppRequest",
+      "properties": {
+        "etag": {
+          "description": "Checksum provided in the WebApp entity, which if provided ensures the client has an up-to-date value before proceeding.",
+          "type": "string"
+        },
+        "validateOnly": {
+          "description": "If set to true, only validate the request and do not undelete the app.",
+          "type": "boolean"
+        }
+      },
+      "type": "object"
+    },
     "WebApp": {
       "description": "Details of a Firebase App for the web.",
       "id": "WebApp",
diff --git a/googleapiclient/discovery_cache/documents/firebaseappcheck.v1.json b/googleapiclient/discovery_cache/documents/firebaseappcheck.v1.json
index 8b61c51aa27..7042783dd32 100644
--- a/googleapiclient/discovery_cache/documents/firebaseappcheck.v1.json
+++ b/googleapiclient/discovery_cache/documents/firebaseappcheck.v1.json
@@ -1338,7 +1338,7 @@
       }
     }
   },
-  "revision": "20220806",
+  "revision": "20220812",
   "rootUrl": "https://firebaseappcheck.googleapis.com/",
   "schemas": {
     "GoogleFirebaseAppcheckV1AppAttestConfig": {
diff --git a/googleapiclient/discovery_cache/documents/firebaseappcheck.v1beta.json b/googleapiclient/discovery_cache/documents/firebaseappcheck.v1beta.json
index d8f69dedd3e..283afcd0d9b 100644
--- a/googleapiclient/discovery_cache/documents/firebaseappcheck.v1beta.json
+++ b/googleapiclient/discovery_cache/documents/firebaseappcheck.v1beta.json
@@ -1464,7 +1464,7 @@
       }
     }
   },
-  "revision": "20220806",
+  "revision": "20220812",
   "rootUrl": "https://firebaseappcheck.googleapis.com/",
   "schemas": {
     "GoogleFirebaseAppcheckV1betaAppAttestConfig": {
diff --git a/googleapiclient/discovery_cache/documents/firebasedatabase.v1beta.json b/googleapiclient/discovery_cache/documents/firebasedatabase.v1beta.json
index 30cffa430ed..e0b95fc90df 100644
--- a/googleapiclient/discovery_cache/documents/firebasedatabase.v1beta.json
+++ b/googleapiclient/discovery_cache/documents/firebasedatabase.v1beta.json
@@ -351,7 +351,7 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220819",
   "rootUrl": "https://firebasedatabase.googleapis.com/",
   "schemas": {
     "DatabaseInstance": {
diff --git a/googleapiclient/discovery_cache/documents/firebasedynamiclinks.v1.json b/googleapiclient/discovery_cache/documents/firebasedynamiclinks.v1.json
index 9457910fef2..b0b2f429f63 100644
--- a/googleapiclient/discovery_cache/documents/firebasedynamiclinks.v1.json
+++ b/googleapiclient/discovery_cache/documents/firebasedynamiclinks.v1.json
@@ -224,7 +224,7 @@
       }
     }
   },
-  "revision": "20220810",
+  "revision": "20220817",
   "rootUrl": "https://firebasedynamiclinks.googleapis.com/",
   "schemas": {
     "AnalyticsInfo": {
diff --git a/googleapiclient/discovery_cache/documents/firebasehosting.v1.json b/googleapiclient/discovery_cache/documents/firebasehosting.v1.json
index a1db8e4366f..ff97cab658c 100644
--- a/googleapiclient/discovery_cache/documents/firebasehosting.v1.json
+++ b/googleapiclient/discovery_cache/documents/firebasehosting.v1.json
@@ -186,7 +186,7 @@
       }
     }
   },
-  "revision": "20220727",
+  "revision": "20220819",
   "rootUrl": "https://firebasehosting.googleapis.com/",
   "schemas": {
     "CancelOperationRequest": {
diff --git a/googleapiclient/discovery_cache/documents/firebasehosting.v1beta1.json b/googleapiclient/discovery_cache/documents/firebasehosting.v1beta1.json
index 3a5dcd90690..bad5a99765f 100644
--- a/googleapiclient/discovery_cache/documents/firebasehosting.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/firebasehosting.v1beta1.json
@@ -1939,7 +1939,7 @@
       }
     }
   },
-  "revision": "20220813",
+  "revision": "20220819",
   "rootUrl": "https://firebasehosting.googleapis.com/",
   "schemas": {
     "ActingUser": {
diff --git a/googleapiclient/discovery_cache/documents/firebaseml.v1.json b/googleapiclient/discovery_cache/documents/firebaseml.v1.json
index ed71879d94c..9fc3cf26102 100644
--- a/googleapiclient/discovery_cache/documents/firebaseml.v1.json
+++ b/googleapiclient/discovery_cache/documents/firebaseml.v1.json
@@ -204,7 +204,7 @@
       }
     }
   },
-  "revision": "20220810",
+  "revision": "20220817",
   "rootUrl": "https://firebaseml.googleapis.com/",
   "schemas": {
     "CancelOperationRequest": {
diff --git a/googleapiclient/discovery_cache/documents/firebaseml.v1beta2.json b/googleapiclient/discovery_cache/documents/firebaseml.v1beta2.json
index e3c41d68026..2afc2cef6d6 100644
--- a/googleapiclient/discovery_cache/documents/firebaseml.v1beta2.json
+++ b/googleapiclient/discovery_cache/documents/firebaseml.v1beta2.json
@@ -318,7 +318,7 @@
       }
     }
   },
-  "revision": "20220810",
+  "revision": "20220817",
   "rootUrl": "https://firebaseml.googleapis.com/",
   "schemas": {
     "DownloadModelResponse": {
diff --git a/googleapiclient/discovery_cache/documents/firebaserules.v1.json b/googleapiclient/discovery_cache/documents/firebaserules.v1.json
index 8d44f13b75c..896d4cf116d 100644
--- a/googleapiclient/discovery_cache/documents/firebaserules.v1.json
+++ b/googleapiclient/discovery_cache/documents/firebaserules.v1.json
@@ -477,7 +477,7 @@
       }
     }
   },
-  "revision": "20220712",
+  "revision": "20220810",
   "rootUrl": "https://firebaserules.googleapis.com/",
   "schemas": {
     "Arg": {
diff --git a/googleapiclient/discovery_cache/documents/firebasestorage.v1beta.json b/googleapiclient/discovery_cache/documents/firebasestorage.v1beta.json
index 3ba719b14f9..2476decb055 100644
--- a/googleapiclient/discovery_cache/documents/firebasestorage.v1beta.json
+++ b/googleapiclient/discovery_cache/documents/firebasestorage.v1beta.json
@@ -238,7 +238,7 @@
       }
     }
   },
-  "revision": "20220805",
+  "revision": "20220812",
   "rootUrl": "https://firebasestorage.googleapis.com/",
   "schemas": {
     "AddFirebaseRequest": {
diff --git a/googleapiclient/discovery_cache/documents/fitness.v1.json b/googleapiclient/discovery_cache/documents/fitness.v1.json
index 900b343f804..933679b98ec 100644
--- a/googleapiclient/discovery_cache/documents/fitness.v1.json
+++ b/googleapiclient/discovery_cache/documents/fitness.v1.json
@@ -831,7 +831,7 @@
       }
     }
   },
-  "revision": "20220810",
+  "revision": "20220817",
   "rootUrl": "https://fitness.googleapis.com/",
   "schemas": {
     "AggregateBucket": {
diff --git a/googleapiclient/discovery_cache/documents/forms.v1.json b/googleapiclient/discovery_cache/documents/forms.v1.json
index e2b5623ccb8..ad85cd4ce46 100644
--- a/googleapiclient/discovery_cache/documents/forms.v1.json
+++ b/googleapiclient/discovery_cache/documents/forms.v1.json
@@ -423,7 +423,7 @@
       }
     }
   },
-  "revision": "20220811",
+  "revision": "20220818",
   "rootUrl": "https://forms.googleapis.com/",
   "schemas": {
     "Answer": {
diff --git a/googleapiclient/discovery_cache/documents/gameservices.v1.json b/googleapiclient/discovery_cache/documents/gameservices.v1.json
index bb2aa338430..697fa328835 100644
--- a/googleapiclient/discovery_cache/documents/gameservices.v1.json
+++ b/googleapiclient/discovery_cache/documents/gameservices.v1.json
@@ -401,7 +401,7 @@
       }
     }
   },
-  "revision": "20220804",
+  "revision": "20220811",
   "rootUrl": "https://gameservices.googleapis.com/",
   "schemas": {
     "AuditConfig": {
diff --git a/googleapiclient/discovery_cache/documents/gameservices.v1beta.json b/googleapiclient/discovery_cache/documents/gameservices.v1beta.json
index 44c9219ee71..4ef61fc1670 100644
--- a/googleapiclient/discovery_cache/documents/gameservices.v1beta.json
+++ b/googleapiclient/discovery_cache/documents/gameservices.v1beta.json
@@ -401,7 +401,7 @@
       }
     }
   },
-  "revision": "20220804",
+  "revision": "20220818",
   "rootUrl": "https://gameservices.googleapis.com/",
   "schemas": {
     "AuditConfig": {
diff --git a/googleapiclient/discovery_cache/documents/genomics.v2alpha1.json b/googleapiclient/discovery_cache/documents/genomics.v2alpha1.json
index 6732531dc1c..3e6b88dbe65 100644
--- a/googleapiclient/discovery_cache/documents/genomics.v2alpha1.json
+++ b/googleapiclient/discovery_cache/documents/genomics.v2alpha1.json
@@ -301,7 +301,7 @@
       }
     }
   },
-  "revision": "20220801",
+  "revision": "20220813",
   "rootUrl": "https://genomics.googleapis.com/",
   "schemas": {
     "Accelerator": {
diff --git a/googleapiclient/discovery_cache/documents/gkebackup.v1.json b/googleapiclient/discovery_cache/documents/gkebackup.v1.json
index f49b71aa899..a8e812f0cbf 100644
--- a/googleapiclient/discovery_cache/documents/gkebackup.v1.json
+++ b/googleapiclient/discovery_cache/documents/gkebackup.v1.json
@@ -1688,7 +1688,7 @@
       }
     }
   },
-  "revision": "20220728",
+  "revision": "20220811",
   "rootUrl": "https://gkebackup.googleapis.com/",
   "schemas": {
     "AuditConfig": {
@@ -2019,7 +2019,7 @@
           "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)."
         },
         "members": {
-          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
+          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
           "items": {
             "type": "string"
           },
diff --git a/googleapiclient/discovery_cache/documents/gkehub.v1.json b/googleapiclient/discovery_cache/documents/gkehub.v1.json
index 38564f70638..1def88030c8 100644
--- a/googleapiclient/discovery_cache/documents/gkehub.v1.json
+++ b/googleapiclient/discovery_cache/documents/gkehub.v1.json
@@ -905,7 +905,7 @@
       }
     }
   },
-  "revision": "20220805",
+  "revision": "20220812",
   "rootUrl": "https://gkehub.googleapis.com/",
   "schemas": {
     "AnthosVMMembershipSpec": {
diff --git a/googleapiclient/discovery_cache/documents/gkehub.v1alpha.json b/googleapiclient/discovery_cache/documents/gkehub.v1alpha.json
index 315ba230b14..1ef76060662 100644
--- a/googleapiclient/discovery_cache/documents/gkehub.v1alpha.json
+++ b/googleapiclient/discovery_cache/documents/gkehub.v1alpha.json
@@ -1151,7 +1151,7 @@
       }
     }
   },
-  "revision": "20220805",
+  "revision": "20220812",
   "rootUrl": "https://gkehub.googleapis.com/",
   "schemas": {
     "AnthosObservabilityFeatureSpec": {
@@ -2605,14 +2605,6 @@
       "description": "Configuration of an auth method for a member/cluster. Only one authentication method (e.g., OIDC and LDAP) can be set per AuthMethod.",
       "id": "IdentityServiceAuthMethod",
       "properties": {
-        "azureadConfig": {
-          "$ref": "IdentityServiceAzureADConfig",
-          "description": "AzureAD specific Configuration."
-        },
-        "googleConfig": {
-          "$ref": "IdentityServiceGoogleConfig",
-          "description": "GoogleConfig specific configuration"
-        },
         "name": {
           "description": "Identifier for auth config.",
           "type": "string"
@@ -2628,46 +2620,6 @@
       },
       "type": "object"
     },
-    "IdentityServiceAzureADConfig": {
-      "description": "Configuration for the AzureAD Auth flow.",
-      "id": "IdentityServiceAzureADConfig",
-      "properties": {
-        "clientId": {
-          "description": "ID for the registered client application that makes authentication requests to the Azure AD identity provider.",
-          "type": "string"
-        },
-        "clientSecret": {
-          "description": "Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.",
-          "type": "string"
-        },
-        "encryptedClientSecret": {
-          "description": "Output only. Encrypted AzureAD client secret.",
-          "format": "byte",
-          "readOnly": true,
-          "type": "string"
-        },
-        "kubectlRedirectUri": {
-          "description": "The redirect URL that kubectl uses for authorization.",
-          "type": "string"
-        },
-        "tenant": {
-          "description": "Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.",
-          "type": "string"
-        }
-      },
-      "type": "object"
-    },
-    "IdentityServiceGoogleConfig": {
-      "description": "Configuration for the Google Plugin Auth flow.",
-      "id": "IdentityServiceGoogleConfig",
-      "properties": {
-        "disable": {
-          "description": "Disable automatic configuration of Google Plugin on supported platforms.",
-          "type": "boolean"
-        }
-      },
-      "type": "object"
-    },
     "IdentityServiceMembershipSpec": {
       "description": "**Anthos Identity Service**: Configuration for a single Membership.",
       "id": "IdentityServiceMembershipSpec",
diff --git a/googleapiclient/discovery_cache/documents/gkehub.v1alpha2.json b/googleapiclient/discovery_cache/documents/gkehub.v1alpha2.json
index bec14dc3c25..da19a015727 100644
--- a/googleapiclient/discovery_cache/documents/gkehub.v1alpha2.json
+++ b/googleapiclient/discovery_cache/documents/gkehub.v1alpha2.json
@@ -652,7 +652,7 @@
       }
     }
   },
-  "revision": "20220805",
+  "revision": "20220812",
   "rootUrl": "https://gkehub.googleapis.com/",
   "schemas": {
     "ApplianceCluster": {
diff --git a/googleapiclient/discovery_cache/documents/gkehub.v1beta.json b/googleapiclient/discovery_cache/documents/gkehub.v1beta.json
index 7018225c2f3..4c2a2ce1dbd 100644
--- a/googleapiclient/discovery_cache/documents/gkehub.v1beta.json
+++ b/googleapiclient/discovery_cache/documents/gkehub.v1beta.json
@@ -670,7 +670,7 @@
       }
     }
   },
-  "revision": "20220805",
+  "revision": "20220812",
   "rootUrl": "https://gkehub.googleapis.com/",
   "schemas": {
     "AnthosObservabilityFeatureSpec": {
diff --git a/googleapiclient/discovery_cache/documents/gkehub.v1beta1.json b/googleapiclient/discovery_cache/documents/gkehub.v1beta1.json
index d15881cce8a..72bc69c9e79 100644
--- a/googleapiclient/discovery_cache/documents/gkehub.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/gkehub.v1beta1.json
@@ -706,7 +706,7 @@
       }
     }
   },
-  "revision": "20220805",
+  "revision": "20220812",
   "rootUrl": "https://gkehub.googleapis.com/",
   "schemas": {
     "ApplianceCluster": {
diff --git a/googleapiclient/discovery_cache/documents/gkehub.v2alpha.json b/googleapiclient/discovery_cache/documents/gkehub.v2alpha.json
index 507531ac254..0c68c24d1c7 100644
--- a/googleapiclient/discovery_cache/documents/gkehub.v2alpha.json
+++ b/googleapiclient/discovery_cache/documents/gkehub.v2alpha.json
@@ -280,7 +280,7 @@
       }
     }
   },
-  "revision": "20220805",
+  "revision": "20220812",
   "rootUrl": "https://gkehub.googleapis.com/",
   "schemas": {
     "CancelOperationRequest": {
diff --git a/googleapiclient/discovery_cache/documents/gmail.v1.json b/googleapiclient/discovery_cache/documents/gmail.v1.json
index 5464958fecf..9e5f119c97a 100644
--- a/googleapiclient/discovery_cache/documents/gmail.v1.json
+++ b/googleapiclient/discovery_cache/documents/gmail.v1.json
@@ -2682,7 +2682,7 @@
       }
     }
   },
-  "revision": "20220808",
+  "revision": "20220815",
   "rootUrl": "https://gmail.googleapis.com/",
   "schemas": {
     "AutoForwarding": {
diff --git a/googleapiclient/discovery_cache/documents/gmailpostmastertools.v1.json b/googleapiclient/discovery_cache/documents/gmailpostmastertools.v1.json
index 4e35b7266d2..42a36b02080 100644
--- a/googleapiclient/discovery_cache/documents/gmailpostmastertools.v1.json
+++ b/googleapiclient/discovery_cache/documents/gmailpostmastertools.v1.json
@@ -265,7 +265,7 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220821",
   "rootUrl": "https://gmailpostmastertools.googleapis.com/",
   "schemas": {
     "DeliveryError": {
diff --git a/googleapiclient/discovery_cache/documents/gmailpostmastertools.v1beta1.json b/googleapiclient/discovery_cache/documents/gmailpostmastertools.v1beta1.json
index dad4b856e91..303a64f1428 100644
--- a/googleapiclient/discovery_cache/documents/gmailpostmastertools.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/gmailpostmastertools.v1beta1.json
@@ -265,7 +265,7 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220821",
   "rootUrl": "https://gmailpostmastertools.googleapis.com/",
   "schemas": {
     "DeliveryError": {
diff --git a/googleapiclient/discovery_cache/documents/groupsmigration.v1.json b/googleapiclient/discovery_cache/documents/groupsmigration.v1.json
index d91baa57b60..1ea5029bee7 100644
--- a/googleapiclient/discovery_cache/documents/groupsmigration.v1.json
+++ b/googleapiclient/discovery_cache/documents/groupsmigration.v1.json
@@ -146,7 +146,7 @@
       }
     }
   },
-  "revision": "20220804",
+  "revision": "20220811",
   "rootUrl": "https://groupsmigration.googleapis.com/",
   "schemas": {
     "Groups": {
diff --git a/googleapiclient/discovery_cache/documents/healthcare.v1.json b/googleapiclient/discovery_cache/documents/healthcare.v1.json
index 2c018bc829e..e674a68278e 100644
--- a/googleapiclient/discovery_cache/documents/healthcare.v1.json
+++ b/googleapiclient/discovery_cache/documents/healthcare.v1.json
@@ -3127,7 +3127,7 @@
                           ]
                         },
                         "executeBundle": {
-                          "description": "Executes all the requests in the given Bundle. Implements the FHIR standard batch/transaction interaction ([DSTU2](http://hl7.org/implement/standards/fhir/DSTU2/http.html#transaction), [STU3](http://hl7.org/implement/standards/fhir/STU3/http.html#transaction), [R4](http://hl7.org/implement/standards/fhir/R4/http.html#transaction)). Supports all interactions within a bundle, except search. This method accepts Bundles of type `batch` and `transaction`, processing them according to the batch processing rules ([DSTU2](http://hl7.org/implement/standards/fhir/DSTU2/http.html#2.1.0.16.1), [STU3](http://hl7.org/implement/standards/fhir/STU3/http.html#2.21.0.17.1), [R4](http://hl7.org/implement/standards/fhir/R4/http.html#brules)) and transaction processing rules ([DSTU2](http://hl7.org/implement/standards/fhir/DSTU2/http.html#2.1.0.16.2), [STU3](http://hl7.org/implement/standards/fhir/STU3/http.html#2.21.0.17.2), [R4](http://hl7.org/implement/standards/fhir/R4/http.html#trules)). The request body must contain a JSON-encoded FHIR `Bundle` resource, and the request headers must contain `Content-Type: application/fhir+json`. For a batch bundle or a successful transaction the response body will contain a JSON-encoded representation of a `Bundle` resource of type `batch-response` or `transaction-response` containing one entry for each entry in the request, with the outcome of processing the entry. In the case of an error for a transaction bundle, the response body will contain a JSON-encoded `OperationOutcome` resource describing the reason for the error. If the request cannot be mapped to a valid API method on a FHIR store, a generic GCP error might be returned instead. For samples that show how to call `executeBundle`, see [Managing FHIR resources using FHIR bundles](/healthcare/docs/how-tos/fhir-bundles).",
+                          "description": "Executes all the requests in the given Bundle. Implements the FHIR standard batch/transaction interaction ([DSTU2](https://hl7.org/implement/standards/fhir/DSTU2/http.html#transaction), [STU3](https://hl7.org/implement/standards/fhir/STU3/http.html#transaction), [R4](https://hl7.org/implement/standards/fhir/R4/http.html#transaction)). Supports all interactions within a bundle, except search. This method accepts Bundles of type `batch` and `transaction`, processing them according to the batch processing rules ([DSTU2](https://hl7.org/implement/standards/fhir/DSTU2/http.html#2.1.0.16.1), [STU3](https://hl7.org/implement/standards/fhir/STU3/http.html#2.21.0.17.1), [R4](https://hl7.org/implement/standards/fhir/R4/http.html#brules)) and transaction processing rules ([DSTU2](https://hl7.org/implement/standards/fhir/DSTU2/http.html#2.1.0.16.2), [STU3](https://hl7.org/implement/standards/fhir/STU3/http.html#2.21.0.17.2), [R4](https://hl7.org/implement/standards/fhir/R4/http.html#trules)). The request body must contain a JSON-encoded FHIR `Bundle` resource, and the request headers must contain `Content-Type: application/fhir+json`. For a batch bundle or a successful transaction, the response body contains a JSON-encoded representation of a `Bundle` resource of type `batch-response` or `transaction-response` containing one entry for each entry in the request, with the outcome of processing the entry. In the case of an error for a transaction bundle, the response body contains a JSON-encoded `OperationOutcome` resource describing the reason for the error. If the request cannot be mapped to a valid API method on a FHIR store, a generic GCP error might be returned instead. This method checks permissions for each request in the bundle. The `executeBundle` permission is required to call this method, but you must also grant sufficient permissions to execute the individual requests in the bundle. For example, if the bundle contains a request to create a FHIR resource, the caller must also have been granted the `healthcare.fhirResources.create` permission. You can use audit logs to view the permissions for `executeBundle` and each request in the bundle. For more information, see [Viewing Cloud Audit logs](https://cloud.google.com/healthcare-api/docs/how-tos/audit-logging). For samples that show how to call `executeBundle`, see [Managing FHIR resources using FHIR bundles](/healthcare/docs/how-tos/fhir-bundles).",
                           "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/fhir",
                           "httpMethod": "POST",
                           "id": "healthcare.projects.locations.datasets.fhirStores.fhir.executeBundle",
@@ -4053,7 +4053,7 @@
       }
     }
   },
-  "revision": "20220727",
+  "revision": "20220810",
   "rootUrl": "https://healthcare.googleapis.com/",
   "schemas": {
     "ActivateConsentRequest": {
@@ -4267,7 +4267,7 @@
           "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)."
         },
         "members": {
-          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
+          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
           "items": {
             "type": "string"
           },
diff --git a/googleapiclient/discovery_cache/documents/healthcare.v1beta1.json b/googleapiclient/discovery_cache/documents/healthcare.v1beta1.json
index 6937de3c480..c3f25cb9987 100644
--- a/googleapiclient/discovery_cache/documents/healthcare.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/healthcare.v1beta1.json
@@ -3887,7 +3887,7 @@
                           ]
                         },
                         "executeBundle": {
-                          "description": "Executes all the requests in the given Bundle. Implements the FHIR standard batch/transaction interaction ([DSTU2](https://hl7.org/implement/standards/fhir/DSTU2/http.html#transaction), [STU3](https://hl7.org/implement/standards/fhir/STU3/http.html#transaction), [R4](https://hl7.org/implement/standards/fhir/R4/http.html#transaction)). Supports all interactions within a bundle, except search. This method accepts Bundles of type `batch` and `transaction`, processing them according to the batch processing rules ([DSTU2](https://hl7.org/implement/standards/fhir/DSTU2/http.html#2.1.0.16.1), [STU3](https://hl7.org/implement/standards/fhir/STU3/http.html#2.21.0.17.1), [R4](https://hl7.org/implement/standards/fhir/R4/http.html#brules)) and transaction processing rules ([DSTU2](https://hl7.org/implement/standards/fhir/DSTU2/http.html#2.1.0.16.2), [STU3](https://hl7.org/implement/standards/fhir/STU3/http.html#2.21.0.17.2), [R4](https://hl7.org/implement/standards/fhir/R4/http.html#trules)). The request body must contain a JSON-encoded FHIR `Bundle` resource, and the request headers must contain `Content-Type: application/fhir+json`. For a batch bundle or a successful transaction the response body contains a JSON-encoded representation of a `Bundle` resource of type `batch-response` or `transaction-response` containing one entry for each entry in the request, with the outcome of processing the entry. In the case of an error for a transaction bundle, the response body contains a JSON-encoded `OperationOutcome` resource describing the reason for the error. If the request cannot be mapped to a valid API method on a FHIR store, a generic GCP error might be returned instead. This method requires permission for executing the requests in the bundle. The `executeBundle` permission grants permission to execute the request in the bundle but you must grant sufficient permissions to execute the individual requests in the bundle. For example, if the bundle contains a `create` request, you must have permission to execute the `create` request. Logging is available for the `executeBundle` permission. For samples that show how to call `executeBundle`, see [Managing FHIR resources using FHIR bundles](/healthcare/docs/how-tos/fhir-bundles).",
+                          "description": "Executes all the requests in the given Bundle. Implements the FHIR standard batch/transaction interaction ([DSTU2](https://hl7.org/implement/standards/fhir/DSTU2/http.html#transaction), [STU3](https://hl7.org/implement/standards/fhir/STU3/http.html#transaction), [R4](https://hl7.org/implement/standards/fhir/R4/http.html#transaction)). Supports all interactions within a bundle, except search. This method accepts Bundles of type `batch` and `transaction`, processing them according to the batch processing rules ([DSTU2](https://hl7.org/implement/standards/fhir/DSTU2/http.html#2.1.0.16.1), [STU3](https://hl7.org/implement/standards/fhir/STU3/http.html#2.21.0.17.1), [R4](https://hl7.org/implement/standards/fhir/R4/http.html#brules)) and transaction processing rules ([DSTU2](https://hl7.org/implement/standards/fhir/DSTU2/http.html#2.1.0.16.2), [STU3](https://hl7.org/implement/standards/fhir/STU3/http.html#2.21.0.17.2), [R4](https://hl7.org/implement/standards/fhir/R4/http.html#trules)). The request body must contain a JSON-encoded FHIR `Bundle` resource, and the request headers must contain `Content-Type: application/fhir+json`. For a batch bundle or a successful transaction, the response body contains a JSON-encoded representation of a `Bundle` resource of type `batch-response` or `transaction-response` containing one entry for each entry in the request, with the outcome of processing the entry. In the case of an error for a transaction bundle, the response body contains a JSON-encoded `OperationOutcome` resource describing the reason for the error. If the request cannot be mapped to a valid API method on a FHIR store, a generic GCP error might be returned instead. This method checks permissions for each request in the bundle. The `executeBundle` permission is required to call this method, but you must also grant sufficient permissions to execute the individual requests in the bundle. For example, if the bundle contains a request to create a FHIR resource, the caller must also have been granted the `healthcare.fhirResources.create` permission. You can use audit logs to view the permissions for `executeBundle` and each request in the bundle. For more information, see [Viewing Cloud Audit logs](https://cloud.google.com/healthcare-api/docs/how-tos/audit-logging). For samples that show how to call `executeBundle`, see [Managing FHIR resources using FHIR bundles](/healthcare/docs/how-tos/fhir-bundles).",
                           "flatPath": "v1beta1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/fhir",
                           "httpMethod": "POST",
                           "id": "healthcare.projects.locations.datasets.fhirStores.fhir.executeBundle",
@@ -4865,7 +4865,7 @@
       }
     }
   },
-  "revision": "20220727",
+  "revision": "20220810",
   "rootUrl": "https://healthcare.googleapis.com/",
   "schemas": {
     "ActivateConsentRequest": {
@@ -5171,7 +5171,7 @@
           "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)."
         },
         "members": {
-          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
+          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
           "items": {
             "type": "string"
           },
diff --git a/googleapiclient/discovery_cache/documents/homegraph.v1.json b/googleapiclient/discovery_cache/documents/homegraph.v1.json
index 35085345ba3..fcc5b70e3a0 100644
--- a/googleapiclient/discovery_cache/documents/homegraph.v1.json
+++ b/googleapiclient/discovery_cache/documents/homegraph.v1.json
@@ -216,7 +216,7 @@
       }
     }
   },
-  "revision": "20220805",
+  "revision": "20220812",
   "rootUrl": "https://homegraph.googleapis.com/",
   "schemas": {
     "AgentDeviceId": {
diff --git a/googleapiclient/discovery_cache/documents/iamcredentials.v1.json b/googleapiclient/discovery_cache/documents/iamcredentials.v1.json
index e349a9add1d..f98a1f07289 100644
--- a/googleapiclient/discovery_cache/documents/iamcredentials.v1.json
+++ b/googleapiclient/discovery_cache/documents/iamcredentials.v1.json
@@ -226,7 +226,7 @@
       }
     }
   },
-  "revision": "20220804",
+  "revision": "20220812",
   "rootUrl": "https://iamcredentials.googleapis.com/",
   "schemas": {
     "GenerateAccessTokenRequest": {
diff --git a/googleapiclient/discovery_cache/documents/ideahub.v1alpha.json b/googleapiclient/discovery_cache/documents/ideahub.v1alpha.json
index 1cb7e86272d..7514936b115 100644
--- a/googleapiclient/discovery_cache/documents/ideahub.v1alpha.json
+++ b/googleapiclient/discovery_cache/documents/ideahub.v1alpha.json
@@ -331,7 +331,7 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220819",
   "rootUrl": "https://ideahub.googleapis.com/",
   "schemas": {
     "GoogleSearchIdeahubV1alphaAvailableLocale": {
diff --git a/googleapiclient/discovery_cache/documents/ideahub.v1beta.json b/googleapiclient/discovery_cache/documents/ideahub.v1beta.json
index 748f556e751..d4090efb246 100644
--- a/googleapiclient/discovery_cache/documents/ideahub.v1beta.json
+++ b/googleapiclient/discovery_cache/documents/ideahub.v1beta.json
@@ -288,7 +288,7 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220819",
   "rootUrl": "https://ideahub.googleapis.com/",
   "schemas": {
     "GoogleSearchIdeahubV1betaAvailableLocale": {
diff --git a/googleapiclient/discovery_cache/documents/identitytoolkit.v1.json b/googleapiclient/discovery_cache/documents/identitytoolkit.v1.json
new file mode 100644
index 00000000000..0a077932fc8
--- /dev/null
+++ b/googleapiclient/discovery_cache/documents/identitytoolkit.v1.json
@@ -0,0 +1,3631 @@
+{
+  "auth": {
+    "oauth2": {
+      "scopes": {
+        "https://www.googleapis.com/auth/cloud-platform": {
+          "description": "See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account."
+        },
+        "https://www.googleapis.com/auth/firebase": {
+          "description": "View and administer all your Firebase data and settings"
+        }
+      }
+    }
+  },
+  "basePath": "",
+  "baseUrl": "https://identitytoolkit.googleapis.com/",
+  "batchPath": "batch",
+  "canonicalName": "Identity Toolkit",
+  "description": "The Google Identity Toolkit API lets you use open standards to verify a user's identity.",
+  "discoveryVersion": "v1",
+  "documentationLink": "https://cloud.google.com/identity-platform",
+  "fullyEncodeReservedExpansion": true,
+  "icons": {
+    "x16": "http://www.google.com/images/icons/product/search-16.gif",
+    "x32": "http://www.google.com/images/icons/product/search-32.gif"
+  },
+  "id": "identitytoolkit:v1",
+  "kind": "discovery#restDescription",
+  "mtlsRootUrl": "https://identitytoolkit.mtls.googleapis.com/",
+  "name": "identitytoolkit",
+  "ownerDomain": "google.com",
+  "ownerName": "Google",
+  "parameters": {
+    "$.xgafv": {
+      "description": "V1 error format.",
+      "enum": [
+        "1",
+        "2"
+      ],
+      "enumDescriptions": [
+        "v1 error format",
+        "v2 error format"
+      ],
+      "location": "query",
+      "type": "string"
+    },
+    "access_token": {
+      "description": "OAuth access token.",
+      "location": "query",
+      "type": "string"
+    },
+    "alt": {
+      "default": "json",
+      "description": "Data format for response.",
+      "enum": [
+        "json",
+        "media",
+        "proto"
+      ],
+      "enumDescriptions": [
+        "Responses with Content-Type of application/json",
+        "Media download with context-dependent Content-Type",
+        "Responses with Content-Type of application/x-protobuf"
+      ],
+      "location": "query",
+      "type": "string"
+    },
+    "callback": {
+      "description": "JSONP",
+      "location": "query",
+      "type": "string"
+    },
+    "fields": {
+      "description": "Selector specifying which fields to include in a partial response.",
+      "location": "query",
+      "type": "string"
+    },
+    "key": {
+      "description": "API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token.",
+      "location": "query",
+      "type": "string"
+    },
+    "oauth_token": {
+      "description": "OAuth 2.0 token for the current user.",
+      "location": "query",
+      "type": "string"
+    },
+    "prettyPrint": {
+      "default": "true",
+      "description": "Returns response with indentations and line breaks.",
+      "location": "query",
+      "type": "boolean"
+    },
+    "quotaUser": {
+      "description": "Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.",
+      "location": "query",
+      "type": "string"
+    },
+    "uploadType": {
+      "description": "Legacy upload protocol for media (e.g. \"media\", \"multipart\").",
+      "location": "query",
+      "type": "string"
+    },
+    "upload_protocol": {
+      "description": "Upload protocol for media (e.g. \"raw\", \"multipart\").",
+      "location": "query",
+      "type": "string"
+    }
+  },
+  "protocol": "rest",
+  "resources": {
+    "accounts": {
+      "methods": {
+        "createAuthUri": {
+          "description": "If an email identifier is specified, checks and returns if any user account is registered with the email. If there is a registered account, fetches all providers associated with the account's email. If the provider ID of an Identity Provider (IdP) is specified, creates an authorization URI for the IdP. The user can be directed to this URI to sign in with the IdP. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.",
+          "flatPath": "v1/accounts:createAuthUri",
+          "httpMethod": "POST",
+          "id": "identitytoolkit.accounts.createAuthUri",
+          "parameterOrder": [],
+          "parameters": {},
+          "path": "v1/accounts:createAuthUri",
+          "request": {
+            "$ref": "GoogleCloudIdentitytoolkitV1CreateAuthUriRequest"
+          },
+          "response": {
+            "$ref": "GoogleCloudIdentitytoolkitV1CreateAuthUriResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform"
+          ]
+        },
+        "delete": {
+          "description": "Deletes a user's account.",
+          "flatPath": "v1/accounts:delete",
+          "httpMethod": "POST",
+          "id": "identitytoolkit.accounts.delete",
+          "parameterOrder": [],
+          "parameters": {},
+          "path": "v1/accounts:delete",
+          "request": {
+            "$ref": "GoogleCloudIdentitytoolkitV1DeleteAccountRequest"
+          },
+          "response": {
+            "$ref": "GoogleCloudIdentitytoolkitV1DeleteAccountResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform"
+          ]
+        },
+        "issueSamlResponse": {
+          "description": "Experimental",
+          "flatPath": "v1/accounts:issueSamlResponse",
+          "httpMethod": "POST",
+          "id": "identitytoolkit.accounts.issueSamlResponse",
+          "parameterOrder": [],
+          "parameters": {},
+          "path": "v1/accounts:issueSamlResponse",
+          "request": {
+            "$ref": "GoogleCloudIdentitytoolkitV1IssueSamlResponseRequest"
+          },
+          "response": {
+            "$ref": "GoogleCloudIdentitytoolkitV1IssueSamlResponseResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform"
+          ]
+        },
+        "lookup": {
+          "description": "Gets account information for all matched accounts. For an end user request, retrieves the account of the end user. For an admin request with Google OAuth 2.0 credential, retrieves one or multiple account(s) with matching criteria.",
+          "flatPath": "v1/accounts:lookup",
+          "httpMethod": "POST",
+          "id": "identitytoolkit.accounts.lookup",
+          "parameterOrder": [],
+          "parameters": {},
+          "path": "v1/accounts:lookup",
+          "request": {
+            "$ref": "GoogleCloudIdentitytoolkitV1GetAccountInfoRequest"
+          },
+          "response": {
+            "$ref": "GoogleCloudIdentitytoolkitV1GetAccountInfoResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform"
+          ]
+        },
+        "resetPassword": {
+          "description": "Resets the password of an account either using an out-of-band code generated by sendOobCode or by specifying the email and password of the account to be modified. Can also check the purpose of an out-of-band code without consuming it.",
+          "flatPath": "v1/accounts:resetPassword",
+          "httpMethod": "POST",
+          "id": "identitytoolkit.accounts.resetPassword",
+          "parameterOrder": [],
+          "parameters": {},
+          "path": "v1/accounts:resetPassword",
+          "request": {
+            "$ref": "GoogleCloudIdentitytoolkitV1ResetPasswordRequest"
+          },
+          "response": {
+            "$ref": "GoogleCloudIdentitytoolkitV1ResetPasswordResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform"
+          ]
+        },
+        "sendOobCode": {
+          "description": "Sends an out-of-band confirmation code for an account. Requests from a authenticated request can optionally return a link including the OOB code instead of sending it.",
+          "flatPath": "v1/accounts:sendOobCode",
+          "httpMethod": "POST",
+          "id": "identitytoolkit.accounts.sendOobCode",
+          "parameterOrder": [],
+          "parameters": {},
+          "path": "v1/accounts:sendOobCode",
+          "request": {
+            "$ref": "GoogleCloudIdentitytoolkitV1GetOobCodeRequest"
+          },
+          "response": {
+            "$ref": "GoogleCloudIdentitytoolkitV1GetOobCodeResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform"
+          ]
+        },
+        "sendVerificationCode": {
+          "description": "Sends a SMS verification code for phone number sign-in. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.",
+          "flatPath": "v1/accounts:sendVerificationCode",
+          "httpMethod": "POST",
+          "id": "identitytoolkit.accounts.sendVerificationCode",
+          "parameterOrder": [],
+          "parameters": {},
+          "path": "v1/accounts:sendVerificationCode",
+          "request": {
+            "$ref": "GoogleCloudIdentitytoolkitV1SendVerificationCodeRequest"
+          },
+          "response": {
+            "$ref": "GoogleCloudIdentitytoolkitV1SendVerificationCodeResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform"
+          ]
+        },
+        "signInWithCustomToken": {
+          "description": "Signs in or signs up a user by exchanging a custom Auth token. Upon a successful sign-in or sign-up, a new Identity Platform ID token and refresh token are issued for the user. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.",
+          "flatPath": "v1/accounts:signInWithCustomToken",
+          "httpMethod": "POST",
+          "id": "identitytoolkit.accounts.signInWithCustomToken",
+          "parameterOrder": [],
+          "parameters": {},
+          "path": "v1/accounts:signInWithCustomToken",
+          "request": {
+            "$ref": "GoogleCloudIdentitytoolkitV1SignInWithCustomTokenRequest"
+          },
+          "response": {
+            "$ref": "GoogleCloudIdentitytoolkitV1SignInWithCustomTokenResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform"
+          ]
+        },
+        "signInWithEmailLink": {
+          "description": "Signs in or signs up a user with a out-of-band code from an email link. If a user does not exist with the given email address, a user record will be created. If the sign-in succeeds, an Identity Platform ID and refresh token are issued for the authenticated user. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.",
+          "flatPath": "v1/accounts:signInWithEmailLink",
+          "httpMethod": "POST",
+          "id": "identitytoolkit.accounts.signInWithEmailLink",
+          "parameterOrder": [],
+          "parameters": {},
+          "path": "v1/accounts:signInWithEmailLink",
+          "request": {
+            "$ref": "GoogleCloudIdentitytoolkitV1SignInWithEmailLinkRequest"
+          },
+          "response": {
+            "$ref": "GoogleCloudIdentitytoolkitV1SignInWithEmailLinkResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform"
+          ]
+        },
+        "signInWithGameCenter": {
+          "description": "Signs in or signs up a user with iOS Game Center credentials. If the sign-in succeeds, a new Identity Platform ID token and refresh token are issued for the authenticated user. The bundle ID is required in the request header as `x-ios-bundle-identifier`. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.",
+          "flatPath": "v1/accounts:signInWithGameCenter",
+          "httpMethod": "POST",
+          "id": "identitytoolkit.accounts.signInWithGameCenter",
+          "parameterOrder": [],
+          "parameters": {},
+          "path": "v1/accounts:signInWithGameCenter",
+          "request": {
+            "$ref": "GoogleCloudIdentitytoolkitV1SignInWithGameCenterRequest"
+          },
+          "response": {
+            "$ref": "GoogleCloudIdentitytoolkitV1SignInWithGameCenterResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform"
+          ]
+        },
+        "signInWithIdp": {
+          "description": "Signs in or signs up a user using credentials from an Identity Provider (IdP). This is done by manually providing an IdP credential, or by providing the authorization response obtained via the authorization request from CreateAuthUri. If the sign-in succeeds, a new Identity Platform ID token and refresh token are issued for the authenticated user. A new Identity Platform user account will be created if the user has not previously signed in to the IdP with the same account. In addition, when the \"One account per email address\" setting is enabled, there should not be an existing Identity Platform user account with the same email address for a new user account to be created. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.",
+          "flatPath": "v1/accounts:signInWithIdp",
+          "httpMethod": "POST",
+          "id": "identitytoolkit.accounts.signInWithIdp",
+          "parameterOrder": [],
+          "parameters": {},
+          "path": "v1/accounts:signInWithIdp",
+          "request": {
+            "$ref": "GoogleCloudIdentitytoolkitV1SignInWithIdpRequest"
+          },
+          "response": {
+            "$ref": "GoogleCloudIdentitytoolkitV1SignInWithIdpResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform"
+          ]
+        },
+        "signInWithPassword": {
+          "description": "Signs in a user with email and password. If the sign-in succeeds, a new Identity Platform ID token and refresh token are issued for the authenticated user. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.",
+          "flatPath": "v1/accounts:signInWithPassword",
+          "httpMethod": "POST",
+          "id": "identitytoolkit.accounts.signInWithPassword",
+          "parameterOrder": [],
+          "parameters": {},
+          "path": "v1/accounts:signInWithPassword",
+          "request": {
+            "$ref": "GoogleCloudIdentitytoolkitV1SignInWithPasswordRequest"
+          },
+          "response": {
+            "$ref": "GoogleCloudIdentitytoolkitV1SignInWithPasswordResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform"
+          ]
+        },
+        "signInWithPhoneNumber": {
+          "description": "Completes a phone number authentication attempt. If a user already exists with the given phone number, an ID token is minted for that user. Otherwise, a new user is created and associated with the phone number. This method may also be used to link a phone number to an existing user. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.",
+          "flatPath": "v1/accounts:signInWithPhoneNumber",
+          "httpMethod": "POST",
+          "id": "identitytoolkit.accounts.signInWithPhoneNumber",
+          "parameterOrder": [],
+          "parameters": {},
+          "path": "v1/accounts:signInWithPhoneNumber",
+          "request": {
+            "$ref": "GoogleCloudIdentitytoolkitV1SignInWithPhoneNumberRequest"
+          },
+          "response": {
+            "$ref": "GoogleCloudIdentitytoolkitV1SignInWithPhoneNumberResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform"
+          ]
+        },
+        "signUp": {
+          "description": "Signs up a new email and password user or anonymous user, or upgrades an anonymous user to email and password. For an admin request with a Google OAuth 2.0 credential with the proper [permissions](https://cloud.google.com/identity-platform/docs/access-control), creates a new anonymous, email and password, or phone number user. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.",
+          "flatPath": "v1/accounts:signUp",
+          "httpMethod": "POST",
+          "id": "identitytoolkit.accounts.signUp",
+          "parameterOrder": [],
+          "parameters": {},
+          "path": "v1/accounts:signUp",
+          "request": {
+            "$ref": "GoogleCloudIdentitytoolkitV1SignUpRequest"
+          },
+          "response": {
+            "$ref": "GoogleCloudIdentitytoolkitV1SignUpResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform"
+          ]
+        },
+        "update": {
+          "description": "Updates account-related information for the specified user by setting specific fields or applying action codes. Requests from administrators and end users are supported.",
+          "flatPath": "v1/accounts:update",
+          "httpMethod": "POST",
+          "id": "identitytoolkit.accounts.update",
+          "parameterOrder": [],
+          "parameters": {},
+          "path": "v1/accounts:update",
+          "request": {
+            "$ref": "GoogleCloudIdentitytoolkitV1SetAccountInfoRequest"
+          },
+          "response": {
+            "$ref": "GoogleCloudIdentitytoolkitV1SetAccountInfoResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform"
+          ]
+        },
+        "verifyIosClient": {
+          "description": "Verifies an iOS client is a real iOS device. If the request is valid, a reciept will be sent in the response and a secret will be sent via Apple Push Notification Service. The client should send both of them back to certain Identity Platform APIs in a later call (for example, /accounts:sendVerificationCode), in order to verify the client. The bundle ID is required in the request header as `x-ios-bundle-identifier`. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.",
+          "flatPath": "v1/accounts:verifyIosClient",
+          "httpMethod": "POST",
+          "id": "identitytoolkit.accounts.verifyIosClient",
+          "parameterOrder": [],
+          "parameters": {},
+          "path": "v1/accounts:verifyIosClient",
+          "request": {
+            "$ref": "GoogleCloudIdentitytoolkitV1VerifyIosClientRequest"
+          },
+          "response": {
+            "$ref": "GoogleCloudIdentitytoolkitV1VerifyIosClientResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform"
+          ]
+        }
+      }
+    },
+    "projects": {
+      "methods": {
+        "accounts": {
+          "description": "Signs up a new email and password user or anonymous user, or upgrades an anonymous user to email and password. For an admin request with a Google OAuth 2.0 credential with the proper [permissions](https://cloud.google.com/identity-platform/docs/access-control), creates a new anonymous, email and password, or phone number user. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.",
+          "flatPath": "v1/projects/{projectsId}/accounts",
+          "httpMethod": "POST",
+          "id": "identitytoolkit.projects.accounts",
+          "parameterOrder": [
+            "targetProjectId"
+          ],
+          "parameters": {
+            "targetProjectId": {
+              "description": "The project ID of the project which the user should belong to. Specifying this field requires a Google OAuth 2.0 credential with the proper [permissions](https://cloud.google.com/identity-platform/docs/access-control). If this is not set, the target project is inferred from the scope associated to the Bearer access token.",
+              "location": "path",
+              "pattern": "^[^/]+$",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "v1/projects/{+targetProjectId}/accounts",
+          "request": {
+            "$ref": "GoogleCloudIdentitytoolkitV1SignUpRequest"
+          },
+          "response": {
+            "$ref": "GoogleCloudIdentitytoolkitV1SignUpResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform"
+          ]
+        },
+        "createSessionCookie": {
+          "description": "Creates a session cookie for the given Identity Platform ID token. The session cookie is used by the client to preserve the user's login state.",
+          "flatPath": "v1/projects/{projectsId}:createSessionCookie",
+          "httpMethod": "POST",
+          "id": "identitytoolkit.projects.createSessionCookie",
+          "parameterOrder": [
+            "targetProjectId"
+          ],
+          "parameters": {
+            "targetProjectId": {
+              "description": "The ID of the project that the account belongs to.",
+              "location": "path",
+              "pattern": "^[^/]+$",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "v1/projects/{+targetProjectId}:createSessionCookie",
+          "request": {
+            "$ref": "GoogleCloudIdentitytoolkitV1CreateSessionCookieRequest"
+          },
+          "response": {
+            "$ref": "GoogleCloudIdentitytoolkitV1CreateSessionCookieResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform"
+          ]
+        },
+        "queryAccounts": {
+          "description": "Looks up user accounts within a project or a tenant based on conditions in the request.",
+          "flatPath": "v1/projects/{projectsId}:queryAccounts",
+          "httpMethod": "POST",
+          "id": "identitytoolkit.projects.queryAccounts",
+          "parameterOrder": [
+            "targetProjectId"
+          ],
+          "parameters": {
+            "targetProjectId": {
+              "description": "The ID of the project to which the result is scoped.",
+              "location": "path",
+              "pattern": "^[^/]+$",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "v1/projects/{+targetProjectId}:queryAccounts",
+          "request": {
+            "$ref": "GoogleCloudIdentitytoolkitV1QueryUserInfoRequest"
+          },
+          "response": {
+            "$ref": "GoogleCloudIdentitytoolkitV1QueryUserInfoResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/firebase"
+          ]
+        }
+      },
+      "resources": {
+        "accounts": {
+          "methods": {
+            "batchCreate": {
+              "description": "Uploads multiple accounts into the Google Cloud project. If there is a problem uploading one or more of the accounts, the rest will be uploaded, and a list of the errors will be returned. To use this method requires a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).",
+              "flatPath": "v1/projects/{projectsId}/accounts:batchCreate",
+              "httpMethod": "POST",
+              "id": "identitytoolkit.projects.accounts.batchCreate",
+              "parameterOrder": [
+                "targetProjectId"
+              ],
+              "parameters": {
+                "targetProjectId": {
+                  "description": "The Project ID of the Identity Platform project which the account belongs to.",
+                  "location": "path",
+                  "pattern": "^[^/]+$",
+                  "required": true,
+                  "type": "string"
+                }
+              },
+              "path": "v1/projects/{+targetProjectId}/accounts:batchCreate",
+              "request": {
+                "$ref": "GoogleCloudIdentitytoolkitV1UploadAccountRequest"
+              },
+              "response": {
+                "$ref": "GoogleCloudIdentitytoolkitV1UploadAccountResponse"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform",
+                "https://www.googleapis.com/auth/firebase"
+              ]
+            },
+            "batchDelete": {
+              "description": "Batch deletes multiple accounts. For accounts that fail to be deleted, error info is contained in the response. The method ignores accounts that do not exist or are duplicated in the request. This method requires a Google OAuth 2.0 credential with proper permissions. (https://cloud.google.com/identity-platform/docs/access-control)",
+              "flatPath": "v1/projects/{projectsId}/accounts:batchDelete",
+              "httpMethod": "POST",
+              "id": "identitytoolkit.projects.accounts.batchDelete",
+              "parameterOrder": [
+                "targetProjectId"
+              ],
+              "parameters": {
+                "targetProjectId": {
+                  "description": "If `tenant_id` is specified, the ID of the Google Cloud project that the Identity Platform tenant belongs to. Otherwise, the ID of the Google Cloud project that accounts belong to.",
+                  "location": "path",
+                  "pattern": "^[^/]+$",
+                  "required": true,
+                  "type": "string"
+                }
+              },
+              "path": "v1/projects/{+targetProjectId}/accounts:batchDelete",
+              "request": {
+                "$ref": "GoogleCloudIdentitytoolkitV1BatchDeleteAccountsRequest"
+              },
+              "response": {
+                "$ref": "GoogleCloudIdentitytoolkitV1BatchDeleteAccountsResponse"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform",
+                "https://www.googleapis.com/auth/firebase"
+              ]
+            },
+            "batchGet": {
+              "description": "Download account information for all accounts on the project in a paginated manner. To use this method requires a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).. Furthermore, additional permissions are needed to get password hash, password salt, and password version from accounts; otherwise these fields are redacted.",
+              "flatPath": "v1/projects/{projectsId}/accounts:batchGet",
+              "httpMethod": "GET",
+              "id": "identitytoolkit.projects.accounts.batchGet",
+              "parameterOrder": [
+                "targetProjectId"
+              ],
+              "parameters": {
+                "delegatedProjectNumber": {
+                  "format": "int64",
+                  "location": "query",
+                  "type": "string"
+                },
+                "maxResults": {
+                  "description": "The maximum number of results to return. Must be at least 1 and no greater than 1000. By default, it is 20.",
+                  "format": "int32",
+                  "location": "query",
+                  "type": "integer"
+                },
+                "nextPageToken": {
+                  "description": "The pagination token from the response of a previous request.",
+                  "location": "query",
+                  "type": "string"
+                },
+                "targetProjectId": {
+                  "description": "If `tenant_id` is specified, the ID of the Google Cloud project that the Identity Platform tenant belongs to. Otherwise, the ID of the Google Cloud project that the accounts belong to.",
+                  "location": "path",
+                  "pattern": "^[^/]+$",
+                  "required": true,
+                  "type": "string"
+                },
+                "tenantId": {
+                  "description": "The ID of the Identity Platform tenant the accounts belongs to. If not specified, accounts on the Identity Platform project are returned.",
+                  "location": "query",
+                  "type": "string"
+                }
+              },
+              "path": "v1/projects/{+targetProjectId}/accounts:batchGet",
+              "response": {
+                "$ref": "GoogleCloudIdentitytoolkitV1DownloadAccountResponse"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform",
+                "https://www.googleapis.com/auth/firebase"
+              ]
+            },
+            "delete": {
+              "description": "Deletes a user's account.",
+              "flatPath": "v1/projects/{projectsId}/accounts:delete",
+              "httpMethod": "POST",
+              "id": "identitytoolkit.projects.accounts.delete",
+              "parameterOrder": [
+                "targetProjectId"
+              ],
+              "parameters": {
+                "targetProjectId": {
+                  "description": "The ID of the project which the account belongs to. Should only be specified in authenticated requests that specify local_id of an account.",
+                  "location": "path",
+                  "pattern": "^[^/]+$",
+                  "required": true,
+                  "type": "string"
+                }
+              },
+              "path": "v1/projects/{+targetProjectId}/accounts:delete",
+              "request": {
+                "$ref": "GoogleCloudIdentitytoolkitV1DeleteAccountRequest"
+              },
+              "response": {
+                "$ref": "GoogleCloudIdentitytoolkitV1DeleteAccountResponse"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform"
+              ]
+            },
+            "lookup": {
+              "description": "Gets account information for all matched accounts. For an end user request, retrieves the account of the end user. For an admin request with Google OAuth 2.0 credential, retrieves one or multiple account(s) with matching criteria.",
+              "flatPath": "v1/projects/{projectsId}/accounts:lookup",
+              "httpMethod": "POST",
+              "id": "identitytoolkit.projects.accounts.lookup",
+              "parameterOrder": [
+                "targetProjectId"
+              ],
+              "parameters": {
+                "targetProjectId": {
+                  "description": "The ID of the Google Cloud project that the account or the Identity Platform tenant specified by `tenant_id` belongs to. Should only be specified by authenticated requests bearing a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).",
+                  "location": "path",
+                  "pattern": "^[^/]+$",
+                  "required": true,
+                  "type": "string"
+                }
+              },
+              "path": "v1/projects/{+targetProjectId}/accounts:lookup",
+              "request": {
+                "$ref": "GoogleCloudIdentitytoolkitV1GetAccountInfoRequest"
+              },
+              "response": {
+                "$ref": "GoogleCloudIdentitytoolkitV1GetAccountInfoResponse"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform"
+              ]
+            },
+            "query": {
+              "description": "Looks up user accounts within a project or a tenant based on conditions in the request.",
+              "flatPath": "v1/projects/{projectsId}/accounts:query",
+              "httpMethod": "POST",
+              "id": "identitytoolkit.projects.accounts.query",
+              "parameterOrder": [
+                "targetProjectId"
+              ],
+              "parameters": {
+                "targetProjectId": {
+                  "description": "The ID of the project to which the result is scoped.",
+                  "location": "path",
+                  "pattern": "^[^/]+$",
+                  "required": true,
+                  "type": "string"
+                }
+              },
+              "path": "v1/projects/{+targetProjectId}/accounts:query",
+              "request": {
+                "$ref": "GoogleCloudIdentitytoolkitV1QueryUserInfoRequest"
+              },
+              "response": {
+                "$ref": "GoogleCloudIdentitytoolkitV1QueryUserInfoResponse"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform",
+                "https://www.googleapis.com/auth/firebase"
+              ]
+            },
+            "sendOobCode": {
+              "description": "Sends an out-of-band confirmation code for an account. Requests from a authenticated request can optionally return a link including the OOB code instead of sending it.",
+              "flatPath": "v1/projects/{projectsId}/accounts:sendOobCode",
+              "httpMethod": "POST",
+              "id": "identitytoolkit.projects.accounts.sendOobCode",
+              "parameterOrder": [
+                "targetProjectId"
+              ],
+              "parameters": {
+                "targetProjectId": {
+                  "description": "The Project ID of the Identity Platform project which the account belongs to. To specify this field, it requires a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).",
+                  "location": "path",
+                  "pattern": "^[^/]+$",
+                  "required": true,
+                  "type": "string"
+                }
+              },
+              "path": "v1/projects/{+targetProjectId}/accounts:sendOobCode",
+              "request": {
+                "$ref": "GoogleCloudIdentitytoolkitV1GetOobCodeRequest"
+              },
+              "response": {
+                "$ref": "GoogleCloudIdentitytoolkitV1GetOobCodeResponse"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform"
+              ]
+            },
+            "update": {
+              "description": "Updates account-related information for the specified user by setting specific fields or applying action codes. Requests from administrators and end users are supported.",
+              "flatPath": "v1/projects/{projectsId}/accounts:update",
+              "httpMethod": "POST",
+              "id": "identitytoolkit.projects.accounts.update",
+              "parameterOrder": [
+                "targetProjectId"
+              ],
+              "parameters": {
+                "targetProjectId": {
+                  "description": "The project ID for the project that the account belongs to. Specifying this field requires Google OAuth 2.0 credential with proper permissions (https://cloud.google.com/identity-platform/docs/access-control). Requests from end users should pass an Identity Platform ID token instead.",
+                  "location": "path",
+                  "pattern": "^[^/]+$",
+                  "required": true,
+                  "type": "string"
+                }
+              },
+              "path": "v1/projects/{+targetProjectId}/accounts:update",
+              "request": {
+                "$ref": "GoogleCloudIdentitytoolkitV1SetAccountInfoRequest"
+              },
+              "response": {
+                "$ref": "GoogleCloudIdentitytoolkitV1SetAccountInfoResponse"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform"
+              ]
+            }
+          }
+        },
+        "tenants": {
+          "methods": {
+            "accounts": {
+              "description": "Signs up a new email and password user or anonymous user, or upgrades an anonymous user to email and password. For an admin request with a Google OAuth 2.0 credential with the proper [permissions](https://cloud.google.com/identity-platform/docs/access-control), creates a new anonymous, email and password, or phone number user. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.",
+              "flatPath": "v1/projects/{projectsId}/tenants/{tenantsId}/accounts",
+              "httpMethod": "POST",
+              "id": "identitytoolkit.projects.tenants.accounts",
+              "parameterOrder": [
+                "targetProjectId",
+                "tenantId"
+              ],
+              "parameters": {
+                "targetProjectId": {
+                  "description": "The project ID of the project which the user should belong to. Specifying this field requires a Google OAuth 2.0 credential with the proper [permissions](https://cloud.google.com/identity-platform/docs/access-control). If this is not set, the target project is inferred from the scope associated to the Bearer access token.",
+                  "location": "path",
+                  "pattern": "^[^/]+$",
+                  "required": true,
+                  "type": "string"
+                },
+                "tenantId": {
+                  "description": "The ID of the Identity Platform tenant to create a user under. If not set, the user will be created under the default Identity Platform project.",
+                  "location": "path",
+                  "pattern": "^[^/]+$",
+                  "required": true,
+                  "type": "string"
+                }
+              },
+              "path": "v1/projects/{+targetProjectId}/tenants/{+tenantId}/accounts",
+              "request": {
+                "$ref": "GoogleCloudIdentitytoolkitV1SignUpRequest"
+              },
+              "response": {
+                "$ref": "GoogleCloudIdentitytoolkitV1SignUpResponse"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform"
+              ]
+            },
+            "createSessionCookie": {
+              "description": "Creates a session cookie for the given Identity Platform ID token. The session cookie is used by the client to preserve the user's login state.",
+              "flatPath": "v1/projects/{projectsId}/tenants/{tenantsId}:createSessionCookie",
+              "httpMethod": "POST",
+              "id": "identitytoolkit.projects.tenants.createSessionCookie",
+              "parameterOrder": [
+                "targetProjectId",
+                "tenantId"
+              ],
+              "parameters": {
+                "targetProjectId": {
+                  "description": "The ID of the project that the account belongs to.",
+                  "location": "path",
+                  "pattern": "^[^/]+$",
+                  "required": true,
+                  "type": "string"
+                },
+                "tenantId": {
+                  "description": "The tenant ID of the Identity Platform tenant the account belongs to.",
+                  "location": "path",
+                  "pattern": "^[^/]+$",
+                  "required": true,
+                  "type": "string"
+                }
+              },
+              "path": "v1/projects/{+targetProjectId}/tenants/{+tenantId}:createSessionCookie",
+              "request": {
+                "$ref": "GoogleCloudIdentitytoolkitV1CreateSessionCookieRequest"
+              },
+              "response": {
+                "$ref": "GoogleCloudIdentitytoolkitV1CreateSessionCookieResponse"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform"
+              ]
+            }
+          },
+          "resources": {
+            "accounts": {
+              "methods": {
+                "batchCreate": {
+                  "description": "Uploads multiple accounts into the Google Cloud project. If there is a problem uploading one or more of the accounts, the rest will be uploaded, and a list of the errors will be returned. To use this method requires a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).",
+                  "flatPath": "v1/projects/{projectsId}/tenants/{tenantsId}/accounts:batchCreate",
+                  "httpMethod": "POST",
+                  "id": "identitytoolkit.projects.tenants.accounts.batchCreate",
+                  "parameterOrder": [
+                    "targetProjectId",
+                    "tenantId"
+                  ],
+                  "parameters": {
+                    "targetProjectId": {
+                      "description": "The Project ID of the Identity Platform project which the account belongs to.",
+                      "location": "path",
+                      "pattern": "^[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    },
+                    "tenantId": {
+                      "description": "The ID of the Identity Platform tenant the account belongs to.",
+                      "location": "path",
+                      "pattern": "^[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    }
+                  },
+                  "path": "v1/projects/{+targetProjectId}/tenants/{+tenantId}/accounts:batchCreate",
+                  "request": {
+                    "$ref": "GoogleCloudIdentitytoolkitV1UploadAccountRequest"
+                  },
+                  "response": {
+                    "$ref": "GoogleCloudIdentitytoolkitV1UploadAccountResponse"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform",
+                    "https://www.googleapis.com/auth/firebase"
+                  ]
+                },
+                "batchDelete": {
+                  "description": "Batch deletes multiple accounts. For accounts that fail to be deleted, error info is contained in the response. The method ignores accounts that do not exist or are duplicated in the request. This method requires a Google OAuth 2.0 credential with proper permissions. (https://cloud.google.com/identity-platform/docs/access-control)",
+                  "flatPath": "v1/projects/{projectsId}/tenants/{tenantsId}/accounts:batchDelete",
+                  "httpMethod": "POST",
+                  "id": "identitytoolkit.projects.tenants.accounts.batchDelete",
+                  "parameterOrder": [
+                    "targetProjectId",
+                    "tenantId"
+                  ],
+                  "parameters": {
+                    "targetProjectId": {
+                      "description": "If `tenant_id` is specified, the ID of the Google Cloud project that the Identity Platform tenant belongs to. Otherwise, the ID of the Google Cloud project that accounts belong to.",
+                      "location": "path",
+                      "pattern": "^[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    },
+                    "tenantId": {
+                      "description": "If the accounts belong to an Identity Platform tenant, the ID of the tenant. If the accounts belong to an default Identity Platform project, the field is not needed.",
+                      "location": "path",
+                      "pattern": "^[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    }
+                  },
+                  "path": "v1/projects/{+targetProjectId}/tenants/{+tenantId}/accounts:batchDelete",
+                  "request": {
+                    "$ref": "GoogleCloudIdentitytoolkitV1BatchDeleteAccountsRequest"
+                  },
+                  "response": {
+                    "$ref": "GoogleCloudIdentitytoolkitV1BatchDeleteAccountsResponse"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform",
+                    "https://www.googleapis.com/auth/firebase"
+                  ]
+                },
+                "batchGet": {
+                  "description": "Download account information for all accounts on the project in a paginated manner. To use this method requires a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).. Furthermore, additional permissions are needed to get password hash, password salt, and password version from accounts; otherwise these fields are redacted.",
+                  "flatPath": "v1/projects/{projectsId}/tenants/{tenantsId}/accounts:batchGet",
+                  "httpMethod": "GET",
+                  "id": "identitytoolkit.projects.tenants.accounts.batchGet",
+                  "parameterOrder": [
+                    "targetProjectId",
+                    "tenantId"
+                  ],
+                  "parameters": {
+                    "delegatedProjectNumber": {
+                      "format": "int64",
+                      "location": "query",
+                      "type": "string"
+                    },
+                    "maxResults": {
+                      "description": "The maximum number of results to return. Must be at least 1 and no greater than 1000. By default, it is 20.",
+                      "format": "int32",
+                      "location": "query",
+                      "type": "integer"
+                    },
+                    "nextPageToken": {
+                      "description": "The pagination token from the response of a previous request.",
+                      "location": "query",
+                      "type": "string"
+                    },
+                    "targetProjectId": {
+                      "description": "If `tenant_id` is specified, the ID of the Google Cloud project that the Identity Platform tenant belongs to. Otherwise, the ID of the Google Cloud project that the accounts belong to.",
+                      "location": "path",
+                      "pattern": "^[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    },
+                    "tenantId": {
+                      "description": "The ID of the Identity Platform tenant the accounts belongs to. If not specified, accounts on the Identity Platform project are returned.",
+                      "location": "path",
+                      "pattern": "^[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    }
+                  },
+                  "path": "v1/projects/{+targetProjectId}/tenants/{+tenantId}/accounts:batchGet",
+                  "response": {
+                    "$ref": "GoogleCloudIdentitytoolkitV1DownloadAccountResponse"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform",
+                    "https://www.googleapis.com/auth/firebase"
+                  ]
+                },
+                "delete": {
+                  "description": "Deletes a user's account.",
+                  "flatPath": "v1/projects/{projectsId}/tenants/{tenantsId}/accounts:delete",
+                  "httpMethod": "POST",
+                  "id": "identitytoolkit.projects.tenants.accounts.delete",
+                  "parameterOrder": [
+                    "targetProjectId",
+                    "tenantId"
+                  ],
+                  "parameters": {
+                    "targetProjectId": {
+                      "description": "The ID of the project which the account belongs to. Should only be specified in authenticated requests that specify local_id of an account.",
+                      "location": "path",
+                      "pattern": "^[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    },
+                    "tenantId": {
+                      "description": "The ID of the tenant that the account belongs to, if applicable. Only require to be specified for authenticated requests bearing a Google OAuth 2.0 credential that specify local_id of an account that belongs to an Identity Platform tenant.",
+                      "location": "path",
+                      "pattern": "^[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    }
+                  },
+                  "path": "v1/projects/{+targetProjectId}/tenants/{+tenantId}/accounts:delete",
+                  "request": {
+                    "$ref": "GoogleCloudIdentitytoolkitV1DeleteAccountRequest"
+                  },
+                  "response": {
+                    "$ref": "GoogleCloudIdentitytoolkitV1DeleteAccountResponse"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform"
+                  ]
+                },
+                "lookup": {
+                  "description": "Gets account information for all matched accounts. For an end user request, retrieves the account of the end user. For an admin request with Google OAuth 2.0 credential, retrieves one or multiple account(s) with matching criteria.",
+                  "flatPath": "v1/projects/{projectsId}/tenants/{tenantsId}/accounts:lookup",
+                  "httpMethod": "POST",
+                  "id": "identitytoolkit.projects.tenants.accounts.lookup",
+                  "parameterOrder": [
+                    "targetProjectId",
+                    "tenantId"
+                  ],
+                  "parameters": {
+                    "targetProjectId": {
+                      "description": "The ID of the Google Cloud project that the account or the Identity Platform tenant specified by `tenant_id` belongs to. Should only be specified by authenticated requests bearing a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).",
+                      "location": "path",
+                      "pattern": "^[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    },
+                    "tenantId": {
+                      "description": "The ID of the tenant that the account belongs to. Should only be specified by authenticated requests from a developer.",
+                      "location": "path",
+                      "pattern": "^[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    }
+                  },
+                  "path": "v1/projects/{+targetProjectId}/tenants/{+tenantId}/accounts:lookup",
+                  "request": {
+                    "$ref": "GoogleCloudIdentitytoolkitV1GetAccountInfoRequest"
+                  },
+                  "response": {
+                    "$ref": "GoogleCloudIdentitytoolkitV1GetAccountInfoResponse"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform"
+                  ]
+                },
+                "query": {
+                  "description": "Looks up user accounts within a project or a tenant based on conditions in the request.",
+                  "flatPath": "v1/projects/{projectsId}/tenants/{tenantsId}/accounts:query",
+                  "httpMethod": "POST",
+                  "id": "identitytoolkit.projects.tenants.accounts.query",
+                  "parameterOrder": [
+                    "targetProjectId",
+                    "tenantId"
+                  ],
+                  "parameters": {
+                    "targetProjectId": {
+                      "description": "The ID of the project to which the result is scoped.",
+                      "location": "path",
+                      "pattern": "^[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    },
+                    "tenantId": {
+                      "description": "The ID of the tenant to which the result is scoped.",
+                      "location": "path",
+                      "pattern": "^[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    }
+                  },
+                  "path": "v1/projects/{+targetProjectId}/tenants/{+tenantId}/accounts:query",
+                  "request": {
+                    "$ref": "GoogleCloudIdentitytoolkitV1QueryUserInfoRequest"
+                  },
+                  "response": {
+                    "$ref": "GoogleCloudIdentitytoolkitV1QueryUserInfoResponse"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform",
+                    "https://www.googleapis.com/auth/firebase"
+                  ]
+                },
+                "sendOobCode": {
+                  "description": "Sends an out-of-band confirmation code for an account. Requests from a authenticated request can optionally return a link including the OOB code instead of sending it.",
+                  "flatPath": "v1/projects/{projectsId}/tenants/{tenantsId}/accounts:sendOobCode",
+                  "httpMethod": "POST",
+                  "id": "identitytoolkit.projects.tenants.accounts.sendOobCode",
+                  "parameterOrder": [
+                    "targetProjectId",
+                    "tenantId"
+                  ],
+                  "parameters": {
+                    "targetProjectId": {
+                      "description": "The Project ID of the Identity Platform project which the account belongs to. To specify this field, it requires a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).",
+                      "location": "path",
+                      "pattern": "^[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    },
+                    "tenantId": {
+                      "description": "The tenant ID of the Identity Platform tenant the account belongs to.",
+                      "location": "path",
+                      "pattern": "^[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    }
+                  },
+                  "path": "v1/projects/{+targetProjectId}/tenants/{+tenantId}/accounts:sendOobCode",
+                  "request": {
+                    "$ref": "GoogleCloudIdentitytoolkitV1GetOobCodeRequest"
+                  },
+                  "response": {
+                    "$ref": "GoogleCloudIdentitytoolkitV1GetOobCodeResponse"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform"
+                  ]
+                },
+                "update": {
+                  "description": "Updates account-related information for the specified user by setting specific fields or applying action codes. Requests from administrators and end users are supported.",
+                  "flatPath": "v1/projects/{projectsId}/tenants/{tenantsId}/accounts:update",
+                  "httpMethod": "POST",
+                  "id": "identitytoolkit.projects.tenants.accounts.update",
+                  "parameterOrder": [
+                    "targetProjectId",
+                    "tenantId"
+                  ],
+                  "parameters": {
+                    "targetProjectId": {
+                      "description": "The project ID for the project that the account belongs to. Specifying this field requires Google OAuth 2.0 credential with proper permissions (https://cloud.google.com/identity-platform/docs/access-control). Requests from end users should pass an Identity Platform ID token instead.",
+                      "location": "path",
+                      "pattern": "^[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    },
+                    "tenantId": {
+                      "description": "The tenant ID of the Identity Platform tenant that the account belongs to. Requests from end users should pass an Identity Platform ID token rather than setting this field.",
+                      "location": "path",
+                      "pattern": "^[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    }
+                  },
+                  "path": "v1/projects/{+targetProjectId}/tenants/{+tenantId}/accounts:update",
+                  "request": {
+                    "$ref": "GoogleCloudIdentitytoolkitV1SetAccountInfoRequest"
+                  },
+                  "response": {
+                    "$ref": "GoogleCloudIdentitytoolkitV1SetAccountInfoResponse"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform"
+                  ]
+                }
+              }
+            }
+          }
+        }
+      }
+    },
+    "v1": {
+      "methods": {
+        "getProjects": {
+          "description": "Gets a project's public Identity Toolkit configuration. (Legacy) This method also supports authenticated calls from a developer to retrieve non-public configuration.",
+          "flatPath": "v1/projects",
+          "httpMethod": "GET",
+          "id": "identitytoolkit.getProjects",
+          "parameterOrder": [],
+          "parameters": {
+            "androidPackageName": {
+              "description": "Android package name to check against the real android package name. If this field is provided, and sha1_cert_hash is not provided, the action will throw an error if this does not match the real android package name.",
+              "location": "query",
+              "type": "string"
+            },
+            "clientId": {
+              "description": "The RP OAuth client ID. If set, a check will be performed to ensure that the OAuth client is valid for the retrieved project and the request rejected with a client error if not valid.",
+              "location": "query",
+              "type": "string"
+            },
+            "delegatedProjectNumber": {
+              "description": "Project Number of the delegated project request. This field should only be used as part of the Firebase V1 migration.",
+              "format": "int64",
+              "location": "query",
+              "type": "string"
+            },
+            "firebaseAppId": {
+              "description": "The Firebase app ID, for applications that use Firebase. This can be found in the Firebase console for your project. If set, a check will be performed to ensure that the app ID is valid for the retrieved project. If not valid, the request will be rejected with a client error.",
+              "location": "query",
+              "type": "string"
+            },
+            "iosBundleId": {
+              "description": "iOS bundle id to check against the real ios bundle id. If this field is provided, the action will throw an error if this does not match the real iOS bundle id.",
+              "location": "query",
+              "type": "string"
+            },
+            "projectNumber": {
+              "description": "Project number of the configuration to retrieve. This field is deprecated and should not be used by new integrations.",
+              "format": "int64",
+              "location": "query",
+              "type": "string"
+            },
+            "returnDynamicLink": {
+              "description": "Whether dynamic link should be returned.",
+              "location": "query",
+              "type": "boolean"
+            },
+            "sha1Cert": {
+              "description": "SHA-1 Android application cert hash. If set, a check will be performed to ensure that the cert hash is valid for the retrieved project and android_package_name.",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "v1/projects",
+          "response": {
+            "$ref": "GoogleCloudIdentitytoolkitV1GetProjectConfigResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform"
+          ]
+        },
+        "getPublicKeys": {
+          "description": "Retrieves public keys of the legacy Identity Toolkit token signer to enable third parties to verify the legacy ID token. For now the X509 pem cert is the only format supported.",
+          "flatPath": "v1/publicKeys",
+          "httpMethod": "GET",
+          "id": "identitytoolkit.getPublicKeys",
+          "parameterOrder": [],
+          "parameters": {},
+          "path": "v1/publicKeys",
+          "response": {
+            "additionalProperties": {
+              "description": "Properties of the object.",
+              "type": "any"
+            },
+            "type": "object"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform"
+          ]
+        },
+        "getRecaptchaParams": {
+          "description": "Gets parameters needed for generating a reCAPTCHA challenge.",
+          "flatPath": "v1/recaptchaParams",
+          "httpMethod": "GET",
+          "id": "identitytoolkit.getRecaptchaParams",
+          "parameterOrder": [],
+          "parameters": {},
+          "path": "v1/recaptchaParams",
+          "response": {
+            "$ref": "GoogleCloudIdentitytoolkitV1GetRecaptchaParamResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform"
+          ]
+        },
+        "getSessionCookiePublicKeys": {
+          "description": "Retrieves the set of public keys of the session cookie JSON Web Token (JWT) signer that can be used to validate the session cookie created through createSessionCookie.",
+          "flatPath": "v1/sessionCookiePublicKeys",
+          "httpMethod": "GET",
+          "id": "identitytoolkit.getSessionCookiePublicKeys",
+          "parameterOrder": [],
+          "parameters": {},
+          "path": "v1/sessionCookiePublicKeys",
+          "response": {
+            "$ref": "GoogleCloudIdentitytoolkitV1GetSessionCookiePublicKeysResponse"
+          }
+        }
+      }
+    }
+  },
+  "revision": "20220815",
+  "rootUrl": "https://identitytoolkit.googleapis.com/",
+  "schemas": {
+    "GoogleCloudIdentitytoolkitV1Argon2Parameters": {
+      "description": "The parameters for Argon2 hashing algorithm.",
+      "id": "GoogleCloudIdentitytoolkitV1Argon2Parameters",
+      "properties": {
+        "associatedData": {
+          "description": "The additional associated data, if provided, is appended to the hash value to provide an additional layer of security. A base64-encoded string if specified via JSON.",
+          "format": "byte",
+          "type": "string"
+        },
+        "hashLengthBytes": {
+          "description": "Required. The desired hash length in bytes. Minimum is 4 and maximum is 1024.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "hashType": {
+          "description": "Required. Must not be HASH_TYPE_UNSPECIFIED.",
+          "enum": [
+            "HASH_TYPE_UNSPECIFIED",
+            "ARGON2_D",
+            "ARGON2_ID",
+            "ARGON2_I"
+          ],
+          "enumDescriptions": [
+            "The hash type is not specified.",
+            "An Argon2 variant, Argon2d.",
+            "An Argon2 variant, Argonid. Recommended.",
+            "An Argon2 variant, Argon2i."
+          ],
+          "type": "string"
+        },
+        "iterations": {
+          "description": "Required. The number of iterations to perform. Minimum is 1, maximum is 16.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "memoryCostKib": {
+          "description": "Required. The memory cost in kibibytes. Maximum is 32768.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "parallelism": {
+          "description": "Required. The degree of parallelism, also called threads or lanes. Minimum is 1, maximum is 16.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "version": {
+          "description": "The version of the Argon2 algorithm. This defaults to VERSION_13 if not specified.",
+          "enum": [
+            "VERSION_UNSPECIFIED",
+            "VERSION_10",
+            "VERSION_13"
+          ],
+          "enumDescriptions": [
+            "The version is not specified.",
+            "The previous version, 0x10.",
+            "The current version, 0x13. The default value for version."
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1AutoRetrievalInfo": {
+      "description": "The information required to auto-retrieve an SMS.",
+      "id": "GoogleCloudIdentitytoolkitV1AutoRetrievalInfo",
+      "properties": {
+        "appSignatureHash": {
+          "description": "The Android app's signature hash for Google Play Service's SMS Retriever API.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1BatchDeleteAccountsRequest": {
+      "description": "Request message for BatchDeleteAccounts.",
+      "id": "GoogleCloudIdentitytoolkitV1BatchDeleteAccountsRequest",
+      "properties": {
+        "force": {
+          "description": "Whether to force deleting accounts that are not in disabled state. If false, only disabled accounts will be deleted, and accounts that are not disabled will be added to the `errors`.",
+          "type": "boolean"
+        },
+        "localIds": {
+          "description": "Required. List of user IDs to be deleted.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "tenantId": {
+          "description": "If the accounts belong to an Identity Platform tenant, the ID of the tenant. If the accounts belong to an default Identity Platform project, the field is not needed.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1BatchDeleteAccountsResponse": {
+      "description": "Response message to BatchDeleteAccounts.",
+      "id": "GoogleCloudIdentitytoolkitV1BatchDeleteAccountsResponse",
+      "properties": {
+        "errors": {
+          "description": "Detailed error info for accounts that cannot be deleted.",
+          "items": {
+            "$ref": "GoogleCloudIdentitytoolkitV1BatchDeleteErrorInfo"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1BatchDeleteErrorInfo": {
+      "description": "Error info for account failed to be deleted.",
+      "id": "GoogleCloudIdentitytoolkitV1BatchDeleteErrorInfo",
+      "properties": {
+        "index": {
+          "description": "The index of the errored item in the original local_ids field.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "localId": {
+          "description": "The corresponding user ID.",
+          "type": "string"
+        },
+        "message": {
+          "description": "Detailed error message.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1CreateAuthUriRequest": {
+      "description": "Request message for CreateAuthUri.",
+      "id": "GoogleCloudIdentitytoolkitV1CreateAuthUriRequest",
+      "properties": {
+        "appId": {
+          "type": "string"
+        },
+        "authFlowType": {
+          "description": "Used for the Google provider. The type of the authentication flow to be used. If present, this should be `CODE_FLOW` to specify the authorization code flow. Otherwise, the default ID Token flow will be used.",
+          "type": "string"
+        },
+        "context": {
+          "description": "An opaque string used to maintain contextual information between the authentication request and the callback from the IdP.",
+          "type": "string"
+        },
+        "continueUri": {
+          "description": "A valid URL for the IdP to redirect the user back to. The URL cannot contain fragments or the reserved `state` query parameter.",
+          "type": "string"
+        },
+        "customParameter": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "Additional customized query parameters to be added to the authorization URI. The following parameters are reserved and cannot be added: `client_id`, `response_type`, `scope`, `redirect_uri`, `state`. For the Microsoft provider, the Azure AD tenant to sign-in to can be specified in the `tenant` custom parameter.",
+          "type": "object"
+        },
+        "hostedDomain": {
+          "description": "Used for the Google provider. The G Suite hosted domain of the user in order to restrict sign-in to users at that domain.",
+          "type": "string"
+        },
+        "identifier": {
+          "description": "The email identifier of the user account to fetch associated providers for. At least one of the fields `identifier` and `provider_id` must be set. The length of the email address should be less than 256 characters and in the format of `name@domain.tld`. The email address should also match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec production.",
+          "type": "string"
+        },
+        "oauthConsumerKey": {
+          "type": "string"
+        },
+        "oauthScope": {
+          "description": "Additional space-delimited OAuth 2.0 scopes specifying the scope of the authentication request with the IdP. Used for OAuth 2.0 IdPs. For the Google provider, the authorization code flow will be used if this field is set.",
+          "type": "string"
+        },
+        "openidRealm": {
+          "type": "string"
+        },
+        "otaApp": {
+          "type": "string"
+        },
+        "providerId": {
+          "description": "The provider ID of the IdP for the user to sign in with. This should be a provider ID enabled for sign-in, which is either from the list of [default supported IdPs](https://cloud.google.com/identity-platform/docs/reference/rest/v2/defaultSupportedIdps/list), or of the format `oidc.*` or `saml.*`. Some examples are `google.com`, `facebook.com`, `oidc.testapp`, and `saml.testapp`. At least one of the fields `identifier` and `provider_id` must be set.",
+          "type": "string"
+        },
+        "sessionId": {
+          "description": "A session ID that can be verified against in SignInWithIdp to prevent session fixation attacks. If absent, a random string will be generated and returned as the session ID.",
+          "type": "string"
+        },
+        "tenantId": {
+          "description": "The ID of the Identity Platform tenant to create an authorization URI or lookup an email identifier for. If not set, the operation will be performed in the default Identity Platform instance in the project.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1CreateAuthUriResponse": {
+      "description": "Response message for CreateAuthUri.",
+      "id": "GoogleCloudIdentitytoolkitV1CreateAuthUriResponse",
+      "properties": {
+        "allProviders": {
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "authUri": {
+          "description": "The authorization URI for the requested provider. Present only when a provider ID is set in the request.",
+          "type": "string"
+        },
+        "captchaRequired": {
+          "description": "Whether a CAPTCHA is needed because there have been too many failed login attempts by the user. Present only when a registered email identifier is set in the request.",
+          "type": "boolean"
+        },
+        "forExistingProvider": {
+          "description": "Whether the user has previously signed in with the provider ID in the request. Present only when a registered email identifier is set in the request.",
+          "type": "boolean"
+        },
+        "kind": {
+          "type": "string"
+        },
+        "providerId": {
+          "description": "The provider ID from the request, if provided.",
+          "type": "string"
+        },
+        "registered": {
+          "description": "Whether the email identifier represents an existing account. Present only when an email identifier is set in the request.",
+          "type": "boolean"
+        },
+        "sessionId": {
+          "description": "The session ID from the request, or a random string generated by CreateAuthUri if absent. It is used to prevent session fixation attacks.",
+          "type": "string"
+        },
+        "signinMethods": {
+          "description": "The list of sign-in methods that the user has previously used. Each element is one of `password`, `emailLink`, or the provider ID of an IdP. Present only when a registered email identifier is set in the request.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1CreateSessionCookieRequest": {
+      "description": "Request message for CreateSessionCookie.",
+      "id": "GoogleCloudIdentitytoolkitV1CreateSessionCookieRequest",
+      "properties": {
+        "idToken": {
+          "description": "Required. A valid Identity Platform ID token.",
+          "type": "string"
+        },
+        "tenantId": {
+          "description": "The tenant ID of the Identity Platform tenant the account belongs to.",
+          "type": "string"
+        },
+        "validDuration": {
+          "description": "The number of seconds until the session cookie expires. Specify a duration in seconds, between five minutes and fourteen days, inclusively.",
+          "format": "int64",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1CreateSessionCookieResponse": {
+      "description": "Response message for CreateSessionCookie.",
+      "id": "GoogleCloudIdentitytoolkitV1CreateSessionCookieResponse",
+      "properties": {
+        "sessionCookie": {
+          "description": "The session cookie that has been created from the Identity Platform ID token specified in the request. It is in the form of a JSON Web Token (JWT). Always present.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1DeleteAccountRequest": {
+      "description": "Request message for DeleteAccount.",
+      "id": "GoogleCloudIdentitytoolkitV1DeleteAccountRequest",
+      "properties": {
+        "delegatedProjectNumber": {
+          "format": "int64",
+          "type": "string"
+        },
+        "idToken": {
+          "description": "The Identity Platform ID token of the account to delete. Require to be specified for requests from end users that lack Google OAuth 2.0 credential. Authenticated requests bearing a Google OAuth2 credential with proper permissions may pass local_id to specify the account to delete alternatively.",
+          "type": "string"
+        },
+        "localId": {
+          "description": "The ID of user account to delete. Specifying this field requires a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control). Requests from users lacking the credential should pass an ID token instead.",
+          "type": "string"
+        },
+        "targetProjectId": {
+          "description": "The ID of the project which the account belongs to. Should only be specified in authenticated requests that specify local_id of an account.",
+          "type": "string"
+        },
+        "tenantId": {
+          "description": "The ID of the tenant that the account belongs to, if applicable. Only require to be specified for authenticated requests bearing a Google OAuth 2.0 credential that specify local_id of an account that belongs to an Identity Platform tenant.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1DeleteAccountResponse": {
+      "description": "Response message for DeleteAccount.",
+      "id": "GoogleCloudIdentitytoolkitV1DeleteAccountResponse",
+      "properties": {
+        "kind": {
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1DownloadAccountResponse": {
+      "description": "Response message for DownloadAccount.",
+      "id": "GoogleCloudIdentitytoolkitV1DownloadAccountResponse",
+      "properties": {
+        "kind": {
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "If there are more accounts to be downloaded, a token that can be passed back to DownloadAccount to get more accounts. Otherwise, this is blank.",
+          "type": "string"
+        },
+        "users": {
+          "description": "All accounts belonging to the project/tenant limited by max_results in the request.",
+          "items": {
+            "$ref": "GoogleCloudIdentitytoolkitV1UserInfo"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1EmailTemplate": {
+      "description": "Email template",
+      "id": "GoogleCloudIdentitytoolkitV1EmailTemplate",
+      "properties": {
+        "body": {
+          "description": "Email body",
+          "type": "string"
+        },
+        "customized": {
+          "description": "Whether the body or subject of the email is customized.",
+          "type": "boolean"
+        },
+        "disabled": {
+          "description": "Whether the template is disabled. If true, a default template will be used.",
+          "type": "boolean"
+        },
+        "format": {
+          "description": "Email body format",
+          "enum": [
+            "EMAIL_BODY_FORMAT_UNSPECIFIED",
+            "PLAINTEXT",
+            "HTML"
+          ],
+          "enumDescriptions": [
+            "Default value. Do not use.",
+            "Email body is in plain text format.",
+            "Email body is in HTML format."
+          ],
+          "type": "string"
+        },
+        "from": {
+          "description": "From address of the email",
+          "type": "string"
+        },
+        "fromDisplayName": {
+          "description": "From display name",
+          "type": "string"
+        },
+        "fromLocalPart": {
+          "description": "Local part of From address",
+          "type": "string"
+        },
+        "locale": {
+          "description": "Value is in III language code format (e.g. \"zh-CN\", \"es\"). Both '-' and '_' separators are accepted.",
+          "type": "string"
+        },
+        "replyTo": {
+          "description": "Reply-to address",
+          "type": "string"
+        },
+        "subject": {
+          "description": "Subject of the email",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1ErrorInfo": {
+      "description": "Error information explaining why an account cannot be uploaded. batch upload.",
+      "id": "GoogleCloudIdentitytoolkitV1ErrorInfo",
+      "properties": {
+        "index": {
+          "description": "The index of the item, range is [0, request.size - 1]",
+          "format": "int32",
+          "type": "integer"
+        },
+        "message": {
+          "description": "Detailed error message",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1FederatedUserIdentifier": {
+      "description": "Federated user identifier at an Identity Provider.",
+      "id": "GoogleCloudIdentitytoolkitV1FederatedUserIdentifier",
+      "properties": {
+        "providerId": {
+          "description": "The ID of supported identity providers. This should be a provider ID enabled for sign-in, which is either from the list of [default supported IdPs](https://cloud.google.com/identity-platform/docs/reference/rest/v2/defaultSupportedIdps/list), or of the format `oidc.*` or `saml.*`. Some examples are `google.com`, `facebook.com`, `oidc.testapp`, and `saml.testapp`.",
+          "type": "string"
+        },
+        "rawId": {
+          "description": "The user ID of the account at the third-party Identity Provider specified by `provider_id`.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1GetAccountInfoRequest": {
+      "description": "Request message for GetAccountInfo.",
+      "id": "GoogleCloudIdentitytoolkitV1GetAccountInfoRequest",
+      "properties": {
+        "delegatedProjectNumber": {
+          "format": "int64",
+          "type": "string"
+        },
+        "email": {
+          "description": "The email address of one or more accounts to fetch. The length of email should be less than 256 characters and in the format of `name@domain.tld`. The email should also match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec production. Should only be specified by authenticated requests from a developer.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "federatedUserId": {
+          "description": "The federated user identifier of one or more accounts to fetch. Should only be specified by authenticated requests bearing a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).",
+          "items": {
+            "$ref": "GoogleCloudIdentitytoolkitV1FederatedUserIdentifier"
+          },
+          "type": "array"
+        },
+        "idToken": {
+          "description": "The Identity Platform ID token of the account to fetch. Require to be specified for requests from end users.",
+          "type": "string"
+        },
+        "initialEmail": {
+          "description": "The initial email of one or more accounts to fetch. The length of email should be less than 256 characters and in the format of `name@domain.tld`. The email should also match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec production. Should only be specified by authenticated requests from a developer.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "localId": {
+          "description": "The ID of one or more accounts to fetch. Should only be specified by authenticated requests bearing a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "phoneNumber": {
+          "description": "The phone number of one or more accounts to fetch. Should only be specified by authenticated requests from a developer and should be in E.164 format, for example, +15555555555.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "targetProjectId": {
+          "description": "The ID of the Google Cloud project that the account or the Identity Platform tenant specified by `tenant_id` belongs to. Should only be specified by authenticated requests bearing a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).",
+          "type": "string"
+        },
+        "tenantId": {
+          "description": "The ID of the tenant that the account belongs to. Should only be specified by authenticated requests from a developer.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1GetAccountInfoResponse": {
+      "description": "Response message for GetAccountInfo.",
+      "id": "GoogleCloudIdentitytoolkitV1GetAccountInfoResponse",
+      "properties": {
+        "kind": {
+          "type": "string"
+        },
+        "users": {
+          "description": "The information of specific user account(s) matching the parameters in the request.",
+          "items": {
+            "$ref": "GoogleCloudIdentitytoolkitV1UserInfo"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1GetOobCodeRequest": {
+      "description": "Request message for GetOobCode.",
+      "id": "GoogleCloudIdentitytoolkitV1GetOobCodeRequest",
+      "properties": {
+        "androidInstallApp": {
+          "description": "If an associated android app can handle the OOB code, whether or not to install the android app on the device where the link is opened if the app is not already installed.",
+          "type": "boolean"
+        },
+        "androidMinimumVersion": {
+          "description": "If an associated android app can handle the OOB code, the minimum version of the app. If the version on the device is lower than this version then the user is taken to Google Play Store to upgrade the app.",
+          "type": "string"
+        },
+        "androidPackageName": {
+          "description": "If an associated android app can handle the OOB code, the Android package name of the android app that will handle the callback when this OOB code is used. This will allow the correct app to open if it is already installed, or allow Google Play Store to open to the correct app if it is not yet installed.",
+          "type": "string"
+        },
+        "canHandleCodeInApp": {
+          "description": "When set to true, the OOB code link will be be sent as a Universal Link or an Android App Link and will be opened by the corresponding app if installed. If not set, or set to false, the OOB code will be sent to the web widget first and then on continue will redirect to the app if installed.",
+          "type": "boolean"
+        },
+        "captchaResp": {
+          "description": "For a PASSWORD_RESET request, a reCaptcha response is required when the system detects possible abuse activity. In those cases, this is the response from the reCaptcha challenge used to verify the caller.",
+          "type": "string"
+        },
+        "challenge": {
+          "type": "string"
+        },
+        "continueUrl": {
+          "description": "The Url to continue after user clicks the link sent in email. This is the url that will allow the web widget to handle the OOB code.",
+          "type": "string"
+        },
+        "dynamicLinkDomain": {
+          "description": "In order to ensure that the url used can be easily opened up in iOS or android, we create a [Firebase Dynamic Link](https://firebase.google.com/docs/dynamic-links). Most Identity Platform projects will only have one Dynamic Link domain enabled, and can leave this field blank. This field contains a specified Dynamic Link domain for projects that have multiple enabled.",
+          "type": "string"
+        },
+        "email": {
+          "description": "The account's email address to send the OOB code to, and generally the email address of the account that needs to be updated. Required for PASSWORD_RESET, EMAIL_SIGNIN, and VERIFY_EMAIL. Only required for VERIFY_AND_CHANGE_EMAIL requests when return_oob_link is set to true. In this case, it is the original email of the user.",
+          "type": "string"
+        },
+        "iOSAppStoreId": {
+          "description": "If an associated iOS app can handle the OOB code, the App Store id of this app. This will allow App Store to open to the correct app if the app is not yet installed.",
+          "type": "string"
+        },
+        "iOSBundleId": {
+          "description": "If an associated iOS app can handle the OOB code, the iOS bundle id of this app. This will allow the correct app to open if it is already installed.",
+          "type": "string"
+        },
+        "idToken": {
+          "description": "An ID token for the account. It is required for VERIFY_AND_CHANGE_EMAIL and VERIFY_EMAIL requests unless return_oob_link is set to true.",
+          "type": "string"
+        },
+        "newEmail": {
+          "description": "The email address the account is being updated to. Required only for VERIFY_AND_CHANGE_EMAIL requests.",
+          "type": "string"
+        },
+        "requestType": {
+          "description": "Required. The type of out-of-band (OOB) code to send. Depending on this value, other fields in this request will be required and/or have different meanings. There are 4 different OOB codes that can be sent: * PASSWORD_RESET * EMAIL_SIGNIN * VERIFY_EMAIL * VERIFY_AND_CHANGE_EMAIL",
+          "enum": [
+            "OOB_REQ_TYPE_UNSPECIFIED",
+            "PASSWORD_RESET",
+            "OLD_EMAIL_AGREE",
+            "NEW_EMAIL_ACCEPT",
+            "VERIFY_EMAIL",
+            "RECOVER_EMAIL",
+            "EMAIL_SIGNIN",
+            "VERIFY_AND_CHANGE_EMAIL",
+            "REVERT_SECOND_FACTOR_ADDITION"
+          ],
+          "enumDescriptions": [
+            "Oob code type is not specified.",
+            "reset password",
+            "",
+            "",
+            "verify the account's email address by sending an email",
+            "",
+            "sign in with email only",
+            "This flow sends an email to the specified new email, and when applied by clicking the link in the email changes the account's email to the new email. Used when the account must have verified email at all times, such as MFA accounts.",
+            ""
+          ],
+          "type": "string"
+        },
+        "returnOobLink": {
+          "description": "Whether the confirmation link containing the OOB code should be returned in the response (no email is sent). Used when a developer wants to construct the email template and send it on their own. By default this is false; to specify this field, and to set it to true, it requires a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control)",
+          "type": "boolean"
+        },
+        "targetProjectId": {
+          "description": "The Project ID of the Identity Platform project which the account belongs to. To specify this field, it requires a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).",
+          "type": "string"
+        },
+        "tenantId": {
+          "description": "The tenant ID of the Identity Platform tenant the account belongs to.",
+          "type": "string"
+        },
+        "userIp": {
+          "description": "The IP address of the caller. Required only for PASSWORD_RESET requests.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1GetOobCodeResponse": {
+      "description": "Response message for GetOobCode.",
+      "id": "GoogleCloudIdentitytoolkitV1GetOobCodeResponse",
+      "properties": {
+        "email": {
+          "description": "If return_oob_link is false in the request, the email address the verification was sent to.",
+          "type": "string"
+        },
+        "kind": {
+          "type": "string"
+        },
+        "oobCode": {
+          "description": "If return_oob_link is true in the request, the OOB code to send.",
+          "type": "string"
+        },
+        "oobLink": {
+          "description": "If return_oob_link is true in the request, the OOB link to be sent to the user. This returns the constructed link including [Firebase Dynamic Link](https://firebase.google.com/docs/dynamic-links) related parameters.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1GetProjectConfigResponse": {
+      "description": "Response message for GetProjectConfig.",
+      "id": "GoogleCloudIdentitytoolkitV1GetProjectConfigResponse",
+      "properties": {
+        "allowPasswordUser": {
+          "description": "Whether to allow password account sign up. This field is only returned for authenticated calls from a developer.",
+          "type": "boolean"
+        },
+        "apiKey": {
+          "description": "Google Cloud API key. This field is only returned for authenticated calls from a developer.",
+          "type": "string"
+        },
+        "authorizedDomains": {
+          "description": "Authorized domains for widget redirect.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "changeEmailTemplate": {
+          "$ref": "GoogleCloudIdentitytoolkitV1EmailTemplate",
+          "description": "Email template for change email. This field is only returned for authenticated calls from a developer."
+        },
+        "dynamicLinksDomain": {
+          "description": "The Firebase Dynamic Links domain used to construct links for redirects to native apps.",
+          "type": "string"
+        },
+        "enableAnonymousUser": {
+          "description": "Whether anonymous user is enabled. This field is only returned for authenticated calls from a developer.",
+          "type": "boolean"
+        },
+        "idpConfig": {
+          "description": "OAuth2 provider config. This field is only returned for authenticated calls from a developer.",
+          "items": {
+            "$ref": "GoogleCloudIdentitytoolkitV1IdpConfig"
+          },
+          "type": "array"
+        },
+        "legacyResetPasswordTemplate": {
+          "$ref": "GoogleCloudIdentitytoolkitV1EmailTemplate",
+          "description": "Reset password email template for legacy Firebase V1 app. This field is only returned for authenticated calls from a developer."
+        },
+        "projectId": {
+          "description": "The project id of the retrieved configuration.",
+          "type": "string"
+        },
+        "resetPasswordTemplate": {
+          "$ref": "GoogleCloudIdentitytoolkitV1EmailTemplate",
+          "description": "Email template for reset password. This field is only returned for authenticated calls from a developer."
+        },
+        "revertSecondFactorAdditionTemplate": {
+          "$ref": "GoogleCloudIdentitytoolkitV1EmailTemplate",
+          "description": "Email template for reverting second factor additions. This field is only returned for authenticated calls from a developer."
+        },
+        "useEmailSending": {
+          "description": "Whether to use email sending. This field is only returned for authenticated calls from a developer.",
+          "type": "boolean"
+        },
+        "verifyEmailTemplate": {
+          "$ref": "GoogleCloudIdentitytoolkitV1EmailTemplate",
+          "description": "Email template for verify email. This field is only returned for authenticated calls from a developer."
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1GetRecaptchaParamResponse": {
+      "description": "Response message for GetRecaptchaParam.",
+      "id": "GoogleCloudIdentitytoolkitV1GetRecaptchaParamResponse",
+      "properties": {
+        "kind": {
+          "type": "string"
+        },
+        "recaptchaSiteKey": {
+          "description": "The reCAPTCHA v2 site key used to invoke the reCAPTCHA service. Always present.",
+          "type": "string"
+        },
+        "recaptchaStoken": {
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1GetSessionCookiePublicKeysResponse": {
+      "description": "Response message for GetSessionCookiePublicKeys.",
+      "id": "GoogleCloudIdentitytoolkitV1GetSessionCookiePublicKeysResponse",
+      "properties": {
+        "keys": {
+          "description": "Public keys of the session cookie signer, formatted as [JSON Web Keys (JWK)](https://tools.ietf.org/html/rfc7517).",
+          "items": {
+            "$ref": "GoogleCloudIdentitytoolkitV1OpenIdConnectKey"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1IdpConfig": {
+      "description": "Config of an identity provider.",
+      "id": "GoogleCloudIdentitytoolkitV1IdpConfig",
+      "properties": {
+        "clientId": {
+          "description": "OAuth2 client ID.",
+          "type": "string"
+        },
+        "enabled": {
+          "description": "True if allows the user to sign in with the provider.",
+          "type": "boolean"
+        },
+        "experimentPercent": {
+          "description": "Percent of users who will be prompted/redirected federated login for this IdP",
+          "format": "int32",
+          "type": "integer"
+        },
+        "provider": {
+          "description": "Name of the identity provider.",
+          "enum": [
+            "PROVIDER_UNSPECIFIED",
+            "MSLIVE",
+            "GOOGLE",
+            "FACEBOOK",
+            "PAYPAL",
+            "TWITTER",
+            "YAHOO",
+            "AOL",
+            "GITHUB",
+            "GOOGLE_PLAY_GAMES",
+            "LINKEDIN",
+            "IOS_GAME_CENTER"
+          ],
+          "enumDescriptions": [
+            "",
+            "Microsoft Live as identity provider.",
+            "Google as identity provider.",
+            "Facebook as identity provider.",
+            "PayPal as identity provider.",
+            "Twitter as identity provider.",
+            "Yahoo as identity provider.",
+            "AOL as identity provider.",
+            "GitHub as identity provider.",
+            "Google Play Games as identity provider.",
+            "LinkedIn as identity provider.",
+            "iOS Game Center as identity provider."
+          ],
+          "type": "string"
+        },
+        "secret": {
+          "description": "OAuth2 client secret.",
+          "type": "string"
+        },
+        "whitelistedAudiences": {
+          "description": "Whitelisted client IDs for audience check.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1IssueSamlResponseRequest": {
+      "description": "Request message for IssueSamlResponse.",
+      "id": "GoogleCloudIdentitytoolkitV1IssueSamlResponseRequest",
+      "properties": {
+        "idToken": {
+          "description": "The Identity Platform ID token. It will be verified and then converted to a new SAMLResponse.",
+          "type": "string"
+        },
+        "rpId": {
+          "description": "Relying Party identifier, which is the audience of issued SAMLResponse.",
+          "type": "string"
+        },
+        "samlAppEntityId": {
+          "description": "SAML app entity id specified in Google Admin Console for each app. If developers want to redirect to a third-party app rather than a G Suite app, they'll probably they need this. When it's used, we'll return a RelayState. This includes a SAMLRequest, which can be used to trigger a SP-initiated SAML flow to redirect to the real app.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1IssueSamlResponseResponse": {
+      "description": "Response for IssueSamlResponse request.",
+      "id": "GoogleCloudIdentitytoolkitV1IssueSamlResponseResponse",
+      "properties": {
+        "acsEndpoint": {
+          "description": "The ACS endpoint which consumes the returned SAMLResponse.",
+          "type": "string"
+        },
+        "email": {
+          "description": "Email of the user.",
+          "type": "string"
+        },
+        "firstName": {
+          "description": "First name of the user.",
+          "type": "string"
+        },
+        "isNewUser": {
+          "description": "Whether the logged in user was created by this request.",
+          "type": "boolean"
+        },
+        "lastName": {
+          "description": "Last name of the user.",
+          "type": "string"
+        },
+        "relayState": {
+          "description": "Generated RelayState.",
+          "type": "string"
+        },
+        "samlResponse": {
+          "description": "Signed SAMLResponse created for the Relying Party.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1MfaEnrollment": {
+      "description": "Information on which multi-factor authentication (MFA) providers are enabled for an account.",
+      "id": "GoogleCloudIdentitytoolkitV1MfaEnrollment",
+      "properties": {
+        "displayName": {
+          "description": "Display name for this mfa option e.g. \"corp cell phone\".",
+          "type": "string"
+        },
+        "enrolledAt": {
+          "description": "Timestamp when the account enrolled this second factor.",
+          "format": "google-datetime",
+          "type": "string"
+        },
+        "mfaEnrollmentId": {
+          "description": "ID of this MFA option.",
+          "type": "string"
+        },
+        "phoneInfo": {
+          "description": "Normally this will show the phone number associated with this enrollment. In some situations, such as after a first factor sign in, it will only show the obfuscated version of the associated phone number.",
+          "type": "string"
+        },
+        "unobfuscatedPhoneInfo": {
+          "description": "Output only. Unobfuscated phone_info.",
+          "readOnly": true,
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1MfaFactor": {
+      "id": "GoogleCloudIdentitytoolkitV1MfaFactor",
+      "properties": {
+        "displayName": {
+          "description": "Display name for this mfa option e.g. \"corp cell phone\".",
+          "type": "string"
+        },
+        "phoneInfo": {
+          "description": "Phone number to receive OTP for MFA.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1MfaInfo": {
+      "description": "Multi-factor authentication related information.",
+      "id": "GoogleCloudIdentitytoolkitV1MfaInfo",
+      "properties": {
+        "enrollments": {
+          "description": "The second factors the user has enrolled.",
+          "items": {
+            "$ref": "GoogleCloudIdentitytoolkitV1MfaEnrollment"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1OpenIdConnectKey": {
+      "description": "Represents a public key of the session cookie signer, formatted as a [JSON Web Key (JWK)](https://tools.ietf.org/html/rfc7517).",
+      "id": "GoogleCloudIdentitytoolkitV1OpenIdConnectKey",
+      "properties": {
+        "alg": {
+          "description": "Signature algorithm.",
+          "type": "string"
+        },
+        "e": {
+          "description": "Exponent for the RSA public key, it is represented as the base64url encoding of the value's big endian representation.",
+          "type": "string"
+        },
+        "kid": {
+          "description": "Unique string to identify this key.",
+          "type": "string"
+        },
+        "kty": {
+          "description": "Key type.",
+          "type": "string"
+        },
+        "n": {
+          "description": "Modulus for the RSA public key, it is represented as the base64url encoding of the value's big endian representation.",
+          "type": "string"
+        },
+        "use": {
+          "description": "Key use.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1ProviderUserInfo": {
+      "description": "Information about the user as provided by various Identity Providers.",
+      "id": "GoogleCloudIdentitytoolkitV1ProviderUserInfo",
+      "properties": {
+        "displayName": {
+          "description": "The user's display name at the Identity Provider.",
+          "type": "string"
+        },
+        "email": {
+          "description": "The user's email address at the Identity Provider.",
+          "type": "string"
+        },
+        "federatedId": {
+          "description": "The user's identifier at the Identity Provider.",
+          "type": "string"
+        },
+        "phoneNumber": {
+          "description": "The user's phone number at the Identity Provider.",
+          "type": "string"
+        },
+        "photoUrl": {
+          "description": "The user's profile photo URL at the Identity Provider.",
+          "type": "string"
+        },
+        "providerId": {
+          "description": "The ID of the Identity Provider.",
+          "type": "string"
+        },
+        "rawId": {
+          "description": "The user's raw identifier directly returned from Identity Provider.",
+          "type": "string"
+        },
+        "screenName": {
+          "description": "The user's screen_name at Twitter or login name at GitHub.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1QueryUserInfoRequest": {
+      "description": "Request message for QueryUserInfo.",
+      "id": "GoogleCloudIdentitytoolkitV1QueryUserInfoRequest",
+      "properties": {
+        "expression": {
+          "description": "Query conditions used to filter results. If more than one is passed, only the first SqlExpression is evaluated.",
+          "items": {
+            "$ref": "GoogleCloudIdentitytoolkitV1SqlExpression"
+          },
+          "type": "array"
+        },
+        "limit": {
+          "description": "The maximum number of accounts to return with an upper limit of __500__. Defaults to _500_. Only valid when `return_user_info` is set to `true`.",
+          "format": "int64",
+          "type": "string"
+        },
+        "offset": {
+          "description": "The number of accounts to skip from the beginning of matching records. Only valid when `return_user_info` is set to `true`.",
+          "format": "int64",
+          "type": "string"
+        },
+        "order": {
+          "description": "The order for sorting query result. Defaults to __ascending__ order. Only valid when `return_user_info` is set to `true`.",
+          "enum": [
+            "ORDER_UNSPECIFIED",
+            "ASC",
+            "DESC"
+          ],
+          "enumDescriptions": [
+            "Order is not specified.",
+            "Sort on ascending order.",
+            "Sort on descending order."
+          ],
+          "type": "string"
+        },
+        "returnUserInfo": {
+          "description": "If `true`, this request will return the accounts matching the query. If `false`, only the __count__ of accounts matching the query will be returned. Defaults to `true`.",
+          "type": "boolean"
+        },
+        "sortBy": {
+          "description": "The field to use for sorting user accounts. Defaults to `USER_ID`. Note: when `phone_number` is specified in `expression`, the result ignores the sorting. Only valid when `return_user_info` is set to `true`.",
+          "enum": [
+            "SORT_BY_FIELD_UNSPECIFIED",
+            "USER_ID",
+            "NAME",
+            "CREATED_AT",
+            "LAST_LOGIN_AT",
+            "USER_EMAIL"
+          ],
+          "enumDescriptions": [
+            "Sort field is not specified.",
+            "Sort result by userId.",
+            "Sort result by name.",
+            "Sort result by createdAt.",
+            "Sort result by lastLoginAt.",
+            "Sort result by userEmail."
+          ],
+          "type": "string"
+        },
+        "tenantId": {
+          "description": "The ID of the tenant to which the result is scoped.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1QueryUserInfoResponse": {
+      "description": "Response message for QueryUserInfo.",
+      "id": "GoogleCloudIdentitytoolkitV1QueryUserInfoResponse",
+      "properties": {
+        "recordsCount": {
+          "description": "If `return_user_info` in the request is true, this is the number of returned accounts in this message. Otherwise, this is the total number of accounts matching the query.",
+          "format": "int64",
+          "type": "string"
+        },
+        "userInfo": {
+          "description": "If `return_user_info` in the request is true, this is the accounts matching the query.",
+          "items": {
+            "$ref": "GoogleCloudIdentitytoolkitV1UserInfo"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1ResetPasswordRequest": {
+      "description": "Request message for ResetPassword.",
+      "id": "GoogleCloudIdentitytoolkitV1ResetPasswordRequest",
+      "properties": {
+        "email": {
+          "description": "The email of the account to be modified. Specify this and the old password in order to change an account's password without using an out-of-band code.",
+          "type": "string"
+        },
+        "newPassword": {
+          "description": "The new password to be set for this account. Specifying this field will result in a change to the account and consume the out-of-band code if one was specified and it was of type PASSWORD_RESET.",
+          "type": "string"
+        },
+        "oldPassword": {
+          "description": "The current password of the account to be modified. Specify this and email to change an account's password without using an out-of-band code.",
+          "type": "string"
+        },
+        "oobCode": {
+          "description": "An out-of-band (OOB) code generated by GetOobCode request. Specify only this parameter (or only this parameter and a tenant ID) to get the out-of-band code's type in the response without mutating the account's state. Only a PASSWORD_RESET out-of-band code can be consumed via this method.",
+          "type": "string"
+        },
+        "tenantId": {
+          "description": "The tenant ID of the Identity Platform tenant the account belongs to.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1ResetPasswordResponse": {
+      "description": "Response message for ResetPassword.",
+      "id": "GoogleCloudIdentitytoolkitV1ResetPasswordResponse",
+      "properties": {
+        "email": {
+          "description": "The email associated with the out-of-band code that was used.",
+          "type": "string"
+        },
+        "kind": {
+          "type": "string"
+        },
+        "mfaInfo": {
+          "$ref": "GoogleCloudIdentitytoolkitV1MfaEnrollment"
+        },
+        "newEmail": {
+          "type": "string"
+        },
+        "requestType": {
+          "enum": [
+            "OOB_REQ_TYPE_UNSPECIFIED",
+            "PASSWORD_RESET",
+            "OLD_EMAIL_AGREE",
+            "NEW_EMAIL_ACCEPT",
+            "VERIFY_EMAIL",
+            "RECOVER_EMAIL",
+            "EMAIL_SIGNIN",
+            "VERIFY_AND_CHANGE_EMAIL",
+            "REVERT_SECOND_FACTOR_ADDITION"
+          ],
+          "enumDescriptions": [
+            "Oob code type is not specified.",
+            "reset password",
+            "",
+            "",
+            "verify the account's email address by sending an email",
+            "",
+            "sign in with email only",
+            "This flow sends an email to the specified new email, and when applied by clicking the link in the email changes the account's email to the new email. Used when the account must have verified email at all times, such as MFA accounts.",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1SendVerificationCodeRequest": {
+      "description": "Request message for SendVerificationCode. At least one of (`ios_receipt` and `ios_secret`), `recaptcha_token`, or `safety_net_token` must be specified to verify the verification code is being sent on behalf of a real app and not an emulator.",
+      "id": "GoogleCloudIdentitytoolkitV1SendVerificationCodeRequest",
+      "properties": {
+        "autoRetrievalInfo": {
+          "$ref": "GoogleCloudIdentitytoolkitV1AutoRetrievalInfo",
+          "description": "Android only. Used by Google Play Services to identify the app for auto-retrieval."
+        },
+        "iosReceipt": {
+          "description": "Receipt of successful iOS app token validation. At least one of (`ios_receipt` and `ios_secret`), `recaptcha_token`, or `safety_net_token` must be specified to verify the verification code is being sent on behalf of a real app and not an emulator. This should come from the response of verifyIosClient. If present, the caller should also provide the `ios_secret`, as well as a bundle ID in the `x-ios-bundle-identifier` header, which must match the bundle ID from the verifyIosClient request.",
+          "type": "string"
+        },
+        "iosSecret": {
+          "description": "Secret delivered to iOS app as a push notification. Should be passed with an `ios_receipt` as well as the `x-ios-bundle-identifier` header.",
+          "type": "string"
+        },
+        "phoneNumber": {
+          "description": "The phone number to send the verification code to in E.164 format.",
+          "type": "string"
+        },
+        "recaptchaToken": {
+          "description": "Recaptcha token for app verification. At least one of (`ios_receipt` and `ios_secret`), `recaptcha_token`, or `safety_net_token` must be specified to verify the verification code is being sent on behalf of a real app and not an emulator. The recaptcha should be generated by calling getRecaptchaParams and the recaptcha token will be generated on user completion of the recaptcha challenge.",
+          "type": "string"
+        },
+        "safetyNetToken": {
+          "description": "Android only. Used to assert application identity in place of a recaptcha token. At least one of (`ios_receipt` and `ios_secret`), `recaptcha_token`, or `safety_net_token` must be specified to verify the verification code is being sent on behalf of a real app and not an emulator. A SafetyNet Token can be generated via the [SafetyNet Android Attestation API](https://developer.android.com/training/safetynet/attestation.html), with the Base64 encoding of the `phone_number` field as the nonce.",
+          "type": "string"
+        },
+        "tenantId": {
+          "description": "Tenant ID of the Identity Platform tenant the user is signing in to.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1SendVerificationCodeResponse": {
+      "description": "Response message for SendVerificationCode.",
+      "id": "GoogleCloudIdentitytoolkitV1SendVerificationCodeResponse",
+      "properties": {
+        "sessionInfo": {
+          "description": "Encrypted session information. This can be used in signInWithPhoneNumber to authenticate the phone number.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1SetAccountInfoRequest": {
+      "description": "Request message for SetAccountInfo.",
+      "id": "GoogleCloudIdentitytoolkitV1SetAccountInfoRequest",
+      "properties": {
+        "captchaChallenge": {
+          "type": "string"
+        },
+        "captchaResponse": {
+          "description": "The response from reCaptcha challenge. This is required when the system detects possible abuse activities.",
+          "type": "string"
+        },
+        "createdAt": {
+          "description": "The timestamp in milliseconds when the account was created.",
+          "format": "int64",
+          "type": "string"
+        },
+        "customAttributes": {
+          "description": "JSON formatted custom attributes to be stored in the Identity Platform ID token. Specifying this field requires a Google OAuth 2.0 credential with proper permissions (https://cloud.google.com/identity-platform/docs/access-control).",
+          "type": "string"
+        },
+        "delegatedProjectNumber": {
+          "format": "int64",
+          "type": "string"
+        },
+        "deleteAttribute": {
+          "description": "The account's attributes to be deleted.",
+          "items": {
+            "enum": [
+              "USER_ATTRIBUTE_NAME_UNSPECIFIED",
+              "EMAIL",
+              "DISPLAY_NAME",
+              "PROVIDER",
+              "PHOTO_URL",
+              "PASSWORD",
+              "RAW_USER_INFO"
+            ],
+            "enumDescriptions": [
+              "User attribute name is not specified.",
+              "User attribute key name is email.",
+              "User attribute key name is displayName.",
+              "User attribute key name is provider.",
+              "User attribute key name is photoURL.",
+              "User attribute key name is password.",
+              "User attribute key name is rawUserInfo."
+            ],
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "deleteProvider": {
+          "description": "The Identity Providers to unlink from the user's account.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "disableUser": {
+          "description": "If true, marks the account as disabled, meaning the user will no longer be able to sign-in.",
+          "type": "boolean"
+        },
+        "displayName": {
+          "description": "The user's new display name to be updated in the account's attributes. The length of the display name must be less than or equal to 256 characters.",
+          "type": "string"
+        },
+        "email": {
+          "description": "The user's new email to be updated in the account's attributes. The length of email should be less than 256 characters and in the format of `name@domain.tld`. The email should also match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec production.",
+          "type": "string"
+        },
+        "emailVerified": {
+          "description": "Whether the user's email has been verified. Specifying this field requires a Google OAuth 2.0 credential with proper permissions (https://cloud.google.com/identity-platform/docs/access-control).",
+          "type": "boolean"
+        },
+        "idToken": {
+          "description": "A valid Identity Platform ID token. Required when attempting to change user-related information.",
+          "type": "string"
+        },
+        "instanceId": {
+          "type": "string"
+        },
+        "lastLoginAt": {
+          "description": "The timestamp in milliseconds when the account last logged in.",
+          "format": "int64",
+          "type": "string"
+        },
+        "linkProviderUserInfo": {
+          "$ref": "GoogleCloudIdentitytoolkitV1ProviderUserInfo",
+          "description": "The provider to be linked to the user's account. Specifying this field requires a Google OAuth 2.0 credential with proper permissions (https://cloud.google.com/identity-platform/docs/access-control)."
+        },
+        "localId": {
+          "description": "The ID of the user. Specifying this field requires a Google OAuth 2.0 credential with proper permissions (https://cloud.google.com/identity-platform/docs/access-control). For requests from end-users, an ID token should be passed instead.",
+          "type": "string"
+        },
+        "mfa": {
+          "$ref": "GoogleCloudIdentitytoolkitV1MfaInfo",
+          "description": "The multi-factor authentication related information to be set on the user's account. This will overwrite any previous multi-factor related information on the account. Specifying this field requires a Google OAuth 2.0 credential with proper permissions (https://cloud.google.com/identity-platform/docs/access-control)."
+        },
+        "oobCode": {
+          "description": "The out-of-band code to be applied on the user's account. The following out-of-band code types are supported: * VERIFY_EMAIL * RECOVER_EMAIL * REVERT_SECOND_FACTOR_ADDITION * VERIFY_AND_CHANGE_EMAIL",
+          "type": "string"
+        },
+        "password": {
+          "description": "The user's new password to be updated in the account's attributes. The password must be at least 6 characters long.",
+          "type": "string"
+        },
+        "phoneNumber": {
+          "description": "The phone number to be updated in the account's attributes.",
+          "type": "string"
+        },
+        "photoUrl": {
+          "description": "The user's new photo URL for the account's profile photo to be updated in the account's attributes. The length of the URL must be less than or equal to 2048 characters.",
+          "type": "string"
+        },
+        "provider": {
+          "description": "The Identity Providers that the account should be associated with.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "returnSecureToken": {
+          "description": "Whether or not to return an ID and refresh token. Should always be true.",
+          "type": "boolean"
+        },
+        "targetProjectId": {
+          "description": "The project ID for the project that the account belongs to. Specifying this field requires Google OAuth 2.0 credential with proper permissions (https://cloud.google.com/identity-platform/docs/access-control). Requests from end users should pass an Identity Platform ID token instead.",
+          "type": "string"
+        },
+        "tenantId": {
+          "description": "The tenant ID of the Identity Platform tenant that the account belongs to. Requests from end users should pass an Identity Platform ID token rather than setting this field.",
+          "type": "string"
+        },
+        "upgradeToFederatedLogin": {
+          "description": "Whether the account should be restricted to only using federated login.",
+          "type": "boolean"
+        },
+        "validSince": {
+          "description": "Specifies the minimum timestamp in seconds for an Identity Platform ID token to be considered valid.",
+          "format": "int64",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1SetAccountInfoResponse": {
+      "description": "Response message for SetAccountInfo",
+      "id": "GoogleCloudIdentitytoolkitV1SetAccountInfoResponse",
+      "properties": {
+        "displayName": {
+          "description": "The account's display name.",
+          "type": "string"
+        },
+        "email": {
+          "description": "The account's email address.",
+          "type": "string"
+        },
+        "emailVerified": {
+          "description": "Whether the account's email has been verified.",
+          "type": "boolean"
+        },
+        "expiresIn": {
+          "description": "The number of seconds until the Identity Platform ID token expires.",
+          "format": "int64",
+          "type": "string"
+        },
+        "idToken": {
+          "description": "An Identity Platform ID token for the account. This is used for legacy user sign up.",
+          "type": "string"
+        },
+        "kind": {
+          "type": "string"
+        },
+        "localId": {
+          "description": "The ID of the authenticated user.",
+          "type": "string"
+        },
+        "newEmail": {
+          "description": "The new email that has been set on the user's account attributes.",
+          "type": "string"
+        },
+        "passwordHash": {
+          "description": "Deprecated. No actual password hash is currently returned.",
+          "type": "string"
+        },
+        "photoUrl": {
+          "description": "The user's photo URL for the account's profile photo.",
+          "type": "string"
+        },
+        "providerUserInfo": {
+          "description": "The linked Identity Providers on the account.",
+          "items": {
+            "$ref": "GoogleCloudIdentitytoolkitV1ProviderUserInfo"
+          },
+          "type": "array"
+        },
+        "refreshToken": {
+          "description": "A refresh token for the account. This is used for legacy user sign up.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1SignInWithCustomTokenRequest": {
+      "description": "Request message for SignInWithCustomToken.",
+      "id": "GoogleCloudIdentitytoolkitV1SignInWithCustomTokenRequest",
+      "properties": {
+        "delegatedProjectNumber": {
+          "format": "int64",
+          "type": "string"
+        },
+        "instanceId": {
+          "type": "string"
+        },
+        "returnSecureToken": {
+          "description": "Should always be true.",
+          "type": "boolean"
+        },
+        "tenantId": {
+          "description": "The ID of the Identity Platform tenant the user is signing in to. If present, the ID should match the tenant_id in the token.",
+          "type": "string"
+        },
+        "token": {
+          "description": "Required. The custom Auth token asserted by the developer. The token should be a [JSON Web Token (JWT)](https://tools.ietf.org/html/rfc7519) that includes the claims listed in the [API reference](https://cloud.google.com/identity-platform/docs/reference/rest/client/) under the \"Custom Token Claims\" section.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1SignInWithCustomTokenResponse": {
+      "description": "Response message for SignInWithCustomToken.",
+      "id": "GoogleCloudIdentitytoolkitV1SignInWithCustomTokenResponse",
+      "properties": {
+        "expiresIn": {
+          "description": "The number of seconds until the ID token expires.",
+          "format": "int64",
+          "type": "string"
+        },
+        "idToken": {
+          "description": "An Identity Platform ID token for the authenticated user.",
+          "type": "string"
+        },
+        "isNewUser": {
+          "description": "Whether the authenticated user was created by this request.",
+          "type": "boolean"
+        },
+        "kind": {
+          "type": "string"
+        },
+        "refreshToken": {
+          "description": "An Identity Platform refresh token for the authenticated user.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1SignInWithEmailLinkRequest": {
+      "description": "Request message for SignInWithEmailLink",
+      "id": "GoogleCloudIdentitytoolkitV1SignInWithEmailLinkRequest",
+      "properties": {
+        "email": {
+          "description": "Required. The email address the sign-in link was sent to. The length of email should be less than 256 characters and in the format of `name@domain.tld`. The email should also match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec production.",
+          "type": "string"
+        },
+        "idToken": {
+          "description": "A valid ID token for an Identity Platform account. If passed, this request will link the email address to the user represented by this ID token and enable sign-in with email link on the account for the future.",
+          "type": "string"
+        },
+        "oobCode": {
+          "description": "Required. The out-of-band code from the email link.",
+          "type": "string"
+        },
+        "tenantId": {
+          "description": "The ID of the Identity Platform tenant the user is signing in to. If not set, the user will sign in to the default Identity Platform project.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1SignInWithEmailLinkResponse": {
+      "description": "Response message for SignInWithEmailLink.",
+      "id": "GoogleCloudIdentitytoolkitV1SignInWithEmailLinkResponse",
+      "properties": {
+        "email": {
+          "description": "The email the user signed in with. Always present in the response.",
+          "type": "string"
+        },
+        "expiresIn": {
+          "description": "The number of seconds until the ID token expires.",
+          "format": "int64",
+          "type": "string"
+        },
+        "idToken": {
+          "description": "An Identity Platform ID token for the authenticated user.",
+          "type": "string"
+        },
+        "isNewUser": {
+          "description": "Whether the authenticated user was created by this request.",
+          "type": "boolean"
+        },
+        "kind": {
+          "type": "string"
+        },
+        "localId": {
+          "description": "The ID of the authenticated user. Always present in the response.",
+          "type": "string"
+        },
+        "mfaInfo": {
+          "description": "Info on which multi-factor authentication providers are enabled. Present if the user needs to complete the sign-in using multi-factor authentication.",
+          "items": {
+            "$ref": "GoogleCloudIdentitytoolkitV1MfaEnrollment"
+          },
+          "type": "array"
+        },
+        "mfaPendingCredential": {
+          "description": "An opaque string that functions as proof that the user has successfully passed the first factor check.",
+          "type": "string"
+        },
+        "refreshToken": {
+          "description": "Refresh token for the authenticated user.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1SignInWithGameCenterRequest": {
+      "description": "Request message for SignInWithGameCenter",
+      "id": "GoogleCloudIdentitytoolkitV1SignInWithGameCenterRequest",
+      "properties": {
+        "displayName": {
+          "description": "The user's Game Center display name.",
+          "type": "string"
+        },
+        "idToken": {
+          "description": "A valid ID token for an Identity Platform account. If present, this request will link the Game Center player ID to the account represented by this ID token.",
+          "type": "string"
+        },
+        "playerId": {
+          "description": "Required. The user's Game Center player ID.",
+          "type": "string"
+        },
+        "publicKeyUrl": {
+          "description": "Required. The URL to fetch the Apple public key in order to verify the given signature is signed by Apple.",
+          "type": "string"
+        },
+        "salt": {
+          "description": "Required. A random string used to generate the given signature.",
+          "type": "string"
+        },
+        "signature": {
+          "description": "Required. The verification signature data generated by Apple.",
+          "type": "string"
+        },
+        "tenantId": {
+          "description": "The ID of the Identity Platform tenant the user is signing in to.",
+          "type": "string"
+        },
+        "timestamp": {
+          "description": "Required. The time when the signature was created by Apple, in milliseconds since the epoch.",
+          "format": "int64",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1SignInWithGameCenterResponse": {
+      "description": "Response message for SignInWithGameCenter",
+      "id": "GoogleCloudIdentitytoolkitV1SignInWithGameCenterResponse",
+      "properties": {
+        "displayName": {
+          "description": "Display name of the authenticated user.",
+          "type": "string"
+        },
+        "expiresIn": {
+          "description": "The number of seconds until the ID token expires.",
+          "format": "int64",
+          "type": "string"
+        },
+        "idToken": {
+          "description": "An Identity Platform ID token for the authenticated user.",
+          "type": "string"
+        },
+        "isNewUser": {
+          "description": "Whether the logged in user was created by this request.",
+          "type": "boolean"
+        },
+        "localId": {
+          "description": "The ID of the authenticated user. Always present in the response.",
+          "type": "string"
+        },
+        "playerId": {
+          "description": "The user's Game Center player ID.",
+          "type": "string"
+        },
+        "refreshToken": {
+          "description": "An Identity Platform refresh token for the authenticated user.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1SignInWithIdpRequest": {
+      "description": "Request message for SignInWithIdp.",
+      "id": "GoogleCloudIdentitytoolkitV1SignInWithIdpRequest",
+      "properties": {
+        "autoCreate": {
+          "type": "boolean"
+        },
+        "delegatedProjectNumber": {
+          "format": "int64",
+          "type": "string"
+        },
+        "idToken": {
+          "description": "A valid Identity Platform ID token. If passed, the user's account at the IdP will be linked to the account represented by this ID token.",
+          "type": "string"
+        },
+        "pendingIdToken": {
+          "type": "string"
+        },
+        "pendingToken": {
+          "description": "An opaque string from a previous SignInWithIdp response. If set, it can be used to repeat the sign-in operation from the previous SignInWithIdp operation.",
+          "type": "string"
+        },
+        "postBody": {
+          "description": "If the user is signing in with an authorization response obtained via a previous CreateAuthUri authorization request, this is the body of the HTTP POST callback from the IdP, if present. Otherwise, if the user is signing in with a manually provided IdP credential, this should be a URL-encoded form that contains the credential (e.g. an ID token or access token for OAuth 2.0 IdPs) and the provider ID of the IdP that issued the credential. For example, if the user is signing in to the Google provider using a Google ID token, this should be set to `id_token=[GOOGLE_ID_TOKEN]&providerId=google.com`, where `[GOOGLE_ID_TOKEN]` should be replaced with the Google ID token. If the user is signing in to the Facebook provider using a Facebook authentication token, this should be set to `id_token=[FACEBOOK_AUTHENTICATION_TOKEN]&providerId=facebook.com&nonce= [NONCE]`, where `[FACEBOOK_AUTHENTICATION_TOKEN]` should be replaced with the Facebook authentication token. Nonce is required for validating the token. The request will fail if no nonce is provided. If the user is signing in to the Facebook provider using a Facebook access token, this should be set to `access_token=[FACEBOOK_ACCESS_TOKEN]&providerId=facebook.com`, where `[FACEBOOK_ACCESS_TOKEN]` should be replaced with the Facebook access token. If the user is signing in to the Twitter provider using a Twitter OAuth 1.0 credential, this should be set to `access_token=[TWITTER_ACCESS_TOKEN]&oauth_token_secret=[TWITTER_TOKEN_SECRET]&providerId=twitter.com`, where `[TWITTER_ACCESS_TOKEN]` and `[TWITTER_TOKEN_SECRET]` should be replaced with the Twitter OAuth access token and Twitter OAuth token secret respectively.",
+          "type": "string"
+        },
+        "requestUri": {
+          "description": "Required. The URL to which the IdP redirects the user back. This can be set to `http://localhost` if the user is signing in with a manually provided IdP credential.",
+          "type": "string"
+        },
+        "returnIdpCredential": {
+          "description": "Whether or not to return OAuth credentials from the IdP on the following errors: `FEDERATED_USER_ID_ALREADY_LINKED` and `EMAIL_EXISTS`.",
+          "type": "boolean"
+        },
+        "returnRefreshToken": {
+          "description": "Whether or not to return the OAuth refresh token from the IdP, if available.",
+          "type": "boolean"
+        },
+        "returnSecureToken": {
+          "description": "Should always be true.",
+          "type": "boolean"
+        },
+        "sessionId": {
+          "description": "The session ID returned from a previous CreateAuthUri call. This field is verified against that session ID to prevent session fixation attacks. Required if the user is signing in with an authorization response from a previous CreateAuthUri authorization request.",
+          "type": "string"
+        },
+        "tenantId": {
+          "description": "The ID of the Identity Platform tenant the user is signing in to. If not set, the user will sign in to the default Identity Platform project.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1SignInWithIdpResponse": {
+      "description": "Response message for SignInWithIdp.",
+      "id": "GoogleCloudIdentitytoolkitV1SignInWithIdpResponse",
+      "properties": {
+        "context": {
+          "description": "The opaque string set in CreateAuthUri that is used to maintain contextual information between the authentication request and the callback from the IdP.",
+          "type": "string"
+        },
+        "dateOfBirth": {
+          "description": "The date of birth for the user's account at the IdP.",
+          "type": "string"
+        },
+        "displayName": {
+          "description": "The display name for the user's account at the IdP.",
+          "type": "string"
+        },
+        "email": {
+          "description": "The email address of the user's account at the IdP.",
+          "type": "string"
+        },
+        "emailRecycled": {
+          "description": "Whether or not there is an existing Identity Platform user account with the same email address but linked to a different account at the same IdP. Only present if the \"One account per email address\" setting is enabled and the email address at the IdP is verified.",
+          "type": "boolean"
+        },
+        "emailVerified": {
+          "description": "Whether the user account's email address is verified.",
+          "type": "boolean"
+        },
+        "errorMessage": {
+          "description": "The error message returned if `return_idp_credential` is set to `true` and either the `FEDERATED_USER_ID_ALREADY_LINKED` or `EMAIL_EXISTS` error is encountered. This field's value is either `FEDERATED_USER_ID_ALREADY_LINKED` or `EMAIL_EXISTS`.",
+          "type": "string"
+        },
+        "expiresIn": {
+          "description": "The number of seconds until the Identity Platform ID token expires.",
+          "format": "int64",
+          "type": "string"
+        },
+        "federatedId": {
+          "description": "The user's account ID at the IdP. Always present in the response.",
+          "type": "string"
+        },
+        "firstName": {
+          "description": "The first name for the user's account at the IdP.",
+          "type": "string"
+        },
+        "fullName": {
+          "description": "The full name for the user's account at the IdP.",
+          "type": "string"
+        },
+        "idToken": {
+          "description": "An Identity Platform ID token for the authenticated user.",
+          "type": "string"
+        },
+        "inputEmail": {
+          "type": "string"
+        },
+        "isNewUser": {
+          "description": "Whether or not a new Identity Platform account was created for the authenticated user.",
+          "type": "boolean"
+        },
+        "kind": {
+          "type": "string"
+        },
+        "language": {
+          "description": "The language preference for the user's account at the IdP.",
+          "type": "string"
+        },
+        "lastName": {
+          "description": "The last name for the user's account at the IdP.",
+          "type": "string"
+        },
+        "localId": {
+          "description": "The ID of the authenticated Identity Platform user. Always present in the response.",
+          "type": "string"
+        },
+        "mfaInfo": {
+          "description": "Info on which multi-factor authentication providers are enabled for the account. Present if the user needs to complete the sign-in using multi-factor authentication.",
+          "items": {
+            "$ref": "GoogleCloudIdentitytoolkitV1MfaEnrollment"
+          },
+          "type": "array"
+        },
+        "mfaPendingCredential": {
+          "description": "An opaque string that functions as proof that the user has successfully passed the first factor authentication.",
+          "type": "string"
+        },
+        "needConfirmation": {
+          "description": "Whether or not there is an existing Identity Platform user account with the same email address as the current account signed in at the IdP, and the account's email addresss is not verified at the IdP. The user will need to sign in to the existing Identity Platform account and then link the current credential from the IdP to it. Only present if the \"One account per email address\" setting is enabled.",
+          "type": "boolean"
+        },
+        "needEmail": {
+          "type": "boolean"
+        },
+        "nickName": {
+          "description": "The nickname for the user's account at the IdP.",
+          "type": "string"
+        },
+        "oauthAccessToken": {
+          "description": "The OAuth access token from the IdP, if available.",
+          "type": "string"
+        },
+        "oauthAuthorizationCode": {
+          "description": "The OAuth 2.0 authorization code, if available. Only present for the Google provider.",
+          "type": "string"
+        },
+        "oauthExpireIn": {
+          "description": "The number of seconds until the OAuth access token from the IdP expires.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "oauthIdToken": {
+          "description": "The OpenID Connect ID token from the IdP, if available.",
+          "type": "string"
+        },
+        "oauthRefreshToken": {
+          "description": "The OAuth 2.0 refresh token from the IdP, if available and `return_refresh_token` is set to `true`.",
+          "type": "string"
+        },
+        "oauthTokenSecret": {
+          "description": "The OAuth 1.0 token secret from the IdP, if available. Only present for the Twitter provider.",
+          "type": "string"
+        },
+        "originalEmail": {
+          "description": "The main (top-level) email address of the user's Identity Platform account, if different from the email address at the IdP. Only present if the \"One account per email address\" setting is enabled.",
+          "type": "string"
+        },
+        "pendingToken": {
+          "description": "An opaque string that can be used as a credential from the IdP the user is signing into. The pending token obtained here can be set in a future SignInWithIdp request to sign the same user in with the IdP again.",
+          "type": "string"
+        },
+        "photoUrl": {
+          "description": "The URL of the user's profile picture at the IdP.",
+          "type": "string"
+        },
+        "providerId": {
+          "description": "The provider ID of the IdP that the user is signing in to. Always present in the response.",
+          "type": "string"
+        },
+        "rawUserInfo": {
+          "description": "The stringified JSON response containing all the data corresponding to the user's account at the IdP.",
+          "type": "string"
+        },
+        "refreshToken": {
+          "description": "An Identity Platform refresh token for the authenticated user.",
+          "type": "string"
+        },
+        "screenName": {
+          "description": "The screen name for the user's account at the Twitter IdP or the login name for the user's account at the GitHub IdP.",
+          "type": "string"
+        },
+        "tenantId": {
+          "description": "The value of the `tenant_id` field in the request.",
+          "type": "string"
+        },
+        "timeZone": {
+          "description": "The time zone for the user's account at the IdP.",
+          "type": "string"
+        },
+        "verifiedProvider": {
+          "description": "A list of provider IDs that the user can sign in to in order to resolve a `need_confirmation` error. Only present if `need_confirmation` is set to `true`.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1SignInWithPasswordRequest": {
+      "description": "Request message for SignInWithPassword.",
+      "id": "GoogleCloudIdentitytoolkitV1SignInWithPasswordRequest",
+      "properties": {
+        "captchaChallenge": {
+          "type": "string"
+        },
+        "captchaResponse": {
+          "description": "The reCAPTCHA token provided by the reCAPTCHA client-side integration. reCAPTCHA Enterprise uses it for risk assessment. Required when reCAPTCHA Enterprise is enabled.",
+          "type": "string"
+        },
+        "delegatedProjectNumber": {
+          "format": "int64",
+          "type": "string"
+        },
+        "email": {
+          "description": "Required. The email the user is signing in with. The length of email should be less than 256 characters and in the format of `name@domain.tld`. The email should also match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec production.",
+          "type": "string"
+        },
+        "idToken": {
+          "type": "string"
+        },
+        "instanceId": {
+          "type": "string"
+        },
+        "password": {
+          "description": "Required. The password the user provides to sign in to the account.",
+          "type": "string"
+        },
+        "pendingIdToken": {
+          "type": "string"
+        },
+        "returnSecureToken": {
+          "description": "Should always be true.",
+          "type": "boolean"
+        },
+        "tenantId": {
+          "description": "The ID of the Identity Platform tenant the user is signing in to. If not set, the user will sign in to the default Identity Platform instance in the project.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1SignInWithPasswordResponse": {
+      "description": "Response message for SignInWithPassword.",
+      "id": "GoogleCloudIdentitytoolkitV1SignInWithPasswordResponse",
+      "properties": {
+        "displayName": {
+          "description": "The user's display name stored in the account's attributes.",
+          "type": "string"
+        },
+        "email": {
+          "description": "The email of the authenticated user. Always present in the response.",
+          "type": "string"
+        },
+        "expiresIn": {
+          "description": "The number of seconds until the Identity Platform ID token expires.",
+          "format": "int64",
+          "type": "string"
+        },
+        "idToken": {
+          "description": "An Identity Platform ID token for the authenticated user.",
+          "type": "string"
+        },
+        "kind": {
+          "type": "string"
+        },
+        "localId": {
+          "description": "The ID of the authenticated user. Always present in the response.",
+          "type": "string"
+        },
+        "mfaInfo": {
+          "description": "Info on which multi-factor authentication providers are enabled for the account. Present if the user needs to complete the sign-in using multi-factor authentication.",
+          "items": {
+            "$ref": "GoogleCloudIdentitytoolkitV1MfaEnrollment"
+          },
+          "type": "array"
+        },
+        "mfaPendingCredential": {
+          "description": "An opaque string that functions as proof that the user has successfully passed the first factor authentication.",
+          "type": "string"
+        },
+        "oauthAccessToken": {
+          "description": "The OAuth2 access token.",
+          "type": "string"
+        },
+        "oauthAuthorizationCode": {
+          "type": "string"
+        },
+        "oauthExpireIn": {
+          "description": "The access token expiration time in seconds.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "profilePicture": {
+          "description": "The user's profile picture stored in the account's attributes.",
+          "type": "string"
+        },
+        "refreshToken": {
+          "description": "An Identity Platform refresh token for the authenticated user.",
+          "type": "string"
+        },
+        "registered": {
+          "description": "Whether the email is for an existing account. Always true.",
+          "type": "boolean"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1SignInWithPhoneNumberRequest": {
+      "description": "Request message for SignInWithPhoneNumber.",
+      "id": "GoogleCloudIdentitytoolkitV1SignInWithPhoneNumberRequest",
+      "properties": {
+        "code": {
+          "description": "User-entered verification code from an SMS sent to the user's phone.",
+          "type": "string"
+        },
+        "idToken": {
+          "description": "A valid ID token for an Identity Platform account. If passed, this request will link the phone number to the user represented by this ID token if the phone number is not in use, or will reauthenticate the user if the phone number is already linked to the user.",
+          "type": "string"
+        },
+        "operation": {
+          "enum": [
+            "VERIFY_OP_UNSPECIFIED",
+            "SIGN_UP_OR_IN",
+            "REAUTH",
+            "UPDATE",
+            "LINK"
+          ],
+          "enumDescriptions": [
+            "Operation is not specified.",
+            "Verify operation is to sign up/sign in.",
+            "Verify operation is to reauth.",
+            "Verify operation is to update.",
+            "Verify operation is to link."
+          ],
+          "type": "string"
+        },
+        "phoneNumber": {
+          "description": "The user's phone number to sign in with. This is necessary in the case of uing a temporary proof, in which case it must match the phone number that was authenticated in the request that generated the temporary proof. This field is ignored if a session info is passed.",
+          "type": "string"
+        },
+        "sessionInfo": {
+          "description": "Encrypted session information from the response of sendVerificationCode. In the case of authenticating with an SMS code this must be specified, but in the case of using a temporary proof it can be unspecified.",
+          "type": "string"
+        },
+        "temporaryProof": {
+          "description": "A proof of the phone number verification, provided from a previous signInWithPhoneNumber request. If this is passed, the caller must also pass in the phone_number field the phone number that was verified in the previous request.",
+          "type": "string"
+        },
+        "tenantId": {
+          "description": "The ID of the Identity Platform tenant the user is signing in to. If not set, the user will sign in to the default Identity Platform project.",
+          "type": "string"
+        },
+        "verificationProof": {
+          "description": "Do not use.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1SignInWithPhoneNumberResponse": {
+      "description": "Response message for SignInWithPhoneNumber.",
+      "id": "GoogleCloudIdentitytoolkitV1SignInWithPhoneNumberResponse",
+      "properties": {
+        "expiresIn": {
+          "description": "The number of seconds until the ID token expires.",
+          "format": "int64",
+          "type": "string"
+        },
+        "idToken": {
+          "description": "Identity Platform ID token for the authenticated user.",
+          "type": "string"
+        },
+        "isNewUser": {
+          "description": "Whether the authenticated user was created by this request.",
+          "type": "boolean"
+        },
+        "localId": {
+          "description": "The id of the authenticated user. Present in the case of a successful authentication. In the case when the phone could be verified but the account operation could not be performed, a temporary proof will be returned instead.",
+          "type": "string"
+        },
+        "phoneNumber": {
+          "description": "Phone number of the authenticated user. Always present in the response.",
+          "type": "string"
+        },
+        "refreshToken": {
+          "description": "Refresh token for the authenticated user.",
+          "type": "string"
+        },
+        "temporaryProof": {
+          "description": "A proof of the phone number verification, provided if a phone authentication is successful but the user operation fails. This happens when the request tries to link a phone number to a user with an ID token or reauthenticate with an ID token but the phone number is linked to a different user.",
+          "type": "string"
+        },
+        "temporaryProofExpiresIn": {
+          "description": "The number of seconds until the temporary proof expires.",
+          "format": "int64",
+          "type": "string"
+        },
+        "verificationProof": {
+          "description": "Do not use.",
+          "type": "string"
+        },
+        "verificationProofExpiresIn": {
+          "description": "Do not use.",
+          "format": "int64",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1SignUpRequest": {
+      "description": "Request message for SignUp.",
+      "id": "GoogleCloudIdentitytoolkitV1SignUpRequest",
+      "properties": {
+        "captchaChallenge": {
+          "type": "string"
+        },
+        "captchaResponse": {
+          "description": "The reCAPTCHA token provided by the reCAPTCHA client-side integration. reCAPTCHA Enterprise uses it for assessment. Required when reCAPTCHA enterprise is enabled.",
+          "type": "string"
+        },
+        "disabled": {
+          "description": "Whether the user will be disabled upon creation. Disabled accounts are inaccessible except for requests bearing a Google OAuth2 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).",
+          "type": "boolean"
+        },
+        "displayName": {
+          "description": "The display name of the user to be created.",
+          "type": "string"
+        },
+        "email": {
+          "description": "The email to assign to the created user. The length of the email should be less than 256 characters and in the format of `name@domain.tld`. The email should also match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec production. An anonymous user will be created if not provided.",
+          "type": "string"
+        },
+        "emailVerified": {
+          "description": "Whether the user's email is verified. Specifying this field requires a Google OAuth 2.0 credential with the proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).",
+          "type": "boolean"
+        },
+        "idToken": {
+          "description": "A valid ID token for an Identity Platform user. If set, this request will link the authentication credential to the user represented by this ID token. For a non-admin request, both the `email` and `password` fields must be set. For an admin request, `local_id` must not be set.",
+          "type": "string"
+        },
+        "instanceId": {
+          "type": "string"
+        },
+        "localId": {
+          "description": "The ID of the user to create. The ID must be unique within the project that the user is being created under. Specifying this field requires a Google OAuth 2.0 credential with the proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).",
+          "type": "string"
+        },
+        "mfaInfo": {
+          "description": "The multi-factor authentication providers for the user to create.",
+          "items": {
+            "$ref": "GoogleCloudIdentitytoolkitV1MfaFactor"
+          },
+          "type": "array"
+        },
+        "password": {
+          "description": "The password to assign to the created user. The password must be be at least 6 characters long. If set, the `email` field must also be set.",
+          "type": "string"
+        },
+        "phoneNumber": {
+          "description": "The phone number of the user to create. Specifying this field requires a Google OAuth 2.0 credential with the proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).",
+          "type": "string"
+        },
+        "photoUrl": {
+          "description": "The profile photo url of the user to create.",
+          "type": "string"
+        },
+        "targetProjectId": {
+          "description": "The project ID of the project which the user should belong to. Specifying this field requires a Google OAuth 2.0 credential with the proper [permissions](https://cloud.google.com/identity-platform/docs/access-control). If this is not set, the target project is inferred from the scope associated to the Bearer access token.",
+          "type": "string"
+        },
+        "tenantId": {
+          "description": "The ID of the Identity Platform tenant to create a user under. If not set, the user will be created under the default Identity Platform project.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1SignUpResponse": {
+      "description": "Response message for SignUp.",
+      "id": "GoogleCloudIdentitytoolkitV1SignUpResponse",
+      "properties": {
+        "displayName": {
+          "description": "The created user's display name.",
+          "type": "string"
+        },
+        "email": {
+          "description": "The created user's email.",
+          "type": "string"
+        },
+        "expiresIn": {
+          "description": "The number of seconds until the ID token expires.",
+          "format": "int64",
+          "type": "string"
+        },
+        "idToken": {
+          "description": "An Identity Platform ID token for the created user. This field is only set for non-admin requests.",
+          "type": "string"
+        },
+        "kind": {
+          "type": "string"
+        },
+        "localId": {
+          "description": "The ID of the created user. Always present in the response.",
+          "type": "string"
+        },
+        "refreshToken": {
+          "description": "An Identity Platform refresh token for the created user. This field is only set for non-admin requests.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1SqlExpression": {
+      "description": "Query conditions used to filter results.",
+      "id": "GoogleCloudIdentitytoolkitV1SqlExpression",
+      "properties": {
+        "email": {
+          "description": "A case insensitive string that the account's email should match. Only one of `email`, `phone_number`, or `user_id` should be specified in a SqlExpression. If more than one is specified, only the first (in that order) will be applied.",
+          "type": "string"
+        },
+        "phoneNumber": {
+          "description": "A string that the account's phone number should match. Only one of `email`, `phone_number`, or `user_id` should be specified in a SqlExpression. If more than one is specified, only the first (in that order) will be applied.",
+          "type": "string"
+        },
+        "userId": {
+          "description": "A string that the account's local ID should match. Only one of `email`, `phone_number`, or `user_id` should be specified in a SqlExpression If more than one is specified, only the first (in that order) will be applied.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1UploadAccountRequest": {
+      "description": "Request message for UploadAccount.",
+      "id": "GoogleCloudIdentitytoolkitV1UploadAccountRequest",
+      "properties": {
+        "allowOverwrite": {
+          "description": "Whether to overwrite an existing account in Identity Platform with a matching `local_id` in the request. If true, the existing account will be overwritten. If false, an error will be returned.",
+          "type": "boolean"
+        },
+        "argon2Parameters": {
+          "$ref": "GoogleCloudIdentitytoolkitV1Argon2Parameters",
+          "description": "The parameters for Argon2 hashing algorithm."
+        },
+        "blockSize": {
+          "description": "The block size parameter used by the STANDARD_SCRYPT hashing function. This parameter, along with parallelization and cpu_mem_cost help tune the resources needed to hash a password, and should be tuned as processor speeds and memory technologies advance.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "cpuMemCost": {
+          "description": "The CPU memory cost parameter to be used by the STANDARD_SCRYPT hashing function. This parameter, along with block_size and cpu_mem_cost help tune the resources needed to hash a password, and should be tuned as processor speeds and memory technologies advance.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "delegatedProjectNumber": {
+          "format": "int64",
+          "type": "string"
+        },
+        "dkLen": {
+          "description": "The desired key length for the STANDARD_SCRYPT hashing function. Must be at least 1.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "hashAlgorithm": {
+          "description": "Required. The hashing function used to hash the account passwords. Must be one of the following: * HMAC_SHA256 * HMAC_SHA1 * HMAC_MD5 * SCRYPT * PBKDF_SHA1 * MD5 * HMAC_SHA512 * SHA1 * BCRYPT * PBKDF2_SHA256 * SHA256 * SHA512 * STANDARD_SCRYPT * ARGON2",
+          "type": "string"
+        },
+        "memoryCost": {
+          "description": "Memory cost for hash calculation. Only required when the hashing function is SCRYPT.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "parallelization": {
+          "description": "The parallelization cost parameter to be used by the STANDARD_SCRYPT hashing function. This parameter, along with block_size and cpu_mem_cost help tune the resources needed to hash a password, and should be tuned as processor speeds and memory technologies advance.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "passwordHashOrder": {
+          "description": "Password and salt order when verify password.",
+          "enum": [
+            "UNSPECIFIED_ORDER",
+            "SALT_AND_PASSWORD",
+            "PASSWORD_AND_SALT"
+          ],
+          "enumDescriptions": [
+            "The order is not specified.",
+            "The order is salt first, and then password.",
+            "The order is password first, and then salt."
+          ],
+          "type": "string"
+        },
+        "rounds": {
+          "description": "The number of rounds used for hash calculation. Only required for the following hashing functions: * MD5 * SHA1 * SHA256 * SHA512 * PBKDF_SHA1 * PBKDF2_SHA256 * SCRYPT",
+          "format": "int32",
+          "type": "integer"
+        },
+        "saltSeparator": {
+          "description": "One or more bytes to be inserted between the salt and plain text password. For stronger security, this should be a single non-printable character.",
+          "format": "byte",
+          "type": "string"
+        },
+        "sanityCheck": {
+          "description": "If true, the service will do the following list of checks before an account is uploaded: * Duplicate emails * Duplicate federated IDs * Federated ID provider validation If the duplication exists within the list of accounts to be uploaded, it will prevent the entire list from being uploaded. If the email or federated ID is a duplicate of a user already within the project/tenant, the account will not be uploaded, but the rest of the accounts will be unaffected. If false, these checks will be skipped.",
+          "type": "boolean"
+        },
+        "signerKey": {
+          "description": "The signer key used to hash the password. Required for the following hashing functions: * SCRYPT, * HMAC_MD5, * HMAC_SHA1, * HMAC_SHA256, * HMAC_SHA512",
+          "format": "byte",
+          "type": "string"
+        },
+        "tenantId": {
+          "description": "The ID of the Identity Platform tenant the account belongs to.",
+          "type": "string"
+        },
+        "users": {
+          "description": "A list of accounts to upload. `local_id` is required for each user; everything else is optional.",
+          "items": {
+            "$ref": "GoogleCloudIdentitytoolkitV1UserInfo"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1UploadAccountResponse": {
+      "description": "Response message for UploadAccount.",
+      "id": "GoogleCloudIdentitytoolkitV1UploadAccountResponse",
+      "properties": {
+        "error": {
+          "description": "Detailed error info for accounts that cannot be uploaded.",
+          "items": {
+            "$ref": "GoogleCloudIdentitytoolkitV1ErrorInfo"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1UserInfo": {
+      "description": "An Identity Platform account's information.",
+      "id": "GoogleCloudIdentitytoolkitV1UserInfo",
+      "properties": {
+        "createdAt": {
+          "description": "The time, in milliseconds from epoch, when the account was created.",
+          "format": "int64",
+          "type": "string"
+        },
+        "customAttributes": {
+          "description": "Custom claims to be added to any ID tokens minted for the account. Should be at most 1,000 characters in length and in valid JSON format.",
+          "type": "string"
+        },
+        "customAuth": {
+          "description": "Output only. Whether this account has been authenticated using SignInWithCustomToken.",
+          "readOnly": true,
+          "type": "boolean"
+        },
+        "dateOfBirth": {
+          "description": "Output only. The date of birth set for the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.",
+          "readOnly": true,
+          "type": "string"
+        },
+        "disabled": {
+          "description": "Whether the account is disabled. Disabled accounts are inaccessible except for requests bearing a Google OAuth2 credential with proper permissions.",
+          "type": "boolean"
+        },
+        "displayName": {
+          "description": "The display name of the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.",
+          "type": "string"
+        },
+        "email": {
+          "description": "The account's email address. The length of the email should be less than 256 characters and in the format of `name@domain.tld`. The email should also match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec.",
+          "type": "string"
+        },
+        "emailLinkSignin": {
+          "description": "Output only. Whether the account can authenticate with email link.",
+          "readOnly": true,
+          "type": "boolean"
+        },
+        "emailVerified": {
+          "description": "Whether the account's email address has been verified.",
+          "type": "boolean"
+        },
+        "initialEmail": {
+          "description": "The first email address associated with this account. The account's initial email cannot be changed once set and is used to recover access to this account if lost via the RECOVER_EMAIL flow in GetOobCode. Should match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec.",
+          "type": "string"
+        },
+        "language": {
+          "description": "Output only. The language preference of the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.",
+          "readOnly": true,
+          "type": "string"
+        },
+        "lastLoginAt": {
+          "description": "The last time, in milliseconds from epoch, this account was logged into.",
+          "format": "int64",
+          "type": "string"
+        },
+        "lastRefreshAt": {
+          "description": "Timestamp when an ID token was last minted for this account.",
+          "format": "google-datetime",
+          "type": "string"
+        },
+        "localId": {
+          "description": "Immutable. The unique ID of the account.",
+          "type": "string"
+        },
+        "mfaInfo": {
+          "description": "Information on which multi-factor authentication providers are enabled for this account.",
+          "items": {
+            "$ref": "GoogleCloudIdentitytoolkitV1MfaEnrollment"
+          },
+          "type": "array"
+        },
+        "passwordHash": {
+          "description": "The account's hashed password. Only accessible by requests bearing a Google OAuth2 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).",
+          "format": "byte",
+          "type": "string"
+        },
+        "passwordUpdatedAt": {
+          "description": "The timestamp, in milliseconds from the epoch of 1970-01-01T00:00:00Z, when the account's password was last updated.",
+          "format": "double",
+          "type": "number"
+        },
+        "phoneNumber": {
+          "description": "The account's phone number.",
+          "type": "string"
+        },
+        "photoUrl": {
+          "description": "The URL of the account's profile photo. This account attribute is not used by Identity Platform. It is available for informational purposes only.",
+          "type": "string"
+        },
+        "providerUserInfo": {
+          "description": "Information about the user as provided by various Identity Providers.",
+          "items": {
+            "$ref": "GoogleCloudIdentitytoolkitV1ProviderUserInfo"
+          },
+          "type": "array"
+        },
+        "rawPassword": {
+          "description": "Input only. Plain text password used to update a account's password. This field is only ever used as input in a request. Identity Platform uses cryptographically secure hashing when managing passwords and will never store or transmit a user's password in plain text.",
+          "type": "string"
+        },
+        "salt": {
+          "description": "The account's password salt. Only accessible by requests bearing a Google OAuth2 credential with proper permissions.",
+          "format": "byte",
+          "type": "string"
+        },
+        "screenName": {
+          "description": "Output only. This account's screen name at Twitter or login name at GitHub.",
+          "readOnly": true,
+          "type": "string"
+        },
+        "tenantId": {
+          "description": "ID of the tenant this account belongs to. Only set if this account belongs to a tenant.",
+          "type": "string"
+        },
+        "timeZone": {
+          "description": "Output only. The time zone preference of the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.",
+          "readOnly": true,
+          "type": "string"
+        },
+        "validSince": {
+          "description": "Oldest timestamp, in seconds since epoch, that an ID token should be considered valid. All ID tokens issued before this time are considered invalid.",
+          "format": "int64",
+          "type": "string"
+        },
+        "version": {
+          "description": "The version of the account's password. Only accessible by requests bearing a Google OAuth2 credential with proper permissions.",
+          "format": "int32",
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1VerifyIosClientRequest": {
+      "description": "Request message for VerifyIosClient",
+      "id": "GoogleCloudIdentitytoolkitV1VerifyIosClientRequest",
+      "properties": {
+        "appToken": {
+          "description": "A device token that the iOS client gets after registering to APNs (Apple Push Notification service).",
+          "type": "string"
+        },
+        "isSandbox": {
+          "description": "Whether the app token is in the iOS sandbox. If false, the app token is in the production environment.",
+          "type": "boolean"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV1VerifyIosClientResponse": {
+      "description": "Response message for VerifyIosClient.",
+      "id": "GoogleCloudIdentitytoolkitV1VerifyIosClientResponse",
+      "properties": {
+        "receipt": {
+          "description": "Receipt of successful app token validation.",
+          "type": "string"
+        },
+        "suggestedTimeout": {
+          "description": "Suggested time that the client should wait in seconds for delivery of the push notification.",
+          "format": "int64",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    }
+  },
+  "servicePath": "",
+  "title": "Identity Toolkit API",
+  "version": "v1",
+  "version_module": true
+}
\ No newline at end of file
diff --git a/googleapiclient/discovery_cache/documents/identitytoolkit.v2.json b/googleapiclient/discovery_cache/documents/identitytoolkit.v2.json
new file mode 100644
index 00000000000..511ebbb4f25
--- /dev/null
+++ b/googleapiclient/discovery_cache/documents/identitytoolkit.v2.json
@@ -0,0 +1,3070 @@
+{
+  "auth": {
+    "oauth2": {
+      "scopes": {
+        "https://www.googleapis.com/auth/cloud-platform": {
+          "description": "See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account."
+        },
+        "https://www.googleapis.com/auth/firebase": {
+          "description": "View and administer all your Firebase data and settings"
+        }
+      }
+    }
+  },
+  "basePath": "",
+  "baseUrl": "https://identitytoolkit.googleapis.com/",
+  "batchPath": "batch",
+  "canonicalName": "Identity Toolkit",
+  "description": "The Google Identity Toolkit API lets you use open standards to verify a user's identity.",
+  "discoveryVersion": "v1",
+  "documentationLink": "https://cloud.google.com/identity-platform",
+  "fullyEncodeReservedExpansion": true,
+  "icons": {
+    "x16": "http://www.google.com/images/icons/product/search-16.gif",
+    "x32": "http://www.google.com/images/icons/product/search-32.gif"
+  },
+  "id": "identitytoolkit:v2",
+  "kind": "discovery#restDescription",
+  "mtlsRootUrl": "https://identitytoolkit.mtls.googleapis.com/",
+  "name": "identitytoolkit",
+  "ownerDomain": "google.com",
+  "ownerName": "Google",
+  "parameters": {
+    "$.xgafv": {
+      "description": "V1 error format.",
+      "enum": [
+        "1",
+        "2"
+      ],
+      "enumDescriptions": [
+        "v1 error format",
+        "v2 error format"
+      ],
+      "location": "query",
+      "type": "string"
+    },
+    "access_token": {
+      "description": "OAuth access token.",
+      "location": "query",
+      "type": "string"
+    },
+    "alt": {
+      "default": "json",
+      "description": "Data format for response.",
+      "enum": [
+        "json",
+        "media",
+        "proto"
+      ],
+      "enumDescriptions": [
+        "Responses with Content-Type of application/json",
+        "Media download with context-dependent Content-Type",
+        "Responses with Content-Type of application/x-protobuf"
+      ],
+      "location": "query",
+      "type": "string"
+    },
+    "callback": {
+      "description": "JSONP",
+      "location": "query",
+      "type": "string"
+    },
+    "fields": {
+      "description": "Selector specifying which fields to include in a partial response.",
+      "location": "query",
+      "type": "string"
+    },
+    "key": {
+      "description": "API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token.",
+      "location": "query",
+      "type": "string"
+    },
+    "oauth_token": {
+      "description": "OAuth 2.0 token for the current user.",
+      "location": "query",
+      "type": "string"
+    },
+    "prettyPrint": {
+      "default": "true",
+      "description": "Returns response with indentations and line breaks.",
+      "location": "query",
+      "type": "boolean"
+    },
+    "quotaUser": {
+      "description": "Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.",
+      "location": "query",
+      "type": "string"
+    },
+    "uploadType": {
+      "description": "Legacy upload protocol for media (e.g. \"media\", \"multipart\").",
+      "location": "query",
+      "type": "string"
+    },
+    "upload_protocol": {
+      "description": "Upload protocol for media (e.g. \"raw\", \"multipart\").",
+      "location": "query",
+      "type": "string"
+    }
+  },
+  "protocol": "rest",
+  "resources": {
+    "accounts": {
+      "resources": {
+        "mfaEnrollment": {
+          "methods": {
+            "finalize": {
+              "description": "Finishes enrolling a second factor for the user.",
+              "flatPath": "v2/accounts/mfaEnrollment:finalize",
+              "httpMethod": "POST",
+              "id": "identitytoolkit.accounts.mfaEnrollment.finalize",
+              "parameterOrder": [],
+              "parameters": {},
+              "path": "v2/accounts/mfaEnrollment:finalize",
+              "request": {
+                "$ref": "GoogleCloudIdentitytoolkitV2FinalizeMfaEnrollmentRequest"
+              },
+              "response": {
+                "$ref": "GoogleCloudIdentitytoolkitV2FinalizeMfaEnrollmentResponse"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform"
+              ]
+            },
+            "start": {
+              "description": "Step one of the MFA enrollment process. In SMS case, this sends an SMS verification code to the user.",
+              "flatPath": "v2/accounts/mfaEnrollment:start",
+              "httpMethod": "POST",
+              "id": "identitytoolkit.accounts.mfaEnrollment.start",
+              "parameterOrder": [],
+              "parameters": {},
+              "path": "v2/accounts/mfaEnrollment:start",
+              "request": {
+                "$ref": "GoogleCloudIdentitytoolkitV2StartMfaEnrollmentRequest"
+              },
+              "response": {
+                "$ref": "GoogleCloudIdentitytoolkitV2StartMfaEnrollmentResponse"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform"
+              ]
+            },
+            "withdraw": {
+              "description": "Revokes one second factor from the enrolled second factors for an account.",
+              "flatPath": "v2/accounts/mfaEnrollment:withdraw",
+              "httpMethod": "POST",
+              "id": "identitytoolkit.accounts.mfaEnrollment.withdraw",
+              "parameterOrder": [],
+              "parameters": {},
+              "path": "v2/accounts/mfaEnrollment:withdraw",
+              "request": {
+                "$ref": "GoogleCloudIdentitytoolkitV2WithdrawMfaRequest"
+              },
+              "response": {
+                "$ref": "GoogleCloudIdentitytoolkitV2WithdrawMfaResponse"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform"
+              ]
+            }
+          }
+        },
+        "mfaSignIn": {
+          "methods": {
+            "finalize": {
+              "description": "Verifies the MFA challenge and performs sign-in",
+              "flatPath": "v2/accounts/mfaSignIn:finalize",
+              "httpMethod": "POST",
+              "id": "identitytoolkit.accounts.mfaSignIn.finalize",
+              "parameterOrder": [],
+              "parameters": {},
+              "path": "v2/accounts/mfaSignIn:finalize",
+              "request": {
+                "$ref": "GoogleCloudIdentitytoolkitV2FinalizeMfaSignInRequest"
+              },
+              "response": {
+                "$ref": "GoogleCloudIdentitytoolkitV2FinalizeMfaSignInResponse"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform"
+              ]
+            },
+            "start": {
+              "description": "Sends the MFA challenge",
+              "flatPath": "v2/accounts/mfaSignIn:start",
+              "httpMethod": "POST",
+              "id": "identitytoolkit.accounts.mfaSignIn.start",
+              "parameterOrder": [],
+              "parameters": {},
+              "path": "v2/accounts/mfaSignIn:start",
+              "request": {
+                "$ref": "GoogleCloudIdentitytoolkitV2StartMfaSignInRequest"
+              },
+              "response": {
+                "$ref": "GoogleCloudIdentitytoolkitV2StartMfaSignInResponse"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform"
+              ]
+            }
+          }
+        }
+      }
+    },
+    "defaultSupportedIdps": {
+      "methods": {
+        "list": {
+          "description": "List all default supported Idps.",
+          "flatPath": "v2/defaultSupportedIdps",
+          "httpMethod": "GET",
+          "id": "identitytoolkit.defaultSupportedIdps.list",
+          "parameterOrder": [],
+          "parameters": {
+            "pageSize": {
+              "description": "The maximum number of items to return.",
+              "format": "int32",
+              "location": "query",
+              "type": "integer"
+            },
+            "pageToken": {
+              "description": "The next_page_token value returned from a previous List request, if any.",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "v2/defaultSupportedIdps",
+          "response": {
+            "$ref": "GoogleCloudIdentitytoolkitAdminV2ListDefaultSupportedIdpsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/firebase"
+          ]
+        }
+      }
+    },
+    "projects": {
+      "methods": {
+        "getConfig": {
+          "description": "Retrieve an Identity Toolkit project configuration.",
+          "flatPath": "v2/projects/{projectsId}/config",
+          "httpMethod": "GET",
+          "id": "identitytoolkit.projects.getConfig",
+          "parameterOrder": [
+            "name"
+          ],
+          "parameters": {
+            "name": {
+              "description": "The resource name of the config, for example: \"projects/my-awesome-project/config\"",
+              "location": "path",
+              "pattern": "^projects/[^/]+/config$",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "v2/{+name}",
+          "response": {
+            "$ref": "GoogleCloudIdentitytoolkitAdminV2Config"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform"
+          ]
+        },
+        "updateConfig": {
+          "description": "Update an Identity Toolkit project configuration.",
+          "flatPath": "v2/projects/{projectsId}/config",
+          "httpMethod": "PATCH",
+          "id": "identitytoolkit.projects.updateConfig",
+          "parameterOrder": [
+            "name"
+          ],
+          "parameters": {
+            "name": {
+              "description": "Output only. The name of the Config resource. Example: \"projects/my-awesome-project/config\"",
+              "location": "path",
+              "pattern": "^projects/[^/]+/config$",
+              "required": true,
+              "type": "string"
+            },
+            "updateMask": {
+              "description": "The update mask applies to the resource. Fields set in the config but not included in this update mask will be ignored. For the `FieldMask` definition, see https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask",
+              "format": "google-fieldmask",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "v2/{+name}",
+          "request": {
+            "$ref": "GoogleCloudIdentitytoolkitAdminV2Config"
+          },
+          "response": {
+            "$ref": "GoogleCloudIdentitytoolkitAdminV2Config"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/firebase"
+          ]
+        }
+      },
+      "resources": {
+        "defaultSupportedIdpConfigs": {
+          "methods": {
+            "create": {
+              "description": "Create a default supported Idp configuration for an Identity Toolkit project.",
+              "flatPath": "v2/projects/{projectsId}/defaultSupportedIdpConfigs",
+              "httpMethod": "POST",
+              "id": "identitytoolkit.projects.defaultSupportedIdpConfigs.create",
+              "parameterOrder": [
+                "parent"
+              ],
+              "parameters": {
+                "idpId": {
+                  "description": "The id of the Idp to create a config for. Call ListDefaultSupportedIdps for list of all default supported Idps.",
+                  "location": "query",
+                  "type": "string"
+                },
+                "parent": {
+                  "description": "The parent resource name where the config to be created, for example: \"projects/my-awesome-project\"",
+                  "location": "path",
+                  "pattern": "^projects/[^/]+$",
+                  "required": true,
+                  "type": "string"
+                }
+              },
+              "path": "v2/{+parent}/defaultSupportedIdpConfigs",
+              "request": {
+                "$ref": "GoogleCloudIdentitytoolkitAdminV2DefaultSupportedIdpConfig"
+              },
+              "response": {
+                "$ref": "GoogleCloudIdentitytoolkitAdminV2DefaultSupportedIdpConfig"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform",
+                "https://www.googleapis.com/auth/firebase"
+              ]
+            },
+            "delete": {
+              "description": "Delete a default supported Idp configuration for an Identity Toolkit project.",
+              "flatPath": "v2/projects/{projectsId}/defaultSupportedIdpConfigs/{defaultSupportedIdpConfigsId}",
+              "httpMethod": "DELETE",
+              "id": "identitytoolkit.projects.defaultSupportedIdpConfigs.delete",
+              "parameterOrder": [
+                "name"
+              ],
+              "parameters": {
+                "name": {
+                  "description": "The resource name of the config, for example: \"projects/my-awesome-project/defaultSupportedIdpConfigs/google.com\"",
+                  "location": "path",
+                  "pattern": "^projects/[^/]+/defaultSupportedIdpConfigs/[^/]+$",
+                  "required": true,
+                  "type": "string"
+                }
+              },
+              "path": "v2/{+name}",
+              "response": {
+                "$ref": "GoogleProtobufEmpty"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform",
+                "https://www.googleapis.com/auth/firebase"
+              ]
+            },
+            "get": {
+              "description": "Retrieve a default supported Idp configuration for an Identity Toolkit project.",
+              "flatPath": "v2/projects/{projectsId}/defaultSupportedIdpConfigs/{defaultSupportedIdpConfigsId}",
+              "httpMethod": "GET",
+              "id": "identitytoolkit.projects.defaultSupportedIdpConfigs.get",
+              "parameterOrder": [
+                "name"
+              ],
+              "parameters": {
+                "name": {
+                  "description": "The resource name of the config, for example: \"projects/my-awesome-project/defaultSupportedIdpConfigs/google.com\"",
+                  "location": "path",
+                  "pattern": "^projects/[^/]+/defaultSupportedIdpConfigs/[^/]+$",
+                  "required": true,
+                  "type": "string"
+                }
+              },
+              "path": "v2/{+name}",
+              "response": {
+                "$ref": "GoogleCloudIdentitytoolkitAdminV2DefaultSupportedIdpConfig"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform",
+                "https://www.googleapis.com/auth/firebase"
+              ]
+            },
+            "list": {
+              "description": "List all default supported Idp configurations for an Identity Toolkit project.",
+              "flatPath": "v2/projects/{projectsId}/defaultSupportedIdpConfigs",
+              "httpMethod": "GET",
+              "id": "identitytoolkit.projects.defaultSupportedIdpConfigs.list",
+              "parameterOrder": [
+                "parent"
+              ],
+              "parameters": {
+                "pageSize": {
+                  "description": "The maximum number of items to return.",
+                  "format": "int32",
+                  "location": "query",
+                  "type": "integer"
+                },
+                "pageToken": {
+                  "description": "The next_page_token value returned from a previous List request, if any.",
+                  "location": "query",
+                  "type": "string"
+                },
+                "parent": {
+                  "description": "The parent resource name, for example, \"projects/my-awesome-project\".",
+                  "location": "path",
+                  "pattern": "^projects/[^/]+$",
+                  "required": true,
+                  "type": "string"
+                }
+              },
+              "path": "v2/{+parent}/defaultSupportedIdpConfigs",
+              "response": {
+                "$ref": "GoogleCloudIdentitytoolkitAdminV2ListDefaultSupportedIdpConfigsResponse"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform",
+                "https://www.googleapis.com/auth/firebase"
+              ]
+            },
+            "patch": {
+              "description": "Update a default supported Idp configuration for an Identity Toolkit project.",
+              "flatPath": "v2/projects/{projectsId}/defaultSupportedIdpConfigs/{defaultSupportedIdpConfigsId}",
+              "httpMethod": "PATCH",
+              "id": "identitytoolkit.projects.defaultSupportedIdpConfigs.patch",
+              "parameterOrder": [
+                "name"
+              ],
+              "parameters": {
+                "name": {
+                  "description": "The name of the DefaultSupportedIdpConfig resource, for example: \"projects/my-awesome-project/defaultSupportedIdpConfigs/google.com\"",
+                  "location": "path",
+                  "pattern": "^projects/[^/]+/defaultSupportedIdpConfigs/[^/]+$",
+                  "required": true,
+                  "type": "string"
+                },
+                "updateMask": {
+                  "description": "The update mask applies to the resource. For the `FieldMask` definition, see https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask",
+                  "format": "google-fieldmask",
+                  "location": "query",
+                  "type": "string"
+                }
+              },
+              "path": "v2/{+name}",
+              "request": {
+                "$ref": "GoogleCloudIdentitytoolkitAdminV2DefaultSupportedIdpConfig"
+              },
+              "response": {
+                "$ref": "GoogleCloudIdentitytoolkitAdminV2DefaultSupportedIdpConfig"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform",
+                "https://www.googleapis.com/auth/firebase"
+              ]
+            }
+          }
+        },
+        "inboundSamlConfigs": {
+          "methods": {
+            "create": {
+              "description": "Create an inbound SAML configuration for an Identity Toolkit project.",
+              "flatPath": "v2/projects/{projectsId}/inboundSamlConfigs",
+              "httpMethod": "POST",
+              "id": "identitytoolkit.projects.inboundSamlConfigs.create",
+              "parameterOrder": [
+                "parent"
+              ],
+              "parameters": {
+                "inboundSamlConfigId": {
+                  "description": "The id to use for this config.",
+                  "location": "query",
+                  "type": "string"
+                },
+                "parent": {
+                  "description": "The parent resource name where the config to be created, for example: \"projects/my-awesome-project\"",
+                  "location": "path",
+                  "pattern": "^projects/[^/]+$",
+                  "required": true,
+                  "type": "string"
+                }
+              },
+              "path": "v2/{+parent}/inboundSamlConfigs",
+              "request": {
+                "$ref": "GoogleCloudIdentitytoolkitAdminV2InboundSamlConfig"
+              },
+              "response": {
+                "$ref": "GoogleCloudIdentitytoolkitAdminV2InboundSamlConfig"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform",
+                "https://www.googleapis.com/auth/firebase"
+              ]
+            },
+            "delete": {
+              "description": "Delete an inbound SAML configuration for an Identity Toolkit project.",
+              "flatPath": "v2/projects/{projectsId}/inboundSamlConfigs/{inboundSamlConfigsId}",
+              "httpMethod": "DELETE",
+              "id": "identitytoolkit.projects.inboundSamlConfigs.delete",
+              "parameterOrder": [
+                "name"
+              ],
+              "parameters": {
+                "name": {
+                  "description": "The resource name of the config to be deleted, for example: 'projects/my-awesome-project/inboundSamlConfigs/my-config-id'.",
+                  "location": "path",
+                  "pattern": "^projects/[^/]+/inboundSamlConfigs/[^/]+$",
+                  "required": true,
+                  "type": "string"
+                }
+              },
+              "path": "v2/{+name}",
+              "response": {
+                "$ref": "GoogleProtobufEmpty"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform",
+                "https://www.googleapis.com/auth/firebase"
+              ]
+            },
+            "get": {
+              "description": "Retrieve an inbound SAML configuration for an Identity Toolkit project.",
+              "flatPath": "v2/projects/{projectsId}/inboundSamlConfigs/{inboundSamlConfigsId}",
+              "httpMethod": "GET",
+              "id": "identitytoolkit.projects.inboundSamlConfigs.get",
+              "parameterOrder": [
+                "name"
+              ],
+              "parameters": {
+                "name": {
+                  "description": "The resource name of the config, for example: 'projects/my-awesome-project/inboundSamlConfigs/my-config-id'.",
+                  "location": "path",
+                  "pattern": "^projects/[^/]+/inboundSamlConfigs/[^/]+$",
+                  "required": true,
+                  "type": "string"
+                }
+              },
+              "path": "v2/{+name}",
+              "response": {
+                "$ref": "GoogleCloudIdentitytoolkitAdminV2InboundSamlConfig"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform",
+                "https://www.googleapis.com/auth/firebase"
+              ]
+            },
+            "list": {
+              "description": "List all inbound SAML configurations for an Identity Toolkit project.",
+              "flatPath": "v2/projects/{projectsId}/inboundSamlConfigs",
+              "httpMethod": "GET",
+              "id": "identitytoolkit.projects.inboundSamlConfigs.list",
+              "parameterOrder": [
+                "parent"
+              ],
+              "parameters": {
+                "pageSize": {
+                  "description": "The maximum number of items to return.",
+                  "format": "int32",
+                  "location": "query",
+                  "type": "integer"
+                },
+                "pageToken": {
+                  "description": "The next_page_token value returned from a previous List request, if any.",
+                  "location": "query",
+                  "type": "string"
+                },
+                "parent": {
+                  "description": "The parent resource name, for example, \"projects/my-awesome-project\".",
+                  "location": "path",
+                  "pattern": "^projects/[^/]+$",
+                  "required": true,
+                  "type": "string"
+                }
+              },
+              "path": "v2/{+parent}/inboundSamlConfigs",
+              "response": {
+                "$ref": "GoogleCloudIdentitytoolkitAdminV2ListInboundSamlConfigsResponse"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform",
+                "https://www.googleapis.com/auth/firebase"
+              ]
+            },
+            "patch": {
+              "description": "Update an inbound SAML configuration for an Identity Toolkit project.",
+              "flatPath": "v2/projects/{projectsId}/inboundSamlConfigs/{inboundSamlConfigsId}",
+              "httpMethod": "PATCH",
+              "id": "identitytoolkit.projects.inboundSamlConfigs.patch",
+              "parameterOrder": [
+                "name"
+              ],
+              "parameters": {
+                "name": {
+                  "description": "The name of the InboundSamlConfig resource, for example: 'projects/my-awesome-project/inboundSamlConfigs/my-config-id'. Ignored during create requests.",
+                  "location": "path",
+                  "pattern": "^projects/[^/]+/inboundSamlConfigs/[^/]+$",
+                  "required": true,
+                  "type": "string"
+                },
+                "updateMask": {
+                  "description": "The update mask applies to the resource. Empty update mask will result in updating nothing. For the `FieldMask` definition, see https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask",
+                  "format": "google-fieldmask",
+                  "location": "query",
+                  "type": "string"
+                }
+              },
+              "path": "v2/{+name}",
+              "request": {
+                "$ref": "GoogleCloudIdentitytoolkitAdminV2InboundSamlConfig"
+              },
+              "response": {
+                "$ref": "GoogleCloudIdentitytoolkitAdminV2InboundSamlConfig"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform",
+                "https://www.googleapis.com/auth/firebase"
+              ]
+            }
+          }
+        },
+        "oauthIdpConfigs": {
+          "methods": {
+            "create": {
+              "description": "Create an Oidc Idp configuration for an Identity Toolkit project.",
+              "flatPath": "v2/projects/{projectsId}/oauthIdpConfigs",
+              "httpMethod": "POST",
+              "id": "identitytoolkit.projects.oauthIdpConfigs.create",
+              "parameterOrder": [
+                "parent"
+              ],
+              "parameters": {
+                "oauthIdpConfigId": {
+                  "description": "The id to use for this config.",
+                  "location": "query",
+                  "type": "string"
+                },
+                "parent": {
+                  "description": "The parent resource name where the config to be created, for example: \"projects/my-awesome-project\"",
+                  "location": "path",
+                  "pattern": "^projects/[^/]+$",
+                  "required": true,
+                  "type": "string"
+                }
+              },
+              "path": "v2/{+parent}/oauthIdpConfigs",
+              "request": {
+                "$ref": "GoogleCloudIdentitytoolkitAdminV2OAuthIdpConfig"
+              },
+              "response": {
+                "$ref": "GoogleCloudIdentitytoolkitAdminV2OAuthIdpConfig"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform",
+                "https://www.googleapis.com/auth/firebase"
+              ]
+            },
+            "delete": {
+              "description": "Delete an Oidc Idp configuration for an Identity Toolkit project.",
+              "flatPath": "v2/projects/{projectsId}/oauthIdpConfigs/{oauthIdpConfigsId}",
+              "httpMethod": "DELETE",
+              "id": "identitytoolkit.projects.oauthIdpConfigs.delete",
+              "parameterOrder": [
+                "name"
+              ],
+              "parameters": {
+                "name": {
+                  "description": "The resource name of the config to be deleted, for example: 'projects/my-awesome-project/oauthIdpConfigs/oauth-config-id'.",
+                  "location": "path",
+                  "pattern": "^projects/[^/]+/oauthIdpConfigs/[^/]+$",
+                  "required": true,
+                  "type": "string"
+                }
+              },
+              "path": "v2/{+name}",
+              "response": {
+                "$ref": "GoogleProtobufEmpty"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform",
+                "https://www.googleapis.com/auth/firebase"
+              ]
+            },
+            "get": {
+              "description": "Retrieve an Oidc Idp configuration for an Identity Toolkit project.",
+              "flatPath": "v2/projects/{projectsId}/oauthIdpConfigs/{oauthIdpConfigsId}",
+              "httpMethod": "GET",
+              "id": "identitytoolkit.projects.oauthIdpConfigs.get",
+              "parameterOrder": [
+                "name"
+              ],
+              "parameters": {
+                "name": {
+                  "description": "The resource name of the config, for example: 'projects/my-awesome-project/oauthIdpConfigs/oauth-config-id'.",
+                  "location": "path",
+                  "pattern": "^projects/[^/]+/oauthIdpConfigs/[^/]+$",
+                  "required": true,
+                  "type": "string"
+                }
+              },
+              "path": "v2/{+name}",
+              "response": {
+                "$ref": "GoogleCloudIdentitytoolkitAdminV2OAuthIdpConfig"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform",
+                "https://www.googleapis.com/auth/firebase"
+              ]
+            },
+            "list": {
+              "description": "List all Oidc Idp configurations for an Identity Toolkit project.",
+              "flatPath": "v2/projects/{projectsId}/oauthIdpConfigs",
+              "httpMethod": "GET",
+              "id": "identitytoolkit.projects.oauthIdpConfigs.list",
+              "parameterOrder": [
+                "parent"
+              ],
+              "parameters": {
+                "pageSize": {
+                  "description": "The maximum number of items to return.",
+                  "format": "int32",
+                  "location": "query",
+                  "type": "integer"
+                },
+                "pageToken": {
+                  "description": "The next_page_token value returned from a previous List request, if any.",
+                  "location": "query",
+                  "type": "string"
+                },
+                "parent": {
+                  "description": "The parent resource name, for example, \"projects/my-awesome-project\".",
+                  "location": "path",
+                  "pattern": "^projects/[^/]+$",
+                  "required": true,
+                  "type": "string"
+                }
+              },
+              "path": "v2/{+parent}/oauthIdpConfigs",
+              "response": {
+                "$ref": "GoogleCloudIdentitytoolkitAdminV2ListOAuthIdpConfigsResponse"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform",
+                "https://www.googleapis.com/auth/firebase"
+              ]
+            },
+            "patch": {
+              "description": "Update an Oidc Idp configuration for an Identity Toolkit project.",
+              "flatPath": "v2/projects/{projectsId}/oauthIdpConfigs/{oauthIdpConfigsId}",
+              "httpMethod": "PATCH",
+              "id": "identitytoolkit.projects.oauthIdpConfigs.patch",
+              "parameterOrder": [
+                "name"
+              ],
+              "parameters": {
+                "name": {
+                  "description": "The name of the OAuthIdpConfig resource, for example: 'projects/my-awesome-project/oauthIdpConfigs/oauth-config-id'. Ignored during create requests.",
+                  "location": "path",
+                  "pattern": "^projects/[^/]+/oauthIdpConfigs/[^/]+$",
+                  "required": true,
+                  "type": "string"
+                },
+                "updateMask": {
+                  "description": "The update mask applies to the resource. Empty update mask will result in updating nothing. For the `FieldMask` definition, see https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask",
+                  "format": "google-fieldmask",
+                  "location": "query",
+                  "type": "string"
+                }
+              },
+              "path": "v2/{+name}",
+              "request": {
+                "$ref": "GoogleCloudIdentitytoolkitAdminV2OAuthIdpConfig"
+              },
+              "response": {
+                "$ref": "GoogleCloudIdentitytoolkitAdminV2OAuthIdpConfig"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform",
+                "https://www.googleapis.com/auth/firebase"
+              ]
+            }
+          }
+        },
+        "tenants": {
+          "methods": {
+            "create": {
+              "description": "Create a tenant. Requires write permission on the Agent project.",
+              "flatPath": "v2/projects/{projectsId}/tenants",
+              "httpMethod": "POST",
+              "id": "identitytoolkit.projects.tenants.create",
+              "parameterOrder": [
+                "parent"
+              ],
+              "parameters": {
+                "parent": {
+                  "description": "The parent resource name where the tenant will be created. For example, \"projects/project1\".",
+                  "location": "path",
+                  "pattern": "^projects/[^/]+$",
+                  "required": true,
+                  "type": "string"
+                }
+              },
+              "path": "v2/{+parent}/tenants",
+              "request": {
+                "$ref": "GoogleCloudIdentitytoolkitAdminV2Tenant"
+              },
+              "response": {
+                "$ref": "GoogleCloudIdentitytoolkitAdminV2Tenant"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform",
+                "https://www.googleapis.com/auth/firebase"
+              ]
+            },
+            "delete": {
+              "description": "Delete a tenant. Requires write permission on the Agent project.",
+              "flatPath": "v2/projects/{projectsId}/tenants/{tenantsId}",
+              "httpMethod": "DELETE",
+              "id": "identitytoolkit.projects.tenants.delete",
+              "parameterOrder": [
+                "name"
+              ],
+              "parameters": {
+                "name": {
+                  "description": "Resource name of the tenant to delete.",
+                  "location": "path",
+                  "pattern": "^projects/[^/]+/tenants/[^/]+$",
+                  "required": true,
+                  "type": "string"
+                }
+              },
+              "path": "v2/{+name}",
+              "response": {
+                "$ref": "GoogleProtobufEmpty"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform",
+                "https://www.googleapis.com/auth/firebase"
+              ]
+            },
+            "get": {
+              "description": "Get a tenant. Requires read permission on the Tenant resource.",
+              "flatPath": "v2/projects/{projectsId}/tenants/{tenantsId}",
+              "httpMethod": "GET",
+              "id": "identitytoolkit.projects.tenants.get",
+              "parameterOrder": [
+                "name"
+              ],
+              "parameters": {
+                "name": {
+                  "description": "Resource name of the tenant to retrieve.",
+                  "location": "path",
+                  "pattern": "^projects/[^/]+/tenants/[^/]+$",
+                  "required": true,
+                  "type": "string"
+                }
+              },
+              "path": "v2/{+name}",
+              "response": {
+                "$ref": "GoogleCloudIdentitytoolkitAdminV2Tenant"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform",
+                "https://www.googleapis.com/auth/firebase"
+              ]
+            },
+            "getIamPolicy": {
+              "description": "Gets the access control policy for a resource. An error is returned if the resource does not exist. An empty policy is returned if the resource exists but does not have a policy set on it. Caller must have the right Google IAM permission on the resource.",
+              "flatPath": "v2/projects/{projectsId}/tenants/{tenantsId}:getIamPolicy",
+              "httpMethod": "POST",
+              "id": "identitytoolkit.projects.tenants.getIamPolicy",
+              "parameterOrder": [
+                "resource"
+              ],
+              "parameters": {
+                "resource": {
+                  "description": "REQUIRED: The resource for which the policy is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.",
+                  "location": "path",
+                  "pattern": "^projects/[^/]+/tenants/[^/]+$",
+                  "required": true,
+                  "type": "string"
+                }
+              },
+              "path": "v2/{+resource}:getIamPolicy",
+              "request": {
+                "$ref": "GoogleIamV1GetIamPolicyRequest"
+              },
+              "response": {
+                "$ref": "GoogleIamV1Policy"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform",
+                "https://www.googleapis.com/auth/firebase"
+              ]
+            },
+            "list": {
+              "description": "List tenants under the given agent project. Requires read permission on the Agent project.",
+              "flatPath": "v2/projects/{projectsId}/tenants",
+              "httpMethod": "GET",
+              "id": "identitytoolkit.projects.tenants.list",
+              "parameterOrder": [
+                "parent"
+              ],
+              "parameters": {
+                "pageSize": {
+                  "description": "The maximum number of results to return, capped at 1000. If not specified, the default value is 20.",
+                  "format": "int32",
+                  "location": "query",
+                  "type": "integer"
+                },
+                "pageToken": {
+                  "description": "The pagination token from the response of a previous request.",
+                  "location": "query",
+                  "type": "string"
+                },
+                "parent": {
+                  "description": "Required. The parent resource name to list tenants for.",
+                  "location": "path",
+                  "pattern": "^projects/[^/]+$",
+                  "required": true,
+                  "type": "string"
+                }
+              },
+              "path": "v2/{+parent}/tenants",
+              "response": {
+                "$ref": "GoogleCloudIdentitytoolkitAdminV2ListTenantsResponse"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform",
+                "https://www.googleapis.com/auth/firebase"
+              ]
+            },
+            "patch": {
+              "description": "Update a tenant. Requires write permission on the Tenant resource.",
+              "flatPath": "v2/projects/{projectsId}/tenants/{tenantsId}",
+              "httpMethod": "PATCH",
+              "id": "identitytoolkit.projects.tenants.patch",
+              "parameterOrder": [
+                "name"
+              ],
+              "parameters": {
+                "name": {
+                  "description": "Output only. Resource name of a tenant. For example: \"projects/{project-id}/tenants/{tenant-id}\"",
+                  "location": "path",
+                  "pattern": "^projects/[^/]+/tenants/[^/]+$",
+                  "required": true,
+                  "type": "string"
+                },
+                "updateMask": {
+                  "description": "If provided, only update fields set in the update mask. Otherwise, all settable fields will be updated. For the `FieldMask` definition, see https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask",
+                  "format": "google-fieldmask",
+                  "location": "query",
+                  "type": "string"
+                }
+              },
+              "path": "v2/{+name}",
+              "request": {
+                "$ref": "GoogleCloudIdentitytoolkitAdminV2Tenant"
+              },
+              "response": {
+                "$ref": "GoogleCloudIdentitytoolkitAdminV2Tenant"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform",
+                "https://www.googleapis.com/auth/firebase"
+              ]
+            },
+            "setIamPolicy": {
+              "description": "Sets the access control policy for a resource. If the policy exists, it is replaced. Caller must have the right Google IAM permission on the resource.",
+              "flatPath": "v2/projects/{projectsId}/tenants/{tenantsId}:setIamPolicy",
+              "httpMethod": "POST",
+              "id": "identitytoolkit.projects.tenants.setIamPolicy",
+              "parameterOrder": [
+                "resource"
+              ],
+              "parameters": {
+                "resource": {
+                  "description": "REQUIRED: The resource for which the policy is being specified. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.",
+                  "location": "path",
+                  "pattern": "^projects/[^/]+/tenants/[^/]+$",
+                  "required": true,
+                  "type": "string"
+                }
+              },
+              "path": "v2/{+resource}:setIamPolicy",
+              "request": {
+                "$ref": "GoogleIamV1SetIamPolicyRequest"
+              },
+              "response": {
+                "$ref": "GoogleIamV1Policy"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform",
+                "https://www.googleapis.com/auth/firebase"
+              ]
+            },
+            "testIamPermissions": {
+              "description": "Returns the caller's permissions on a resource. An error is returned if the resource does not exist. A caller is not required to have Google IAM permission to make this request.",
+              "flatPath": "v2/projects/{projectsId}/tenants/{tenantsId}:testIamPermissions",
+              "httpMethod": "POST",
+              "id": "identitytoolkit.projects.tenants.testIamPermissions",
+              "parameterOrder": [
+                "resource"
+              ],
+              "parameters": {
+                "resource": {
+                  "description": "REQUIRED: The resource for which the policy detail is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.",
+                  "location": "path",
+                  "pattern": "^projects/[^/]+/tenants/[^/]+$",
+                  "required": true,
+                  "type": "string"
+                }
+              },
+              "path": "v2/{+resource}:testIamPermissions",
+              "request": {
+                "$ref": "GoogleIamV1TestIamPermissionsRequest"
+              },
+              "response": {
+                "$ref": "GoogleIamV1TestIamPermissionsResponse"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform",
+                "https://www.googleapis.com/auth/firebase"
+              ]
+            }
+          },
+          "resources": {
+            "defaultSupportedIdpConfigs": {
+              "methods": {
+                "create": {
+                  "description": "Create a default supported Idp configuration for an Identity Toolkit project.",
+                  "flatPath": "v2/projects/{projectsId}/tenants/{tenantsId}/defaultSupportedIdpConfigs",
+                  "httpMethod": "POST",
+                  "id": "identitytoolkit.projects.tenants.defaultSupportedIdpConfigs.create",
+                  "parameterOrder": [
+                    "parent"
+                  ],
+                  "parameters": {
+                    "idpId": {
+                      "description": "The id of the Idp to create a config for. Call ListDefaultSupportedIdps for list of all default supported Idps.",
+                      "location": "query",
+                      "type": "string"
+                    },
+                    "parent": {
+                      "description": "The parent resource name where the config to be created, for example: \"projects/my-awesome-project\"",
+                      "location": "path",
+                      "pattern": "^projects/[^/]+/tenants/[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    }
+                  },
+                  "path": "v2/{+parent}/defaultSupportedIdpConfigs",
+                  "request": {
+                    "$ref": "GoogleCloudIdentitytoolkitAdminV2DefaultSupportedIdpConfig"
+                  },
+                  "response": {
+                    "$ref": "GoogleCloudIdentitytoolkitAdminV2DefaultSupportedIdpConfig"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform",
+                    "https://www.googleapis.com/auth/firebase"
+                  ]
+                },
+                "delete": {
+                  "description": "Delete a default supported Idp configuration for an Identity Toolkit project.",
+                  "flatPath": "v2/projects/{projectsId}/tenants/{tenantsId}/defaultSupportedIdpConfigs/{defaultSupportedIdpConfigsId}",
+                  "httpMethod": "DELETE",
+                  "id": "identitytoolkit.projects.tenants.defaultSupportedIdpConfigs.delete",
+                  "parameterOrder": [
+                    "name"
+                  ],
+                  "parameters": {
+                    "name": {
+                      "description": "The resource name of the config, for example: \"projects/my-awesome-project/defaultSupportedIdpConfigs/google.com\"",
+                      "location": "path",
+                      "pattern": "^projects/[^/]+/tenants/[^/]+/defaultSupportedIdpConfigs/[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    }
+                  },
+                  "path": "v2/{+name}",
+                  "response": {
+                    "$ref": "GoogleProtobufEmpty"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform",
+                    "https://www.googleapis.com/auth/firebase"
+                  ]
+                },
+                "get": {
+                  "description": "Retrieve a default supported Idp configuration for an Identity Toolkit project.",
+                  "flatPath": "v2/projects/{projectsId}/tenants/{tenantsId}/defaultSupportedIdpConfigs/{defaultSupportedIdpConfigsId}",
+                  "httpMethod": "GET",
+                  "id": "identitytoolkit.projects.tenants.defaultSupportedIdpConfigs.get",
+                  "parameterOrder": [
+                    "name"
+                  ],
+                  "parameters": {
+                    "name": {
+                      "description": "The resource name of the config, for example: \"projects/my-awesome-project/defaultSupportedIdpConfigs/google.com\"",
+                      "location": "path",
+                      "pattern": "^projects/[^/]+/tenants/[^/]+/defaultSupportedIdpConfigs/[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    }
+                  },
+                  "path": "v2/{+name}",
+                  "response": {
+                    "$ref": "GoogleCloudIdentitytoolkitAdminV2DefaultSupportedIdpConfig"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform",
+                    "https://www.googleapis.com/auth/firebase"
+                  ]
+                },
+                "list": {
+                  "description": "List all default supported Idp configurations for an Identity Toolkit project.",
+                  "flatPath": "v2/projects/{projectsId}/tenants/{tenantsId}/defaultSupportedIdpConfigs",
+                  "httpMethod": "GET",
+                  "id": "identitytoolkit.projects.tenants.defaultSupportedIdpConfigs.list",
+                  "parameterOrder": [
+                    "parent"
+                  ],
+                  "parameters": {
+                    "pageSize": {
+                      "description": "The maximum number of items to return.",
+                      "format": "int32",
+                      "location": "query",
+                      "type": "integer"
+                    },
+                    "pageToken": {
+                      "description": "The next_page_token value returned from a previous List request, if any.",
+                      "location": "query",
+                      "type": "string"
+                    },
+                    "parent": {
+                      "description": "The parent resource name, for example, \"projects/my-awesome-project\".",
+                      "location": "path",
+                      "pattern": "^projects/[^/]+/tenants/[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    }
+                  },
+                  "path": "v2/{+parent}/defaultSupportedIdpConfigs",
+                  "response": {
+                    "$ref": "GoogleCloudIdentitytoolkitAdminV2ListDefaultSupportedIdpConfigsResponse"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform",
+                    "https://www.googleapis.com/auth/firebase"
+                  ]
+                },
+                "patch": {
+                  "description": "Update a default supported Idp configuration for an Identity Toolkit project.",
+                  "flatPath": "v2/projects/{projectsId}/tenants/{tenantsId}/defaultSupportedIdpConfigs/{defaultSupportedIdpConfigsId}",
+                  "httpMethod": "PATCH",
+                  "id": "identitytoolkit.projects.tenants.defaultSupportedIdpConfigs.patch",
+                  "parameterOrder": [
+                    "name"
+                  ],
+                  "parameters": {
+                    "name": {
+                      "description": "The name of the DefaultSupportedIdpConfig resource, for example: \"projects/my-awesome-project/defaultSupportedIdpConfigs/google.com\"",
+                      "location": "path",
+                      "pattern": "^projects/[^/]+/tenants/[^/]+/defaultSupportedIdpConfigs/[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    },
+                    "updateMask": {
+                      "description": "The update mask applies to the resource. For the `FieldMask` definition, see https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask",
+                      "format": "google-fieldmask",
+                      "location": "query",
+                      "type": "string"
+                    }
+                  },
+                  "path": "v2/{+name}",
+                  "request": {
+                    "$ref": "GoogleCloudIdentitytoolkitAdminV2DefaultSupportedIdpConfig"
+                  },
+                  "response": {
+                    "$ref": "GoogleCloudIdentitytoolkitAdminV2DefaultSupportedIdpConfig"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform",
+                    "https://www.googleapis.com/auth/firebase"
+                  ]
+                }
+              }
+            },
+            "inboundSamlConfigs": {
+              "methods": {
+                "create": {
+                  "description": "Create an inbound SAML configuration for an Identity Toolkit project.",
+                  "flatPath": "v2/projects/{projectsId}/tenants/{tenantsId}/inboundSamlConfigs",
+                  "httpMethod": "POST",
+                  "id": "identitytoolkit.projects.tenants.inboundSamlConfigs.create",
+                  "parameterOrder": [
+                    "parent"
+                  ],
+                  "parameters": {
+                    "inboundSamlConfigId": {
+                      "description": "The id to use for this config.",
+                      "location": "query",
+                      "type": "string"
+                    },
+                    "parent": {
+                      "description": "The parent resource name where the config to be created, for example: \"projects/my-awesome-project\"",
+                      "location": "path",
+                      "pattern": "^projects/[^/]+/tenants/[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    }
+                  },
+                  "path": "v2/{+parent}/inboundSamlConfigs",
+                  "request": {
+                    "$ref": "GoogleCloudIdentitytoolkitAdminV2InboundSamlConfig"
+                  },
+                  "response": {
+                    "$ref": "GoogleCloudIdentitytoolkitAdminV2InboundSamlConfig"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform",
+                    "https://www.googleapis.com/auth/firebase"
+                  ]
+                },
+                "delete": {
+                  "description": "Delete an inbound SAML configuration for an Identity Toolkit project.",
+                  "flatPath": "v2/projects/{projectsId}/tenants/{tenantsId}/inboundSamlConfigs/{inboundSamlConfigsId}",
+                  "httpMethod": "DELETE",
+                  "id": "identitytoolkit.projects.tenants.inboundSamlConfigs.delete",
+                  "parameterOrder": [
+                    "name"
+                  ],
+                  "parameters": {
+                    "name": {
+                      "description": "The resource name of the config to be deleted, for example: 'projects/my-awesome-project/inboundSamlConfigs/my-config-id'.",
+                      "location": "path",
+                      "pattern": "^projects/[^/]+/tenants/[^/]+/inboundSamlConfigs/[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    }
+                  },
+                  "path": "v2/{+name}",
+                  "response": {
+                    "$ref": "GoogleProtobufEmpty"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform",
+                    "https://www.googleapis.com/auth/firebase"
+                  ]
+                },
+                "get": {
+                  "description": "Retrieve an inbound SAML configuration for an Identity Toolkit project.",
+                  "flatPath": "v2/projects/{projectsId}/tenants/{tenantsId}/inboundSamlConfigs/{inboundSamlConfigsId}",
+                  "httpMethod": "GET",
+                  "id": "identitytoolkit.projects.tenants.inboundSamlConfigs.get",
+                  "parameterOrder": [
+                    "name"
+                  ],
+                  "parameters": {
+                    "name": {
+                      "description": "The resource name of the config, for example: 'projects/my-awesome-project/inboundSamlConfigs/my-config-id'.",
+                      "location": "path",
+                      "pattern": "^projects/[^/]+/tenants/[^/]+/inboundSamlConfigs/[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    }
+                  },
+                  "path": "v2/{+name}",
+                  "response": {
+                    "$ref": "GoogleCloudIdentitytoolkitAdminV2InboundSamlConfig"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform",
+                    "https://www.googleapis.com/auth/firebase"
+                  ]
+                },
+                "list": {
+                  "description": "List all inbound SAML configurations for an Identity Toolkit project.",
+                  "flatPath": "v2/projects/{projectsId}/tenants/{tenantsId}/inboundSamlConfigs",
+                  "httpMethod": "GET",
+                  "id": "identitytoolkit.projects.tenants.inboundSamlConfigs.list",
+                  "parameterOrder": [
+                    "parent"
+                  ],
+                  "parameters": {
+                    "pageSize": {
+                      "description": "The maximum number of items to return.",
+                      "format": "int32",
+                      "location": "query",
+                      "type": "integer"
+                    },
+                    "pageToken": {
+                      "description": "The next_page_token value returned from a previous List request, if any.",
+                      "location": "query",
+                      "type": "string"
+                    },
+                    "parent": {
+                      "description": "The parent resource name, for example, \"projects/my-awesome-project\".",
+                      "location": "path",
+                      "pattern": "^projects/[^/]+/tenants/[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    }
+                  },
+                  "path": "v2/{+parent}/inboundSamlConfigs",
+                  "response": {
+                    "$ref": "GoogleCloudIdentitytoolkitAdminV2ListInboundSamlConfigsResponse"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform",
+                    "https://www.googleapis.com/auth/firebase"
+                  ]
+                },
+                "patch": {
+                  "description": "Update an inbound SAML configuration for an Identity Toolkit project.",
+                  "flatPath": "v2/projects/{projectsId}/tenants/{tenantsId}/inboundSamlConfigs/{inboundSamlConfigsId}",
+                  "httpMethod": "PATCH",
+                  "id": "identitytoolkit.projects.tenants.inboundSamlConfigs.patch",
+                  "parameterOrder": [
+                    "name"
+                  ],
+                  "parameters": {
+                    "name": {
+                      "description": "The name of the InboundSamlConfig resource, for example: 'projects/my-awesome-project/inboundSamlConfigs/my-config-id'. Ignored during create requests.",
+                      "location": "path",
+                      "pattern": "^projects/[^/]+/tenants/[^/]+/inboundSamlConfigs/[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    },
+                    "updateMask": {
+                      "description": "The update mask applies to the resource. Empty update mask will result in updating nothing. For the `FieldMask` definition, see https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask",
+                      "format": "google-fieldmask",
+                      "location": "query",
+                      "type": "string"
+                    }
+                  },
+                  "path": "v2/{+name}",
+                  "request": {
+                    "$ref": "GoogleCloudIdentitytoolkitAdminV2InboundSamlConfig"
+                  },
+                  "response": {
+                    "$ref": "GoogleCloudIdentitytoolkitAdminV2InboundSamlConfig"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform",
+                    "https://www.googleapis.com/auth/firebase"
+                  ]
+                }
+              }
+            },
+            "oauthIdpConfigs": {
+              "methods": {
+                "create": {
+                  "description": "Create an Oidc Idp configuration for an Identity Toolkit project.",
+                  "flatPath": "v2/projects/{projectsId}/tenants/{tenantsId}/oauthIdpConfigs",
+                  "httpMethod": "POST",
+                  "id": "identitytoolkit.projects.tenants.oauthIdpConfigs.create",
+                  "parameterOrder": [
+                    "parent"
+                  ],
+                  "parameters": {
+                    "oauthIdpConfigId": {
+                      "description": "The id to use for this config.",
+                      "location": "query",
+                      "type": "string"
+                    },
+                    "parent": {
+                      "description": "The parent resource name where the config to be created, for example: \"projects/my-awesome-project\"",
+                      "location": "path",
+                      "pattern": "^projects/[^/]+/tenants/[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    }
+                  },
+                  "path": "v2/{+parent}/oauthIdpConfigs",
+                  "request": {
+                    "$ref": "GoogleCloudIdentitytoolkitAdminV2OAuthIdpConfig"
+                  },
+                  "response": {
+                    "$ref": "GoogleCloudIdentitytoolkitAdminV2OAuthIdpConfig"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform",
+                    "https://www.googleapis.com/auth/firebase"
+                  ]
+                },
+                "delete": {
+                  "description": "Delete an Oidc Idp configuration for an Identity Toolkit project.",
+                  "flatPath": "v2/projects/{projectsId}/tenants/{tenantsId}/oauthIdpConfigs/{oauthIdpConfigsId}",
+                  "httpMethod": "DELETE",
+                  "id": "identitytoolkit.projects.tenants.oauthIdpConfigs.delete",
+                  "parameterOrder": [
+                    "name"
+                  ],
+                  "parameters": {
+                    "name": {
+                      "description": "The resource name of the config to be deleted, for example: 'projects/my-awesome-project/oauthIdpConfigs/oauth-config-id'.",
+                      "location": "path",
+                      "pattern": "^projects/[^/]+/tenants/[^/]+/oauthIdpConfigs/[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    }
+                  },
+                  "path": "v2/{+name}",
+                  "response": {
+                    "$ref": "GoogleProtobufEmpty"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform",
+                    "https://www.googleapis.com/auth/firebase"
+                  ]
+                },
+                "get": {
+                  "description": "Retrieve an Oidc Idp configuration for an Identity Toolkit project.",
+                  "flatPath": "v2/projects/{projectsId}/tenants/{tenantsId}/oauthIdpConfigs/{oauthIdpConfigsId}",
+                  "httpMethod": "GET",
+                  "id": "identitytoolkit.projects.tenants.oauthIdpConfigs.get",
+                  "parameterOrder": [
+                    "name"
+                  ],
+                  "parameters": {
+                    "name": {
+                      "description": "The resource name of the config, for example: 'projects/my-awesome-project/oauthIdpConfigs/oauth-config-id'.",
+                      "location": "path",
+                      "pattern": "^projects/[^/]+/tenants/[^/]+/oauthIdpConfigs/[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    }
+                  },
+                  "path": "v2/{+name}",
+                  "response": {
+                    "$ref": "GoogleCloudIdentitytoolkitAdminV2OAuthIdpConfig"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform",
+                    "https://www.googleapis.com/auth/firebase"
+                  ]
+                },
+                "list": {
+                  "description": "List all Oidc Idp configurations for an Identity Toolkit project.",
+                  "flatPath": "v2/projects/{projectsId}/tenants/{tenantsId}/oauthIdpConfigs",
+                  "httpMethod": "GET",
+                  "id": "identitytoolkit.projects.tenants.oauthIdpConfigs.list",
+                  "parameterOrder": [
+                    "parent"
+                  ],
+                  "parameters": {
+                    "pageSize": {
+                      "description": "The maximum number of items to return.",
+                      "format": "int32",
+                      "location": "query",
+                      "type": "integer"
+                    },
+                    "pageToken": {
+                      "description": "The next_page_token value returned from a previous List request, if any.",
+                      "location": "query",
+                      "type": "string"
+                    },
+                    "parent": {
+                      "description": "The parent resource name, for example, \"projects/my-awesome-project\".",
+                      "location": "path",
+                      "pattern": "^projects/[^/]+/tenants/[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    }
+                  },
+                  "path": "v2/{+parent}/oauthIdpConfigs",
+                  "response": {
+                    "$ref": "GoogleCloudIdentitytoolkitAdminV2ListOAuthIdpConfigsResponse"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform",
+                    "https://www.googleapis.com/auth/firebase"
+                  ]
+                },
+                "patch": {
+                  "description": "Update an Oidc Idp configuration for an Identity Toolkit project.",
+                  "flatPath": "v2/projects/{projectsId}/tenants/{tenantsId}/oauthIdpConfigs/{oauthIdpConfigsId}",
+                  "httpMethod": "PATCH",
+                  "id": "identitytoolkit.projects.tenants.oauthIdpConfigs.patch",
+                  "parameterOrder": [
+                    "name"
+                  ],
+                  "parameters": {
+                    "name": {
+                      "description": "The name of the OAuthIdpConfig resource, for example: 'projects/my-awesome-project/oauthIdpConfigs/oauth-config-id'. Ignored during create requests.",
+                      "location": "path",
+                      "pattern": "^projects/[^/]+/tenants/[^/]+/oauthIdpConfigs/[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    },
+                    "updateMask": {
+                      "description": "The update mask applies to the resource. Empty update mask will result in updating nothing. For the `FieldMask` definition, see https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask",
+                      "format": "google-fieldmask",
+                      "location": "query",
+                      "type": "string"
+                    }
+                  },
+                  "path": "v2/{+name}",
+                  "request": {
+                    "$ref": "GoogleCloudIdentitytoolkitAdminV2OAuthIdpConfig"
+                  },
+                  "response": {
+                    "$ref": "GoogleCloudIdentitytoolkitAdminV2OAuthIdpConfig"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform",
+                    "https://www.googleapis.com/auth/firebase"
+                  ]
+                }
+              }
+            }
+          }
+        }
+      }
+    }
+  },
+  "revision": "20220815",
+  "rootUrl": "https://identitytoolkit.googleapis.com/",
+  "schemas": {
+    "GoogleCloudIdentitytoolkitAdminV2Anonymous": {
+      "description": "Configuration options related to authenticating an anonymous user.",
+      "id": "GoogleCloudIdentitytoolkitAdminV2Anonymous",
+      "properties": {
+        "enabled": {
+          "description": "Whether anonymous user auth is enabled for the project or not.",
+          "type": "boolean"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2AppleSignInConfig": {
+      "description": "Additional config for SignInWithApple.",
+      "id": "GoogleCloudIdentitytoolkitAdminV2AppleSignInConfig",
+      "properties": {
+        "bundleIds": {
+          "description": "A list of Bundle ID's usable by this project",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "codeFlowConfig": {
+          "$ref": "GoogleCloudIdentitytoolkitAdminV2CodeFlowConfig"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2BlockingFunctionsConfig": {
+      "description": "Configuration related to Blocking Functions.",
+      "id": "GoogleCloudIdentitytoolkitAdminV2BlockingFunctionsConfig",
+      "properties": {
+        "forwardInboundCredentials": {
+          "$ref": "GoogleCloudIdentitytoolkitAdminV2ForwardInboundCredentials",
+          "description": "The user credentials to include in the JWT payload that is sent to the registered Blocking Functions."
+        },
+        "triggers": {
+          "additionalProperties": {
+            "$ref": "GoogleCloudIdentitytoolkitAdminV2Trigger"
+          },
+          "description": "Map of Trigger to event type. Key should be one of the supported event types: \"beforeCreate\", \"beforeSignIn\"",
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2ClientConfig": {
+      "description": "Options related to how clients making requests on behalf of a project should be configured.",
+      "id": "GoogleCloudIdentitytoolkitAdminV2ClientConfig",
+      "properties": {
+        "apiKey": {
+          "description": "Output only. API key that can be used when making requests for this project.",
+          "readOnly": true,
+          "type": "string"
+        },
+        "firebaseSubdomain": {
+          "description": "Output only. Firebase subdomain.",
+          "readOnly": true,
+          "type": "string"
+        },
+        "permissions": {
+          "$ref": "GoogleCloudIdentitytoolkitAdminV2Permissions",
+          "description": "Configuration related to restricting a user's ability to affect their account."
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2ClientPermissionConfig": {
+      "description": "Options related to how clients making requests on behalf of a tenant should be configured.",
+      "id": "GoogleCloudIdentitytoolkitAdminV2ClientPermissionConfig",
+      "properties": {
+        "permissions": {
+          "$ref": "GoogleCloudIdentitytoolkitAdminV2ClientPermissions",
+          "description": "Configuration related to restricting a user's ability to affect their account."
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2ClientPermissions": {
+      "description": "Configuration related to restricting a user's ability to affect their account.",
+      "id": "GoogleCloudIdentitytoolkitAdminV2ClientPermissions",
+      "properties": {
+        "disabledUserDeletion": {
+          "description": "When true, end users cannot delete their account on the associated project through any of our API methods",
+          "type": "boolean"
+        },
+        "disabledUserSignup": {
+          "description": "When true, end users cannot sign up for a new account on the associated project through any of our API methods",
+          "type": "boolean"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2CodeFlowConfig": {
+      "description": "Additional config for Apple for code flow.",
+      "id": "GoogleCloudIdentitytoolkitAdminV2CodeFlowConfig",
+      "properties": {
+        "keyId": {
+          "description": "Key ID for the private key.",
+          "type": "string"
+        },
+        "privateKey": {
+          "description": "Private key used for signing the client secret JWT.",
+          "type": "string"
+        },
+        "teamId": {
+          "description": "Apple Developer Team ID.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2Config": {
+      "description": "Represents an Identity Toolkit project.",
+      "id": "GoogleCloudIdentitytoolkitAdminV2Config",
+      "properties": {
+        "authorizedDomains": {
+          "description": "List of domains authorized for OAuth redirects",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "autodeleteAnonymousUsers": {
+          "description": "Whether anonymous users will be auto-deleted after a period of 30 days.",
+          "type": "boolean"
+        },
+        "blockingFunctions": {
+          "$ref": "GoogleCloudIdentitytoolkitAdminV2BlockingFunctionsConfig",
+          "description": "Configuration related to blocking functions."
+        },
+        "client": {
+          "$ref": "GoogleCloudIdentitytoolkitAdminV2ClientConfig",
+          "description": "Options related to how clients making requests on behalf of a project should be configured."
+        },
+        "mfa": {
+          "$ref": "GoogleCloudIdentitytoolkitAdminV2MultiFactorAuthConfig",
+          "description": "Configuration for this project's multi-factor authentication, including whether it is active and what factors can be used for the second factor"
+        },
+        "monitoring": {
+          "$ref": "GoogleCloudIdentitytoolkitAdminV2MonitoringConfig",
+          "description": "Configuration related to monitoring project activity."
+        },
+        "multiTenant": {
+          "$ref": "GoogleCloudIdentitytoolkitAdminV2MultiTenantConfig",
+          "description": "Configuration related to multi-tenant functionality."
+        },
+        "name": {
+          "description": "Output only. The name of the Config resource. Example: \"projects/my-awesome-project/config\"",
+          "readOnly": true,
+          "type": "string"
+        },
+        "notification": {
+          "$ref": "GoogleCloudIdentitytoolkitAdminV2NotificationConfig",
+          "description": "Configuration related to sending notifications to users."
+        },
+        "quota": {
+          "$ref": "GoogleCloudIdentitytoolkitAdminV2QuotaConfig",
+          "description": "Configuration related to quotas."
+        },
+        "signIn": {
+          "$ref": "GoogleCloudIdentitytoolkitAdminV2SignInConfig",
+          "description": "Configuration related to local sign in methods."
+        },
+        "subtype": {
+          "description": "Output only. The subtype of this config.",
+          "enum": [
+            "SUBTYPE_UNSPECIFIED",
+            "IDENTITY_PLATFORM",
+            "FIREBASE_AUTH"
+          ],
+          "enumDescriptions": [
+            "Default value. Do not use.",
+            "An Identity Platform project.",
+            "A Firebase Authentication project."
+          ],
+          "readOnly": true,
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2DefaultSupportedIdp": {
+      "description": "Standard Identity Toolkit-trusted IDPs.",
+      "id": "GoogleCloudIdentitytoolkitAdminV2DefaultSupportedIdp",
+      "properties": {
+        "description": {
+          "description": "Description of the Idp",
+          "type": "string"
+        },
+        "idpId": {
+          "description": "Id the of Idp",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2DefaultSupportedIdpConfig": {
+      "description": "Configurations options for authenticating with a the standard set of Identity Toolkit-trusted IDPs.",
+      "id": "GoogleCloudIdentitytoolkitAdminV2DefaultSupportedIdpConfig",
+      "properties": {
+        "appleSignInConfig": {
+          "$ref": "GoogleCloudIdentitytoolkitAdminV2AppleSignInConfig",
+          "description": "Additional config for Apple-based projects."
+        },
+        "clientId": {
+          "description": "OAuth client ID.",
+          "type": "string"
+        },
+        "clientSecret": {
+          "description": "OAuth client secret.",
+          "type": "string"
+        },
+        "enabled": {
+          "description": "True if allows the user to sign in with the provider.",
+          "type": "boolean"
+        },
+        "name": {
+          "description": "The name of the DefaultSupportedIdpConfig resource, for example: \"projects/my-awesome-project/defaultSupportedIdpConfigs/google.com\"",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2DnsInfo": {
+      "description": "Information of custom domain DNS verification. By default, default_domain will be used. A custom domain can be configured using VerifyCustomDomain.",
+      "id": "GoogleCloudIdentitytoolkitAdminV2DnsInfo",
+      "properties": {
+        "customDomain": {
+          "description": "Output only. The applied verified custom domain.",
+          "readOnly": true,
+          "type": "string"
+        },
+        "customDomainState": {
+          "description": "Output only. The current verification state of the custom domain. The custom domain will only be used once the domain verification is successful.",
+          "enum": [
+            "VERIFICATION_STATE_UNSPECIFIED",
+            "NOT_STARTED",
+            "IN_PROGRESS",
+            "FAILED",
+            "SUCCEEDED"
+          ],
+          "enumDescriptions": [
+            "Default value. Do not use.",
+            "The verification has not started.",
+            "The verification is in progress.",
+            "The verification failed.",
+            "The verification succeeded and is ready to be applied."
+          ],
+          "readOnly": true,
+          "type": "string"
+        },
+        "domainVerificationRequestTime": {
+          "description": "Output only. The timestamp of initial request for the current domain verification.",
+          "format": "google-datetime",
+          "readOnly": true,
+          "type": "string"
+        },
+        "pendingCustomDomain": {
+          "description": "Output only. The custom domain that's to be verified.",
+          "readOnly": true,
+          "type": "string"
+        },
+        "useCustomDomain": {
+          "description": "Whether to use custom domain.",
+          "type": "boolean"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2Email": {
+      "description": "Configuration options related to authenticating a user by their email address.",
+      "id": "GoogleCloudIdentitytoolkitAdminV2Email",
+      "properties": {
+        "enabled": {
+          "description": "Whether email auth is enabled for the project or not.",
+          "type": "boolean"
+        },
+        "passwordRequired": {
+          "description": "Whether a password is required for email auth or not. If true, both an email and password must be provided to sign in. If false, a user may sign in via either email/password or email link.",
+          "type": "boolean"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2EmailTemplate": {
+      "description": "Email template. The subject and body fields can contain the following placeholders which will be replaced with the appropriate values: %LINK% - The link to use to redeem the send OOB code. %EMAIL% - The email where the email is being sent. %NEW_EMAIL% - The new email being set for the account (when applicable). %APP_NAME% - The GCP project's display name. %DISPLAY_NAME% - The user's display name.",
+      "id": "GoogleCloudIdentitytoolkitAdminV2EmailTemplate",
+      "properties": {
+        "body": {
+          "description": "Email body",
+          "type": "string"
+        },
+        "bodyFormat": {
+          "description": "Email body format",
+          "enum": [
+            "BODY_FORMAT_UNSPECIFIED",
+            "PLAIN_TEXT",
+            "HTML"
+          ],
+          "enumDescriptions": [
+            "Default value. Do not use.",
+            "Plain text",
+            "HTML"
+          ],
+          "type": "string"
+        },
+        "customized": {
+          "description": "Output only. Whether the body or subject of the email is customized.",
+          "readOnly": true,
+          "type": "boolean"
+        },
+        "replyTo": {
+          "description": "Reply-to address",
+          "type": "string"
+        },
+        "senderDisplayName": {
+          "description": "Sender display name",
+          "type": "string"
+        },
+        "senderLocalPart": {
+          "description": "Local part of From address",
+          "type": "string"
+        },
+        "subject": {
+          "description": "Subject of the email",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2ForwardInboundCredentials": {
+      "description": "Indicates which credentials to pass to the registered Blocking Functions.",
+      "id": "GoogleCloudIdentitytoolkitAdminV2ForwardInboundCredentials",
+      "properties": {
+        "accessToken": {
+          "description": "Whether to pass the user's OAuth identity provider's access token.",
+          "type": "boolean"
+        },
+        "idToken": {
+          "description": "Whether to pass the user's OIDC identity provider's ID token.",
+          "type": "boolean"
+        },
+        "refreshToken": {
+          "description": "Whether to pass the user's OAuth identity provider's refresh token.",
+          "type": "boolean"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2HashConfig": {
+      "description": "History information of the hash algorithm and key. Different accounts' passwords may be generated by different version.",
+      "id": "GoogleCloudIdentitytoolkitAdminV2HashConfig",
+      "properties": {
+        "algorithm": {
+          "description": "Output only. Different password hash algorithms used in Identity Toolkit.",
+          "enum": [
+            "HASH_ALGORITHM_UNSPECIFIED",
+            "HMAC_SHA256",
+            "HMAC_SHA1",
+            "HMAC_MD5",
+            "SCRYPT",
+            "PBKDF_SHA1",
+            "MD5",
+            "HMAC_SHA512",
+            "SHA1",
+            "BCRYPT",
+            "PBKDF2_SHA256",
+            "SHA256",
+            "SHA512",
+            "STANDARD_SCRYPT"
+          ],
+          "enumDescriptions": [
+            "Default value. Do not use.",
+            "HMAC_SHA256",
+            "HMAC_SHA1",
+            "HMAC_MD5",
+            "SCRYPT",
+            "PBKDF_SHA1",
+            "MD5",
+            "HMAC_SHA512",
+            "SHA1",
+            "BCRYPT",
+            "PBKDF2_SHA256",
+            "SHA256",
+            "SHA512",
+            "STANDARD_SCRYPT"
+          ],
+          "readOnly": true,
+          "type": "string"
+        },
+        "memoryCost": {
+          "description": "Output only. Memory cost for hash calculation. Used by scrypt and other similar password derivation algorithms. See https://tools.ietf.org/html/rfc7914 for explanation of field.",
+          "format": "int32",
+          "readOnly": true,
+          "type": "integer"
+        },
+        "rounds": {
+          "description": "Output only. How many rounds for hash calculation. Used by scrypt and other similar password derivation algorithms.",
+          "format": "int32",
+          "readOnly": true,
+          "type": "integer"
+        },
+        "saltSeparator": {
+          "description": "Output only. Non-printable character to be inserted between the salt and plain text password in base64.",
+          "readOnly": true,
+          "type": "string"
+        },
+        "signerKey": {
+          "description": "Output only. Signer key in base64.",
+          "readOnly": true,
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2IdpCertificate": {
+      "description": "The IDP's certificate data to verify the signature in the SAMLResponse issued by the IDP.",
+      "id": "GoogleCloudIdentitytoolkitAdminV2IdpCertificate",
+      "properties": {
+        "x509Certificate": {
+          "description": "The x509 certificate",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2IdpConfig": {
+      "description": "The SAML IdP (Identity Provider) configuration when the project acts as the relying party.",
+      "id": "GoogleCloudIdentitytoolkitAdminV2IdpConfig",
+      "properties": {
+        "idpCertificates": {
+          "description": "IDP's public keys for verifying signature in the assertions.",
+          "items": {
+            "$ref": "GoogleCloudIdentitytoolkitAdminV2IdpCertificate"
+          },
+          "type": "array"
+        },
+        "idpEntityId": {
+          "description": "Unique identifier for all SAML entities.",
+          "type": "string"
+        },
+        "signRequest": {
+          "description": "Indicates if outbounding SAMLRequest should be signed.",
+          "type": "boolean"
+        },
+        "ssoUrl": {
+          "description": "URL to send Authentication request to.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2InboundSamlConfig": {
+      "description": "A pair of SAML RP-IDP configurations when the project acts as the relying party.",
+      "id": "GoogleCloudIdentitytoolkitAdminV2InboundSamlConfig",
+      "properties": {
+        "displayName": {
+          "description": "The config's display name set by developers.",
+          "type": "string"
+        },
+        "enabled": {
+          "description": "True if allows the user to sign in with the provider.",
+          "type": "boolean"
+        },
+        "idpConfig": {
+          "$ref": "GoogleCloudIdentitytoolkitAdminV2IdpConfig",
+          "description": "The SAML IdP (Identity Provider) configuration when the project acts as the relying party."
+        },
+        "name": {
+          "description": "The name of the InboundSamlConfig resource, for example: 'projects/my-awesome-project/inboundSamlConfigs/my-config-id'. Ignored during create requests.",
+          "type": "string"
+        },
+        "spConfig": {
+          "$ref": "GoogleCloudIdentitytoolkitAdminV2SpConfig",
+          "description": "The SAML SP (Service Provider) configuration when the project acts as the relying party to receive and accept an authentication assertion issued by a SAML identity provider."
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2Inheritance": {
+      "description": "Settings that the tenants will inherit from project level.",
+      "id": "GoogleCloudIdentitytoolkitAdminV2Inheritance",
+      "properties": {
+        "emailSendingConfig": {
+          "description": "Whether to allow the tenant to inherit custom domains, email templates, and custom SMTP settings. If true, email sent from tenant will follow the project level email sending configurations. If false (by default), emails will go with the default settings with no customizations.",
+          "type": "boolean"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2ListDefaultSupportedIdpConfigsResponse": {
+      "description": "Response for DefaultSupportedIdpConfigs",
+      "id": "GoogleCloudIdentitytoolkitAdminV2ListDefaultSupportedIdpConfigsResponse",
+      "properties": {
+        "defaultSupportedIdpConfigs": {
+          "description": "The set of configs.",
+          "items": {
+            "$ref": "GoogleCloudIdentitytoolkitAdminV2DefaultSupportedIdpConfig"
+          },
+          "type": "array"
+        },
+        "nextPageToken": {
+          "description": "Token to retrieve the next page of results, or empty if there are no more results in the list.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2ListDefaultSupportedIdpsResponse": {
+      "description": "Response for ListDefaultSupportedIdps",
+      "id": "GoogleCloudIdentitytoolkitAdminV2ListDefaultSupportedIdpsResponse",
+      "properties": {
+        "defaultSupportedIdps": {
+          "description": "The set of configs.",
+          "items": {
+            "$ref": "GoogleCloudIdentitytoolkitAdminV2DefaultSupportedIdp"
+          },
+          "type": "array"
+        },
+        "nextPageToken": {
+          "description": "Token to retrieve the next page of results, or empty if there are no more results in the list.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2ListInboundSamlConfigsResponse": {
+      "description": "Response for ListInboundSamlConfigs",
+      "id": "GoogleCloudIdentitytoolkitAdminV2ListInboundSamlConfigsResponse",
+      "properties": {
+        "inboundSamlConfigs": {
+          "description": "The set of configs.",
+          "items": {
+            "$ref": "GoogleCloudIdentitytoolkitAdminV2InboundSamlConfig"
+          },
+          "type": "array"
+        },
+        "nextPageToken": {
+          "description": "Token to retrieve the next page of results, or empty if there are no more results in the list.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2ListOAuthIdpConfigsResponse": {
+      "description": "Response for ListOAuthIdpConfigs",
+      "id": "GoogleCloudIdentitytoolkitAdminV2ListOAuthIdpConfigsResponse",
+      "properties": {
+        "nextPageToken": {
+          "description": "Token to retrieve the next page of results, or empty if there are no more results in the list.",
+          "type": "string"
+        },
+        "oauthIdpConfigs": {
+          "description": "The set of configs.",
+          "items": {
+            "$ref": "GoogleCloudIdentitytoolkitAdminV2OAuthIdpConfig"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2ListTenantsResponse": {
+      "description": "Response message for ListTenants.",
+      "id": "GoogleCloudIdentitytoolkitAdminV2ListTenantsResponse",
+      "properties": {
+        "nextPageToken": {
+          "description": "The token to get the next page of results.",
+          "type": "string"
+        },
+        "tenants": {
+          "description": "A list of tenants under the given agent project.",
+          "items": {
+            "$ref": "GoogleCloudIdentitytoolkitAdminV2Tenant"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2MonitoringConfig": {
+      "description": "Configuration related to monitoring project activity.",
+      "id": "GoogleCloudIdentitytoolkitAdminV2MonitoringConfig",
+      "properties": {
+        "requestLogging": {
+          "$ref": "GoogleCloudIdentitytoolkitAdminV2RequestLogging",
+          "description": "Configuration for logging requests made to this project to Stackdriver Logging"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2MultiFactorAuthConfig": {
+      "description": "Options related to MultiFactor Authentication for the project.",
+      "id": "GoogleCloudIdentitytoolkitAdminV2MultiFactorAuthConfig",
+      "properties": {
+        "enabledProviders": {
+          "description": "A list of usable second factors for this project.",
+          "items": {
+            "enum": [
+              "PROVIDER_UNSPECIFIED",
+              "PHONE_SMS"
+            ],
+            "enumDescriptions": [
+              "Illegal Provider, should not be used",
+              "SMS is enabled as a second factor for this project."
+            ],
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "state": {
+          "description": "Whether MultiFactor Authentication has been enabled for this project.",
+          "enum": [
+            "STATE_UNSPECIFIED",
+            "DISABLED",
+            "ENABLED",
+            "MANDATORY"
+          ],
+          "enumDescriptions": [
+            "Illegal State, should not be used.",
+            "Multi-factor authentication cannot be used for this project",
+            "Multi-factor authentication can be used for this project",
+            "Multi-factor authentication is required for this project. Users from this project must authenticate with the second factor."
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2MultiTenantConfig": {
+      "description": "Configuration related to multi-tenant functionality.",
+      "id": "GoogleCloudIdentitytoolkitAdminV2MultiTenantConfig",
+      "properties": {
+        "allowTenants": {
+          "description": "Whether this project can have tenants or not.",
+          "type": "boolean"
+        },
+        "defaultTenantLocation": {
+          "description": "The default cloud parent org or folder that the tenant project should be created under. The parent resource name should be in the format of \"/\", such as \"folders/123\" or \"organizations/456\". If the value is not set, the tenant will be created under the same organization or folder as the agent project.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2NotificationConfig": {
+      "description": "Configuration related to sending notifications to users.",
+      "id": "GoogleCloudIdentitytoolkitAdminV2NotificationConfig",
+      "properties": {
+        "defaultLocale": {
+          "description": "Default locale used for email and SMS in IETF BCP 47 format.",
+          "type": "string"
+        },
+        "sendEmail": {
+          "$ref": "GoogleCloudIdentitytoolkitAdminV2SendEmail",
+          "description": "Options for email sending."
+        },
+        "sendSms": {
+          "$ref": "GoogleCloudIdentitytoolkitAdminV2SendSms",
+          "description": "Options for SMS sending."
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2OAuthIdpConfig": {
+      "description": "Configuration options for authenticating with an OAuth IDP.",
+      "id": "GoogleCloudIdentitytoolkitAdminV2OAuthIdpConfig",
+      "properties": {
+        "clientId": {
+          "description": "The client id of an OAuth client.",
+          "type": "string"
+        },
+        "clientSecret": {
+          "description": "The client secret of the OAuth client, to enable OIDC code flow.",
+          "type": "string"
+        },
+        "displayName": {
+          "description": "The config's display name set by developers.",
+          "type": "string"
+        },
+        "enabled": {
+          "description": "True if allows the user to sign in with the provider.",
+          "type": "boolean"
+        },
+        "issuer": {
+          "description": "For OIDC Idps, the issuer identifier.",
+          "type": "string"
+        },
+        "name": {
+          "description": "The name of the OAuthIdpConfig resource, for example: 'projects/my-awesome-project/oauthIdpConfigs/oauth-config-id'. Ignored during create requests.",
+          "type": "string"
+        },
+        "responseType": {
+          "$ref": "GoogleCloudIdentitytoolkitAdminV2OAuthResponseType",
+          "description": "The response type to request for in the OAuth authorization flow. You can set either `id_token` or `code` to true, but not both. Setting both types to be simultaneously true (`{code: true, id_token: true}`) is not yet supported."
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2OAuthResponseType": {
+      "description": "The response type to request for in the OAuth authorization flow. You can set either `id_token` or `code` to true, but not both. Setting both types to be simultaneously true (`{code: true, id_token: true}`) is not yet supported. See https://openid.net/specs/openid-connect-core-1_0.html#Authentication for a mapping of response type to OAuth 2.0 flow.",
+      "id": "GoogleCloudIdentitytoolkitAdminV2OAuthResponseType",
+      "properties": {
+        "code": {
+          "description": "If true, authorization code is returned from IdP's authorization endpoint.",
+          "type": "boolean"
+        },
+        "idToken": {
+          "description": "If true, ID token is returned from IdP's authorization endpoint.",
+          "type": "boolean"
+        },
+        "token": {
+          "description": "Do not use. The `token` response type is not supported at the moment.",
+          "type": "boolean"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2Permissions": {
+      "description": "Configuration related to restricting a user's ability to affect their account.",
+      "id": "GoogleCloudIdentitytoolkitAdminV2Permissions",
+      "properties": {
+        "disabledUserDeletion": {
+          "description": "When true, end users cannot delete their account on the associated project through any of our API methods",
+          "type": "boolean"
+        },
+        "disabledUserSignup": {
+          "description": "When true, end users cannot sign up for a new account on the associated project through any of our API methods",
+          "type": "boolean"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2PhoneNumber": {
+      "description": "Configuration options related to authenticated a user by their phone number.",
+      "id": "GoogleCloudIdentitytoolkitAdminV2PhoneNumber",
+      "properties": {
+        "enabled": {
+          "description": "Whether phone number auth is enabled for the project or not.",
+          "type": "boolean"
+        },
+        "testPhoneNumbers": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "A map of that can be used for phone auth testing.",
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2QuotaConfig": {
+      "description": "Configuration related to quotas.",
+      "id": "GoogleCloudIdentitytoolkitAdminV2QuotaConfig",
+      "properties": {
+        "signUpQuotaConfig": {
+          "$ref": "GoogleCloudIdentitytoolkitAdminV2TemporaryQuota",
+          "description": "Quota for the Signup endpoint, if overwritten. Signup quota is measured in sign ups per project per hour per IP."
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2RequestLogging": {
+      "description": "Configuration for logging requests made to this project to Stackdriver Logging",
+      "id": "GoogleCloudIdentitytoolkitAdminV2RequestLogging",
+      "properties": {
+        "enabled": {
+          "description": "Whether logging is enabled for this project or not.",
+          "type": "boolean"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2SendEmail": {
+      "description": "Options for email sending.",
+      "id": "GoogleCloudIdentitytoolkitAdminV2SendEmail",
+      "properties": {
+        "callbackUri": {
+          "description": "action url in email template.",
+          "type": "string"
+        },
+        "changeEmailTemplate": {
+          "$ref": "GoogleCloudIdentitytoolkitAdminV2EmailTemplate",
+          "description": "Email template for change email"
+        },
+        "dnsInfo": {
+          "$ref": "GoogleCloudIdentitytoolkitAdminV2DnsInfo",
+          "description": "Information of custom domain DNS verification."
+        },
+        "legacyResetPasswordTemplate": {
+          "$ref": "GoogleCloudIdentitytoolkitAdminV2EmailTemplate",
+          "description": "Reset password email template for legacy Firebase V1 app."
+        },
+        "method": {
+          "description": "The method used for sending an email.",
+          "enum": [
+            "METHOD_UNSPECIFIED",
+            "DEFAULT",
+            "CUSTOM_SMTP"
+          ],
+          "enumDescriptions": [
+            "Email method unspecified.",
+            "Sending email on behalf of developer.",
+            "Sending email using SMTP configuration provided by developers."
+          ],
+          "type": "string"
+        },
+        "resetPasswordTemplate": {
+          "$ref": "GoogleCloudIdentitytoolkitAdminV2EmailTemplate",
+          "description": "Email template for reset password"
+        },
+        "revertSecondFactorAdditionTemplate": {
+          "$ref": "GoogleCloudIdentitytoolkitAdminV2EmailTemplate",
+          "description": "Email template for reverting second factor addition emails"
+        },
+        "smtp": {
+          "$ref": "GoogleCloudIdentitytoolkitAdminV2Smtp",
+          "description": "Use a custom SMTP relay"
+        },
+        "verifyEmailTemplate": {
+          "$ref": "GoogleCloudIdentitytoolkitAdminV2EmailTemplate",
+          "description": "Email template for verify email"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2SendSms": {
+      "description": "Options for SMS sending.",
+      "id": "GoogleCloudIdentitytoolkitAdminV2SendSms",
+      "properties": {
+        "smsTemplate": {
+          "$ref": "GoogleCloudIdentitytoolkitAdminV2SmsTemplate",
+          "description": "Output only. The template to use when sending an SMS.",
+          "readOnly": true
+        },
+        "useDeviceLocale": {
+          "description": "Whether to use the accept_language header for SMS.",
+          "type": "boolean"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2SignInConfig": {
+      "description": "Configuration related to local sign in methods.",
+      "id": "GoogleCloudIdentitytoolkitAdminV2SignInConfig",
+      "properties": {
+        "allowDuplicateEmails": {
+          "description": "Whether to allow more than one account to have the same email.",
+          "type": "boolean"
+        },
+        "anonymous": {
+          "$ref": "GoogleCloudIdentitytoolkitAdminV2Anonymous",
+          "description": "Configuration options related to authenticating an anonymous user."
+        },
+        "email": {
+          "$ref": "GoogleCloudIdentitytoolkitAdminV2Email",
+          "description": "Configuration options related to authenticating a user by their email address."
+        },
+        "hashConfig": {
+          "$ref": "GoogleCloudIdentitytoolkitAdminV2HashConfig",
+          "description": "Output only. Hash config information.",
+          "readOnly": true
+        },
+        "phoneNumber": {
+          "$ref": "GoogleCloudIdentitytoolkitAdminV2PhoneNumber",
+          "description": "Configuration options related to authenticated a user by their phone number."
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2SmsTemplate": {
+      "description": "The template to use when sending an SMS.",
+      "id": "GoogleCloudIdentitytoolkitAdminV2SmsTemplate",
+      "properties": {
+        "content": {
+          "description": "Output only. The SMS's content. Can contain the following placeholders which will be replaced with the appropriate values: %APP_NAME% - For Android or iOS apps, the app's display name. For web apps, the domain hosting the application. %LOGIN_CODE% - The OOB code being sent in the SMS.",
+          "readOnly": true,
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2Smtp": {
+      "description": "Configuration for SMTP relay",
+      "id": "GoogleCloudIdentitytoolkitAdminV2Smtp",
+      "properties": {
+        "host": {
+          "description": "SMTP relay host",
+          "type": "string"
+        },
+        "password": {
+          "description": "SMTP relay password",
+          "type": "string"
+        },
+        "port": {
+          "description": "SMTP relay port",
+          "format": "int32",
+          "type": "integer"
+        },
+        "securityMode": {
+          "description": "SMTP security mode.",
+          "enum": [
+            "SECURITY_MODE_UNSPECIFIED",
+            "SSL",
+            "START_TLS"
+          ],
+          "enumDescriptions": [
+            "Default value. Do not use.",
+            "SSL mode",
+            "START_TLS mode"
+          ],
+          "type": "string"
+        },
+        "senderEmail": {
+          "description": "Sender email for the SMTP relay",
+          "type": "string"
+        },
+        "username": {
+          "description": "SMTP relay username",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2SpCertificate": {
+      "description": "The SP's certificate data for IDP to verify the SAMLRequest generated by the SP.",
+      "id": "GoogleCloudIdentitytoolkitAdminV2SpCertificate",
+      "properties": {
+        "expiresAt": {
+          "description": "Timestamp of the cert expiration instance.",
+          "format": "google-datetime",
+          "type": "string"
+        },
+        "x509Certificate": {
+          "description": "Self-signed public certificate.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2SpConfig": {
+      "description": "The SAML SP (Service Provider) configuration when the project acts as the relying party to receive and accept an authentication assertion issued by a SAML identity provider.",
+      "id": "GoogleCloudIdentitytoolkitAdminV2SpConfig",
+      "properties": {
+        "callbackUri": {
+          "description": "Callback URI where responses from IDP are handled.",
+          "type": "string"
+        },
+        "spCertificates": {
+          "description": "Output only. Public certificates generated by the server to verify the signature in SAMLRequest in the SP-initiated flow.",
+          "items": {
+            "$ref": "GoogleCloudIdentitytoolkitAdminV2SpCertificate"
+          },
+          "readOnly": true,
+          "type": "array"
+        },
+        "spEntityId": {
+          "description": "Unique identifier for all SAML entities.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2TemporaryQuota": {
+      "description": "Temporary quota increase / decrease",
+      "id": "GoogleCloudIdentitytoolkitAdminV2TemporaryQuota",
+      "properties": {
+        "quota": {
+          "description": "Corresponds to the 'refill_token_count' field in QuotaServer config",
+          "format": "int64",
+          "type": "string"
+        },
+        "quotaDuration": {
+          "description": "How long this quota will be active for",
+          "format": "google-duration",
+          "type": "string"
+        },
+        "startTime": {
+          "description": "When this quota will take affect",
+          "format": "google-datetime",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2Tenant": {
+      "description": "A Tenant contains configuration for the tenant in a multi-tenant project.",
+      "id": "GoogleCloudIdentitytoolkitAdminV2Tenant",
+      "properties": {
+        "allowPasswordSignup": {
+          "description": "Whether to allow email/password user authentication.",
+          "type": "boolean"
+        },
+        "autodeleteAnonymousUsers": {
+          "description": "Whether anonymous users will be auto-deleted after a period of 30 days.",
+          "type": "boolean"
+        },
+        "client": {
+          "$ref": "GoogleCloudIdentitytoolkitAdminV2ClientPermissionConfig",
+          "description": "Options related to how clients making requests on behalf of a project should be configured."
+        },
+        "disableAuth": {
+          "description": "Whether authentication is disabled for the tenant. If true, the users under the disabled tenant are not allowed to sign-in. Admins of the disabled tenant are not able to manage its users.",
+          "type": "boolean"
+        },
+        "displayName": {
+          "description": "Display name of the tenant.",
+          "type": "string"
+        },
+        "enableAnonymousUser": {
+          "description": "Whether to enable anonymous user authentication.",
+          "type": "boolean"
+        },
+        "enableEmailLinkSignin": {
+          "description": "Whether to enable email link user authentication.",
+          "type": "boolean"
+        },
+        "hashConfig": {
+          "$ref": "GoogleCloudIdentitytoolkitAdminV2HashConfig",
+          "description": "Output only. Hash config information of a tenant for display on Pantheon. This can only be displayed on Pantheon to avoid the sensitive information to get accidentally leaked. Only returned in GetTenant response to restrict reading of this information. Requires firebaseauth.configs.getHashConfig permission on the agent project for returning this field.",
+          "readOnly": true
+        },
+        "inheritance": {
+          "$ref": "GoogleCloudIdentitytoolkitAdminV2Inheritance",
+          "description": "Specify the settings that the tenant could inherit."
+        },
+        "mfaConfig": {
+          "$ref": "GoogleCloudIdentitytoolkitAdminV2MultiFactorAuthConfig",
+          "description": "The tenant-level configuration of MFA options."
+        },
+        "name": {
+          "description": "Output only. Resource name of a tenant. For example: \"projects/{project-id}/tenants/{tenant-id}\"",
+          "readOnly": true,
+          "type": "string"
+        },
+        "testPhoneNumbers": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "A map of pairs that can be used for MFA. The phone number should be in E.164 format (https://www.itu.int/rec/T-REC-E.164/) and a maximum of 10 pairs can be added (error will be thrown once exceeded).",
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitAdminV2Trigger": {
+      "description": "Synchronous Cloud Function with HTTP Trigger",
+      "id": "GoogleCloudIdentitytoolkitAdminV2Trigger",
+      "properties": {
+        "functionUri": {
+          "description": "HTTP URI trigger for the Cloud Function.",
+          "type": "string"
+        },
+        "updateTime": {
+          "description": "When the trigger was changed.",
+          "format": "google-datetime",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV2AutoRetrievalInfo": {
+      "description": "The information required to auto-retrieve an SMS.",
+      "id": "GoogleCloudIdentitytoolkitV2AutoRetrievalInfo",
+      "properties": {
+        "appSignatureHash": {
+          "description": "The Android app's signature hash for Google Play Service's SMS Retriever API.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV2FinalizeMfaEnrollmentRequest": {
+      "description": "Finishes enrolling a second factor for the user.",
+      "id": "GoogleCloudIdentitytoolkitV2FinalizeMfaEnrollmentRequest",
+      "properties": {
+        "displayName": {
+          "description": "Display name which is entered by users to distinguish between different second factors with same type or different type.",
+          "type": "string"
+        },
+        "idToken": {
+          "description": "Required. ID token.",
+          "type": "string"
+        },
+        "phoneVerificationInfo": {
+          "$ref": "GoogleCloudIdentitytoolkitV2FinalizeMfaPhoneRequestInfo",
+          "description": "Verification info to authorize sending an SMS for phone verification."
+        },
+        "tenantId": {
+          "description": "The ID of the Identity Platform tenant that the user enrolling MFA belongs to. If not set, the user belongs to the default Identity Platform project.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV2FinalizeMfaEnrollmentResponse": {
+      "description": "FinalizeMfaEnrollment response.",
+      "id": "GoogleCloudIdentitytoolkitV2FinalizeMfaEnrollmentResponse",
+      "properties": {
+        "idToken": {
+          "description": "ID token updated to reflect MFA enrollment.",
+          "type": "string"
+        },
+        "phoneAuthInfo": {
+          "$ref": "GoogleCloudIdentitytoolkitV2FinalizeMfaPhoneResponseInfo",
+          "description": "Auxiliary auth info specific to phone auth."
+        },
+        "refreshToken": {
+          "description": "Refresh token updated to reflect MFA enrollment.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV2FinalizeMfaPhoneRequestInfo": {
+      "description": "Phone Verification info for a FinalizeMfa request.",
+      "id": "GoogleCloudIdentitytoolkitV2FinalizeMfaPhoneRequestInfo",
+      "properties": {
+        "androidVerificationProof": {
+          "description": "Android only. Uses for \"instant\" phone number verification though GmsCore.",
+          "type": "string"
+        },
+        "code": {
+          "description": "User-entered verification code.",
+          "type": "string"
+        },
+        "phoneNumber": {
+          "description": "Required if Android verification proof is presented.",
+          "type": "string"
+        },
+        "sessionInfo": {
+          "description": "An opaque string that represents the enrollment session.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV2FinalizeMfaPhoneResponseInfo": {
+      "description": "Phone Verification info for a FinalizeMfa response.",
+      "id": "GoogleCloudIdentitytoolkitV2FinalizeMfaPhoneResponseInfo",
+      "properties": {
+        "androidVerificationProof": {
+          "description": "Android only. Long-lived replacement for valid code tied to android device.",
+          "type": "string"
+        },
+        "androidVerificationProofExpireTime": {
+          "description": "Android only. Expiration time of verification proof in seconds.",
+          "format": "google-datetime",
+          "type": "string"
+        },
+        "phoneNumber": {
+          "description": "For Android verification proof.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV2FinalizeMfaSignInRequest": {
+      "description": "Finalizes sign-in by verifying MFA challenge.",
+      "id": "GoogleCloudIdentitytoolkitV2FinalizeMfaSignInRequest",
+      "properties": {
+        "mfaPendingCredential": {
+          "description": "Required. Pending credential from first factor sign-in.",
+          "type": "string"
+        },
+        "phoneVerificationInfo": {
+          "$ref": "GoogleCloudIdentitytoolkitV2FinalizeMfaPhoneRequestInfo",
+          "description": "Proof of completion of the SMS based MFA challenge."
+        },
+        "tenantId": {
+          "description": "The ID of the Identity Platform tenant the user is signing in to. If not set, the user will sign in to the default Identity Platform project.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV2FinalizeMfaSignInResponse": {
+      "description": "FinalizeMfaSignIn response.",
+      "id": "GoogleCloudIdentitytoolkitV2FinalizeMfaSignInResponse",
+      "properties": {
+        "idToken": {
+          "description": "ID token for the authenticated user.",
+          "type": "string"
+        },
+        "phoneAuthInfo": {
+          "$ref": "GoogleCloudIdentitytoolkitV2FinalizeMfaPhoneResponseInfo",
+          "description": "Extra phone auth info, including android verification proof."
+        },
+        "refreshToken": {
+          "description": "Refresh token for the authenticated user.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV2StartMfaEnrollmentRequest": {
+      "description": "Sends MFA enrollment verification SMS for a user.",
+      "id": "GoogleCloudIdentitytoolkitV2StartMfaEnrollmentRequest",
+      "properties": {
+        "idToken": {
+          "description": "Required. User's ID token.",
+          "type": "string"
+        },
+        "phoneEnrollmentInfo": {
+          "$ref": "GoogleCloudIdentitytoolkitV2StartMfaPhoneRequestInfo",
+          "description": "Verification info to authorize sending an SMS for phone verification."
+        },
+        "tenantId": {
+          "description": "The ID of the Identity Platform tenant that the user enrolling MFA belongs to. If not set, the user belongs to the default Identity Platform project.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV2StartMfaEnrollmentResponse": {
+      "description": "StartMfaEnrollment response.",
+      "id": "GoogleCloudIdentitytoolkitV2StartMfaEnrollmentResponse",
+      "properties": {
+        "phoneSessionInfo": {
+          "$ref": "GoogleCloudIdentitytoolkitV2StartMfaPhoneResponseInfo",
+          "description": "Verification info to authorize sending an SMS for phone verification."
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV2StartMfaPhoneRequestInfo": {
+      "description": "App Verification info for a StartMfa request.",
+      "id": "GoogleCloudIdentitytoolkitV2StartMfaPhoneRequestInfo",
+      "properties": {
+        "autoRetrievalInfo": {
+          "$ref": "GoogleCloudIdentitytoolkitV2AutoRetrievalInfo",
+          "description": "Android only. Used by Google Play Services to identify the app for auto-retrieval."
+        },
+        "iosReceipt": {
+          "description": "iOS only. Receipt of successful app token validation with APNS.",
+          "type": "string"
+        },
+        "iosSecret": {
+          "description": "iOS only. Secret delivered to iOS app via APNS.",
+          "type": "string"
+        },
+        "phoneNumber": {
+          "description": "Required for enrollment. Phone number to be enrolled as MFA.",
+          "type": "string"
+        },
+        "recaptchaToken": {
+          "description": "Web only. Recaptcha solution.",
+          "type": "string"
+        },
+        "safetyNetToken": {
+          "description": "Android only. Used to assert application identity in place of a recaptcha token. A SafetyNet Token can be generated via the [SafetyNet Android Attestation API](https://developer.android.com/training/safetynet/attestation.html), with the Base64 encoding of the `phone_number` field as the nonce.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV2StartMfaPhoneResponseInfo": {
+      "description": "Phone Verification info for a StartMfa response.",
+      "id": "GoogleCloudIdentitytoolkitV2StartMfaPhoneResponseInfo",
+      "properties": {
+        "sessionInfo": {
+          "description": "An opaque string that represents the enrollment session.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV2StartMfaSignInRequest": {
+      "description": "Starts multi-factor sign-in by sending the multi-factor auth challenge.",
+      "id": "GoogleCloudIdentitytoolkitV2StartMfaSignInRequest",
+      "properties": {
+        "mfaEnrollmentId": {
+          "description": "Required. MFA enrollment id from the user's list of current MFA enrollments.",
+          "type": "string"
+        },
+        "mfaPendingCredential": {
+          "description": "Required. Pending credential from first factor sign-in.",
+          "type": "string"
+        },
+        "phoneSignInInfo": {
+          "$ref": "GoogleCloudIdentitytoolkitV2StartMfaPhoneRequestInfo",
+          "description": "Verification info to authorize sending an SMS for phone verification."
+        },
+        "tenantId": {
+          "description": "The ID of the Identity Platform tenant the user is signing in to. If not set, the user will sign in to the default Identity Platform project.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV2StartMfaSignInResponse": {
+      "description": "StartMfaSignIn response.",
+      "id": "GoogleCloudIdentitytoolkitV2StartMfaSignInResponse",
+      "properties": {
+        "phoneResponseInfo": {
+          "$ref": "GoogleCloudIdentitytoolkitV2StartMfaPhoneResponseInfo",
+          "description": "MultiFactor sign-in session information specific to SMS-type second factors. Along with the one-time code retrieved from the sent SMS, the contents of this session information should be passed to FinalizeMfaSignIn to complete the sign in."
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV2WithdrawMfaRequest": {
+      "description": "Withdraws MFA.",
+      "id": "GoogleCloudIdentitytoolkitV2WithdrawMfaRequest",
+      "properties": {
+        "idToken": {
+          "description": "Required. User's ID token.",
+          "type": "string"
+        },
+        "mfaEnrollmentId": {
+          "description": "Required. MFA enrollment id from a current MFA enrollment.",
+          "type": "string"
+        },
+        "tenantId": {
+          "description": "The ID of the Identity Platform tenant that the user unenrolling MFA belongs to. If not set, the user belongs to the default Identity Platform project.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudIdentitytoolkitV2WithdrawMfaResponse": {
+      "description": "Withdraws MultiFactorAuth response.",
+      "id": "GoogleCloudIdentitytoolkitV2WithdrawMfaResponse",
+      "properties": {
+        "idToken": {
+          "description": "ID token updated to reflect removal of the second factor.",
+          "type": "string"
+        },
+        "refreshToken": {
+          "description": "Refresh token updated to reflect removal of the second factor.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleIamV1AuditConfig": {
+      "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.",
+      "id": "GoogleIamV1AuditConfig",
+      "properties": {
+        "auditLogConfigs": {
+          "description": "The configuration for logging of each type of permission.",
+          "items": {
+            "$ref": "GoogleIamV1AuditLogConfig"
+          },
+          "type": "array"
+        },
+        "service": {
+          "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleIamV1AuditLogConfig": {
+      "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.",
+      "id": "GoogleIamV1AuditLogConfig",
+      "properties": {
+        "exemptedMembers": {
+          "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "logType": {
+          "description": "The log type that this config enables.",
+          "enum": [
+            "LOG_TYPE_UNSPECIFIED",
+            "ADMIN_READ",
+            "DATA_WRITE",
+            "DATA_READ"
+          ],
+          "enumDescriptions": [
+            "Default case. Should never be this.",
+            "Admin reads. Example: CloudIAM getIamPolicy",
+            "Data writes. Example: CloudSQL Users create",
+            "Data reads. Example: CloudSQL Users list"
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleIamV1Binding": {
+      "description": "Associates `members`, or principals, with a `role`.",
+      "id": "GoogleIamV1Binding",
+      "properties": {
+        "condition": {
+          "$ref": "GoogleTypeExpr",
+          "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)."
+        },
+        "members": {
+          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "role": {
+          "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleIamV1GetIamPolicyRequest": {
+      "description": "Request message for `GetIamPolicy` method.",
+      "id": "GoogleIamV1GetIamPolicyRequest",
+      "properties": {
+        "options": {
+          "$ref": "GoogleIamV1GetPolicyOptions",
+          "description": "OPTIONAL: A `GetPolicyOptions` object for specifying options to `GetIamPolicy`."
+        }
+      },
+      "type": "object"
+    },
+    "GoogleIamV1GetPolicyOptions": {
+      "description": "Encapsulates settings provided to GetIamPolicy.",
+      "id": "GoogleIamV1GetPolicyOptions",
+      "properties": {
+        "requestedPolicyVersion": {
+          "description": "Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).",
+          "format": "int32",
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleIamV1Policy": {
+      "description": "An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { \"bindings\": [ { \"role\": \"roles/resourcemanager.organizationAdmin\", \"members\": [ \"user:mike@example.com\", \"group:admins@example.com\", \"domain:google.com\", \"serviceAccount:my-project-id@appspot.gserviceaccount.com\" ] }, { \"role\": \"roles/resourcemanager.organizationViewer\", \"members\": [ \"user:eve@example.com\" ], \"condition\": { \"title\": \"expirable access\", \"description\": \"Does not grant access after Sep 2020\", \"expression\": \"request.time < timestamp('2020-10-01T00:00:00.000Z')\", } } ], \"etag\": \"BwWWja0YfJA=\", \"version\": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).",
+      "id": "GoogleIamV1Policy",
+      "properties": {
+        "auditConfigs": {
+          "description": "Specifies cloud audit logging configuration for this policy.",
+          "items": {
+            "$ref": "GoogleIamV1AuditConfig"
+          },
+          "type": "array"
+        },
+        "bindings": {
+          "description": "Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.",
+          "items": {
+            "$ref": "GoogleIamV1Binding"
+          },
+          "type": "array"
+        },
+        "etag": {
+          "description": "`etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.",
+          "format": "byte",
+          "type": "string"
+        },
+        "version": {
+          "description": "Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).",
+          "format": "int32",
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleIamV1SetIamPolicyRequest": {
+      "description": "Request message for `SetIamPolicy` method.",
+      "id": "GoogleIamV1SetIamPolicyRequest",
+      "properties": {
+        "policy": {
+          "$ref": "GoogleIamV1Policy",
+          "description": "REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Google Cloud services (such as Projects) might reject them."
+        },
+        "updateMask": {
+          "description": "OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only the fields in the mask will be modified. If no mask is provided, the following default mask is used: `paths: \"bindings, etag\"`",
+          "format": "google-fieldmask",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleIamV1TestIamPermissionsRequest": {
+      "description": "Request message for `TestIamPermissions` method.",
+      "id": "GoogleIamV1TestIamPermissionsRequest",
+      "properties": {
+        "permissions": {
+          "description": "The set of permissions to check for the `resource`. Permissions with wildcards (such as `*` or `storage.*`) are not allowed. For more information see [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleIamV1TestIamPermissionsResponse": {
+      "description": "Response message for `TestIamPermissions` method.",
+      "id": "GoogleIamV1TestIamPermissionsResponse",
+      "properties": {
+        "permissions": {
+          "description": "A subset of `TestPermissionsRequest.permissions` that the caller is allowed.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleProtobufEmpty": {
+      "description": "A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }",
+      "id": "GoogleProtobufEmpty",
+      "properties": {},
+      "type": "object"
+    },
+    "GoogleTypeExpr": {
+      "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.",
+      "id": "GoogleTypeExpr",
+      "properties": {
+        "description": {
+          "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.",
+          "type": "string"
+        },
+        "expression": {
+          "description": "Textual representation of an expression in Common Expression Language syntax.",
+          "type": "string"
+        },
+        "location": {
+          "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.",
+          "type": "string"
+        },
+        "title": {
+          "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    }
+  },
+  "servicePath": "",
+  "title": "Identity Toolkit API",
+  "version": "v2",
+  "version_module": true
+}
\ No newline at end of file
diff --git a/googleapiclient/discovery_cache/documents/ids.v1.json b/googleapiclient/discovery_cache/documents/ids.v1.json
index eb9a42d23b1..750e3d9d079 100644
--- a/googleapiclient/discovery_cache/documents/ids.v1.json
+++ b/googleapiclient/discovery_cache/documents/ids.v1.json
@@ -535,7 +535,7 @@
       }
     }
   },
-  "revision": "20220724",
+  "revision": "20220810",
   "rootUrl": "https://ids.googleapis.com/",
   "schemas": {
     "AuditConfig": {
@@ -595,7 +595,7 @@
           "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)."
         },
         "members": {
-          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
+          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
           "items": {
             "type": "string"
           },
diff --git a/googleapiclient/discovery_cache/documents/indexing.v3.json b/googleapiclient/discovery_cache/documents/indexing.v3.json
index 1b66a66084a..4c422ea59f0 100644
--- a/googleapiclient/discovery_cache/documents/indexing.v3.json
+++ b/googleapiclient/discovery_cache/documents/indexing.v3.json
@@ -149,7 +149,7 @@
       }
     }
   },
-  "revision": "20220726",
+  "revision": "20220815",
   "rootUrl": "https://indexing.googleapis.com/",
   "schemas": {
     "PublishUrlNotificationResponse": {
diff --git a/googleapiclient/discovery_cache/documents/jobs.v3.json b/googleapiclient/discovery_cache/documents/jobs.v3.json
index bf50d17e2cc..665f699c381 100644
--- a/googleapiclient/discovery_cache/documents/jobs.v3.json
+++ b/googleapiclient/discovery_cache/documents/jobs.v3.json
@@ -651,7 +651,7 @@
       }
     }
   },
-  "revision": "20220802",
+  "revision": "20220818",
   "rootUrl": "https://jobs.googleapis.com/",
   "schemas": {
     "ApplicationInfo": {
diff --git a/googleapiclient/discovery_cache/documents/jobs.v3p1beta1.json b/googleapiclient/discovery_cache/documents/jobs.v3p1beta1.json
index 74d1f47b2ba..0b26f986555 100644
--- a/googleapiclient/discovery_cache/documents/jobs.v3p1beta1.json
+++ b/googleapiclient/discovery_cache/documents/jobs.v3p1beta1.json
@@ -681,7 +681,7 @@
       }
     }
   },
-  "revision": "20220802",
+  "revision": "20220818",
   "rootUrl": "https://jobs.googleapis.com/",
   "schemas": {
     "ApplicationInfo": {
diff --git a/googleapiclient/discovery_cache/documents/jobs.v4.json b/googleapiclient/discovery_cache/documents/jobs.v4.json
index 673b27a370f..f00a036d49d 100644
--- a/googleapiclient/discovery_cache/documents/jobs.v4.json
+++ b/googleapiclient/discovery_cache/documents/jobs.v4.json
@@ -903,7 +903,7 @@
       }
     }
   },
-  "revision": "20220802",
+  "revision": "20220818",
   "rootUrl": "https://jobs.googleapis.com/",
   "schemas": {
     "ApplicationInfo": {
diff --git a/googleapiclient/discovery_cache/documents/language.v1.json b/googleapiclient/discovery_cache/documents/language.v1.json
index 9d4092c4d2b..803482b52b2 100644
--- a/googleapiclient/discovery_cache/documents/language.v1.json
+++ b/googleapiclient/discovery_cache/documents/language.v1.json
@@ -227,7 +227,7 @@
       }
     }
   },
-  "revision": "20220806",
+  "revision": "20220819",
   "rootUrl": "https://language.googleapis.com/",
   "schemas": {
     "AnalyzeEntitiesRequest": {
diff --git a/googleapiclient/discovery_cache/documents/language.v1beta1.json b/googleapiclient/discovery_cache/documents/language.v1beta1.json
index 3e618e8077a..63ace29acf4 100644
--- a/googleapiclient/discovery_cache/documents/language.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/language.v1beta1.json
@@ -189,7 +189,7 @@
       }
     }
   },
-  "revision": "20220806",
+  "revision": "20220819",
   "rootUrl": "https://language.googleapis.com/",
   "schemas": {
     "AnalyzeEntitiesRequest": {
diff --git a/googleapiclient/discovery_cache/documents/language.v1beta2.json b/googleapiclient/discovery_cache/documents/language.v1beta2.json
index 345faa4a729..565773a8230 100644
--- a/googleapiclient/discovery_cache/documents/language.v1beta2.json
+++ b/googleapiclient/discovery_cache/documents/language.v1beta2.json
@@ -227,7 +227,7 @@
       }
     }
   },
-  "revision": "20220806",
+  "revision": "20220819",
   "rootUrl": "https://language.googleapis.com/",
   "schemas": {
     "AnalyzeEntitiesRequest": {
diff --git a/googleapiclient/discovery_cache/documents/libraryagent.v1.json b/googleapiclient/discovery_cache/documents/libraryagent.v1.json
index eca7d132282..af8ef42836a 100644
--- a/googleapiclient/discovery_cache/documents/libraryagent.v1.json
+++ b/googleapiclient/discovery_cache/documents/libraryagent.v1.json
@@ -279,7 +279,7 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220821",
   "rootUrl": "https://libraryagent.googleapis.com/",
   "schemas": {
     "GoogleExampleLibraryagentV1Book": {
diff --git a/googleapiclient/discovery_cache/documents/licensing.v1.json b/googleapiclient/discovery_cache/documents/licensing.v1.json
index c2e29951d61..47533073651 100644
--- a/googleapiclient/discovery_cache/documents/licensing.v1.json
+++ b/googleapiclient/discovery_cache/documents/licensing.v1.json
@@ -400,7 +400,7 @@
       }
     }
   },
-  "revision": "20220810",
+  "revision": "20220820",
   "rootUrl": "https://licensing.googleapis.com/",
   "schemas": {
     "Empty": {
diff --git a/googleapiclient/discovery_cache/documents/lifesciences.v2beta.json b/googleapiclient/discovery_cache/documents/lifesciences.v2beta.json
index d42e2680f9e..640148f11cb 100644
--- a/googleapiclient/discovery_cache/documents/lifesciences.v2beta.json
+++ b/googleapiclient/discovery_cache/documents/lifesciences.v2beta.json
@@ -312,7 +312,7 @@
       }
     }
   },
-  "revision": "20220805",
+  "revision": "20220812",
   "rootUrl": "https://lifesciences.googleapis.com/",
   "schemas": {
     "Accelerator": {
diff --git a/googleapiclient/discovery_cache/documents/managedidentities.v1.json b/googleapiclient/discovery_cache/documents/managedidentities.v1.json
index 43bfb0c9435..a7cc1839a50 100644
--- a/googleapiclient/discovery_cache/documents/managedidentities.v1.json
+++ b/googleapiclient/discovery_cache/documents/managedidentities.v1.json
@@ -295,6 +295,34 @@
                         "https://www.googleapis.com/auth/cloud-platform"
                       ]
                     },
+                    "extendSchema": {
+                      "description": "Extend Schema for Domain",
+                      "flatPath": "v1/projects/{projectsId}/locations/global/domains/{domainsId}:extendSchema",
+                      "httpMethod": "POST",
+                      "id": "managedidentities.projects.locations.global.domains.extendSchema",
+                      "parameterOrder": [
+                        "domain"
+                      ],
+                      "parameters": {
+                        "domain": {
+                          "description": "Required. The domain resource name using the form: `projects/{project_id}/locations/global/domains/{domain_name}`",
+                          "location": "path",
+                          "pattern": "^projects/[^/]+/locations/global/domains/[^/]+$",
+                          "required": true,
+                          "type": "string"
+                        }
+                      },
+                      "path": "v1/{+domain}:extendSchema",
+                      "request": {
+                        "$ref": "ExtendSchemaRequest"
+                      },
+                      "response": {
+                        "$ref": "Operation"
+                      },
+                      "scopes": [
+                        "https://www.googleapis.com/auth/cloud-platform"
+                      ]
+                    },
                     "get": {
                       "description": "Gets information about a domain.",
                       "flatPath": "v1/projects/{projectsId}/locations/global/domains/{domainsId}",
@@ -1375,7 +1403,7 @@
       }
     }
   },
-  "revision": "20220609",
+  "revision": "20220817",
   "rootUrl": "https://managedidentities.googleapis.com/",
   "schemas": {
     "AttachTrustRequest": {
@@ -1468,7 +1496,7 @@
           "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)."
         },
         "members": {
-          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
+          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
           "items": {
             "type": "string"
           },
@@ -1714,6 +1742,26 @@
       },
       "type": "object"
     },
+    "ExtendSchemaRequest": {
+      "description": "ExtendSchemaRequest is the request message for ExtendSchema method.",
+      "id": "ExtendSchemaRequest",
+      "properties": {
+        "description": {
+          "description": "Required. Description for Schema Change.",
+          "type": "string"
+        },
+        "fileContents": {
+          "description": "File uploaded as a byte stream input.",
+          "format": "byte",
+          "type": "string"
+        },
+        "gcsPath": {
+          "description": "File stored in Cloud Storage bucket and represented in the form projects/{project_id}/buckets/{bucket_name}/objects/{object_name} File should be in the same project as the domain.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
     "GoogleCloudManagedidentitiesV1OpMetadata": {
       "description": "Represents the metadata of the long-running operation.",
       "id": "GoogleCloudManagedidentitiesV1OpMetadata",
@@ -1859,7 +1907,7 @@
           "additionalProperties": {
             "type": "string"
           },
-          "description": "Deprecated. The MaintenancePolicies that have been attached to the instance. The key must be of the type name of the oneof policy name defined in MaintenancePolicy, and the referenced policy must define the same policy type. For complete details of MaintenancePolicy, please refer to go/cloud-saas-mw-ug.",
+          "description": "Optional. Deprecated. The MaintenancePolicies that have been attached to the instance. The key must be of the type name of the oneof policy name defined in MaintenancePolicy, and the referenced policy must define the same policy type. For complete details of MaintenancePolicy, please refer to go/cloud-saas-mw-ug.",
           "type": "object"
         },
         "maintenanceSchedules": {
@@ -1999,7 +2047,7 @@
           "additionalProperties": {
             "$ref": "MaintenancePolicy"
           },
-          "description": "Optional. The MaintenancePolicies that have been attached to the instance. The key must be of the type name of the oneof policy name defined in MaintenancePolicy, and the embedded policy must define the same policy type. For complete details of MaintenancePolicy, please refer to go/cloud-saas-mw-ug. If only the name is needed (like in the deprecated Instance.maintenance_policy_names field) then only populate MaintenancePolicy.name.",
+          "description": "Optional. The MaintenancePolicies that have been attached to the instance. The key must be of the type name of the oneof policy name defined in MaintenancePolicy, and the embedded policy must define the same policy type. For complete details of MaintenancePolicy, please refer to go/cloud-saas-mw-ug. If only the name is needed, then only populate MaintenancePolicy.name.",
           "type": "object"
         }
       },
@@ -2885,12 +2933,18 @@
           "enum": [
             "UPDATE_CHANNEL_UNSPECIFIED",
             "EARLIER",
-            "LATER"
+            "LATER",
+            "WEEK1",
+            "WEEK2",
+            "WEEK5"
           ],
           "enumDescriptions": [
             "Unspecified channel.",
             "Early channel within a customer project.",
-            "Later channel within a customer project."
+            "Later channel within a customer project.",
+            "! ! The follow channels can ONLY be used if you adopt the new MW system! ! ! NOTE: all WEEK channels are assumed to be under a weekly window. ! There is currently no dedicated channel definitions for Daily windows. ! If you use Daily window, the system will assume a 1d (24Hours) advanced ! notification period b/w EARLY and LATER. ! We may consider support more flexible daily channel specifications in ! the future. WEEK1 == EARLIER with minimum 7d advanced notification. {7d, 14d} The system will treat them equally and will use WEEK1 whenever it can. New customers are encouraged to use this channel annotation.",
+            "WEEK2 == LATER with minimum 14d advanced notification {14d, 21d}.",
+            "WEEK5 == 40d support. minimum 35d advanced notification {35d, 42d}."
           ],
           "type": "string"
         },
diff --git a/googleapiclient/discovery_cache/documents/managedidentities.v1alpha1.json b/googleapiclient/discovery_cache/documents/managedidentities.v1alpha1.json
index 13f3cb9f1fb..b14f1aa882c 100644
--- a/googleapiclient/discovery_cache/documents/managedidentities.v1alpha1.json
+++ b/googleapiclient/discovery_cache/documents/managedidentities.v1alpha1.json
@@ -1403,7 +1403,7 @@
       }
     }
   },
-  "revision": "20220609",
+  "revision": "20220817",
   "rootUrl": "https://managedidentities.googleapis.com/",
   "schemas": {
     "AttachTrustRequest": {
@@ -1501,7 +1501,7 @@
           "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)."
         },
         "members": {
-          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
+          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
           "items": {
             "type": "string"
           },
@@ -1905,7 +1905,7 @@
           "additionalProperties": {
             "type": "string"
           },
-          "description": "Deprecated. The MaintenancePolicies that have been attached to the instance. The key must be of the type name of the oneof policy name defined in MaintenancePolicy, and the referenced policy must define the same policy type. For complete details of MaintenancePolicy, please refer to go/cloud-saas-mw-ug.",
+          "description": "Optional. Deprecated. The MaintenancePolicies that have been attached to the instance. The key must be of the type name of the oneof policy name defined in MaintenancePolicy, and the referenced policy must define the same policy type. For complete details of MaintenancePolicy, please refer to go/cloud-saas-mw-ug.",
           "type": "object"
         },
         "maintenanceSchedules": {
@@ -2045,7 +2045,7 @@
           "additionalProperties": {
             "$ref": "MaintenancePolicy"
           },
-          "description": "Optional. The MaintenancePolicies that have been attached to the instance. The key must be of the type name of the oneof policy name defined in MaintenancePolicy, and the embedded policy must define the same policy type. For complete details of MaintenancePolicy, please refer to go/cloud-saas-mw-ug. If only the name is needed (like in the deprecated Instance.maintenance_policy_names field) then only populate MaintenancePolicy.name.",
+          "description": "Optional. The MaintenancePolicies that have been attached to the instance. The key must be of the type name of the oneof policy name defined in MaintenancePolicy, and the embedded policy must define the same policy type. For complete details of MaintenancePolicy, please refer to go/cloud-saas-mw-ug. If only the name is needed, then only populate MaintenancePolicy.name.",
           "type": "object"
         }
       },
@@ -2915,12 +2915,18 @@
           "enum": [
             "UPDATE_CHANNEL_UNSPECIFIED",
             "EARLIER",
-            "LATER"
+            "LATER",
+            "WEEK1",
+            "WEEK2",
+            "WEEK5"
           ],
           "enumDescriptions": [
             "Unspecified channel.",
             "Early channel within a customer project.",
-            "Later channel within a customer project."
+            "Later channel within a customer project.",
+            "! ! The follow channels can ONLY be used if you adopt the new MW system! ! ! NOTE: all WEEK channels are assumed to be under a weekly window. ! There is currently no dedicated channel definitions for Daily windows. ! If you use Daily window, the system will assume a 1d (24Hours) advanced ! notification period b/w EARLY and LATER. ! We may consider support more flexible daily channel specifications in ! the future. WEEK1 == EARLIER with minimum 7d advanced notification. {7d, 14d} The system will treat them equally and will use WEEK1 whenever it can. New customers are encouraged to use this channel annotation.",
+            "WEEK2 == LATER with minimum 14d advanced notification {14d, 21d}.",
+            "WEEK5 == 40d support. minimum 35d advanced notification {35d, 42d}."
           ],
           "type": "string"
         },
diff --git a/googleapiclient/discovery_cache/documents/managedidentities.v1beta1.json b/googleapiclient/discovery_cache/documents/managedidentities.v1beta1.json
index 5780fb36c88..125741fd402 100644
--- a/googleapiclient/discovery_cache/documents/managedidentities.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/managedidentities.v1beta1.json
@@ -1403,7 +1403,7 @@
       }
     }
   },
-  "revision": "20220609",
+  "revision": "20220817",
   "rootUrl": "https://managedidentities.googleapis.com/",
   "schemas": {
     "AttachTrustRequest": {
@@ -1502,7 +1502,7 @@
           "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)."
         },
         "members": {
-          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
+          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
           "items": {
             "type": "string"
           },
@@ -1914,7 +1914,7 @@
           "additionalProperties": {
             "type": "string"
           },
-          "description": "Deprecated. The MaintenancePolicies that have been attached to the instance. The key must be of the type name of the oneof policy name defined in MaintenancePolicy, and the referenced policy must define the same policy type. For complete details of MaintenancePolicy, please refer to go/cloud-saas-mw-ug.",
+          "description": "Optional. Deprecated. The MaintenancePolicies that have been attached to the instance. The key must be of the type name of the oneof policy name defined in MaintenancePolicy, and the referenced policy must define the same policy type. For complete details of MaintenancePolicy, please refer to go/cloud-saas-mw-ug.",
           "type": "object"
         },
         "maintenanceSchedules": {
@@ -2054,7 +2054,7 @@
           "additionalProperties": {
             "$ref": "MaintenancePolicy"
           },
-          "description": "Optional. The MaintenancePolicies that have been attached to the instance. The key must be of the type name of the oneof policy name defined in MaintenancePolicy, and the embedded policy must define the same policy type. For complete details of MaintenancePolicy, please refer to go/cloud-saas-mw-ug. If only the name is needed (like in the deprecated Instance.maintenance_policy_names field) then only populate MaintenancePolicy.name.",
+          "description": "Optional. The MaintenancePolicies that have been attached to the instance. The key must be of the type name of the oneof policy name defined in MaintenancePolicy, and the embedded policy must define the same policy type. For complete details of MaintenancePolicy, please refer to go/cloud-saas-mw-ug. If only the name is needed, then only populate MaintenancePolicy.name.",
           "type": "object"
         }
       },
@@ -2940,12 +2940,18 @@
           "enum": [
             "UPDATE_CHANNEL_UNSPECIFIED",
             "EARLIER",
-            "LATER"
+            "LATER",
+            "WEEK1",
+            "WEEK2",
+            "WEEK5"
           ],
           "enumDescriptions": [
             "Unspecified channel.",
             "Early channel within a customer project.",
-            "Later channel within a customer project."
+            "Later channel within a customer project.",
+            "! ! The follow channels can ONLY be used if you adopt the new MW system! ! ! NOTE: all WEEK channels are assumed to be under a weekly window. ! There is currently no dedicated channel definitions for Daily windows. ! If you use Daily window, the system will assume a 1d (24Hours) advanced ! notification period b/w EARLY and LATER. ! We may consider support more flexible daily channel specifications in ! the future. WEEK1 == EARLIER with minimum 7d advanced notification. {7d, 14d} The system will treat them equally and will use WEEK1 whenever it can. New customers are encouraged to use this channel annotation.",
+            "WEEK2 == LATER with minimum 14d advanced notification {14d, 21d}.",
+            "WEEK5 == 40d support. minimum 35d advanced notification {35d, 42d}."
           ],
           "type": "string"
         },
diff --git a/googleapiclient/discovery_cache/documents/manufacturers.v1.json b/googleapiclient/discovery_cache/documents/manufacturers.v1.json
index 7ce959b9fed..66268702a7e 100644
--- a/googleapiclient/discovery_cache/documents/manufacturers.v1.json
+++ b/googleapiclient/discovery_cache/documents/manufacturers.v1.json
@@ -287,7 +287,7 @@
       }
     }
   },
-  "revision": "20220809",
+  "revision": "20220812",
   "rootUrl": "https://manufacturers.googleapis.com/",
   "schemas": {
     "Attributes": {
diff --git a/googleapiclient/discovery_cache/documents/metastore.v1alpha.json b/googleapiclient/discovery_cache/documents/metastore.v1alpha.json
index 1858b4201de..6df0b52cd90 100644
--- a/googleapiclient/discovery_cache/documents/metastore.v1alpha.json
+++ b/googleapiclient/discovery_cache/documents/metastore.v1alpha.json
@@ -1467,7 +1467,7 @@
       }
     }
   },
-  "revision": "20220809",
+  "revision": "20220816",
   "rootUrl": "https://metastore.googleapis.com/",
   "schemas": {
     "AuditConfig": {
diff --git a/googleapiclient/discovery_cache/documents/metastore.v1beta.json b/googleapiclient/discovery_cache/documents/metastore.v1beta.json
index fc73f836a1e..13f388e423d 100644
--- a/googleapiclient/discovery_cache/documents/metastore.v1beta.json
+++ b/googleapiclient/discovery_cache/documents/metastore.v1beta.json
@@ -1467,7 +1467,7 @@
       }
     }
   },
-  "revision": "20220809",
+  "revision": "20220816",
   "rootUrl": "https://metastore.googleapis.com/",
   "schemas": {
     "AuditConfig": {
diff --git a/googleapiclient/discovery_cache/documents/ml.v1.json b/googleapiclient/discovery_cache/documents/ml.v1.json
index f59547cd4e0..782e027f000 100644
--- a/googleapiclient/discovery_cache/documents/ml.v1.json
+++ b/googleapiclient/discovery_cache/documents/ml.v1.json
@@ -1486,7 +1486,7 @@
       }
     }
   },
-  "revision": "20220728",
+  "revision": "20220812",
   "rootUrl": "https://ml.googleapis.com/",
   "schemas": {
     "GoogleApi__HttpBody": {
@@ -3705,7 +3705,7 @@
           "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)."
         },
         "members": {
-          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
+          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
           "items": {
             "type": "string"
           },
diff --git a/googleapiclient/discovery_cache/documents/monitoring.v1.json b/googleapiclient/discovery_cache/documents/monitoring.v1.json
index c9a34b5f29e..f163114e2bb 100644
--- a/googleapiclient/discovery_cache/documents/monitoring.v1.json
+++ b/googleapiclient/discovery_cache/documents/monitoring.v1.json
@@ -769,7 +769,7 @@
       }
     }
   },
-  "revision": "20220806",
+  "revision": "20220812",
   "rootUrl": "https://monitoring.googleapis.com/",
   "schemas": {
     "Aggregation": {
diff --git a/googleapiclient/discovery_cache/documents/monitoring.v3.json b/googleapiclient/discovery_cache/documents/monitoring.v3.json
index a7697d58d1c..7b156f5f22d 100644
--- a/googleapiclient/discovery_cache/documents/monitoring.v3.json
+++ b/googleapiclient/discovery_cache/documents/monitoring.v3.json
@@ -2571,7 +2571,7 @@
       }
     }
   },
-  "revision": "20220806",
+  "revision": "20220812",
   "rootUrl": "https://monitoring.googleapis.com/",
   "schemas": {
     "Aggregation": {
diff --git a/googleapiclient/discovery_cache/documents/mybusinessaccountmanagement.v1.json b/googleapiclient/discovery_cache/documents/mybusinessaccountmanagement.v1.json
index d0fe89e1175..04ad06c4a2f 100644
--- a/googleapiclient/discovery_cache/documents/mybusinessaccountmanagement.v1.json
+++ b/googleapiclient/discovery_cache/documents/mybusinessaccountmanagement.v1.json
@@ -530,7 +530,7 @@
       }
     }
   },
-  "revision": "20220813",
+  "revision": "20220821",
   "rootUrl": "https://mybusinessaccountmanagement.googleapis.com/",
   "schemas": {
     "AcceptInvitationRequest": {
diff --git a/googleapiclient/discovery_cache/documents/mybusinessbusinesscalls.v1.json b/googleapiclient/discovery_cache/documents/mybusinessbusinesscalls.v1.json
index ecdab02281a..3abde2b1fdf 100644
--- a/googleapiclient/discovery_cache/documents/mybusinessbusinesscalls.v1.json
+++ b/googleapiclient/discovery_cache/documents/mybusinessbusinesscalls.v1.json
@@ -198,7 +198,7 @@
       }
     }
   },
-  "revision": "20220813",
+  "revision": "20220821",
   "rootUrl": "https://mybusinessbusinesscalls.googleapis.com/",
   "schemas": {
     "AggregateMetrics": {
diff --git a/googleapiclient/discovery_cache/documents/mybusinessbusinessinformation.v1.json b/googleapiclient/discovery_cache/documents/mybusinessbusinessinformation.v1.json
index b2d5e977a72..eab4bc78965 100644
--- a/googleapiclient/discovery_cache/documents/mybusinessbusinessinformation.v1.json
+++ b/googleapiclient/discovery_cache/documents/mybusinessbusinessinformation.v1.json
@@ -662,7 +662,7 @@
       }
     }
   },
-  "revision": "20220813",
+  "revision": "20220821",
   "rootUrl": "https://mybusinessbusinessinformation.googleapis.com/",
   "schemas": {
     "AdWordsLocationExtensions": {
diff --git a/googleapiclient/discovery_cache/documents/mybusinesslodging.v1.json b/googleapiclient/discovery_cache/documents/mybusinesslodging.v1.json
index 64b147ed43a..f43f8e02441 100644
--- a/googleapiclient/discovery_cache/documents/mybusinesslodging.v1.json
+++ b/googleapiclient/discovery_cache/documents/mybusinesslodging.v1.json
@@ -194,7 +194,7 @@
       }
     }
   },
-  "revision": "20220813",
+  "revision": "20220821",
   "rootUrl": "https://mybusinesslodging.googleapis.com/",
   "schemas": {
     "Accessibility": {
diff --git a/googleapiclient/discovery_cache/documents/mybusinessnotifications.v1.json b/googleapiclient/discovery_cache/documents/mybusinessnotifications.v1.json
index c9e597ddef2..3f0c29cee1c 100644
--- a/googleapiclient/discovery_cache/documents/mybusinessnotifications.v1.json
+++ b/googleapiclient/discovery_cache/documents/mybusinessnotifications.v1.json
@@ -154,7 +154,7 @@
       }
     }
   },
-  "revision": "20220813",
+  "revision": "20220821",
   "rootUrl": "https://mybusinessnotifications.googleapis.com/",
   "schemas": {
     "NotificationSetting": {
diff --git a/googleapiclient/discovery_cache/documents/mybusinessplaceactions.v1.json b/googleapiclient/discovery_cache/documents/mybusinessplaceactions.v1.json
index 79a6e61b306..0b673f5b520 100644
--- a/googleapiclient/discovery_cache/documents/mybusinessplaceactions.v1.json
+++ b/googleapiclient/discovery_cache/documents/mybusinessplaceactions.v1.json
@@ -281,7 +281,7 @@
       }
     }
   },
-  "revision": "20220813",
+  "revision": "20220821",
   "rootUrl": "https://mybusinessplaceactions.googleapis.com/",
   "schemas": {
     "AvailableDay": {
diff --git a/googleapiclient/discovery_cache/documents/mybusinessqanda.v1.json b/googleapiclient/discovery_cache/documents/mybusinessqanda.v1.json
index 5ca888fed28..6ffcb821c2a 100644
--- a/googleapiclient/discovery_cache/documents/mybusinessqanda.v1.json
+++ b/googleapiclient/discovery_cache/documents/mybusinessqanda.v1.json
@@ -323,7 +323,7 @@
       }
     }
   },
-  "revision": "20220813",
+  "revision": "20220821",
   "rootUrl": "https://mybusinessqanda.googleapis.com/",
   "schemas": {
     "Answer": {
diff --git a/googleapiclient/discovery_cache/documents/mybusinessverifications.v1.json b/googleapiclient/discovery_cache/documents/mybusinessverifications.v1.json
index 98936c688f8..4a911a9a0e0 100644
--- a/googleapiclient/discovery_cache/documents/mybusinessverifications.v1.json
+++ b/googleapiclient/discovery_cache/documents/mybusinessverifications.v1.json
@@ -256,7 +256,7 @@
       }
     }
   },
-  "revision": "20220813",
+  "revision": "20220821",
   "rootUrl": "https://mybusinessverifications.googleapis.com/",
   "schemas": {
     "AddressVerificationData": {
@@ -376,7 +376,7 @@
       "properties": {
         "location": {
           "$ref": "Location",
-          "description": "Required. The target location."
+          "description": "Required. The target location. Note: The location information should exactly match the target Location, otherwise the generated verification token won't be able to verify the target Location."
         }
       },
       "type": "object"
diff --git a/googleapiclient/discovery_cache/documents/networkconnectivity.v1.json b/googleapiclient/discovery_cache/documents/networkconnectivity.v1.json
index 9f09318dae1..d6b4cd4f81c 100644
--- a/googleapiclient/discovery_cache/documents/networkconnectivity.v1.json
+++ b/googleapiclient/discovery_cache/documents/networkconnectivity.v1.json
@@ -938,7 +938,7 @@
       }
     }
   },
-  "revision": "20220809",
+  "revision": "20220817",
   "rootUrl": "https://networkconnectivity.googleapis.com/",
   "schemas": {
     "AuditConfig": {
diff --git a/googleapiclient/discovery_cache/documents/networkconnectivity.v1alpha1.json b/googleapiclient/discovery_cache/documents/networkconnectivity.v1alpha1.json
index 6bb439f2eb2..38760ea717a 100644
--- a/googleapiclient/discovery_cache/documents/networkconnectivity.v1alpha1.json
+++ b/googleapiclient/discovery_cache/documents/networkconnectivity.v1alpha1.json
@@ -1211,7 +1211,7 @@
       }
     }
   },
-  "revision": "20220809",
+  "revision": "20220817",
   "rootUrl": "https://networkconnectivity.googleapis.com/",
   "schemas": {
     "AuditConfig": {
diff --git a/googleapiclient/discovery_cache/documents/networkmanagement.v1.json b/googleapiclient/discovery_cache/documents/networkmanagement.v1.json
index 42a96d00fa4..8a6ad2126cf 100644
--- a/googleapiclient/discovery_cache/documents/networkmanagement.v1.json
+++ b/googleapiclient/discovery_cache/documents/networkmanagement.v1.json
@@ -591,7 +591,7 @@
       }
     }
   },
-  "revision": "20220707",
+  "revision": "20220812",
   "rootUrl": "https://networkmanagement.googleapis.com/",
   "schemas": {
     "AbortInfo": {
@@ -638,6 +638,13 @@
           ],
           "type": "string"
         },
+        "projectsMissingPermission": {
+          "description": "List of project IDs that the user has specified in the request but does not have permission to access network configs. Analysis is aborted in this case with the PERMISSION_DENIED cause.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
         "resourceUri": {
           "description": "URI of the resource that caused the abort.",
           "type": "string"
@@ -702,7 +709,7 @@
           "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)."
         },
         "members": {
-          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
+          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
           "items": {
             "type": "string"
           },
@@ -721,6 +728,41 @@
       "properties": {},
       "type": "object"
     },
+    "CloudFunctionEndpoint": {
+      "description": "Wrapper for cloud function attributes.",
+      "id": "CloudFunctionEndpoint",
+      "properties": {
+        "uri": {
+          "description": "A [Cloud function](https://cloud.google.com/functions) name.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "CloudFunctionInfo": {
+      "description": "For display only. Metadata associated with a Cloud function.",
+      "id": "CloudFunctionInfo",
+      "properties": {
+        "displayName": {
+          "description": "Name of a Cloud function.",
+          "type": "string"
+        },
+        "location": {
+          "description": "Location in which the Cloud function is deployed.",
+          "type": "string"
+        },
+        "uri": {
+          "description": "URI of a Cloud function.",
+          "type": "string"
+        },
+        "versionId": {
+          "description": "Latest successfully deployed version id of the Cloud function.",
+          "format": "int64",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
     "CloudSQLInstanceInfo": {
       "description": "For display only. Metadata associated with a Cloud SQL instance.",
       "id": "CloudSQLInstanceInfo",
@@ -874,7 +916,10 @@
             "DROPPED_INSIDE_GKE_SERVICE",
             "DROPPED_INSIDE_CLOUD_SQL_SERVICE",
             "GOOGLE_MANAGED_SERVICE_NO_PEERING",
-            "CLOUD_SQL_INSTANCE_NO_IP_ADDRESS"
+            "CLOUD_SQL_INSTANCE_NO_IP_ADDRESS",
+            "CLOUD_FUNCTION_NOT_ACTIVE",
+            "VPC_CONNECTOR_NOT_SET",
+            "VPC_CONNECTOR_NOT_RUNNING"
           ],
           "enumDescriptions": [
             "Cause is unspecified.",
@@ -898,7 +943,10 @@
             "Packet was dropped inside Google Kubernetes Engine Service.",
             "Packet was dropped inside Cloud SQL Service.",
             "Packet was dropped because there is no peering between the originating network and the Google Managed Services Network.",
-            "Packet was dropped because the Cloud SQL instance has neither a private nor a public IP address."
+            "Packet was dropped because the Cloud SQL instance has neither a private nor a public IP address.",
+            "Packet could be dropped because the Cloud function is not in an active status.",
+            "Packet could be dropped because no VPC connector is set.",
+            "Packet could be dropped because the VPC connector is not in a running state."
           ],
           "type": "string"
         },
@@ -919,6 +967,10 @@
       "description": "Source or destination of the Connectivity Test.",
       "id": "Endpoint",
       "properties": {
+        "cloudFunction": {
+          "$ref": "CloudFunctionEndpoint",
+          "description": "A [Cloud function](https://cloud.google.com/functions)."
+        },
         "cloudSqlInstance": {
           "description": "A [Cloud SQL](https://cloud.google.com/sql) instance URI.",
           "type": "string"
@@ -1047,13 +1099,15 @@
             "FIREWALL_RULE_TYPE_UNSPECIFIED",
             "HIERARCHICAL_FIREWALL_POLICY_RULE",
             "VPC_FIREWALL_RULE",
-            "IMPLIED_VPC_FIREWALL_RULE"
+            "IMPLIED_VPC_FIREWALL_RULE",
+            "SERVERLESS_VPC_ACCESS_MANAGED_FIREWALL_RULE"
           ],
           "enumDescriptions": [
             "Unspecified type.",
             "Hierarchical firewall policy rule. For details, see [Hierarchical firewall policies overview](https://cloud.google.com/vpc/docs/firewall-policies).",
             "VPC firewall rule. For details, see [VPC firewall rules overview](https://cloud.google.com/vpc/docs/firewalls).",
-            "Implied VPC firewall rule. For details, see [Implied rules](https://cloud.google.com/vpc/docs/firewalls#default_firewall_rules)."
+            "Implied VPC firewall rule. For details, see [Implied rules](https://cloud.google.com/vpc/docs/firewalls#default_firewall_rules).",
+            "Implicit firewall rules that are managed by serverless VPC access to allow ingress access. They are not visible in the Google Cloud console. For details, see [VPC connector's implicit rules](https://cloud.google.com/functions/docs/networking/connecting-vpc#restrict-access)."
           ],
           "type": "string"
         },
@@ -1735,6 +1789,10 @@
           "description": "This is a step that leads to the final state Drop.",
           "type": "boolean"
         },
+        "cloudFunction": {
+          "$ref": "CloudFunctionInfo",
+          "description": "Display information of a Cloud function."
+        },
         "cloudSqlInstance": {
           "$ref": "CloudSQLInstanceInfo",
           "description": "Display information of a Cloud SQL instance."
@@ -1800,6 +1858,7 @@
             "START_FROM_PRIVATE_NETWORK",
             "START_FROM_GKE_MASTER",
             "START_FROM_CLOUD_SQL_INSTANCE",
+            "START_FROM_CLOUD_FUNCTION",
             "APPLY_INGRESS_FIREWALL_RULE",
             "APPLY_EGRESS_FIREWALL_RULE",
             "APPLY_ROUTE",
@@ -1810,6 +1869,7 @@
             "ARRIVE_AT_EXTERNAL_LOAD_BALANCER",
             "ARRIVE_AT_VPN_GATEWAY",
             "ARRIVE_AT_VPN_TUNNEL",
+            "ARRIVE_AT_VPC_CONNECTOR",
             "NAT",
             "PROXY_CONNECTION",
             "DELIVER",
@@ -1825,6 +1885,7 @@
             "Initial state: packet originating from a VPC or on-premises network with internal source IP. If the source is a VPC network visible to the user, a NetworkInfo is populated with details of the network.",
             "Initial state: packet originating from a Google Kubernetes Engine cluster master. A GKEMasterInfo is populated with starting instance information.",
             "Initial state: packet originating from a Cloud SQL instance. A CloudSQLInstanceInfo is populated with starting instance information.",
+            "Initial state: packet originating from a Cloud function. A CloudFunctionInfo is populated with starting function information.",
             "Config checking state: verify ingress firewall rule.",
             "Config checking state: verify egress firewall rule.",
             "Config checking state: verify route.",
@@ -1835,6 +1896,7 @@
             "Forwarding state: arriving at a Compute Engine external load balancer.",
             "Forwarding state: arriving at a Cloud VPN gateway.",
             "Forwarding state: arriving at a Cloud VPN tunnel.",
+            "Forwarding state: arriving at a VPC connector.",
             "Transition state: packet header translated.",
             "Transition state: original connection is terminated and a new proxied connection is initiated.",
             "Final state: packet could be delivered.",
@@ -1845,6 +1907,10 @@
           ],
           "type": "string"
         },
+        "vpcConnector": {
+          "$ref": "VpcConnectorInfo",
+          "description": "Display information of a VPC connector."
+        },
         "vpnGateway": {
           "$ref": "VpnGatewayInfo",
           "description": "Display information of a Compute Engine VPN gateway."
@@ -1902,6 +1968,25 @@
       },
       "type": "object"
     },
+    "VpcConnectorInfo": {
+      "description": "For display only. Metadata associated with a VPC connector.",
+      "id": "VpcConnectorInfo",
+      "properties": {
+        "displayName": {
+          "description": "Name of a VPC connector.",
+          "type": "string"
+        },
+        "location": {
+          "description": "Location in which the VPC connector is deployed.",
+          "type": "string"
+        },
+        "uri": {
+          "description": "URI of a VPC connector.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
     "VpnGatewayInfo": {
       "description": "For display only. Metadata associated with a Compute Engine VPN gateway.",
       "id": "VpnGatewayInfo",
diff --git a/googleapiclient/discovery_cache/documents/networkmanagement.v1beta1.json b/googleapiclient/discovery_cache/documents/networkmanagement.v1beta1.json
index 4e67cee9de6..a8fbc8631d8 100644
--- a/googleapiclient/discovery_cache/documents/networkmanagement.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/networkmanagement.v1beta1.json
@@ -591,7 +591,7 @@
       }
     }
   },
-  "revision": "20220707",
+  "revision": "20220812",
   "rootUrl": "https://networkmanagement.googleapis.com/",
   "schemas": {
     "AbortInfo": {
@@ -638,6 +638,13 @@
           ],
           "type": "string"
         },
+        "projectsMissingPermission": {
+          "description": "List of project IDs that the user has specified in the request but does not have permission to access network configs. Analysis is aborted in this case with the PERMISSION_DENIED cause.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
         "resourceUri": {
           "description": "URI of the resource that caused the abort.",
           "type": "string"
@@ -645,29 +652,6 @@
       },
       "type": "object"
     },
-    "AppEngineVersionInfo": {
-      "description": "For display only. Metadata associated with an App Engine version.",
-      "id": "AppEngineVersionInfo",
-      "properties": {
-        "displayName": {
-          "description": "Name of an App Engine version.",
-          "type": "string"
-        },
-        "environment": {
-          "description": "App Engine execution environment for a version.",
-          "type": "string"
-        },
-        "runtime": {
-          "description": "Runtime of the App Engine version.",
-          "type": "string"
-        },
-        "uri": {
-          "description": "URI of an App Engine version.",
-          "type": "string"
-        }
-      },
-      "type": "object"
-    },
     "AuditConfig": {
       "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.",
       "id": "AuditConfig",
@@ -725,7 +709,7 @@
           "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)."
         },
         "members": {
-          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
+          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
           "items": {
             "type": "string"
           },
@@ -948,12 +932,14 @@
             "VPC_CONNECTOR_NOT_SET",
             "VPC_CONNECTOR_NOT_RUNNING",
             "FORWARDING_RULE_REGION_MISMATCH",
-            "PSC_CONNECTION_NOT_ACCEPTED"
+            "PSC_CONNECTION_NOT_ACCEPTED",
+            "GKE_CLUSTER_NOT_RUNNING",
+            "CLOUD_SQL_INSTANCE_NOT_RUNNING"
           ],
           "enumDescriptions": [
             "Cause is unspecified.",
             "Destination external address cannot be resolved to a known target. If the address is used in a Google Cloud project, provide the project ID as test input.",
-            "a Compute Engine instance can only send or receive a packet with a foreign IP address if ip_forward is enabled.",
+            "A Compute Engine instance can only send or receive a packet with a foreign IP address if ip_forward is enabled.",
             "Dropped due to a firewall rule, unless allowed due to connection tracking.",
             "Dropped due to no routes.",
             "Dropped due to invalid route. Route's next hop is a blackhole.",
@@ -977,7 +963,9 @@
             "Packet could be dropped because no VPC connector is set.",
             "Packet could be dropped because the VPC connector is not in a running state.",
             "Packet could be dropped because it was sent from a different region to a regional forwarding without global access.",
-            "Privte Service Connect (PSC) connection is not in accepted state."
+            "Privte Service Connect (PSC) connection is not in accepted state.",
+            "Packet sent from or to a GKE cluster that is not in running state.",
+            "Packet sent from or to a Cloud SQL instance that is not in running state."
           ],
           "type": "string"
         },
@@ -1146,14 +1134,16 @@
             "HIERARCHICAL_FIREWALL_POLICY_RULE",
             "VPC_FIREWALL_RULE",
             "IMPLIED_VPC_FIREWALL_RULE",
-            "SERVERLESS_VPC_ACCESS_MANAGED_FIREWALL_RULE"
+            "SERVERLESS_VPC_ACCESS_MANAGED_FIREWALL_RULE",
+            "NETWORK_FIREWALL_POLICY_RULE"
           ],
           "enumDescriptions": [
             "Unspecified type.",
             "Hierarchical firewall policy rule. For details, see [Hierarchical firewall policies overview](https://cloud.google.com/vpc/docs/firewall-policies).",
             "VPC firewall rule. For details, see [VPC firewall rules overview](https://cloud.google.com/vpc/docs/firewalls).",
             "Implied VPC firewall rule. For details, see [Implied rules](https://cloud.google.com/vpc/docs/firewalls#default_firewall_rules).",
-            "Implicit firewall rules that are managed by serverless VPC access to allow ingress access. They are not visible in the Google Cloud console. For details, see [VPC connector's implicit rules](https://cloud.google.com/functions/docs/networking/connecting-vpc#restrict-access)."
+            "Implicit firewall rules that are managed by serverless VPC access to allow ingress access. They are not visible in the Google Cloud console. For details, see [VPC connector's implicit rules](https://cloud.google.com/functions/docs/networking/connecting-vpc#restrict-access).",
+            "Global network firewall policy rule."
           ],
           "type": "string"
         },
@@ -1208,7 +1198,8 @@
             "INTERCONNECT",
             "GKE_MASTER",
             "IMPORTED_CUSTOM_ROUTE_NEXT_HOP",
-            "CLOUD_SQL_INSTANCE"
+            "CLOUD_SQL_INSTANCE",
+            "ANOTHER_PROJECT"
           ],
           "enumDescriptions": [
             "Target not specified.",
@@ -1217,7 +1208,8 @@
             "Forwarded to a Cloud Interconnect connection.",
             "Forwarded to a Google Kubernetes Engine Container cluster master.",
             "Forwarded to the next hop of a custom route imported from a peering VPC.",
-            "Forwarded to a Cloud SQL instance."
+            "Forwarded to a Cloud SQL instance.",
+            "Forwarded to a VPC network in another project."
           ],
           "type": "string"
         }
@@ -1932,10 +1924,6 @@
           "$ref": "AbortInfo",
           "description": "Display information of the final state \"abort\" and reason."
         },
-        "appEngineVersion": {
-          "$ref": "AppEngineVersionInfo",
-          "description": "Display information of an App Engine service version."
-        },
         "causesDrop": {
           "description": "This is a step that leads to the final state Drop.",
           "type": "boolean"
@@ -2010,7 +1998,6 @@
             "START_FROM_GKE_MASTER",
             "START_FROM_CLOUD_SQL_INSTANCE",
             "START_FROM_CLOUD_FUNCTION",
-            "START_FROM_APP_ENGINE_VERSION",
             "APPLY_INGRESS_FIREWALL_RULE",
             "APPLY_EGRESS_FIREWALL_RULE",
             "APPLY_ROUTE",
@@ -2038,7 +2025,6 @@
             "Initial state: packet originating from a Google Kubernetes Engine cluster master. A GKEMasterInfo is populated with starting instance information.",
             "Initial state: packet originating from a Cloud SQL instance. A CloudSQLInstanceInfo is populated with starting instance information.",
             "Initial state: packet originating from a Cloud function. A CloudFunctionInfo is populated with starting function information.",
-            "Initial state: packet originating from an App Engine service version. An AppEngineVersionInfo is populated with starting version information.",
             "Config checking state: verify ingress firewall rule.",
             "Config checking state: verify egress firewall rule.",
             "Config checking state: verify route.",
diff --git a/googleapiclient/discovery_cache/documents/networkservices.v1.json b/googleapiclient/discovery_cache/documents/networkservices.v1.json
index 4d2820e170c..ec8c64fea7d 100644
--- a/googleapiclient/discovery_cache/documents/networkservices.v1.json
+++ b/googleapiclient/discovery_cache/documents/networkservices.v1.json
@@ -2148,7 +2148,7 @@
       }
     }
   },
-  "revision": "20220802",
+  "revision": "20220809",
   "rootUrl": "https://networkservices.googleapis.com/",
   "schemas": {
     "AuditConfig": {
@@ -2208,7 +2208,7 @@
           "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)."
         },
         "members": {
-          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
+          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
           "items": {
             "type": "string"
           },
diff --git a/googleapiclient/discovery_cache/documents/networkservices.v1beta1.json b/googleapiclient/discovery_cache/documents/networkservices.v1beta1.json
index a310b316d7f..8d63c91b7c3 100644
--- a/googleapiclient/discovery_cache/documents/networkservices.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/networkservices.v1beta1.json
@@ -1875,7 +1875,7 @@
       }
     }
   },
-  "revision": "20220802",
+  "revision": "20220809",
   "rootUrl": "https://networkservices.googleapis.com/",
   "schemas": {
     "AuditConfig": {
@@ -1935,7 +1935,7 @@
           "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)."
         },
         "members": {
-          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
+          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
           "items": {
             "type": "string"
           },
diff --git a/googleapiclient/discovery_cache/documents/ondemandscanning.v1.json b/googleapiclient/discovery_cache/documents/ondemandscanning.v1.json
index 00f37f8f444..24a68d4ee32 100644
--- a/googleapiclient/discovery_cache/documents/ondemandscanning.v1.json
+++ b/googleapiclient/discovery_cache/documents/ondemandscanning.v1.json
@@ -339,7 +339,7 @@
       }
     }
   },
-  "revision": "20220806",
+  "revision": "20220813",
   "rootUrl": "https://ondemandscanning.googleapis.com/",
   "schemas": {
     "AliasContext": {
diff --git a/googleapiclient/discovery_cache/documents/ondemandscanning.v1beta1.json b/googleapiclient/discovery_cache/documents/ondemandscanning.v1beta1.json
index 1c12a342de2..17ec89776e4 100644
--- a/googleapiclient/discovery_cache/documents/ondemandscanning.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/ondemandscanning.v1beta1.json
@@ -339,7 +339,7 @@
       }
     }
   },
-  "revision": "20220806",
+  "revision": "20220813",
   "rootUrl": "https://ondemandscanning.googleapis.com/",
   "schemas": {
     "AliasContext": {
diff --git a/googleapiclient/discovery_cache/documents/orgpolicy.v2.json b/googleapiclient/discovery_cache/documents/orgpolicy.v2.json
index 3a4584e5a6a..a9b2a7c4b6a 100644
--- a/googleapiclient/discovery_cache/documents/orgpolicy.v2.json
+++ b/googleapiclient/discovery_cache/documents/orgpolicy.v2.json
@@ -362,6 +362,152 @@
             }
           }
         },
+        "customConstraints": {
+          "methods": {
+            "create": {
+              "description": "Creates a CustomConstraint. Returns a `google.rpc.Status` with `google.rpc.Code.NOT_FOUND` if the organization does not exist. Returns a `google.rpc.Status` with `google.rpc.Code.ALREADY_EXISTS` if the constraint already exists on the given organization.",
+              "flatPath": "v2/organizations/{organizationsId}/customConstraints",
+              "httpMethod": "POST",
+              "id": "orgpolicy.organizations.customConstraints.create",
+              "parameterOrder": [
+                "parent"
+              ],
+              "parameters": {
+                "parent": {
+                  "description": "Required. Must be in the following form: * `organizations/{organization_id}`",
+                  "location": "path",
+                  "pattern": "^organizations/[^/]+$",
+                  "required": true,
+                  "type": "string"
+                }
+              },
+              "path": "v2/{+parent}/customConstraints",
+              "request": {
+                "$ref": "GoogleCloudOrgpolicyV2CustomConstraint"
+              },
+              "response": {
+                "$ref": "GoogleCloudOrgpolicyV2CustomConstraint"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform"
+              ]
+            },
+            "delete": {
+              "description": "Deletes a Custom Constraint. Returns a `google.rpc.Status` with `google.rpc.Code.NOT_FOUND` if the constraint does not exist.",
+              "flatPath": "v2/organizations/{organizationsId}/customConstraints/{customConstraintsId}",
+              "httpMethod": "DELETE",
+              "id": "orgpolicy.organizations.customConstraints.delete",
+              "parameterOrder": [
+                "name"
+              ],
+              "parameters": {
+                "name": {
+                  "description": "Required. Name of the custom constraint to delete. See `CustomConstraint` for naming rules.",
+                  "location": "path",
+                  "pattern": "^organizations/[^/]+/customConstraints/[^/]+$",
+                  "required": true,
+                  "type": "string"
+                }
+              },
+              "path": "v2/{+name}",
+              "response": {
+                "$ref": "GoogleProtobufEmpty"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform"
+              ]
+            },
+            "get": {
+              "description": "Gets a CustomConstraint. Returns a `google.rpc.Status` with `google.rpc.Code.NOT_FOUND` if the CustomConstraint does not exist.",
+              "flatPath": "v2/organizations/{organizationsId}/customConstraints/{customConstraintsId}",
+              "httpMethod": "GET",
+              "id": "orgpolicy.organizations.customConstraints.get",
+              "parameterOrder": [
+                "name"
+              ],
+              "parameters": {
+                "name": {
+                  "description": "Required. Resource name of the custom constraint. See `CustomConstraint` for naming requirements.",
+                  "location": "path",
+                  "pattern": "^organizations/[^/]+/customConstraints/[^/]+$",
+                  "required": true,
+                  "type": "string"
+                }
+              },
+              "path": "v2/{+name}",
+              "response": {
+                "$ref": "GoogleCloudOrgpolicyV2CustomConstraint"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform"
+              ]
+            },
+            "list": {
+              "description": "Retrieves all of the `CustomConstraints` that exist on a particular organization resource.",
+              "flatPath": "v2/organizations/{organizationsId}/customConstraints",
+              "httpMethod": "GET",
+              "id": "orgpolicy.organizations.customConstraints.list",
+              "parameterOrder": [
+                "parent"
+              ],
+              "parameters": {
+                "pageSize": {
+                  "description": "Size of the pages to be returned. This is currently unsupported and will be ignored. The server may at any point start using this field to limit page size.",
+                  "format": "int32",
+                  "location": "query",
+                  "type": "integer"
+                },
+                "pageToken": {
+                  "description": "Page token used to retrieve the next page. This is currently unsupported and will be ignored. The server may at any point start using this field.",
+                  "location": "query",
+                  "type": "string"
+                },
+                "parent": {
+                  "description": "Required. The target Cloud resource that parents the set of custom constraints that will be returned from this call. Must be in one of the following forms: * `organizations/{organization_id}`",
+                  "location": "path",
+                  "pattern": "^organizations/[^/]+$",
+                  "required": true,
+                  "type": "string"
+                }
+              },
+              "path": "v2/{+parent}/customConstraints",
+              "response": {
+                "$ref": "GoogleCloudOrgpolicyV2ListCustomConstraintsResponse"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform"
+              ]
+            },
+            "patch": {
+              "description": "Updates a Custom Constraint. Returns a `google.rpc.Status` with `google.rpc.Code.NOT_FOUND` if the constraint does not exist. Note: the supplied policy will perform a full overwrite of all fields.",
+              "flatPath": "v2/organizations/{organizationsId}/customConstraints/{customConstraintsId}",
+              "httpMethod": "PATCH",
+              "id": "orgpolicy.organizations.customConstraints.patch",
+              "parameterOrder": [
+                "name"
+              ],
+              "parameters": {
+                "name": {
+                  "description": "Immutable. Name of the constraint. This is unique within the organization. Format of the name should be * `organizations/{organization_id}/customConstraints/{custom_constraint_id}` Example : \"organizations/123/customConstraints/custom.createOnlyE2TypeVms\"",
+                  "location": "path",
+                  "pattern": "^organizations/[^/]+/customConstraints/[^/]+$",
+                  "required": true,
+                  "type": "string"
+                }
+              },
+              "path": "v2/{+name}",
+              "request": {
+                "$ref": "GoogleCloudOrgpolicyV2CustomConstraint"
+              },
+              "response": {
+                "$ref": "GoogleCloudOrgpolicyV2CustomConstraint"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform"
+              ]
+            }
+          }
+        },
         "policies": {
           "methods": {
             "create": {
@@ -751,7 +897,7 @@
       }
     }
   },
-  "revision": "20220809",
+  "revision": "20220821",
   "rootUrl": "https://orgpolicy.googleapis.com/",
   "schemas": {
     "GoogleCloudOrgpolicyV2AlternatePolicySpec": {
@@ -831,6 +977,69 @@
       },
       "type": "object"
     },
+    "GoogleCloudOrgpolicyV2CustomConstraint": {
+      "description": "A custom constraint defined by customers which can *only* be applied to the given resource types and organization. By creating a custom constraint, customers can applied policies of this custom constraint. *Creating a custom constraint itself does NOT apply any policy enforcement*.",
+      "id": "GoogleCloudOrgpolicyV2CustomConstraint",
+      "properties": {
+        "actionType": {
+          "description": "Allow or deny type.",
+          "enum": [
+            "ACTION_TYPE_UNSPECIFIED",
+            "ALLOW",
+            "DENY"
+          ],
+          "enumDescriptions": [
+            "Unspecified. Will results in user error.",
+            "Allowed action type.",
+            "Deny action type."
+          ],
+          "type": "string"
+        },
+        "condition": {
+          "description": "Org policy condition/expression. For example: `resource.instanceName.matches(\"[production|test]_.*_(\\d)+\")'` or, `resource.management.auto_upgrade == true`",
+          "type": "string"
+        },
+        "description": {
+          "description": "Detailed information about this custom policy constraint.",
+          "type": "string"
+        },
+        "displayName": {
+          "description": "One line display name for the UI.",
+          "type": "string"
+        },
+        "methodTypes": {
+          "description": "All the operations being applied for this constraint.",
+          "items": {
+            "enum": [
+              "METHOD_TYPE_UNSPECIFIED",
+              "CREATE",
+              "UPDATE",
+              "DELETE"
+            ],
+            "enumDescriptions": [
+              "Unspecified. Will results in user error.",
+              "Constraint applied when creating the resource.",
+              "Constraint applied when updating the resource.",
+              "Constraint applied when deleting the resource."
+            ],
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "name": {
+          "description": "Immutable. Name of the constraint. This is unique within the organization. Format of the name should be * `organizations/{organization_id}/customConstraints/{custom_constraint_id}` Example : \"organizations/123/customConstraints/custom.createOnlyE2TypeVms\"",
+          "type": "string"
+        },
+        "resourceTypes": {
+          "description": "Immutable. The Resource Instance type on which this policy applies to. Format will be of the form : \"/\" Example: * `compute.googleapis.com/Instance`.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
     "GoogleCloudOrgpolicyV2ListConstraintsResponse": {
       "description": "The response returned from the ListConstraints method.",
       "id": "GoogleCloudOrgpolicyV2ListConstraintsResponse",
@@ -849,6 +1058,24 @@
       },
       "type": "object"
     },
+    "GoogleCloudOrgpolicyV2ListCustomConstraintsResponse": {
+      "description": "The response returned from the ListCustomConstraints method. It will be empty if no `CustomConstraints` are set on the organization resource.",
+      "id": "GoogleCloudOrgpolicyV2ListCustomConstraintsResponse",
+      "properties": {
+        "customConstraints": {
+          "description": "All `CustomConstraints` that exist on the organization resource. It will be empty if no `CustomConstraints` are set.",
+          "items": {
+            "$ref": "GoogleCloudOrgpolicyV2CustomConstraint"
+          },
+          "type": "array"
+        },
+        "nextPageToken": {
+          "description": "Page token used to retrieve the next page. This is currently not used, but the server may at any point start supplying a valid token.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
     "GoogleCloudOrgpolicyV2ListPoliciesResponse": {
       "description": "The response returned from the ListPolicies method. It will be empty if no `Policies` are set on the resource.",
       "id": "GoogleCloudOrgpolicyV2ListPoliciesResponse",
diff --git a/googleapiclient/discovery_cache/documents/osconfig.v1.json b/googleapiclient/discovery_cache/documents/osconfig.v1.json
index 8e1dcc9e87e..1a7a92befd4 100644
--- a/googleapiclient/discovery_cache/documents/osconfig.v1.json
+++ b/googleapiclient/discovery_cache/documents/osconfig.v1.json
@@ -1000,7 +1000,7 @@
       }
     }
   },
-  "revision": "20220725",
+  "revision": "20220730",
   "rootUrl": "https://osconfig.googleapis.com/",
   "schemas": {
     "AptSettings": {
diff --git a/googleapiclient/discovery_cache/documents/osconfig.v1alpha.json b/googleapiclient/discovery_cache/documents/osconfig.v1alpha.json
index f9a56c7404b..68d5fc5ed8b 100644
--- a/googleapiclient/discovery_cache/documents/osconfig.v1alpha.json
+++ b/googleapiclient/discovery_cache/documents/osconfig.v1alpha.json
@@ -684,7 +684,7 @@
       }
     }
   },
-  "revision": "20220725",
+  "revision": "20220730",
   "rootUrl": "https://osconfig.googleapis.com/",
   "schemas": {
     "CVSSv3": {
diff --git a/googleapiclient/discovery_cache/documents/osconfig.v1beta.json b/googleapiclient/discovery_cache/documents/osconfig.v1beta.json
index 7e8462b8234..1ee1d31bcf4 100644
--- a/googleapiclient/discovery_cache/documents/osconfig.v1beta.json
+++ b/googleapiclient/discovery_cache/documents/osconfig.v1beta.json
@@ -689,7 +689,7 @@
       }
     }
   },
-  "revision": "20220725",
+  "revision": "20220730",
   "rootUrl": "https://osconfig.googleapis.com/",
   "schemas": {
     "AptRepository": {
diff --git a/googleapiclient/discovery_cache/documents/oslogin.v1.json b/googleapiclient/discovery_cache/documents/oslogin.v1.json
index c069e746bfe..d1fa08f19f6 100644
--- a/googleapiclient/discovery_cache/documents/oslogin.v1.json
+++ b/googleapiclient/discovery_cache/documents/oslogin.v1.json
@@ -343,7 +343,7 @@
       }
     }
   },
-  "revision": "20220806",
+  "revision": "20220813",
   "rootUrl": "https://oslogin.googleapis.com/",
   "schemas": {
     "Empty": {
diff --git a/googleapiclient/discovery_cache/documents/oslogin.v1alpha.json b/googleapiclient/discovery_cache/documents/oslogin.v1alpha.json
index ad1cbe2c804..e0c67bf565a 100644
--- a/googleapiclient/discovery_cache/documents/oslogin.v1alpha.json
+++ b/googleapiclient/discovery_cache/documents/oslogin.v1alpha.json
@@ -403,7 +403,7 @@
       }
     }
   },
-  "revision": "20220806",
+  "revision": "20220813",
   "rootUrl": "https://oslogin.googleapis.com/",
   "schemas": {
     "Empty": {
diff --git a/googleapiclient/discovery_cache/documents/oslogin.v1beta.json b/googleapiclient/discovery_cache/documents/oslogin.v1beta.json
index 25198f1dae6..38087e4a30d 100644
--- a/googleapiclient/discovery_cache/documents/oslogin.v1beta.json
+++ b/googleapiclient/discovery_cache/documents/oslogin.v1beta.json
@@ -373,7 +373,7 @@
       }
     }
   },
-  "revision": "20220806",
+  "revision": "20220813",
   "rootUrl": "https://oslogin.googleapis.com/",
   "schemas": {
     "Empty": {
diff --git a/googleapiclient/discovery_cache/documents/pagespeedonline.v5.json b/googleapiclient/discovery_cache/documents/pagespeedonline.v5.json
index d7d0e506021..888bbfa5759 100644
--- a/googleapiclient/discovery_cache/documents/pagespeedonline.v5.json
+++ b/googleapiclient/discovery_cache/documents/pagespeedonline.v5.json
@@ -193,7 +193,7 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220819",
   "rootUrl": "https://pagespeedonline.googleapis.com/",
   "schemas": {
     "AuditRefs": {
diff --git a/googleapiclient/discovery_cache/documents/paymentsresellersubscription.v1.json b/googleapiclient/discovery_cache/documents/paymentsresellersubscription.v1.json
index 8192c39f0e5..99bfb7a0075 100644
--- a/googleapiclient/discovery_cache/documents/paymentsresellersubscription.v1.json
+++ b/googleapiclient/discovery_cache/documents/paymentsresellersubscription.v1.json
@@ -396,7 +396,7 @@
       }
     }
   },
-  "revision": "20220814",
+  "revision": "20220822",
   "rootUrl": "https://paymentsresellersubscription.googleapis.com/",
   "schemas": {
     "GoogleCloudPaymentsResellerSubscriptionV1CancelSubscriptionRequest": {
diff --git a/googleapiclient/discovery_cache/documents/people.v1.json b/googleapiclient/discovery_cache/documents/people.v1.json
index c6adfbf3dd6..01523df5f27 100644
--- a/googleapiclient/discovery_cache/documents/people.v1.json
+++ b/googleapiclient/discovery_cache/documents/people.v1.json
@@ -1172,7 +1172,7 @@
       }
     }
   },
-  "revision": "20220810",
+  "revision": "20220818",
   "rootUrl": "https://people.googleapis.com/",
   "schemas": {
     "Address": {
diff --git a/googleapiclient/discovery_cache/documents/playcustomapp.v1.json b/googleapiclient/discovery_cache/documents/playcustomapp.v1.json
index 7bdc2a6856b..99f875ee765 100644
--- a/googleapiclient/discovery_cache/documents/playcustomapp.v1.json
+++ b/googleapiclient/discovery_cache/documents/playcustomapp.v1.json
@@ -158,7 +158,7 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220819",
   "rootUrl": "https://playcustomapp.googleapis.com/",
   "schemas": {
     "CustomApp": {
diff --git a/googleapiclient/discovery_cache/documents/playdeveloperreporting.v1alpha1.json b/googleapiclient/discovery_cache/documents/playdeveloperreporting.v1alpha1.json
index da9e72c212d..2c70a93c2a5 100644
--- a/googleapiclient/discovery_cache/documents/playdeveloperreporting.v1alpha1.json
+++ b/googleapiclient/discovery_cache/documents/playdeveloperreporting.v1alpha1.json
@@ -718,7 +718,7 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220819",
   "rootUrl": "https://playdeveloperreporting.googleapis.com/",
   "schemas": {
     "GooglePlayDeveloperReportingV1alpha1Anomaly": {
diff --git a/googleapiclient/discovery_cache/documents/playdeveloperreporting.v1beta1.json b/googleapiclient/discovery_cache/documents/playdeveloperreporting.v1beta1.json
index f28e9d22f3b..e9846da24ca 100644
--- a/googleapiclient/discovery_cache/documents/playdeveloperreporting.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/playdeveloperreporting.v1beta1.json
@@ -347,7 +347,7 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220819",
   "rootUrl": "https://playdeveloperreporting.googleapis.com/",
   "schemas": {
     "GooglePlayDeveloperReportingV1beta1Anomaly": {
diff --git a/googleapiclient/discovery_cache/documents/playintegrity.v1.json b/googleapiclient/discovery_cache/documents/playintegrity.v1.json
index 6a316bf2980..d52da096be8 100644
--- a/googleapiclient/discovery_cache/documents/playintegrity.v1.json
+++ b/googleapiclient/discovery_cache/documents/playintegrity.v1.json
@@ -138,13 +138,17 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220819",
   "rootUrl": "https://playintegrity.googleapis.com/",
   "schemas": {
     "AccountDetails": {
       "description": "Contains the account information such as the licensing status for the user in the scope.",
       "id": "AccountDetails",
       "properties": {
+        "accountRiskVerdict": {
+          "$ref": "AccountRiskVerdict",
+          "description": "Details about the account risk for the user in the scope. This feature is available only to selected developers."
+        },
         "appLicensingVerdict": {
           "description": "Required. Details about the licensing status of the user for the app in the scope.",
           "enum": [
@@ -164,6 +168,33 @@
       },
       "type": "object"
     },
+    "AccountRiskVerdict": {
+      "description": "Contains information about account risk that indicates if the current user session seems low risk, unknown, or risky before you allow important actions to proceed.",
+      "id": "AccountRiskVerdict",
+      "properties": {
+        "riskLevel": {
+          "description": "Required. Indicates the account risk level of the current user session.",
+          "enum": [
+            "RISK_LEVEL_UNSPECIFIED",
+            "RISK_LEVEL_UNEVALUATED",
+            "RISK_LEVEL_RISK",
+            "RISK_LEVEL_UNKNOWN",
+            "RISK_LEVEL_LOW_RISK",
+            "RISK_LEVEL_LOWEST_RISK"
+          ],
+          "enumDescriptions": [
+            "Risk level has not been set.",
+            "The account risk is not evaluated, because the device is not trusted or the user does not have a Play app license.",
+            "Play thinks that at least one of the user accounts on the device has some unusual store engagement behavior that could be risky.",
+            "Play does not have sufficient information to assess the risk. The account may be new, or it may lack activity on the Play Store.",
+            "Play thinks the user could be genuine, since there is some store engagement. However, some signals to support the trust level are missing.",
+            "Play thinks the user is more likely to be genuine due to harder to replicate store engagement signals."
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
     "AppIntegrity": {
       "description": "Contains the application integrity information.",
       "id": "AppIntegrity",
diff --git a/googleapiclient/discovery_cache/documents/policyanalyzer.v1.json b/googleapiclient/discovery_cache/documents/policyanalyzer.v1.json
index 8cd5bd22d41..f8d0c85a9b5 100644
--- a/googleapiclient/discovery_cache/documents/policyanalyzer.v1.json
+++ b/googleapiclient/discovery_cache/documents/policyanalyzer.v1.json
@@ -163,7 +163,7 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220821",
   "rootUrl": "https://policyanalyzer.googleapis.com/",
   "schemas": {
     "GoogleCloudPolicyanalyzerV1Activity": {
diff --git a/googleapiclient/discovery_cache/documents/policyanalyzer.v1beta1.json b/googleapiclient/discovery_cache/documents/policyanalyzer.v1beta1.json
index b8a76646947..82b9d39f3dc 100644
--- a/googleapiclient/discovery_cache/documents/policyanalyzer.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/policyanalyzer.v1beta1.json
@@ -163,7 +163,7 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220821",
   "rootUrl": "https://policyanalyzer.googleapis.com/",
   "schemas": {
     "GoogleCloudPolicyanalyzerV1beta1Activity": {
diff --git a/googleapiclient/discovery_cache/documents/policysimulator.v1.json b/googleapiclient/discovery_cache/documents/policysimulator.v1.json
index 912dd6dec92..c6faeab2410 100644
--- a/googleapiclient/discovery_cache/documents/policysimulator.v1.json
+++ b/googleapiclient/discovery_cache/documents/policysimulator.v1.json
@@ -493,7 +493,7 @@
       }
     }
   },
-  "revision": "20220806",
+  "revision": "20220812",
   "rootUrl": "https://policysimulator.googleapis.com/",
   "schemas": {
     "GoogleCloudPolicysimulatorV1AccessStateDiff": {
diff --git a/googleapiclient/discovery_cache/documents/policysimulator.v1beta1.json b/googleapiclient/discovery_cache/documents/policysimulator.v1beta1.json
index 7d55c48da09..6ad5c7fe21c 100644
--- a/googleapiclient/discovery_cache/documents/policysimulator.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/policysimulator.v1beta1.json
@@ -493,7 +493,7 @@
       }
     }
   },
-  "revision": "20220806",
+  "revision": "20220812",
   "rootUrl": "https://policysimulator.googleapis.com/",
   "schemas": {
     "GoogleCloudPolicysimulatorV1Replay": {
diff --git a/googleapiclient/discovery_cache/documents/policytroubleshooter.v1.json b/googleapiclient/discovery_cache/documents/policytroubleshooter.v1.json
index ad13d69f0b9..8c830288678 100644
--- a/googleapiclient/discovery_cache/documents/policytroubleshooter.v1.json
+++ b/googleapiclient/discovery_cache/documents/policytroubleshooter.v1.json
@@ -128,7 +128,7 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220821",
   "rootUrl": "https://policytroubleshooter.googleapis.com/",
   "schemas": {
     "GoogleCloudPolicytroubleshooterV1AccessTuple": {
diff --git a/googleapiclient/discovery_cache/documents/policytroubleshooter.v1beta.json b/googleapiclient/discovery_cache/documents/policytroubleshooter.v1beta.json
index c086f1c88a0..ecd632d3afb 100644
--- a/googleapiclient/discovery_cache/documents/policytroubleshooter.v1beta.json
+++ b/googleapiclient/discovery_cache/documents/policytroubleshooter.v1beta.json
@@ -128,7 +128,7 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220821",
   "rootUrl": "https://policytroubleshooter.googleapis.com/",
   "schemas": {
     "GoogleCloudPolicytroubleshooterV1betaAccessTuple": {
diff --git a/googleapiclient/discovery_cache/documents/privateca.v1.json b/googleapiclient/discovery_cache/documents/privateca.v1.json
index f6028f73732..24125f12878 100644
--- a/googleapiclient/discovery_cache/documents/privateca.v1.json
+++ b/googleapiclient/discovery_cache/documents/privateca.v1.json
@@ -1595,7 +1595,7 @@
       }
     }
   },
-  "revision": "20220804",
+  "revision": "20220811",
   "rootUrl": "https://privateca.googleapis.com/",
   "schemas": {
     "AccessUrls": {
diff --git a/googleapiclient/discovery_cache/documents/privateca.v1beta1.json b/googleapiclient/discovery_cache/documents/privateca.v1beta1.json
index 1a02f29cec9..03c0f7d6061 100644
--- a/googleapiclient/discovery_cache/documents/privateca.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/privateca.v1beta1.json
@@ -1254,7 +1254,7 @@
       }
     }
   },
-  "revision": "20220804",
+  "revision": "20220811",
   "rootUrl": "https://privateca.googleapis.com/",
   "schemas": {
     "AccessUrls": {
diff --git a/googleapiclient/discovery_cache/documents/prod_tt_sasportal.v1alpha1.json b/googleapiclient/discovery_cache/documents/prod_tt_sasportal.v1alpha1.json
index f7dc3016cc9..a5d6d0da9dc 100644
--- a/googleapiclient/discovery_cache/documents/prod_tt_sasportal.v1alpha1.json
+++ b/googleapiclient/discovery_cache/documents/prod_tt_sasportal.v1alpha1.json
@@ -2564,7 +2564,7 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220815",
   "rootUrl": "https://prod-tt-sasportal.googleapis.com/",
   "schemas": {
     "SasPortalAssignment": {
diff --git a/googleapiclient/discovery_cache/documents/pubsublite.v1.json b/googleapiclient/discovery_cache/documents/pubsublite.v1.json
index e048b5d8c8b..ea3203ad9a6 100644
--- a/googleapiclient/discovery_cache/documents/pubsublite.v1.json
+++ b/googleapiclient/discovery_cache/documents/pubsublite.v1.json
@@ -1040,7 +1040,7 @@
       }
     }
   },
-  "revision": "20220806",
+  "revision": "20220812",
   "rootUrl": "https://pubsublite.googleapis.com/",
   "schemas": {
     "CancelOperationRequest": {
diff --git a/googleapiclient/discovery_cache/documents/realtimebidding.v1.json b/googleapiclient/discovery_cache/documents/realtimebidding.v1.json
index 6c54522c7ca..2c4c1b83816 100644
--- a/googleapiclient/discovery_cache/documents/realtimebidding.v1.json
+++ b/googleapiclient/discovery_cache/documents/realtimebidding.v1.json
@@ -1305,7 +1305,7 @@
       }
     }
   },
-  "revision": "20220813",
+  "revision": "20220817",
   "rootUrl": "https://realtimebidding.googleapis.com/",
   "schemas": {
     "ActivatePretargetingConfigRequest": {
diff --git a/googleapiclient/discovery_cache/documents/realtimebidding.v1alpha.json b/googleapiclient/discovery_cache/documents/realtimebidding.v1alpha.json
index 57f0cdad01a..15ecdba2370 100644
--- a/googleapiclient/discovery_cache/documents/realtimebidding.v1alpha.json
+++ b/googleapiclient/discovery_cache/documents/realtimebidding.v1alpha.json
@@ -234,7 +234,7 @@
       }
     }
   },
-  "revision": "20220813",
+  "revision": "20220817",
   "rootUrl": "https://realtimebidding.googleapis.com/",
   "schemas": {
     "ActivateBiddingFunctionRequest": {
diff --git a/googleapiclient/discovery_cache/documents/recaptchaenterprise.v1.json b/googleapiclient/discovery_cache/documents/recaptchaenterprise.v1.json
index 9e42a17743d..f1000aa699b 100644
--- a/googleapiclient/discovery_cache/documents/recaptchaenterprise.v1.json
+++ b/googleapiclient/discovery_cache/documents/recaptchaenterprise.v1.json
@@ -514,7 +514,7 @@
       }
     }
   },
-  "revision": "20220806",
+  "revision": "20220812",
   "rootUrl": "https://recaptchaenterprise.googleapis.com/",
   "schemas": {
     "GoogleCloudRecaptchaenterpriseV1AccountDefenderAssessment": {
@@ -600,6 +600,8 @@
               "CHARGEBACK_DISPUTE",
               "REFUND",
               "REFUND_FRAUD",
+              "TRANSACTION_ACCEPTED",
+              "TRANSACTION_DECLINED",
               "PAYMENT_HEURISTICS",
               "INITIATED_TWO_FACTOR",
               "PASSED_TWO_FACTOR",
@@ -609,11 +611,13 @@
             ],
             "enumDescriptions": [
               "Default unspecified reason.",
-              "Indicates a chargeback issued for a transaction with no other details. When possible, specify the type by using CHARGEBACK_FRAUD or CHARGEBACK_DISPUTE instead.",
-              "Indicates a chargeback related to an alleged unauthorized transaction from the cardholder's perspective (for example, the card number was stolen).",
-              "Indicates a chargeback related to the cardholder having provided their card details but allegedly not being satisfied with the purchase (for example, misrepresentation, attempted cancellation).",
-              "Indicates a refund of the complete payment by the seller.",
-              "Indicates that a complete payment transaction was determined to be fraudulent by the seller, and was cancelled and refunded as a result.",
+              "Indicates that the transaction had a chargeback issued with no other details. When possible, specify the type by using CHARGEBACK_FRAUD or CHARGEBACK_DISPUTE instead.",
+              "Indicates that the transaction had a chargeback issued related to an alleged unauthorized transaction from the cardholder's perspective (for example, the card number was stolen).",
+              "Indicates that the transaction had a chargeback issued related to the cardholder having provided their card details but allegedly not being satisfied with the purchase (for example, misrepresentation, attempted cancellation).",
+              "Indicates that the completed payment transaction was refunded by the seller.",
+              "Indicates that the completed payment transaction was determined to be fraudulent by the seller, and was cancelled and refunded as a result.",
+              "Indicates that the payment transaction was accepted, and the user was charged.",
+              "Indicates that the payment transaction was declined, for example due to invalid card details.",
               "Indicates the transaction associated with the assessment is suspected of being fraudulent based on the payment method, billing details, shipping address or other transaction information.",
               "Indicates that the user was served a 2FA challenge. An old assessment with `ENUM_VALUES.INITIATED_TWO_FACTOR` reason that has not been overwritten with `PASSED_TWO_FACTOR` is treated as an abandoned 2FA flow. This is equivalent to `FAILED_TWO_FACTOR`.",
               "Indicates that the user passed a 2FA challenge.",
diff --git a/googleapiclient/discovery_cache/documents/recommendationengine.v1beta1.json b/googleapiclient/discovery_cache/documents/recommendationengine.v1beta1.json
index 7c150eb8e09..29bab347149 100644
--- a/googleapiclient/discovery_cache/documents/recommendationengine.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/recommendationengine.v1beta1.json
@@ -841,7 +841,7 @@
       }
     }
   },
-  "revision": "20220804",
+  "revision": "20220812",
   "rootUrl": "https://recommendationengine.googleapis.com/",
   "schemas": {
     "GoogleApiHttpBody": {
diff --git a/googleapiclient/discovery_cache/documents/recommender.v1.json b/googleapiclient/discovery_cache/documents/recommender.v1.json
index 8c0dbe26ba0..cf7e8bd3526 100644
--- a/googleapiclient/discovery_cache/documents/recommender.v1.json
+++ b/googleapiclient/discovery_cache/documents/recommender.v1.json
@@ -1442,7 +1442,7 @@
       }
     }
   },
-  "revision": "20220807",
+  "revision": "20220815",
   "rootUrl": "https://recommender.googleapis.com/",
   "schemas": {
     "GoogleCloudRecommenderV1CostProjection": {
diff --git a/googleapiclient/discovery_cache/documents/recommender.v1beta1.json b/googleapiclient/discovery_cache/documents/recommender.v1beta1.json
index b7d7b569056..acd2c5b37b1 100644
--- a/googleapiclient/discovery_cache/documents/recommender.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/recommender.v1beta1.json
@@ -1442,7 +1442,7 @@
       }
     }
   },
-  "revision": "20220807",
+  "revision": "20220815",
   "rootUrl": "https://recommender.googleapis.com/",
   "schemas": {
     "GoogleCloudRecommenderV1beta1CostProjection": {
diff --git a/googleapiclient/discovery_cache/documents/resourcesettings.v1.json b/googleapiclient/discovery_cache/documents/resourcesettings.v1.json
index 3d91859cb25..aca3d0c17b1 100644
--- a/googleapiclient/discovery_cache/documents/resourcesettings.v1.json
+++ b/googleapiclient/discovery_cache/documents/resourcesettings.v1.json
@@ -499,7 +499,7 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220821",
   "rootUrl": "https://resourcesettings.googleapis.com/",
   "schemas": {
     "GoogleCloudResourcesettingsV1ListSettingsResponse": {
diff --git a/googleapiclient/discovery_cache/documents/retail.v2.json b/googleapiclient/discovery_cache/documents/retail.v2.json
index f7da5ac7a8e..29c51233321 100644
--- a/googleapiclient/discovery_cache/documents/retail.v2.json
+++ b/googleapiclient/discovery_cache/documents/retail.v2.json
@@ -112,7 +112,7 @@
             "catalogs": {
               "methods": {
                 "completeQuery": {
-                  "description": "Completes the specified prefix with keyword suggestions. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.",
+                  "description": "Completes the specified prefix with keyword suggestions. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.",
                   "flatPath": "v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}:completeQuery",
                   "httpMethod": "GET",
                   "id": "retail.projects.locations.catalogs.completeQuery",
@@ -203,7 +203,7 @@
                   ],
                   "parameters": {
                     "name": {
-                      "description": "Required. Full CompletionConfig resource name. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/completionConfig",
+                      "description": "Required. Full CompletionConfig resource name. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/completionConfig`",
                       "location": "path",
                       "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+/completionConfig$",
                       "required": true,
@@ -468,6 +468,34 @@
                       "scopes": [
                         "https://www.googleapis.com/auth/cloud-platform"
                       ]
+                    },
+                    "replaceCatalogAttribute": {
+                      "description": "Replaces the specified CatalogAttribute in the AttributesConfig by updating the catalog attribute with the same CatalogAttribute.key. If the CatalogAttribute to replace does not exist, a NOT_FOUND error is returned.",
+                      "flatPath": "v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/attributesConfig:replaceCatalogAttribute",
+                      "httpMethod": "POST",
+                      "id": "retail.projects.locations.catalogs.attributesConfig.replaceCatalogAttribute",
+                      "parameterOrder": [
+                        "attributesConfig"
+                      ],
+                      "parameters": {
+                        "attributesConfig": {
+                          "description": "Required. Full AttributesConfig resource name. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/attributesConfig`",
+                          "location": "path",
+                          "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+/attributesConfig$",
+                          "required": true,
+                          "type": "string"
+                        }
+                      },
+                      "path": "v2/{+attributesConfig}:replaceCatalogAttribute",
+                      "request": {
+                        "$ref": "GoogleCloudRetailV2ReplaceCatalogAttributeRequest"
+                      },
+                      "response": {
+                        "$ref": "GoogleCloudRetailV2AttributesConfig"
+                      },
+                      "scopes": [
+                        "https://www.googleapis.com/auth/cloud-platform"
+                      ]
                     }
                   }
                 },
@@ -505,7 +533,7 @@
                     "products": {
                       "methods": {
                         "addFulfillmentPlaces": {
-                          "description": "Incrementally adds place IDs to Product.fulfillment_info.place_ids. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, the added place IDs are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.",
+                          "description": "Incrementally adds place IDs to Product.fulfillment_info.place_ids. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, the added place IDs are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. The returned Operations will be obsolete after 1 day, and GetOperation API will return NOT_FOUND afterwards. If conflicting updates are issued, the Operations associated with the stale updates will not be marked as done until being obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.",
                           "flatPath": "v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/branches/{branchesId}/products/{productsId}:addFulfillmentPlaces",
                           "httpMethod": "POST",
                           "id": "retail.projects.locations.catalogs.branches.products.addFulfillmentPlaces",
@@ -533,7 +561,7 @@
                           ]
                         },
                         "addLocalInventories": {
-                          "description": "Updates local inventory information for a Product at a list of places, while respecting the last update timestamps of each inventory field. This process is asynchronous and does not require the Product to exist before updating inventory information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, updates are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. Local inventory information can only be modified using this method. ProductService.CreateProduct and ProductService.UpdateProduct has no effect on local inventories. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.",
+                          "description": "Updates local inventory information for a Product at a list of places, while respecting the last update timestamps of each inventory field. This process is asynchronous and does not require the Product to exist before updating inventory information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, updates are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. Local inventory information can only be modified using this method. ProductService.CreateProduct and ProductService.UpdateProduct has no effect on local inventories. The returned Operations will be obsolete after 1 day, and GetOperation API will return NOT_FOUND afterwards. If conflicting updates are issued, the Operations associated with the stale updates will not be marked as done until being obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.",
                           "flatPath": "v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/branches/{branchesId}/products/{productsId}:addLocalInventories",
                           "httpMethod": "POST",
                           "id": "retail.projects.locations.catalogs.branches.products.addLocalInventories",
@@ -758,7 +786,7 @@
                           ]
                         },
                         "removeFulfillmentPlaces": {
-                          "description": "Incrementally removes place IDs from a Product.fulfillment_info.place_ids. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, the removed place IDs are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.",
+                          "description": "Incrementally removes place IDs from a Product.fulfillment_info.place_ids. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, the removed place IDs are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. The returned Operations will be obsolete after 1 day, and GetOperation API will return NOT_FOUND afterwards. If conflicting updates are issued, the Operations associated with the stale updates will not be marked as done until being obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.",
                           "flatPath": "v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/branches/{branchesId}/products/{productsId}:removeFulfillmentPlaces",
                           "httpMethod": "POST",
                           "id": "retail.projects.locations.catalogs.branches.products.removeFulfillmentPlaces",
@@ -786,7 +814,7 @@
                           ]
                         },
                         "removeLocalInventories": {
-                          "description": "Remove local inventory information for a Product at a list of places at a removal timestamp. This process is asynchronous. If the request is valid, the removal will be enqueued and processed downstream. As a consequence, when a response is returned, removals are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. Local inventory information can only be removed using this method. ProductService.CreateProduct and ProductService.UpdateProduct has no effect on local inventories. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.",
+                          "description": "Remove local inventory information for a Product at a list of places at a removal timestamp. This process is asynchronous. If the request is valid, the removal will be enqueued and processed downstream. As a consequence, when a response is returned, removals are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. Local inventory information can only be removed using this method. ProductService.CreateProduct and ProductService.UpdateProduct has no effect on local inventories. The returned Operations will be obsolete after 1 day, and GetOperation API will return NOT_FOUND afterwards. If conflicting updates are issued, the Operations associated with the stale updates will not be marked as done until being obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.",
                           "flatPath": "v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/branches/{branchesId}/products/{productsId}:removeLocalInventories",
                           "httpMethod": "POST",
                           "id": "retail.projects.locations.catalogs.branches.products.removeLocalInventories",
@@ -814,7 +842,7 @@
                           ]
                         },
                         "setInventory": {
-                          "description": "Updates inventory information for a Product while respecting the last update timestamps of each inventory field. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, updates are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. When inventory is updated with ProductService.CreateProduct and ProductService.UpdateProduct, the specified inventory field value(s) will overwrite any existing value(s) while ignoring the last update time for this field. Furthermore, the last update time for the specified inventory fields will be overwritten to the time of the ProductService.CreateProduct or ProductService.UpdateProduct request. If no inventory fields are set in CreateProductRequest.product, then any pre-existing inventory information for this product will be used. If no inventory fields are set in SetInventoryRequest.set_mask, then any existing inventory information will be preserved. Pre-existing inventory information can only be updated with ProductService.SetInventory, ProductService.AddFulfillmentPlaces, and ProductService.RemoveFulfillmentPlaces. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.",
+                          "description": "Updates inventory information for a Product while respecting the last update timestamps of each inventory field. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update is enqueued and processed downstream. As a consequence, when a response is returned, updates are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. When inventory is updated with ProductService.CreateProduct and ProductService.UpdateProduct, the specified inventory field value(s) overwrite any existing value(s) while ignoring the last update time for this field. Furthermore, the last update times for the specified inventory fields are overwritten by the times of the ProductService.CreateProduct or ProductService.UpdateProduct request. If no inventory fields are set in CreateProductRequest.product, then any pre-existing inventory information for this product is used. If no inventory fields are set in SetInventoryRequest.set_mask, then any existing inventory information is preserved. Pre-existing inventory information can only be updated with ProductService.SetInventory, ProductService.AddFulfillmentPlaces, and ProductService.RemoveFulfillmentPlaces. The returned Operations is obsolete after one day, and the GetOperation API returns `NOT_FOUND` afterwards. If conflicting updates are issued, the Operations associated with the stale updates are not marked as done until they are obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.",
                           "flatPath": "v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/branches/{branchesId}/products/{productsId}:setInventory",
                           "httpMethod": "POST",
                           "id": "retail.projects.locations.catalogs.branches.products.setInventory",
@@ -848,7 +876,7 @@
                 "completionData": {
                   "methods": {
                     "import": {
-                      "description": "Bulk import of processed completion dataset. Request processing is asynchronous. Partial updating is not supported. The operation is successfully finished only after the imported suggestions are indexed successfully and ready for serving. The process takes hours. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.",
+                      "description": "Bulk import of processed completion dataset. Request processing is asynchronous. Partial updating is not supported. The operation is successfully finished only after the imported suggestions are indexed successfully and ready for serving. The process takes hours. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.",
                       "flatPath": "v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/completionData:import",
                       "httpMethod": "POST",
                       "id": "retail.projects.locations.catalogs.completionData.import",
@@ -877,6 +905,168 @@
                     }
                   }
                 },
+                "controls": {
+                  "methods": {
+                    "create": {
+                      "description": "Creates a Control. If the Control to create already exists, an ALREADY_EXISTS error is returned.",
+                      "flatPath": "v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/controls",
+                      "httpMethod": "POST",
+                      "id": "retail.projects.locations.catalogs.controls.create",
+                      "parameterOrder": [
+                        "parent"
+                      ],
+                      "parameters": {
+                        "controlId": {
+                          "description": "Required. The ID to use for the Control, which will become the final component of the Control's resource name. This value should be 4-63 characters, and valid characters are /a-z-_/.",
+                          "location": "query",
+                          "type": "string"
+                        },
+                        "parent": {
+                          "description": "Required. Full resource name of parent catalog. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}`",
+                          "location": "path",
+                          "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+$",
+                          "required": true,
+                          "type": "string"
+                        }
+                      },
+                      "path": "v2/{+parent}/controls",
+                      "request": {
+                        "$ref": "GoogleCloudRetailV2Control"
+                      },
+                      "response": {
+                        "$ref": "GoogleCloudRetailV2Control"
+                      },
+                      "scopes": [
+                        "https://www.googleapis.com/auth/cloud-platform"
+                      ]
+                    },
+                    "delete": {
+                      "description": "Deletes a Control. If the Control to delete does not exist, a NOT_FOUND error is returned.",
+                      "flatPath": "v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/controls/{controlsId}",
+                      "httpMethod": "DELETE",
+                      "id": "retail.projects.locations.catalogs.controls.delete",
+                      "parameterOrder": [
+                        "name"
+                      ],
+                      "parameters": {
+                        "name": {
+                          "description": "Required. The resource name of the Control to delete. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/controls/{control_id}`",
+                          "location": "path",
+                          "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+/controls/[^/]+$",
+                          "required": true,
+                          "type": "string"
+                        }
+                      },
+                      "path": "v2/{+name}",
+                      "response": {
+                        "$ref": "GoogleProtobufEmpty"
+                      },
+                      "scopes": [
+                        "https://www.googleapis.com/auth/cloud-platform"
+                      ]
+                    },
+                    "get": {
+                      "description": "Gets a Control.",
+                      "flatPath": "v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/controls/{controlsId}",
+                      "httpMethod": "GET",
+                      "id": "retail.projects.locations.catalogs.controls.get",
+                      "parameterOrder": [
+                        "name"
+                      ],
+                      "parameters": {
+                        "name": {
+                          "description": "Required. The resource name of the Control to get. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/controls/{control_id}`",
+                          "location": "path",
+                          "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+/controls/[^/]+$",
+                          "required": true,
+                          "type": "string"
+                        }
+                      },
+                      "path": "v2/{+name}",
+                      "response": {
+                        "$ref": "GoogleCloudRetailV2Control"
+                      },
+                      "scopes": [
+                        "https://www.googleapis.com/auth/cloud-platform"
+                      ]
+                    },
+                    "list": {
+                      "description": "Lists all Controls by their parent Catalog.",
+                      "flatPath": "v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/controls",
+                      "httpMethod": "GET",
+                      "id": "retail.projects.locations.catalogs.controls.list",
+                      "parameterOrder": [
+                        "parent"
+                      ],
+                      "parameters": {
+                        "filter": {
+                          "description": "Optional. A filter to apply on the list results. Supported features: * List all the products under the parent branch if filter is unset. * List controls that are used in a single ServingConfig: 'serving_config = \"boosted_home_page_cvr\"'",
+                          "location": "query",
+                          "type": "string"
+                        },
+                        "pageSize": {
+                          "description": "Optional. Maximum number of results to return. If unspecified, defaults to 50. Max allowed value is 1000.",
+                          "format": "int32",
+                          "location": "query",
+                          "type": "integer"
+                        },
+                        "pageToken": {
+                          "description": "Optional. A page token, received from a previous `ListControls` call. Provide this to retrieve the subsequent page.",
+                          "location": "query",
+                          "type": "string"
+                        },
+                        "parent": {
+                          "description": "Required. The catalog resource name. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}`",
+                          "location": "path",
+                          "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+$",
+                          "required": true,
+                          "type": "string"
+                        }
+                      },
+                      "path": "v2/{+parent}/controls",
+                      "response": {
+                        "$ref": "GoogleCloudRetailV2ListControlsResponse"
+                      },
+                      "scopes": [
+                        "https://www.googleapis.com/auth/cloud-platform"
+                      ]
+                    },
+                    "patch": {
+                      "description": "Updates a Control. Control cannot be set to a different oneof field, if so an INVALID_ARGUMENT is returned. If the Control to update does not exist, a NOT_FOUND error is returned.",
+                      "flatPath": "v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/controls/{controlsId}",
+                      "httpMethod": "PATCH",
+                      "id": "retail.projects.locations.catalogs.controls.patch",
+                      "parameterOrder": [
+                        "name"
+                      ],
+                      "parameters": {
+                        "name": {
+                          "description": "Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/controls/*`",
+                          "location": "path",
+                          "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+/controls/[^/]+$",
+                          "required": true,
+                          "type": "string"
+                        },
+                        "updateMask": {
+                          "description": "Indicates which fields in the provided Control to update. The following are NOT supported: * Control.name If not set or empty, all supported fields are updated.",
+                          "format": "google-fieldmask",
+                          "location": "query",
+                          "type": "string"
+                        }
+                      },
+                      "path": "v2/{+name}",
+                      "request": {
+                        "$ref": "GoogleCloudRetailV2Control"
+                      },
+                      "response": {
+                        "$ref": "GoogleCloudRetailV2Control"
+                      },
+                      "scopes": [
+                        "https://www.googleapis.com/auth/cloud-platform"
+                      ]
+                    }
+                  }
+                },
                 "operations": {
                   "methods": {
                     "get": {
@@ -978,7 +1168,7 @@
                       ]
                     },
                     "search": {
-                      "description": "Performs a search. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.",
+                      "description": "Performs a search. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.",
                       "flatPath": "v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/placements/{placementsId}:search",
                       "httpMethod": "POST",
                       "id": "retail.projects.locations.catalogs.placements.search",
@@ -1009,6 +1199,187 @@
                 },
                 "servingConfigs": {
                   "methods": {
+                    "addControl": {
+                      "description": "Enables a Control on the specified ServingConfig. The control is added in the last position of the list of controls it belongs to (e.g. if it's a facet spec control it will be applied in the last position of servingConfig.facetSpecIds) Returns a ALREADY_EXISTS error if the control has already been applied. Returns a FAILED_PRECONDITION error if the addition could exceed maximum number of control allowed for that type of control.",
+                      "flatPath": "v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/servingConfigs/{servingConfigsId}:addControl",
+                      "httpMethod": "POST",
+                      "id": "retail.projects.locations.catalogs.servingConfigs.addControl",
+                      "parameterOrder": [
+                        "servingConfig"
+                      ],
+                      "parameters": {
+                        "servingConfig": {
+                          "description": "Required. The source ServingConfig resource name . Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/servingConfigs/{serving_config_id}`",
+                          "location": "path",
+                          "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+/servingConfigs/[^/]+$",
+                          "required": true,
+                          "type": "string"
+                        }
+                      },
+                      "path": "v2/{+servingConfig}:addControl",
+                      "request": {
+                        "$ref": "GoogleCloudRetailV2AddControlRequest"
+                      },
+                      "response": {
+                        "$ref": "GoogleCloudRetailV2ServingConfig"
+                      },
+                      "scopes": [
+                        "https://www.googleapis.com/auth/cloud-platform"
+                      ]
+                    },
+                    "create": {
+                      "description": "Creates a ServingConfig. A maximum of 100 ServingConfigs are allowed in a Catalog, otherwise a FAILED_PRECONDITION error is returned.",
+                      "flatPath": "v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/servingConfigs",
+                      "httpMethod": "POST",
+                      "id": "retail.projects.locations.catalogs.servingConfigs.create",
+                      "parameterOrder": [
+                        "parent"
+                      ],
+                      "parameters": {
+                        "parent": {
+                          "description": "Required. Full resource name of parent. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}`",
+                          "location": "path",
+                          "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+$",
+                          "required": true,
+                          "type": "string"
+                        },
+                        "servingConfigId": {
+                          "description": "Required. The ID to use for the ServingConfig, which will become the final component of the ServingConfig's resource name. This value should be 4-63 characters, and valid characters are /a-z-_/.",
+                          "location": "query",
+                          "type": "string"
+                        }
+                      },
+                      "path": "v2/{+parent}/servingConfigs",
+                      "request": {
+                        "$ref": "GoogleCloudRetailV2ServingConfig"
+                      },
+                      "response": {
+                        "$ref": "GoogleCloudRetailV2ServingConfig"
+                      },
+                      "scopes": [
+                        "https://www.googleapis.com/auth/cloud-platform"
+                      ]
+                    },
+                    "delete": {
+                      "description": "Deletes a ServingConfig. Returns a NotFound error if the ServingConfig does not exist.",
+                      "flatPath": "v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/servingConfigs/{servingConfigsId}",
+                      "httpMethod": "DELETE",
+                      "id": "retail.projects.locations.catalogs.servingConfigs.delete",
+                      "parameterOrder": [
+                        "name"
+                      ],
+                      "parameters": {
+                        "name": {
+                          "description": "Required. The resource name of the ServingConfig to delete. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/servingConfigs/{serving_config_id}`",
+                          "location": "path",
+                          "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+/servingConfigs/[^/]+$",
+                          "required": true,
+                          "type": "string"
+                        }
+                      },
+                      "path": "v2/{+name}",
+                      "response": {
+                        "$ref": "GoogleProtobufEmpty"
+                      },
+                      "scopes": [
+                        "https://www.googleapis.com/auth/cloud-platform"
+                      ]
+                    },
+                    "get": {
+                      "description": "Gets a ServingConfig. Returns a NotFound error if the ServingConfig does not exist.",
+                      "flatPath": "v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/servingConfigs/{servingConfigsId}",
+                      "httpMethod": "GET",
+                      "id": "retail.projects.locations.catalogs.servingConfigs.get",
+                      "parameterOrder": [
+                        "name"
+                      ],
+                      "parameters": {
+                        "name": {
+                          "description": "Required. The resource name of the ServingConfig to get. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/servingConfigs/{serving_config_id}`",
+                          "location": "path",
+                          "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+/servingConfigs/[^/]+$",
+                          "required": true,
+                          "type": "string"
+                        }
+                      },
+                      "path": "v2/{+name}",
+                      "response": {
+                        "$ref": "GoogleCloudRetailV2ServingConfig"
+                      },
+                      "scopes": [
+                        "https://www.googleapis.com/auth/cloud-platform"
+                      ]
+                    },
+                    "list": {
+                      "description": "Lists all ServingConfigs linked to this catalog.",
+                      "flatPath": "v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/servingConfigs",
+                      "httpMethod": "GET",
+                      "id": "retail.projects.locations.catalogs.servingConfigs.list",
+                      "parameterOrder": [
+                        "parent"
+                      ],
+                      "parameters": {
+                        "pageSize": {
+                          "description": "Optional. Maximum number of results to return. If unspecified, defaults to 100. If a value greater than 100 is provided, at most 100 results are returned.",
+                          "format": "int32",
+                          "location": "query",
+                          "type": "integer"
+                        },
+                        "pageToken": {
+                          "description": "Optional. A page token, received from a previous `ListServingConfigs` call. Provide this to retrieve the subsequent page.",
+                          "location": "query",
+                          "type": "string"
+                        },
+                        "parent": {
+                          "description": "Required. The catalog resource name. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}`",
+                          "location": "path",
+                          "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+$",
+                          "required": true,
+                          "type": "string"
+                        }
+                      },
+                      "path": "v2/{+parent}/servingConfigs",
+                      "response": {
+                        "$ref": "GoogleCloudRetailV2ListServingConfigsResponse"
+                      },
+                      "scopes": [
+                        "https://www.googleapis.com/auth/cloud-platform"
+                      ]
+                    },
+                    "patch": {
+                      "description": "Updates a ServingConfig.",
+                      "flatPath": "v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/servingConfigs/{servingConfigsId}",
+                      "httpMethod": "PATCH",
+                      "id": "retail.projects.locations.catalogs.servingConfigs.patch",
+                      "parameterOrder": [
+                        "name"
+                      ],
+                      "parameters": {
+                        "name": {
+                          "description": "Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/servingConfig/*`",
+                          "location": "path",
+                          "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+/servingConfigs/[^/]+$",
+                          "required": true,
+                          "type": "string"
+                        },
+                        "updateMask": {
+                          "description": "Indicates which fields in the provided ServingConfig to update. The following are NOT supported: * ServingConfig.name If not set, all supported fields are updated.",
+                          "format": "google-fieldmask",
+                          "location": "query",
+                          "type": "string"
+                        }
+                      },
+                      "path": "v2/{+name}",
+                      "request": {
+                        "$ref": "GoogleCloudRetailV2ServingConfig"
+                      },
+                      "response": {
+                        "$ref": "GoogleCloudRetailV2ServingConfig"
+                      },
+                      "scopes": [
+                        "https://www.googleapis.com/auth/cloud-platform"
+                      ]
+                    },
                     "predict": {
                       "description": "Makes a recommendation prediction.",
                       "flatPath": "v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/servingConfigs/{servingConfigsId}:predict",
@@ -1037,8 +1408,36 @@
                         "https://www.googleapis.com/auth/cloud-platform"
                       ]
                     },
+                    "removeControl": {
+                      "description": "Disables a Control on the specified ServingConfig. The control is removed from the ServingConfig. Returns a NOT_FOUND error if the Control is not enabled for the ServingConfig.",
+                      "flatPath": "v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/servingConfigs/{servingConfigsId}:removeControl",
+                      "httpMethod": "POST",
+                      "id": "retail.projects.locations.catalogs.servingConfigs.removeControl",
+                      "parameterOrder": [
+                        "servingConfig"
+                      ],
+                      "parameters": {
+                        "servingConfig": {
+                          "description": "Required. The source ServingConfig resource name . Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/servingConfigs/{serving_config_id}`",
+                          "location": "path",
+                          "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+/servingConfigs/[^/]+$",
+                          "required": true,
+                          "type": "string"
+                        }
+                      },
+                      "path": "v2/{+servingConfig}:removeControl",
+                      "request": {
+                        "$ref": "GoogleCloudRetailV2RemoveControlRequest"
+                      },
+                      "response": {
+                        "$ref": "GoogleCloudRetailV2ServingConfig"
+                      },
+                      "scopes": [
+                        "https://www.googleapis.com/auth/cloud-platform"
+                      ]
+                    },
                     "search": {
-                      "description": "Performs a search. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.",
+                      "description": "Performs a search. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.",
                       "flatPath": "v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/servingConfigs/{servingConfigsId}:search",
                       "httpMethod": "POST",
                       "id": "retail.projects.locations.catalogs.servingConfigs.search",
@@ -1111,7 +1510,7 @@
                       ]
                     },
                     "import": {
-                      "description": "Bulk import of User events. Request processing might be synchronous. Events that already exist are skipped. Use this method for backfilling historical user events. Operation.response is of type ImportResponse. Note that it is possible for a subset of the items to be successfully inserted. Operation.metadata is of type ImportMetadata.",
+                      "description": "Bulk import of User events. Request processing might be synchronous. Events that already exist are skipped. Use this method for backfilling historical user events. `Operation.response` is of type `ImportResponse`. Note that it is possible for a subset of the items to be successfully inserted. `Operation.metadata` is of type `ImportMetadata`.",
                       "flatPath": "v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/userEvents:import",
                       "httpMethod": "POST",
                       "id": "retail.projects.locations.catalogs.userEvents.import",
@@ -1167,7 +1566,7 @@
                       ]
                     },
                     "rejoin": {
-                      "description": "Starts a user event rejoin operation with latest product catalog. Events will not be annotated with detailed product information if product is missing from the catalog at the time the user event is ingested, and these events are stored as unjoined events with a limited usage on training and serving. This method can be used to start a join operation on specified events with latest version of product catalog. It can also be used to correct events joined with the wrong product catalog. A rejoin operation can take hours or days to complete.",
+                      "description": "Starts a user-event rejoin operation with latest product catalog. Events are not annotated with detailed product information for products that are missing from the catalog when the user event is ingested. These events are stored as unjoined events with limited usage on training and serving. You can use this method to start a join operation on specified events with the latest version of product catalog. You can also use this method to correct events joined with the wrong product catalog. A rejoin operation can take hours or days to complete.",
                       "flatPath": "v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/userEvents:rejoin",
                       "httpMethod": "POST",
                       "id": "retail.projects.locations.catalogs.userEvents.rejoin",
@@ -1371,7 +1770,7 @@
       }
     }
   },
-  "revision": "20220811",
+  "revision": "20220822",
   "rootUrl": "https://retail.googleapis.com/",
   "schemas": {
     "GoogleApiHttpBody": {
@@ -1535,6 +1934,17 @@
       },
       "type": "object"
     },
+    "GoogleCloudRetailV2AddControlRequest": {
+      "description": "Request for AddControl method.",
+      "id": "GoogleCloudRetailV2AddControlRequest",
+      "properties": {
+        "controlId": {
+          "description": "Required. The id of the control to apply. Assumed to be in the same catalog as the serving config - if id is not found a NOT_FOUND error is returned.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
     "GoogleCloudRetailV2AddFulfillmentPlacesMetadata": {
       "description": "Metadata related to the progress of the AddFulfillmentPlaces operation. Currently empty because there is no meaningful metadata populated from the ProductService.AddFulfillmentPlaces method.",
       "id": "GoogleCloudRetailV2AddFulfillmentPlacesMetadata",
@@ -1944,14 +2354,128 @@
           "description": "Completion attribution token in CompleteQueryResponse.attribution_token.",
           "type": "string"
         },
-        "selectedPosition": {
-          "description": "End user selected CompleteQueryResponse.CompletionResult.suggestion position, starting from 0.",
-          "format": "int32",
-          "type": "integer"
+        "selectedPosition": {
+          "description": "End user selected CompleteQueryResponse.CompletionResult.suggestion position, starting from 0.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "selectedSuggestion": {
+          "description": "End user selected CompleteQueryResponse.CompletionResult.suggestion.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudRetailV2Condition": {
+      "description": "Metadata that is used to define a condition that triggers an action. A valid condition must specify at least one of 'query_terms' or 'products_filter'. If multiple fields are specified, the condition is met if all the fields are satisfied e.g. if a set of query terms and product_filter are set, then only items matching the product_filter for requests with a query matching the query terms wil get boosted.",
+      "id": "GoogleCloudRetailV2Condition",
+      "properties": {
+        "activeTimeRange": {
+          "description": "Range of time(s) specifying when Condition is active. Condition true if any time range matches.",
+          "items": {
+            "$ref": "GoogleCloudRetailV2ConditionTimeRange"
+          },
+          "type": "array"
+        },
+        "queryTerms": {
+          "description": "A list (up to 10 entries) of terms to match the query on. If not specified, match all queries. If many query terms are specified, the condition is matched if any of the terms is a match (i.e. using the OR operator).",
+          "items": {
+            "$ref": "GoogleCloudRetailV2ConditionQueryTerm"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudRetailV2ConditionQueryTerm": {
+      "description": "Query terms that we want to match on.",
+      "id": "GoogleCloudRetailV2ConditionQueryTerm",
+      "properties": {
+        "fullMatch": {
+          "description": "Whether this is supposed to be a full or partial match.",
+          "type": "boolean"
+        },
+        "value": {
+          "description": "The value of the term to match on. Value cannot be empty. Value can have at most 3 terms if specified as a partial match. Each space separated string is considered as one term. For example, \"a b c\" is 3 terms and allowed, but \" a b c d\" is 4 terms and not allowed for a partial match.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudRetailV2ConditionTimeRange": {
+      "description": "Used for time-dependent conditions. Example: Want to have rule applied for week long sale.",
+      "id": "GoogleCloudRetailV2ConditionTimeRange",
+      "properties": {
+        "endTime": {
+          "description": "End of time range. Range is inclusive.",
+          "format": "google-datetime",
+          "type": "string"
+        },
+        "startTime": {
+          "description": "Start of time range. Range is inclusive.",
+          "format": "google-datetime",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudRetailV2Control": {
+      "description": "Configures dynamic metadata that can be linked to a ServingConfig and affect search or recommendation results at serving time.",
+      "id": "GoogleCloudRetailV2Control",
+      "properties": {
+        "associatedServingConfigIds": {
+          "description": "Output only. List of serving configuration ids that are associated with this control in the same Catalog. Note the association is managed via the ServingConfig, this is an output only denormalized view.",
+          "items": {
+            "type": "string"
+          },
+          "readOnly": true,
+          "type": "array"
+        },
+        "displayName": {
+          "description": "Required. The human readable control display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is thrown.",
+          "type": "string"
         },
-        "selectedSuggestion": {
-          "description": "End user selected CompleteQueryResponse.CompletionResult.suggestion.",
+        "name": {
+          "description": "Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/controls/*`",
           "type": "string"
+        },
+        "rule": {
+          "$ref": "GoogleCloudRetailV2Rule",
+          "description": "A rule control - a condition-action pair. Enacts a set action when the condition is triggered. For example: Boost \"gShoe\" when query full matches \"Running Shoes\"."
+        },
+        "searchSolutionUseCase": {
+          "description": "Specifies the use case for the control. Affects what condition fields can be set. Only settable by search controls. Will default to SEARCH_SOLUTION_USE_CASE_SEARCH if not specified. Currently only allow one search_solution_use_case per control.",
+          "items": {
+            "enum": [
+              "SEARCH_SOLUTION_USE_CASE_UNSPECIFIED",
+              "SEARCH_SOLUTION_USE_CASE_SEARCH",
+              "SEARCH_SOLUTION_USE_CASE_BROWSE"
+            ],
+            "enumDescriptions": [
+              "The value when it's unspecified. In this case, server behavior defaults to SEARCH_SOLUTION_USE_CASE_SEARCH.",
+              "Search use case. Expects the traffic has a non-empty query.",
+              "Browse use case. Expects the traffic has an empty query."
+            ],
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "solutionTypes": {
+          "description": "Required. Immutable. The solution types that the control is used for. Currently we support setting only one type of solution at creation time. Only `SOLUTION_TYPE_SEARCH` value is supported at the moment. If no solution type is provided at creation time, will default to SOLUTION_TYPE_SEARCH.",
+          "items": {
+            "enum": [
+              "SOLUTION_TYPE_UNSPECIFIED",
+              "SOLUTION_TYPE_RECOMMENDATION",
+              "SOLUTION_TYPE_SEARCH"
+            ],
+            "enumDescriptions": [
+              "Default value.",
+              "Used for Recommendations AI.",
+              "Used for Retail Search."
+            ],
+            "type": "string"
+          },
+          "type": "array"
         }
       },
       "type": "object"
@@ -2005,11 +2529,11 @@
       "type": "object"
     },
     "GoogleCloudRetailV2GcsSource": {
-      "description": "Google Cloud Storage location for input content. format.",
+      "description": "Google Cloud Storage location for input content.",
       "id": "GoogleCloudRetailV2GcsSource",
       "properties": {
         "dataSchema": {
-          "description": "The schema to use when parsing the data from the source. Supported values for product imports: * `product` (default): One JSON Product per line. Each product must have a valid Product.id. * `product_merchant_center`: See [Importing catalog data from Merchant Center](https://cloud.google.com/retail/recommendations-ai/docs/upload-catalog#mc). Supported values for user events imports: * `user_event` (default): One JSON UserEvent per line. * `user_event_ga360`: Using https://support.google.com/analytics/answer/3437719. Supported values for control imports: * 'control' (default): One JSON Control per line. Supported values for catalog attribute imports: * 'catalog_attribute' (default): One CSV CatalogAttribute per line.",
+          "description": "The schema to use when parsing the data from the source. Supported values for product imports: * `product` (default): One JSON Product per line. Each product must have a valid Product.id. * `product_merchant_center`: See [Importing catalog data from Merchant Center](https://cloud.google.com/retail/recommendations-ai/docs/upload-catalog#mc). Supported values for user events imports: * `user_event` (default): One JSON UserEvent per line. * `user_event_ga360`: Using https://support.google.com/analytics/answer/3437719. Supported values for control imports: * `control` (default): One JSON Control per line. Supported values for catalog attribute imports: * `catalog_attribute` (default): One CSV CatalogAttribute per line.",
           "type": "string"
         },
         "inputUris": {
@@ -2072,7 +2596,7 @@
           "description": "Required. The desired input location of the data."
         },
         "notificationPubsubTopic": {
-          "description": "Pub/Sub topic for receiving notification. If this field is set, when the import is finished, a notification will be sent to specified Pub/Sub topic. The message data will be JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`.",
+          "description": "Pub/Sub topic for receiving notification. If this field is set, when the import is finished, a notification is sent to specified Pub/Sub topic. The message data is JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`.",
           "type": "string"
         }
       },
@@ -2097,14 +2621,14 @@
       "id": "GoogleCloudRetailV2ImportErrorsConfig",
       "properties": {
         "gcsPrefix": {
-          "description": "Google Cloud Storage prefix for import errors. This must be an empty, existing Cloud Storage directory. Import errors will be written to sharded files in this directory, one per line, as a JSON-encoded `google.rpc.Status` message.",
+          "description": "Google Cloud Storage prefix for import errors. This must be an empty, existing Cloud Storage directory. Import errors are written to sharded files in this directory, one per line, as a JSON-encoded `google.rpc.Status` message.",
           "type": "string"
         }
       },
       "type": "object"
     },
     "GoogleCloudRetailV2ImportMetadata": {
-      "description": "Metadata related to the progress of the Import operation. This will be returned by the google.longrunning.Operation.metadata field.",
+      "description": "Metadata related to the progress of the Import operation. This is returned by the google.longrunning.Operation.metadata field.",
       "id": "GoogleCloudRetailV2ImportMetadata",
       "properties": {
         "createTime": {
@@ -2118,7 +2642,7 @@
           "type": "string"
         },
         "notificationPubsubTopic": {
-          "description": "Pub/Sub topic for receiving notification. If this field is set, when the import is finished, a notification will be sent to specified Pub/Sub topic. The message data will be JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`.",
+          "description": "Pub/Sub topic for receiving notification. If this field is set, when the import is finished, a notification is sent to specified Pub/Sub topic. The message data is JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`.",
           "type": "string"
         },
         "requestId": {
@@ -2151,7 +2675,7 @@
           "description": "Required. The desired input location of the data."
         },
         "notificationPubsubTopic": {
-          "description": "Full Pub/Sub topic name for receiving notification. If this field is set, when the import is finished, a notification will be sent to specified Pub/Sub topic. The message data will be JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`. It has to be within the same project as ImportProductsRequest.parent. Make sure that `service-@gcp-sa-retail.iam.gserviceaccount.com` has the `pubsub.topics.publish` IAM permission on the topic.",
+          "description": "Full Pub/Sub topic name for receiving notification. If this field is set, when the import is finished, a notification is sent to specified Pub/Sub topic. The message data is JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`. It has to be within the same project as ImportProductsRequest.parent. Make sure that `service-@gcp-sa-retail.iam.gserviceaccount.com` has the `pubsub.topics.publish` IAM permission on the topic.",
           "type": "string"
         },
         "reconciliationMode": {
@@ -2173,7 +2697,7 @@
           "type": "string"
         },
         "updateMask": {
-          "description": "Indicates which fields in the provided imported 'products' to update. If not set, will by default update all fields.",
+          "description": "Indicates which fields in the provided imported `products` to update. If not set, all fields are updated.",
           "format": "google-fieldmask",
           "type": "string"
         }
@@ -2280,6 +2804,24 @@
       },
       "type": "object"
     },
+    "GoogleCloudRetailV2ListControlsResponse": {
+      "description": "Response for ListControls method.",
+      "id": "GoogleCloudRetailV2ListControlsResponse",
+      "properties": {
+        "controls": {
+          "description": "All the Controls for a given catalog.",
+          "items": {
+            "$ref": "GoogleCloudRetailV2Control"
+          },
+          "type": "array"
+        },
+        "nextPageToken": {
+          "description": "Pagination token, if not returned indicates the last page.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
     "GoogleCloudRetailV2ListProductsResponse": {
       "description": "Response message for ProductService.ListProducts method.",
       "id": "GoogleCloudRetailV2ListProductsResponse",
@@ -2298,6 +2840,24 @@
       },
       "type": "object"
     },
+    "GoogleCloudRetailV2ListServingConfigsResponse": {
+      "description": "Response for ListServingConfigs method.",
+      "id": "GoogleCloudRetailV2ListServingConfigsResponse",
+      "properties": {
+        "nextPageToken": {
+          "description": "Pagination token, if not returned indicates the last page.",
+          "type": "string"
+        },
+        "servingConfigs": {
+          "description": "All the ServingConfigs for a given catalog.",
+          "items": {
+            "$ref": "GoogleCloudRetailV2ServingConfig"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
     "GoogleCloudRetailV2LocalInventory": {
       "description": "The inventory information at a place (e.g. a store) identified by a place ID.",
       "id": "GoogleCloudRetailV2LocalInventory",
@@ -2523,7 +3083,7 @@
           "type": "array"
         },
         "categories": {
-          "description": "Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both [\"Shoes & Accessories\" -> \"Shoes\"] and [\"Sports & Fitness\" -> \"Athletic Clothing\" -> \"Shoes\"], it could be represented as: \"categories\": [ \"Shoes & Accessories > Shoes\", \"Sports & Fitness > Athletic Clothing > Shoes\" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436",
+          "description": "Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both [\"Shoes & Accessories\" -> \"Shoes\"] and [\"Sports & Fitness\" -> \"Athletic Clothing\" -> \"Shoes\"], it could be represented as: \"categories\": [ \"Shoes & Accessories > Shoes\", \"Sports & Fitness > Athletic Clothing > Shoes\" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436",
           "items": {
             "type": "string"
           },
@@ -2582,6 +3142,14 @@
           "description": "Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to \"en-US\" if unset.",
           "type": "string"
         },
+        "localInventories": {
+          "description": "Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.",
+          "items": {
+            "$ref": "GoogleCloudRetailV2LocalInventory"
+          },
+          "readOnly": true,
+          "type": "array"
+        },
         "materials": {
           "description": "The material of the product. For example, \"leather\", \"wooden\". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).",
           "items": {
@@ -2847,7 +3415,7 @@
       "type": "object"
     },
     "GoogleCloudRetailV2RejoinUserEventsMetadata": {
-      "description": "Metadata for RejoinUserEvents method.",
+      "description": "Metadata for `RejoinUserEvents` method.",
       "id": "GoogleCloudRetailV2RejoinUserEventsMetadata",
       "properties": {},
       "type": "object"
@@ -2857,7 +3425,7 @@
       "id": "GoogleCloudRetailV2RejoinUserEventsRequest",
       "properties": {
         "userEventRejoinScope": {
-          "description": "The type of the user event rejoin to define the scope and range of the user events to be rejoined with the latest product catalog. Defaults to USER_EVENT_REJOIN_SCOPE_UNSPECIFIED if this field is not set, or set to an invalid integer value.",
+          "description": "The type of the user event rejoin to define the scope and range of the user events to be rejoined with the latest product catalog. Defaults to `USER_EVENT_REJOIN_SCOPE_UNSPECIFIED` if this field is not set, or set to an invalid integer value.",
           "enum": [
             "USER_EVENT_REJOIN_SCOPE_UNSPECIFIED",
             "JOINED_EVENTS",
@@ -2874,7 +3442,7 @@
       "type": "object"
     },
     "GoogleCloudRetailV2RejoinUserEventsResponse": {
-      "description": "Response message for RejoinUserEvents method.",
+      "description": "Response message for `RejoinUserEvents` method.",
       "id": "GoogleCloudRetailV2RejoinUserEventsResponse",
       "properties": {
         "rejoinedUserEventsCount": {
@@ -2896,6 +3464,17 @@
       },
       "type": "object"
     },
+    "GoogleCloudRetailV2RemoveControlRequest": {
+      "description": "Request for RemoveControl method.",
+      "id": "GoogleCloudRetailV2RemoveControlRequest",
+      "properties": {
+        "controlId": {
+          "description": "Required. The id of the control to apply. Assumed to be in the same catalog as the serving config.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
     "GoogleCloudRetailV2RemoveFulfillmentPlacesMetadata": {
       "description": "Metadata related to the progress of the RemoveFulfillmentPlaces operation. Currently empty because there is no meaningful metadata populated from the ProductService.RemoveFulfillmentPlaces method.",
       "id": "GoogleCloudRetailV2RemoveFulfillmentPlacesMetadata",
@@ -2970,6 +3549,209 @@
       "properties": {},
       "type": "object"
     },
+    "GoogleCloudRetailV2ReplaceCatalogAttributeRequest": {
+      "description": "Request for CatalogService.ReplaceCatalogAttribute method.",
+      "id": "GoogleCloudRetailV2ReplaceCatalogAttributeRequest",
+      "properties": {
+        "catalogAttribute": {
+          "$ref": "GoogleCloudRetailV2CatalogAttribute",
+          "description": "Required. The updated CatalogAttribute."
+        },
+        "updateMask": {
+          "description": "Indicates which fields in the provided CatalogAttribute to update. The following are NOT supported: * CatalogAttribute.key If not set, all supported fields are updated.",
+          "format": "google-fieldmask",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudRetailV2Rule": {
+      "description": "A rule is a condition-action pair * A condition defines when a rule is to be triggered. * An action specifies what occurs on that trigger. Currently rules only work for controls with SOLUTION_TYPE_SEARCH.",
+      "id": "GoogleCloudRetailV2Rule",
+      "properties": {
+        "boostAction": {
+          "$ref": "GoogleCloudRetailV2RuleBoostAction",
+          "description": "A boost action."
+        },
+        "condition": {
+          "$ref": "GoogleCloudRetailV2Condition",
+          "description": "Required. The condition that triggers the rule. If the condition is empty, the rule will always apply."
+        },
+        "doNotAssociateAction": {
+          "$ref": "GoogleCloudRetailV2RuleDoNotAssociateAction",
+          "description": "Prevents term from being associated with other terms."
+        },
+        "filterAction": {
+          "$ref": "GoogleCloudRetailV2RuleFilterAction",
+          "description": "Filters results."
+        },
+        "ignoreAction": {
+          "$ref": "GoogleCloudRetailV2RuleIgnoreAction",
+          "description": "Ignores specific terms from query during search."
+        },
+        "onewaySynonymsAction": {
+          "$ref": "GoogleCloudRetailV2RuleOnewaySynonymsAction",
+          "description": "Treats specific term as a synonym with a group of terms. Group of terms will not be treated as synonyms with the specific term."
+        },
+        "redirectAction": {
+          "$ref": "GoogleCloudRetailV2RuleRedirectAction",
+          "description": "Redirects a shopper to a specific page."
+        },
+        "replacementAction": {
+          "$ref": "GoogleCloudRetailV2RuleReplacementAction",
+          "description": "Replaces specific terms in the query."
+        },
+        "twowaySynonymsAction": {
+          "$ref": "GoogleCloudRetailV2RuleTwowaySynonymsAction",
+          "description": "Treats a set of terms as synonyms of one another."
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudRetailV2RuleBoostAction": {
+      "description": "A boost action to apply to results matching condition specified above.",
+      "id": "GoogleCloudRetailV2RuleBoostAction",
+      "properties": {
+        "boost": {
+          "description": "Strength of the condition boost, which must be in [-1, 1]. Negative boost means demotion. Default is 0.0. Setting to 1.0 gives the item a big promotion. However, it does not necessarily mean that the boosted item will be the top result at all times, nor that other items will be excluded. Results could still be shown even when none of them matches the condition. And results that are significantly more relevant to the search query can still trump your heavily favored but irrelevant items. Setting to -1.0 gives the item a big demotion. However, results that are deeply relevant might still be shown. The item will have an upstream battle to get a fairly high ranking, but it is not blocked out completely. Setting to 0.0 means no boost applied. The boosting condition is ignored.",
+          "format": "float",
+          "type": "number"
+        },
+        "productsFilter": {
+          "description": "The filter can have a max size of 5000 characters. An expression which specifies which products to apply an action to. The syntax and supported fields are the same as a filter expression. See SearchRequest.filter for detail syntax and limitations. Examples: * To boost products with product ID \"product_1\" or \"product_2\", and color \"Red\" or \"Blue\": *(id: ANY(\"product_1\", \"product_2\")) * *AND * *(colorFamilies: ANY(\"Red\", \"Blue\")) *",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudRetailV2RuleDoNotAssociateAction": {
+      "description": "Prevents `query_term` from being associated with specified terms during search. Example: Don't associate \"gShoe\" and \"cheap\".",
+      "id": "GoogleCloudRetailV2RuleDoNotAssociateAction",
+      "properties": {
+        "doNotAssociateTerms": {
+          "description": "Cannot contain duplicates or the query term. Can specify up to 100 terms.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "queryTerms": {
+          "description": "Terms from the search query. Will not consider do_not_associate_terms for search if in search query. Can specify up to 100 terms.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "terms": {
+          "description": "Will be [deprecated = true] post migration;",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudRetailV2RuleFilterAction": {
+      "description": "* Rule Condition: - No Condition.query_terms provided is a global match. - 1 or more Condition.query_terms provided are combined with OR operator. * Action Input: The request query and filter that are applied to the retrieved products, in addition to any filters already provided with the SearchRequest. The AND operator is used to combine the query's existing filters with the filter rule(s). NOTE: May result in 0 results when filters conflict. * Action Result: Filters the returned objects to be ONLY those that passed the filter.",
+      "id": "GoogleCloudRetailV2RuleFilterAction",
+      "properties": {
+        "filter": {
+          "description": "A filter to apply on the matching condition results. Supported features: * filter must be set. * Filter syntax is identical to SearchRequest.filter. See more details at the Retail Search [user guide](/retail/search/docs/filter-and-order#filter). * To filter products with product ID \"product_1\" or \"product_2\", and color \"Red\" or \"Blue\": *(id: ANY(\"product_1\", \"product_2\")) * *AND * *(colorFamilies: ANY(\"Red\", \"Blue\")) *",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudRetailV2RuleIgnoreAction": {
+      "description": "Prevents a term in the query from being used in search. Example: Don't search for \"shoddy\".",
+      "id": "GoogleCloudRetailV2RuleIgnoreAction",
+      "properties": {
+        "ignoreTerms": {
+          "description": "Terms to ignore in the search query.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudRetailV2RuleOnewaySynonymsAction": {
+      "description": "Maps a set of terms to a set of synonyms. Set of synonyms will be treated as synonyms of each query term only. `query_terms` will not be treated as synonyms of each other. Example: \"sneakers\" will use a synonym of \"shoes\". \"shoes\" will not use a synonym of \"sneakers\".",
+      "id": "GoogleCloudRetailV2RuleOnewaySynonymsAction",
+      "properties": {
+        "onewayTerms": {
+          "description": "Will be [deprecated = true] post migration;",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "queryTerms": {
+          "description": "Terms from the search query. Will treat synonyms as their synonyms. Not themselves synonyms of the synonyms. Can specify up to 100 terms.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "synonyms": {
+          "description": "Defines a set of synonyms. Cannot contain duplicates. Can specify up to 100 synonyms.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudRetailV2RuleRedirectAction": {
+      "description": "Redirects a shopper to a specific page. * Rule Condition: - Must specify Condition.query_terms. * Action Input: Request Query * Action Result: Redirects shopper to provided uri.",
+      "id": "GoogleCloudRetailV2RuleRedirectAction",
+      "properties": {
+        "redirectUri": {
+          "description": "URL must have length equal or less than 2000 characters.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudRetailV2RuleReplacementAction": {
+      "description": "Replaces a term in the query. Multiple replacement candidates can be specified. All `query_terms` will be replaced with the replacement term. Example: Replace \"gShoe\" with \"google shoe\".",
+      "id": "GoogleCloudRetailV2RuleReplacementAction",
+      "properties": {
+        "queryTerms": {
+          "description": "Terms from the search query. Will be replaced by replacement term. Can specify up to 100 terms.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "replacementTerm": {
+          "description": "Term that will be used for replacement.",
+          "type": "string"
+        },
+        "term": {
+          "description": "Will be [deprecated = true] post migration;",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudRetailV2RuleTwowaySynonymsAction": {
+      "description": "Creates a set of terms that will be treated as synonyms of each other. Example: synonyms of \"sneakers\" and \"shoes\". * \"sneakers\" will use a synonym of \"shoes\". * \"shoes\" will use a synonym of \"sneakers\".",
+      "id": "GoogleCloudRetailV2RuleTwowaySynonymsAction",
+      "properties": {
+        "synonyms": {
+          "description": "Defines a set of synonyms. Can specify up to 100 synonyms. Must specify at least 2 synonyms.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
     "GoogleCloudRetailV2SearchRequest": {
       "description": "Request message for SearchService.Search method.",
       "id": "GoogleCloudRetailV2SearchRequest",
@@ -3018,7 +3800,7 @@
           "type": "string"
         },
         "pageCategories": {
-          "description": "The categories associated with a category page. Required for category navigation queries to achieve good search quality. The format should be the same as UserEvent.page_categories; To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: \"pageCategories\" : [\"Sales > 2017 Black Friday Deals\"].",
+          "description": "The categories associated with a category page. Required for category navigation queries to achieve good search quality. The format should be the same as UserEvent.page_categories; To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: \"pageCategories\" : [\"Sales > 2017 Black Friday Deals\"].",
           "items": {
             "type": "string"
           },
@@ -3035,7 +3817,7 @@
         },
         "personalizationSpec": {
           "$ref": "GoogleCloudRetailV2SearchRequestPersonalizationSpec",
-          "description": "The specification for personalization."
+          "description": "The specification for personalization. Notice that if both ServingConfig.personalization_spec and SearchRequest.personalization_spec are set. SearchRequest.personalization_spec will override ServingConfig.personalization_spec."
         },
         "query": {
           "description": "Raw search query. If this field is empty, the request is considered a category browsing request and returned results are based on filter and page_categories.",
@@ -3053,9 +3835,9 @@
             "FACETED_SEARCH_ONLY"
           ],
           "enumDescriptions": [
-            "Default value. In this case both product search and faceted search will be performed. Both [SearchResponse.SearchResult] and [SearchResponse.Facet] will be returned.",
-            "Only product search will be performed. The faceted search will be disabled. Only [SearchResponse.SearchResult] will be returned. [SearchResponse.Facet] will not be returned, even if SearchRequest.facet_specs or SearchRequest.dynamic_facet_spec is set.",
-            "Only faceted search will be performed. The product search will be disabled. When in this mode, one or both of SearchRequest.facet_specs and SearchRequest.dynamic_facet_spec should be set. Otherwise, an INVALID_ARGUMENT error is returned. Only [SearchResponse.Facet] will be returned. [SearchResponse.SearchResult] will not be returned."
+            "Default value. In this case both product search and faceted search will be performed. Both SearchResponse.SearchResult and SearchResponse.Facet will be returned.",
+            "Only product search will be performed. The faceted search will be disabled. Only SearchResponse.SearchResult will be returned. SearchResponse.Facet will not be returned, even if SearchRequest.facet_specs or SearchRequest.dynamic_facet_spec is set.",
+            "Only faceted search will be performed. The product search will be disabled. When in this mode, one or both of SearchRequest.facet_specs and SearchRequest.dynamic_facet_spec should be set. Otherwise, an INVALID_ARGUMENT error is returned. Only SearchResponse.Facet will be returned. SearchResponse.SearchResult will not be returned."
           ],
           "type": "string"
         },
@@ -3455,6 +4237,139 @@
       },
       "type": "object"
     },
+    "GoogleCloudRetailV2ServingConfig": {
+      "description": "Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions).",
+      "id": "GoogleCloudRetailV2ServingConfig",
+      "properties": {
+        "boostControlIds": {
+          "description": "Condition boost specifications. If a product matches multiple conditions in the specifications, boost scores from these specifications are all applied and combined in a non-linear way. Maximum number of specifications is 100. Notice that if both ServingConfig.boost_control_ids and SearchRequest.boost_spec are set, the boost conditions from both places are evaluated. If a search request matches multiple boost conditions, the final boost score is equal to the sum of the boost scores from all matched boost conditions. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "displayName": {
+          "description": "Required. The human readable serving config display name. Used in Retail UI. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is returned.",
+          "type": "string"
+        },
+        "diversityLevel": {
+          "description": "How much diversity to use in recommendation model results e.g. `medium-diversity` or `high-diversity`. Currently supported values: * `no-diversity` * `low-diversity` * `medium-diversity` * `high-diversity` * `auto-diversity` If not specified, we choose default based on recommendation model type. Default value: `no-diversity`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.",
+          "type": "string"
+        },
+        "diversityType": {
+          "description": "What kind of diversity to use - data driven or rule based.",
+          "enum": [
+            "DIVERSITY_TYPE_UNSPECIFIED",
+            "RULE_BASED_DIVERSITY",
+            "DATA_DRIVEN_DIVERSITY"
+          ],
+          "enumDescriptions": [
+            "Default value.",
+            "Rule based diversity.",
+            "Data driven diversity."
+          ],
+          "type": "string"
+        },
+        "doNotAssociateControlIds": {
+          "description": "Condition do not associate specifications. If multiple do not associate conditions match, all matching do not associate controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "dynamicFacetSpec": {
+          "$ref": "GoogleCloudRetailV2SearchRequestDynamicFacetSpec",
+          "description": "The specification for dynamically generated facets. Notice that only textual facets can be dynamically generated. Can only be set if solution_types is SOLUTION_TYPE_SEARCH."
+        },
+        "enableCategoryFilterLevel": {
+          "description": "Whether to add additional category filters on the `similar-items` model. If not specified, we enable it by default. Allowed values are: * `no-category-match`: No additional filtering of original results from the model and the customer's filters. * `relaxed-category-match`: Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.",
+          "type": "string"
+        },
+        "facetControlIds": {
+          "description": "Facet specifications for faceted search. If empty, no facets are returned. The ids refer to the ids of Control resources with only the Facet control set. These controls are assumed to be in the same Catalog as the ServingConfig. A maximum of 100 values are allowed. Otherwise, an INVALID_ARGUMENT error is returned. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "filterControlIds": {
+          "description": "Condition filter specifications. If a product matches multiple conditions in the specifications, filters from these specifications are all applied and combined via the AND operator. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "ignoreControlIds": {
+          "description": "Condition ignore specifications. If multiple ignore conditions match, all matching ignore controls in the list will execute. - Order does not matter. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "modelId": {
+          "description": "The id of the model in the same Catalog to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/servingConfig/*`",
+          "type": "string"
+        },
+        "onewaySynonymsControlIds": {
+          "description": "Condition oneway synonyms specifications. If multiple oneway synonyms conditions match, all matching oneway synonyms controls in the list will execute. Order of controls in the list will not matter. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "personalizationSpec": {
+          "$ref": "GoogleCloudRetailV2SearchRequestPersonalizationSpec",
+          "description": "The specification for personalization spec. Can only be set if solution_types is SOLUTION_TYPE_SEARCH. Notice that if both ServingConfig.personalization_spec and SearchRequest.personalization_spec are set. SearchRequest.personalization_spec will override ServingConfig.personalization_spec."
+        },
+        "priceRerankingLevel": {
+          "description": "How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * `no-price-reranking` * `low-price-raranking` * `medium-price-reranking` * `high-price-reranking` If not specified, we choose default based on model type. Default value: `no-price-reranking`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.",
+          "type": "string"
+        },
+        "redirectControlIds": {
+          "description": "Condition redirect specifications. Only the first triggered redirect action is applied, even if multiple apply. Maximum number of specifications is 1000. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "replacementControlIds": {
+          "description": "Condition replacement specifications. - Applied according to the order in the list. - A previously replaced term can not be re-replaced. - Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "solutionTypes": {
+          "description": "Required. Immutable. Specifies the solution types that a serving config can be associated with. Currently we support setting only one type of solution.",
+          "items": {
+            "enum": [
+              "SOLUTION_TYPE_UNSPECIFIED",
+              "SOLUTION_TYPE_RECOMMENDATION",
+              "SOLUTION_TYPE_SEARCH"
+            ],
+            "enumDescriptions": [
+              "Default value.",
+              "Used for Recommendations AI.",
+              "Used for Retail Search."
+            ],
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "twowaySynonymsControlIds": {
+          "description": "Condition synonyms specifications. If multiple syonyms conditions match, all matching synonyms control in the list will execute. Order of controls in the list will not matter. Maximum number of specifications is 100. Can only be set if solution_types is SOLUTION_TYPE_SEARCH.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
     "GoogleCloudRetailV2SetDefaultBranchRequest": {
       "description": "Request message to set a specified branch as new default_branch.",
       "id": "GoogleCloudRetailV2SetDefaultBranchRequest",
@@ -3564,7 +4479,7 @@
           "type": "string"
         },
         "pageCategories": {
-          "description": "The categories associated with a category page. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: \"pageCategories\" : [\"Sales > 2017 Black Friday Deals\"]. Required for `category-page-view` events. At least one of search_query or page_categories is required for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.",
+          "description": "The categories associated with a category page. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: \"pageCategories\" : [\"Sales > 2017 Black Friday Deals\"]. Required for `category-page-view` events. At least one of search_query or page_categories is required for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.",
           "items": {
             "type": "string"
           },
@@ -3729,7 +4644,7 @@
       "id": "GoogleCloudRetailV2alphaCreateModelMetadata",
       "properties": {
         "model": {
-          "description": "The resource name of the model that this create applies to. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}",
+          "description": "The resource name of the model that this create applies to. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}`",
           "type": "string"
         }
       },
@@ -3747,7 +4662,7 @@
       "type": "object"
     },
     "GoogleCloudRetailV2alphaExportMetadata": {
-      "description": "Metadata related to the progress of the Export operation. This will be returned by the google.longrunning.Operation.metadata field.",
+      "description": "Metadata related to the progress of the Export operation. This is returned by the google.longrunning.Operation.metadata field.",
       "id": "GoogleCloudRetailV2alphaExportMetadata",
       "properties": {
         "createTime": {
@@ -3826,14 +4741,14 @@
       "id": "GoogleCloudRetailV2alphaImportErrorsConfig",
       "properties": {
         "gcsPrefix": {
-          "description": "Google Cloud Storage prefix for import errors. This must be an empty, existing Cloud Storage directory. Import errors will be written to sharded files in this directory, one per line, as a JSON-encoded `google.rpc.Status` message.",
+          "description": "Google Cloud Storage prefix for import errors. This must be an empty, existing Cloud Storage directory. Import errors are written to sharded files in this directory, one per line, as a JSON-encoded `google.rpc.Status` message.",
           "type": "string"
         }
       },
       "type": "object"
     },
     "GoogleCloudRetailV2alphaImportMetadata": {
-      "description": "Metadata related to the progress of the Import operation. This will be returned by the google.longrunning.Operation.metadata field.",
+      "description": "Metadata related to the progress of the Import operation. This is returned by the google.longrunning.Operation.metadata field.",
       "id": "GoogleCloudRetailV2alphaImportMetadata",
       "properties": {
         "createTime": {
@@ -3847,7 +4762,7 @@
           "type": "string"
         },
         "notificationPubsubTopic": {
-          "description": "Pub/Sub topic for receiving notification. If this field is set, when the import is finished, a notification will be sent to specified Pub/Sub topic. The message data will be JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`.",
+          "description": "Pub/Sub topic for receiving notification. If this field is set, when the import is finished, a notification is sent to specified Pub/Sub topic. The message data is JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`.",
           "type": "string"
         },
         "requestId": {
@@ -3912,7 +4827,7 @@
       "type": "object"
     },
     "GoogleCloudRetailV2alphaModel": {
-      "description": "Metadata that describes the training and serving parameters of a Model. A Model can be associated with a ServingConfig and then queried through the Predict api.",
+      "description": "Metadata that describes the training and serving parameters of a Model. A Model can be associated with a ServingConfig and then queried through the Predict API.",
       "id": "GoogleCloudRetailV2alphaModel",
       "properties": {
         "createTime": {
@@ -3922,14 +4837,14 @@
           "type": "string"
         },
         "dataState": {
-          "description": "Output only. The state of data requirements for this model: DATA_OK and DATA_ERROR. Recommendation model cannot be trained if the data is in DATA_ERROR state. Recommendation model can have DATA_ERROR state even if serving state is ACTIVE: models were trained successfully before, but cannot be refreshed because model no longer has sufficient data for training.",
+          "description": "Output only. The state of data requirements for this model: `DATA_OK` and `DATA_ERROR`. Recommendation model cannot be trained if the data is in `DATA_ERROR` state. Recommendation model can have `DATA_ERROR` state even if serving state is `ACTIVE`: models were trained successfully before, but cannot be refreshed because model no longer has sufficient data for training.",
           "enum": [
             "DATA_STATE_UNSPECIFIED",
             "DATA_OK",
             "DATA_ERROR"
           ],
           "enumDescriptions": [
-            "Unspecified default value - should never be explicitly set.",
+            "Unspecified default value, should never be explicitly set.",
             "The model has sufficient training data.",
             "The model does not have sufficient training data. Error messages can be queried via Stackdriver."
           ],
@@ -3937,11 +4852,11 @@
           "type": "string"
         },
         "displayName": {
-          "description": "Required. The display name of the model. Should be human readable, used to display Recommendation Models in the Retail Cloud Cosole Dashboard. UTF-8 encoded string with limit of 1024 characters.",
+          "description": "Required. The display name of the model. Should be human readable, used to display Recommendation Models in the Retail Cloud Console Dashboard. UTF-8 encoded string with limit of 1024 characters.",
           "type": "string"
         },
         "filteringOption": {
-          "description": "Optional. If RECOMMENDATIONS_FILTERING_ENABLED, recommendation filtering by attributes is enabled for the model.",
+          "description": "Optional. If `RECOMMENDATIONS_FILTERING_ENABLED`, recommendation filtering by attributes is enabled for the model.",
           "enum": [
             "RECOMMENDATIONS_FILTERING_OPTION_UNSPECIFIED",
             "RECOMMENDATIONS_FILTERING_DISABLED",
@@ -3961,7 +4876,7 @@
           "type": "string"
         },
         "name": {
-          "description": "Required. The fully qualified resource name of the model. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id} catalog_id has char limit of 50. recommendation_model_id has char limit of 40.",
+          "description": "Required. The fully qualified resource name of the model. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` catalog_id has char limit of 50. recommendation_model_id has char limit of 40.",
           "type": "string"
         },
         "optimizationObjective": {
@@ -3973,7 +4888,7 @@
           "description": "Optional. The page optimization config."
         },
         "periodicTuningState": {
-          "description": "Optional. The state of periodic tuning. The period we use is 3 months - to do a one-off tune earlier use the TuneModel method. Default value is PERIODIC_TUNING_ENABLED.",
+          "description": "Optional. The state of periodic tuning. The period we use is 3 months - to do a one-off tune earlier use the `TuneModel` method. Default value is `PERIODIC_TUNING_ENABLED`.",
           "enum": [
             "PERIODIC_TUNING_STATE_UNSPECIFIED",
             "PERIODIC_TUNING_DISABLED",
@@ -3981,10 +4896,10 @@
             "PERIODIC_TUNING_ENABLED"
           ],
           "enumDescriptions": [
-            "Unspecified default value - should never be explicitly set.",
-            "The model has periodic tuning disabled. Tuning can be reenabled by calling the EnableModelPeriodicTuning method or by calling the TuneModel method.",
-            "The model cannot be tuned with periodic tuning OR the TuneModel method. Hide the options in customer UI and reject any requests through the backend self serve API.",
-            "The model has periodic tuning enabled. Tuning can be disabled by calling the DisableModelPeriodicTuning method."
+            "Unspecified default value, should never be explicitly set.",
+            "The model has periodic tuning disabled. Tuning can be reenabled by calling the `EnableModelPeriodicTuning` method or by calling the `TuneModel` method.",
+            "The model cannot be tuned with periodic tuning OR the `TuneModel` method. Hide the options in customer UI and reject any requests through the backend self serve API.",
+            "The model has periodic tuning enabled. Tuning can be disabled by calling the `DisableModelPeriodicTuning` method."
           ],
           "type": "string"
         },
@@ -3997,7 +4912,7 @@
           "type": "array"
         },
         "servingState": {
-          "description": "Output only. The serving state of the model: ACTIVE, NOT_ACTIVE.",
+          "description": "Output only. The serving state of the model: `ACTIVE`, `NOT_ACTIVE`.",
           "enum": [
             "SERVING_STATE_UNSPECIFIED",
             "INACTIVE",
@@ -4008,13 +4923,13 @@
             "Unspecified serving state.",
             "The model is not serving.",
             "The model is serving and can be queried.",
-            "The model is trained on tuned hyperparameters, and can be queried."
+            "The model is trained on tuned hyperparameters and can be queried."
           ],
           "readOnly": true,
           "type": "string"
         },
         "trainingState": {
-          "description": "Optional. The training state that the model is in (e.g. TRAINING or PAUSED). Since part of the cost of running the service is frequency of training - this can be used to determine when to train model in order to control cost. If not specified: the default value for CreateModel method is TRAINING. the default value for UpdateModel method is to keep the state the same as before.",
+          "description": "Optional. The training state that the model is in (e.g. `TRAINING` or `PAUSED`). Since part of the cost of running the service is frequency of training - this can be used to determine when to train model in order to control cost. If not specified: the default value for `CreateModel` method is `TRAINING`. The default value for `UpdateModel` method is to keep the state the same as before.",
           "enum": [
             "TRAINING_STATE_UNSPECIFIED",
             "PAUSED",
@@ -4033,7 +4948,7 @@
           "type": "string"
         },
         "type": {
-          "description": "Required. The type of model e.g. `home-page`. Currently supported values: `recommended-for-you`, `others-you-may-like`, `frequently-bought-together`, `page-optimization`, 'similar-items', 'buy-it-again', `recently-viewed`(readonly value).",
+          "description": "Required. The type of model e.g. `home-page`. Currently supported values: `recommended-for-you`, `others-you-may-like`, `frequently-bought-together`, `page-optimization`, `similar-items`, `buy-it-again`, and `recently-viewed`(readonly value).",
           "type": "string"
         },
         "updateTime": {
@@ -4072,9 +4987,9 @@
           "enumDescriptions": [
             "Unspecified value for restriction.",
             "Allow any ServingConfig to be show on any number of panels. Example: `Panel1 candidates`: pdp_ctr, pdp_cvr, home_page_ctr_no_diversity `Panel2 candidates`: home_page_ctr_no_diversity, home_page_ctr_diversity, pdp_cvr_no_diversity `Restriction` = NO_RESTRICTION `Valid combinations`: * * (pdp_ctr, home_page_ctr_no_diversity) * (pdp_ctr, home_page_ctr_diversity) * (pdp_ctr, pdp_cvr_no_diversity) * (pdp_cvr, home_page_ctr_no_diversity) * (pdp_cvr, home_page_ctr_diversity) * (pdp_cvr, pdp_cvr_no_diversity) * (home_page_ctr_no_diversity, home_page_ctr_no_diversity) * (home_page_ctr_no_diversity, home_page_ctr_diversity) * (home_page_ctr_no_diversity, pdp_cvr_no_diversity) * `Invalid combinations`: []",
-            "Do not allow the same ServingConfig.name to be shown on multiple panels. Example: `Panel1 candidates`: * pdp_ctr, pdp_cvr, home_page_ctr_no_diversity * `Panel2 candidates`: * home_page_ctr_no_diversity, home_page_ctr_diversity_low, pdp_cvr_no_diversity * `Restriction` = UNIQUE_SERVING_CONFIG_RESTRICTION `Valid combinations`: * * (pdp_ctr, home_page_ctr_no_diversity) * (pdp_ctr, home_page_ctr_diversity_low) * (pdp_ctr, pdp_cvr_no_diversity) * (pdp_ctr, pdp_cvr_no_diversity) * (pdp_cvr, home_page_ctr_no_diversity) * (pdp_cvr, home_page_ctr_diversity_low) * (pdp_cvr, pdp_cvr_no_diversity) * (home_page_ctr_no_diversity, home_page_ctr_diversity_low) * (home_page_ctr_no_diversity, pdp_cvr_no_diversity) * `Invalid combinations`: * * (home_page_ctr_no_diversity, home_page_ctr_no_diversity) *",
-            "Do not allow multiple ServingConfigs with same Model.name to be show on on different panels. Example: `Panel1 candidates`: * pdp_ctr, pdp_cvr, home_page_ctr_no_diversity * `Panel2 candidates`: * home_page_ctr_no_diversity, home_page_ctr_diversity_low, pdp_cvr_no_diversity * `Restriction` = UNIQUE_MODEL_RESTRICTION `Valid combinations`: * * (pdp_ctr, home_page_ctr_no_diversity) * (pdp_ctr, home_page_ctr_diversity) * (pdp_ctr, pdp_cvr_no_diversity) * (pdp_ctr, pdp_cvr_no_diversity) * (pdp_cvr, home_page_ctr_no_diversity) * (pdp_cvr, home_page_ctr_diversity_low) * (home_page_ctr_no_diversity, pdp_cvr_no_diversity) * `Invalid combinations`: * * (home_page_ctr_no_diversity, home_page_ctr_no_diversity) * (pdp_cvr, pdp_cvr_no_diversity) *",
-            "Do not allow multiple ServingConfigs with same Model.type to be shown on different panels. Example: `Panel1 candidates`: * pdp_ctr, pdp_cvr, home_page_ctr_no_diversity * `Panel2 candidates`: * home_page_ctr_no_diversity, home_page_ctr_diversity_low, pdp_cvr_no_diversity * `Restriction` = UNIQUE_MODEL_RESTRICTION `Valid combinations`: * * (pdp_ctr, home_page_ctr_no_diversity) * (pdp_ctr, home_page_ctr_diversity) * (pdp_cvr, home_page_ctr_no_diversity) * (pdp_cvr, home_page_ctr_diversity_low) * (home_page_ctr_no_diversity, pdp_cvr_no_diversity) * `Invalid combinations`: * * (pdp_ctr, pdp_cvr_no_diversity) * (pdp_ctr, pdp_cvr_no_diversity) * (pdp_cvr, pdp_cvr_no_diversity) * (home_page_ctr_no_diversity, home_page_ctr_no_diversity) * (home_page_ctr_no_diversity, home_page_ctr_diversity) *"
+            "Do not allow the same ServingConfig.name to be shown on multiple panels. Example: `Panel1 candidates`: * pdp_ctr, pdp_cvr, home_page_ctr_no_diversity * `Panel2 candidates`: * home_page_ctr_no_diversity, home_page_ctr_diversity_low, pdp_cvr_no_diversity * `Restriction` = `UNIQUE_SERVING_CONFIG_RESTRICTION` `Valid combinations`: * * (pdp_ctr, home_page_ctr_no_diversity) * (pdp_ctr, home_page_ctr_diversity_low) * (pdp_ctr, pdp_cvr_no_diversity) * (pdp_ctr, pdp_cvr_no_diversity) * (pdp_cvr, home_page_ctr_no_diversity) * (pdp_cvr, home_page_ctr_diversity_low) * (pdp_cvr, pdp_cvr_no_diversity) * (home_page_ctr_no_diversity, home_page_ctr_diversity_low) * (home_page_ctr_no_diversity, pdp_cvr_no_diversity) * `Invalid combinations`: * * (home_page_ctr_no_diversity, home_page_ctr_no_diversity) *",
+            "Do not allow multiple ServingConfigs with same Model.name to be show on on different panels. Example: `Panel1 candidates`: * pdp_ctr, pdp_cvr, home_page_ctr_no_diversity * `Panel2 candidates`: * home_page_ctr_no_diversity, home_page_ctr_diversity_low, pdp_cvr_no_diversity * `Restriction` = `UNIQUE_MODEL_RESTRICTION` `Valid combinations`: * * (pdp_ctr, home_page_ctr_no_diversity) * (pdp_ctr, home_page_ctr_diversity) * (pdp_ctr, pdp_cvr_no_diversity) * (pdp_ctr, pdp_cvr_no_diversity) * (pdp_cvr, home_page_ctr_no_diversity) * (pdp_cvr, home_page_ctr_diversity_low) * (home_page_ctr_no_diversity, pdp_cvr_no_diversity) * `Invalid combinations`: * * (home_page_ctr_no_diversity, home_page_ctr_no_diversity) * (pdp_cvr, pdp_cvr_no_diversity) *",
+            "Do not allow multiple ServingConfigs with same Model.type to be shown on different panels. Example: `Panel1 candidates`: * pdp_ctr, pdp_cvr, home_page_ctr_no_diversity * `Panel2 candidates`: * home_page_ctr_no_diversity, home_page_ctr_diversity_low, pdp_cvr_no_diversity * `Restriction` = `UNIQUE_MODEL_RESTRICTION` `Valid combinations`: * * (pdp_ctr, home_page_ctr_no_diversity) * (pdp_ctr, home_page_ctr_diversity) * (pdp_cvr, home_page_ctr_no_diversity) * (pdp_cvr, home_page_ctr_diversity_low) * (home_page_ctr_no_diversity, pdp_cvr_no_diversity) * `Invalid combinations`: * * (pdp_ctr, pdp_cvr_no_diversity) * (pdp_ctr, pdp_cvr_no_diversity) * (pdp_cvr, pdp_cvr_no_diversity) * (home_page_ctr_no_diversity, home_page_ctr_no_diversity) * (home_page_ctr_no_diversity, home_page_ctr_diversity) *"
           ],
           "type": "string"
         }
@@ -4086,7 +5001,7 @@
       "id": "GoogleCloudRetailV2alphaModelPageOptimizationConfigCandidate",
       "properties": {
         "servingConfigId": {
-          "description": "This has to be a valid ServingConfig identifier. e.g. for a ServingConfig with full name: `projects/*/locations/global/catalogs/default_catalog/servingConfigs/my_candidate_config` this would be 'my_candidate_config'",
+          "description": "This has to be a valid ServingConfig identifier. For example, for a ServingConfig with full name: `projects/*/locations/global/catalogs/default_catalog/servingConfigs/my_candidate_config`, this would be `my_candidate_config`.",
           "type": "string"
         }
       },
@@ -4105,7 +5020,7 @@
         },
         "defaultCandidate": {
           "$ref": "GoogleCloudRetailV2alphaModelPageOptimizationConfigCandidate",
-          "description": "Required. The default candidate (in case the model fails at serving time, we can fall back to the default)."
+          "description": "Required. The default candidate. If the model fails at serving time, we fall back to the default."
         },
         "displayName": {
           "description": "Optional. The name to display for the panel.",
@@ -4115,11 +5030,11 @@
       "type": "object"
     },
     "GoogleCloudRetailV2alphaModelServingConfigList": {
-      "description": "Represents an ordered combination of valid serving configs, which / may be used for PAGE_OPTIMIZATION recommendations.",
+      "description": "Represents an ordered combination of valid serving configs, which can be used for `PAGE_OPTIMIZATION` recommendations.",
       "id": "GoogleCloudRetailV2alphaModelServingConfigList",
       "properties": {
         "servingConfigIds": {
-          "description": "Optional. A set of valid serving configs that may be used for PAGE_OPTIMIZATION.",
+          "description": "Optional. A set of valid serving configs that may be used for `PAGE_OPTIMIZATION`.",
           "items": {
             "type": "string"
           },
@@ -4207,13 +5122,13 @@
       "type": "object"
     },
     "GoogleCloudRetailV2alphaRejoinUserEventsMetadata": {
-      "description": "Metadata for RejoinUserEvents method.",
+      "description": "Metadata for `RejoinUserEvents` method.",
       "id": "GoogleCloudRetailV2alphaRejoinUserEventsMetadata",
       "properties": {},
       "type": "object"
     },
     "GoogleCloudRetailV2alphaRejoinUserEventsResponse": {
-      "description": "Response message for RejoinUserEvents method.",
+      "description": "Response message for `RejoinUserEvents` method.",
       "id": "GoogleCloudRetailV2alphaRejoinUserEventsResponse",
       "properties": {
         "rejoinedUserEventsCount": {
@@ -4282,7 +5197,7 @@
       "id": "GoogleCloudRetailV2alphaTuneModelMetadata",
       "properties": {
         "model": {
-          "description": "The resource name of the model that this tune applies to. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}",
+          "description": "The resource name of the model that this tune applies to. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}`",
           "type": "string"
         }
       },
@@ -4362,7 +5277,7 @@
       "type": "object"
     },
     "GoogleCloudRetailV2betaExportMetadata": {
-      "description": "Metadata related to the progress of the Export operation. This will be returned by the google.longrunning.Operation.metadata field.",
+      "description": "Metadata related to the progress of the Export operation. This is returned by the google.longrunning.Operation.metadata field.",
       "id": "GoogleCloudRetailV2betaExportMetadata",
       "properties": {
         "createTime": {
@@ -4441,14 +5356,14 @@
       "id": "GoogleCloudRetailV2betaImportErrorsConfig",
       "properties": {
         "gcsPrefix": {
-          "description": "Google Cloud Storage prefix for import errors. This must be an empty, existing Cloud Storage directory. Import errors will be written to sharded files in this directory, one per line, as a JSON-encoded `google.rpc.Status` message.",
+          "description": "Google Cloud Storage prefix for import errors. This must be an empty, existing Cloud Storage directory. Import errors are written to sharded files in this directory, one per line, as a JSON-encoded `google.rpc.Status` message.",
           "type": "string"
         }
       },
       "type": "object"
     },
     "GoogleCloudRetailV2betaImportMetadata": {
-      "description": "Metadata related to the progress of the Import operation. This will be returned by the google.longrunning.Operation.metadata field.",
+      "description": "Metadata related to the progress of the Import operation. This is returned by the google.longrunning.Operation.metadata field.",
       "id": "GoogleCloudRetailV2betaImportMetadata",
       "properties": {
         "createTime": {
@@ -4462,7 +5377,7 @@
           "type": "string"
         },
         "notificationPubsubTopic": {
-          "description": "Pub/Sub topic for receiving notification. If this field is set, when the import is finished, a notification will be sent to specified Pub/Sub topic. The message data will be JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`.",
+          "description": "Pub/Sub topic for receiving notification. If this field is set, when the import is finished, a notification is sent to specified Pub/Sub topic. The message data is JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`.",
           "type": "string"
         },
         "requestId": {
@@ -4555,13 +5470,13 @@
       "type": "object"
     },
     "GoogleCloudRetailV2betaRejoinUserEventsMetadata": {
-      "description": "Metadata for RejoinUserEvents method.",
+      "description": "Metadata for `RejoinUserEvents` method.",
       "id": "GoogleCloudRetailV2betaRejoinUserEventsMetadata",
       "properties": {},
       "type": "object"
     },
     "GoogleCloudRetailV2betaRejoinUserEventsResponse": {
-      "description": "Response message for RejoinUserEvents method.",
+      "description": "Response message for `RejoinUserEvents` method.",
       "id": "GoogleCloudRetailV2betaRejoinUserEventsResponse",
       "properties": {
         "rejoinedUserEventsCount": {
diff --git a/googleapiclient/discovery_cache/documents/retail.v2alpha.json b/googleapiclient/discovery_cache/documents/retail.v2alpha.json
index 7a9959a01a1..afa2b44112e 100644
--- a/googleapiclient/discovery_cache/documents/retail.v2alpha.json
+++ b/googleapiclient/discovery_cache/documents/retail.v2alpha.json
@@ -112,7 +112,7 @@
             "catalogs": {
               "methods": {
                 "completeQuery": {
-                  "description": "Completes the specified prefix with keyword suggestions. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.",
+                  "description": "Completes the specified prefix with keyword suggestions. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.",
                   "flatPath": "v2alpha/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}:completeQuery",
                   "httpMethod": "GET",
                   "id": "retail.projects.locations.catalogs.completeQuery",
@@ -203,7 +203,7 @@
                   ],
                   "parameters": {
                     "name": {
-                      "description": "Required. Full CompletionConfig resource name. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/completionConfig",
+                      "description": "Required. Full CompletionConfig resource name. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/completionConfig`",
                       "location": "path",
                       "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+/completionConfig$",
                       "required": true,
@@ -558,10 +558,43 @@
                         }
                       }
                     },
+                    "places": {
+                      "resources": {
+                        "operations": {
+                          "methods": {
+                            "get": {
+                              "description": "Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.",
+                              "flatPath": "v2alpha/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/branches/{branchesId}/places/{placesId}/operations/{operationsId}",
+                              "httpMethod": "GET",
+                              "id": "retail.projects.locations.catalogs.branches.places.operations.get",
+                              "parameterOrder": [
+                                "name"
+                              ],
+                              "parameters": {
+                                "name": {
+                                  "description": "The name of the operation resource.",
+                                  "location": "path",
+                                  "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+/branches/[^/]+/places/[^/]+/operations/[^/]+$",
+                                  "required": true,
+                                  "type": "string"
+                                }
+                              },
+                              "path": "v2alpha/{+name}",
+                              "response": {
+                                "$ref": "GoogleLongrunningOperation"
+                              },
+                              "scopes": [
+                                "https://www.googleapis.com/auth/cloud-platform"
+                              ]
+                            }
+                          }
+                        }
+                      }
+                    },
                     "products": {
                       "methods": {
                         "addFulfillmentPlaces": {
-                          "description": "Incrementally adds place IDs to Product.fulfillment_info.place_ids. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, the added place IDs are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.",
+                          "description": "Incrementally adds place IDs to Product.fulfillment_info.place_ids. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, the added place IDs are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. The returned Operations will be obsolete after 1 day, and GetOperation API will return NOT_FOUND afterwards. If conflicting updates are issued, the Operations associated with the stale updates will not be marked as done until being obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.",
                           "flatPath": "v2alpha/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/branches/{branchesId}/products/{productsId}:addFulfillmentPlaces",
                           "httpMethod": "POST",
                           "id": "retail.projects.locations.catalogs.branches.products.addFulfillmentPlaces",
@@ -589,7 +622,7 @@
                           ]
                         },
                         "addLocalInventories": {
-                          "description": "Updates local inventory information for a Product at a list of places, while respecting the last update timestamps of each inventory field. This process is asynchronous and does not require the Product to exist before updating inventory information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, updates are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. Local inventory information can only be modified using this method. ProductService.CreateProduct and ProductService.UpdateProduct has no effect on local inventories. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.",
+                          "description": "Updates local inventory information for a Product at a list of places, while respecting the last update timestamps of each inventory field. This process is asynchronous and does not require the Product to exist before updating inventory information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, updates are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. Local inventory information can only be modified using this method. ProductService.CreateProduct and ProductService.UpdateProduct has no effect on local inventories. The returned Operations will be obsolete after 1 day, and GetOperation API will return NOT_FOUND afterwards. If conflicting updates are issued, the Operations associated with the stale updates will not be marked as done until being obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.",
                           "flatPath": "v2alpha/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/branches/{branchesId}/products/{productsId}:addLocalInventories",
                           "httpMethod": "POST",
                           "id": "retail.projects.locations.catalogs.branches.products.addLocalInventories",
@@ -847,7 +880,7 @@
                           ]
                         },
                         "removeFulfillmentPlaces": {
-                          "description": "Incrementally removes place IDs from a Product.fulfillment_info.place_ids. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, the removed place IDs are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.",
+                          "description": "Incrementally removes place IDs from a Product.fulfillment_info.place_ids. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, the removed place IDs are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. The returned Operations will be obsolete after 1 day, and GetOperation API will return NOT_FOUND afterwards. If conflicting updates are issued, the Operations associated with the stale updates will not be marked as done until being obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.",
                           "flatPath": "v2alpha/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/branches/{branchesId}/products/{productsId}:removeFulfillmentPlaces",
                           "httpMethod": "POST",
                           "id": "retail.projects.locations.catalogs.branches.products.removeFulfillmentPlaces",
@@ -875,7 +908,7 @@
                           ]
                         },
                         "removeLocalInventories": {
-                          "description": "Remove local inventory information for a Product at a list of places at a removal timestamp. This process is asynchronous. If the request is valid, the removal will be enqueued and processed downstream. As a consequence, when a response is returned, removals are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. Local inventory information can only be removed using this method. ProductService.CreateProduct and ProductService.UpdateProduct has no effect on local inventories. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.",
+                          "description": "Remove local inventory information for a Product at a list of places at a removal timestamp. This process is asynchronous. If the request is valid, the removal will be enqueued and processed downstream. As a consequence, when a response is returned, removals are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. Local inventory information can only be removed using this method. ProductService.CreateProduct and ProductService.UpdateProduct has no effect on local inventories. The returned Operations will be obsolete after 1 day, and GetOperation API will return NOT_FOUND afterwards. If conflicting updates are issued, the Operations associated with the stale updates will not be marked as done until being obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.",
                           "flatPath": "v2alpha/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/branches/{branchesId}/products/{productsId}:removeLocalInventories",
                           "httpMethod": "POST",
                           "id": "retail.projects.locations.catalogs.branches.products.removeLocalInventories",
@@ -903,7 +936,7 @@
                           ]
                         },
                         "setInventory": {
-                          "description": "Updates inventory information for a Product while respecting the last update timestamps of each inventory field. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, updates are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. When inventory is updated with ProductService.CreateProduct and ProductService.UpdateProduct, the specified inventory field value(s) will overwrite any existing value(s) while ignoring the last update time for this field. Furthermore, the last update time for the specified inventory fields will be overwritten to the time of the ProductService.CreateProduct or ProductService.UpdateProduct request. If no inventory fields are set in CreateProductRequest.product, then any pre-existing inventory information for this product will be used. If no inventory fields are set in SetInventoryRequest.set_mask, then any existing inventory information will be preserved. Pre-existing inventory information can only be updated with ProductService.SetInventory, ProductService.AddFulfillmentPlaces, and ProductService.RemoveFulfillmentPlaces. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.",
+                          "description": "Updates inventory information for a Product while respecting the last update timestamps of each inventory field. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update is enqueued and processed downstream. As a consequence, when a response is returned, updates are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. When inventory is updated with ProductService.CreateProduct and ProductService.UpdateProduct, the specified inventory field value(s) overwrite any existing value(s) while ignoring the last update time for this field. Furthermore, the last update times for the specified inventory fields are overwritten by the times of the ProductService.CreateProduct or ProductService.UpdateProduct request. If no inventory fields are set in CreateProductRequest.product, then any pre-existing inventory information for this product is used. If no inventory fields are set in SetInventoryRequest.set_mask, then any existing inventory information is preserved. Pre-existing inventory information can only be updated with ProductService.SetInventory, ProductService.AddFulfillmentPlaces, and ProductService.RemoveFulfillmentPlaces. The returned Operations is obsolete after one day, and the GetOperation API returns `NOT_FOUND` afterwards. If conflicting updates are issued, the Operations associated with the stale updates are not marked as done until they are obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.",
                           "flatPath": "v2alpha/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/branches/{branchesId}/products/{productsId}:setInventory",
                           "httpMethod": "POST",
                           "id": "retail.projects.locations.catalogs.branches.products.setInventory",
@@ -937,7 +970,7 @@
                 "completionData": {
                   "methods": {
                     "import": {
-                      "description": "Bulk import of processed completion dataset. Request processing is asynchronous. Partial updating is not supported. The operation is successfully finished only after the imported suggestions are indexed successfully and ready for serving. The process takes hours. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.",
+                      "description": "Bulk import of processed completion dataset. Request processing is asynchronous. Partial updating is not supported. The operation is successfully finished only after the imported suggestions are indexed successfully and ready for serving. The process takes hours. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.",
                       "flatPath": "v2alpha/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/completionData:import",
                       "httpMethod": "POST",
                       "id": "retail.projects.locations.catalogs.completionData.import",
@@ -1036,7 +1069,7 @@
                       ],
                       "parameters": {
                         "name": {
-                          "description": "Required. The resource name of the Control to delete. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/controls/{control_id}`",
+                          "description": "Required. The resource name of the Control to get. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/controls/{control_id}`",
                           "location": "path",
                           "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+/controls/[^/]+$",
                           "required": true,
@@ -1052,7 +1085,7 @@
                       ]
                     },
                     "list": {
-                      "description": "Lists all Controls linked to this catalog.",
+                      "description": "Lists all Controls by their parent Catalog.",
                       "flatPath": "v2alpha/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/controls",
                       "httpMethod": "GET",
                       "id": "retail.projects.locations.catalogs.controls.list",
@@ -1093,7 +1126,7 @@
                       ]
                     },
                     "patch": {
-                      "description": "Updates a Control. Control cannot be set to a different oneof field, if so an INVALID_ARGUMENT is returned. If the Control to delete does not exist, a NOT_FOUND error is returned.",
+                      "description": "Updates a Control. Control cannot be set to a different oneof field, if so an INVALID_ARGUMENT is returned. If the Control to update does not exist, a NOT_FOUND error is returned.",
                       "flatPath": "v2alpha/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/controls/{controlsId}",
                       "httpMethod": "PATCH",
                       "id": "retail.projects.locations.catalogs.controls.patch",
@@ -1140,12 +1173,12 @@
                       ],
                       "parameters": {
                         "dryRun": {
-                          "description": "Optional. Whether to run a dry_run to validate the request (without actually creating the model).",
+                          "description": "Optional. Whether to run a dry run to validate the request (without actually creating the model).",
                           "location": "query",
                           "type": "boolean"
                         },
                         "parent": {
-                          "description": "Required. The parent resource under which to create the model. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}",
+                          "description": "Required. The parent resource under which to create the model. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}`",
                           "location": "path",
                           "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+$",
                           "required": true,
@@ -1173,7 +1206,7 @@
                       ],
                       "parameters": {
                         "name": {
-                          "description": "Required. The resource name of the [Model] to delete. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}",
+                          "description": "Required. The resource name of the Model to delete. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}`",
                           "location": "path",
                           "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+/models/[^/]+$",
                           "required": true,
@@ -1209,7 +1242,7 @@
                           "type": "string"
                         },
                         "parent": {
-                          "description": "Required. The parent for which to list models. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}",
+                          "description": "Required. The parent for which to list models. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}`",
                           "location": "path",
                           "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+$",
                           "required": true,
@@ -1225,7 +1258,7 @@
                       ]
                     },
                     "patch": {
-                      "description": "Update of model metadata. Only fields that currently can be updated are: filtering_option, periodic_tuning_state. If other values are provided, this API method will ignore them.",
+                      "description": "Update of model metadata. Only fields that currently can be updated are: `filtering_option` and `periodic_tuning_state`. If other values are provided, this API method ignores them.",
                       "flatPath": "v2alpha/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/models/{modelsId}",
                       "httpMethod": "PATCH",
                       "id": "retail.projects.locations.catalogs.models.patch",
@@ -1234,14 +1267,14 @@
                       ],
                       "parameters": {
                         "name": {
-                          "description": "Required. The fully qualified resource name of the model. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id} catalog_id has char limit of 50. recommendation_model_id has char limit of 40.",
+                          "description": "Required. The fully qualified resource name of the model. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` catalog_id has char limit of 50. recommendation_model_id has char limit of 40.",
                           "location": "path",
                           "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+/models/[^/]+$",
                           "required": true,
                           "type": "string"
                         },
                         "updateMask": {
-                          "description": "Optional. Indicates which fields in the provided 'model' to update. If not set, will by default update all fields.",
+                          "description": "Optional. Indicates which fields in the provided 'model' to update. If not set, by default updates all fields.",
                           "format": "google-fieldmask",
                           "location": "query",
                           "type": "string"
@@ -1268,7 +1301,7 @@
                       ],
                       "parameters": {
                         "name": {
-                          "description": "Required. The name of the model to pause. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}",
+                          "description": "Required. The name of the model to pause. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}`",
                           "location": "path",
                           "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+/models/[^/]+$",
                           "required": true,
@@ -1296,7 +1329,7 @@
                       ],
                       "parameters": {
                         "name": {
-                          "description": "Required. The name of the model to resume. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}",
+                          "description": "Required. The name of the model to resume. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}`",
                           "location": "path",
                           "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+/models/[^/]+$",
                           "required": true,
@@ -1324,7 +1357,7 @@
                       ],
                       "parameters": {
                         "name": {
-                          "description": "Required. The resource name of the model to tune. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}",
+                          "description": "Required. The resource name of the model to tune. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}`",
                           "location": "path",
                           "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+/models/[^/]+$",
                           "required": true,
@@ -1445,7 +1478,7 @@
                       ]
                     },
                     "search": {
-                      "description": "Performs a search. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.",
+                      "description": "Performs a search. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.",
                       "flatPath": "v2alpha/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/placements/{placementsId}:search",
                       "httpMethod": "POST",
                       "id": "retail.projects.locations.catalogs.placements.search",
@@ -1486,7 +1519,7 @@
                       ],
                       "parameters": {
                         "servingConfig": {
-                          "description": "Required. The source ServingConfig resource name . Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/servingConfigs/{serving_config_id}",
+                          "description": "Required. The source ServingConfig resource name . Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/servingConfigs/{serving_config_id}`",
                           "location": "path",
                           "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+/servingConfigs/[^/]+$",
                           "required": true,
@@ -1547,7 +1580,7 @@
                       ],
                       "parameters": {
                         "name": {
-                          "description": "Required. The resource name of the ServingConfig to delete. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/servingConfigs/{serving_config_id}",
+                          "description": "Required. The resource name of the ServingConfig to delete. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/servingConfigs/{serving_config_id}`",
                           "location": "path",
                           "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+/servingConfigs/[^/]+$",
                           "required": true,
@@ -1572,7 +1605,7 @@
                       ],
                       "parameters": {
                         "name": {
-                          "description": "Required. The resource name of the ServingConfig to get. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/servingConfigs/{serving_config_id}",
+                          "description": "Required. The resource name of the ServingConfig to get. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/servingConfigs/{serving_config_id}`",
                           "location": "path",
                           "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+/servingConfigs/[^/]+$",
                           "required": true,
@@ -1608,7 +1641,7 @@
                           "type": "string"
                         },
                         "parent": {
-                          "description": "Required. The catalog resource name. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}",
+                          "description": "Required. The catalog resource name. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}`",
                           "location": "path",
                           "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+$",
                           "required": true,
@@ -1695,7 +1728,7 @@
                       ],
                       "parameters": {
                         "servingConfig": {
-                          "description": "Required. The source ServingConfig resource name . Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/servingConfigs/{serving_config_id}",
+                          "description": "Required. The source ServingConfig resource name . Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/servingConfigs/{serving_config_id}`",
                           "location": "path",
                           "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+/servingConfigs/[^/]+$",
                           "required": true,
@@ -1714,7 +1747,7 @@
                       ]
                     },
                     "search": {
-                      "description": "Performs a search. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.",
+                      "description": "Performs a search. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.",
                       "flatPath": "v2alpha/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/servingConfigs/{servingConfigsId}:search",
                       "httpMethod": "POST",
                       "id": "retail.projects.locations.catalogs.servingConfigs.search",
@@ -1787,7 +1820,7 @@
                       ]
                     },
                     "import": {
-                      "description": "Bulk import of User events. Request processing might be synchronous. Events that already exist are skipped. Use this method for backfilling historical user events. Operation.response is of type ImportResponse. Note that it is possible for a subset of the items to be successfully inserted. Operation.metadata is of type ImportMetadata.",
+                      "description": "Bulk import of User events. Request processing might be synchronous. Events that already exist are skipped. Use this method for backfilling historical user events. `Operation.response` is of type `ImportResponse`. Note that it is possible for a subset of the items to be successfully inserted. `Operation.metadata` is of type `ImportMetadata`.",
                       "flatPath": "v2alpha/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/userEvents:import",
                       "httpMethod": "POST",
                       "id": "retail.projects.locations.catalogs.userEvents.import",
@@ -1843,7 +1876,7 @@
                       ]
                     },
                     "rejoin": {
-                      "description": "Starts a user event rejoin operation with latest product catalog. Events will not be annotated with detailed product information if product is missing from the catalog at the time the user event is ingested, and these events are stored as unjoined events with a limited usage on training and serving. This method can be used to start a join operation on specified events with latest version of product catalog. It can also be used to correct events joined with the wrong product catalog. A rejoin operation can take hours or days to complete.",
+                      "description": "Starts a user-event rejoin operation with latest product catalog. Events are not annotated with detailed product information for products that are missing from the catalog when the user event is ingested. These events are stored as unjoined events with limited usage on training and serving. You can use this method to start a join operation on specified events with the latest version of product catalog. You can also use this method to correct events joined with the wrong product catalog. A rejoin operation can take hours or days to complete.",
                       "flatPath": "v2alpha/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/userEvents:rejoin",
                       "httpMethod": "POST",
                       "id": "retail.projects.locations.catalogs.userEvents.rejoin",
@@ -2047,7 +2080,7 @@
       }
     }
   },
-  "revision": "20220811",
+  "revision": "20220822",
   "rootUrl": "https://retail.googleapis.com/",
   "schemas": {
     "GoogleApiHttpBody": {
@@ -2243,14 +2276,14 @@
       "id": "GoogleCloudRetailV2ImportErrorsConfig",
       "properties": {
         "gcsPrefix": {
-          "description": "Google Cloud Storage prefix for import errors. This must be an empty, existing Cloud Storage directory. Import errors will be written to sharded files in this directory, one per line, as a JSON-encoded `google.rpc.Status` message.",
+          "description": "Google Cloud Storage prefix for import errors. This must be an empty, existing Cloud Storage directory. Import errors are written to sharded files in this directory, one per line, as a JSON-encoded `google.rpc.Status` message.",
           "type": "string"
         }
       },
       "type": "object"
     },
     "GoogleCloudRetailV2ImportMetadata": {
-      "description": "Metadata related to the progress of the Import operation. This will be returned by the google.longrunning.Operation.metadata field.",
+      "description": "Metadata related to the progress of the Import operation. This is returned by the google.longrunning.Operation.metadata field.",
       "id": "GoogleCloudRetailV2ImportMetadata",
       "properties": {
         "createTime": {
@@ -2264,7 +2297,7 @@
           "type": "string"
         },
         "notificationPubsubTopic": {
-          "description": "Pub/Sub topic for receiving notification. If this field is set, when the import is finished, a notification will be sent to specified Pub/Sub topic. The message data will be JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`.",
+          "description": "Pub/Sub topic for receiving notification. If this field is set, when the import is finished, a notification is sent to specified Pub/Sub topic. The message data is JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`.",
           "type": "string"
         },
         "requestId": {
@@ -2343,13 +2376,13 @@
       "type": "object"
     },
     "GoogleCloudRetailV2RejoinUserEventsMetadata": {
-      "description": "Metadata for RejoinUserEvents method.",
+      "description": "Metadata for `RejoinUserEvents` method.",
       "id": "GoogleCloudRetailV2RejoinUserEventsMetadata",
       "properties": {},
       "type": "object"
     },
     "GoogleCloudRetailV2RejoinUserEventsResponse": {
-      "description": "Response message for RejoinUserEvents method.",
+      "description": "Response message for `RejoinUserEvents` method.",
       "id": "GoogleCloudRetailV2RejoinUserEventsResponse",
       "properties": {
         "rejoinedUserEventsCount": {
@@ -2968,7 +3001,7 @@
           "type": "boolean"
         },
         "value": {
-          "description": "The value of the term to match on. Value cannot be empty. Value can have at most 3 terms if specified as a partial match. Each space separated string is considered as one term. Example) \"a b c\" is 3 terms and allowed, \" a b c d\" is 4 terms and not allowed for partial match.",
+          "description": "The value of the term to match on. Value cannot be empty. Value can have at most 3 terms if specified as a partial match. Each space separated string is considered as one term. For example, \"a b c\" is 3 terms and allowed, but \" a b c d\" is 4 terms and not allowed for a partial match.",
           "type": "string"
         }
       },
@@ -2992,11 +3025,11 @@
       "type": "object"
     },
     "GoogleCloudRetailV2alphaControl": {
-      "description": "Configures dynamic serving time metadata that is used to pre and post process search/recommendation model results.",
+      "description": "Configures dynamic metadata that can be linked to a ServingConfig and affect search or recommendation results at serving time.",
       "id": "GoogleCloudRetailV2alphaControl",
       "properties": {
         "associatedServingConfigIds": {
-          "description": "Output only. List of serving configuration ids that that are associated with this control. Note the association is managed via the ServingConfig, this is an output only denormalizeed view. Assumed to be in the same catalog.",
+          "description": "Output only. List of serving configuration ids that are associated with this control in the same Catalog. Note the association is managed via the ServingConfig, this is an output only denormalized view.",
           "items": {
             "type": "string"
           },
@@ -3009,7 +3042,7 @@
         },
         "facetSpec": {
           "$ref": "GoogleCloudRetailV2alphaSearchRequestFacetSpec",
-          "description": "A facet specification to perform faceted search."
+          "description": "A facet specification to perform faceted search. Note that this field is deprecated and will throw NOT_IMPLEMENTED if used for creating a control."
         },
         "name": {
           "description": "Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/controls/*`",
@@ -3019,8 +3052,25 @@
           "$ref": "GoogleCloudRetailV2alphaRule",
           "description": "A rule control - a condition-action pair. Enacts a set action when the condition is triggered. For example: Boost \"gShoe\" when query full matches \"Running Shoes\"."
         },
+        "searchSolutionUseCase": {
+          "description": "Specifies the use case for the control. Affects what condition fields can be set. Only settable by search controls. Will default to SEARCH_SOLUTION_USE_CASE_SEARCH if not specified. Currently only allow one search_solution_use_case per control.",
+          "items": {
+            "enum": [
+              "SEARCH_SOLUTION_USE_CASE_UNSPECIFIED",
+              "SEARCH_SOLUTION_USE_CASE_SEARCH",
+              "SEARCH_SOLUTION_USE_CASE_BROWSE"
+            ],
+            "enumDescriptions": [
+              "The value when it's unspecified. In this case, server behavior defaults to SEARCH_SOLUTION_USE_CASE_SEARCH.",
+              "Search use case. Expects the traffic has a non-empty query.",
+              "Browse use case. Expects the traffic has an empty query."
+            ],
+            "type": "string"
+          },
+          "type": "array"
+        },
         "solutionTypes": {
-          "description": "Required. Immutable. The solution types that the serving config is used for. Currently we support setting only one type of solution at creation time. Only `SOLUTION_TYPE_SEARCH` value is supported at the moment. If no solution type is provided at creation time, will default to SOLUTION_TYPE_SEARCH.",
+          "description": "Required. Immutable. The solution types that the control is used for. Currently we support setting only one type of solution at creation time. Only `SOLUTION_TYPE_SEARCH` value is supported at the moment. If no solution type is provided at creation time, will default to SOLUTION_TYPE_SEARCH.",
           "items": {
             "enum": [
               "SOLUTION_TYPE_UNSPECIFIED",
@@ -3044,7 +3094,7 @@
       "id": "GoogleCloudRetailV2alphaCreateModelMetadata",
       "properties": {
         "model": {
-          "description": "The resource name of the model that this create applies to. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}",
+          "description": "The resource name of the model that this create applies to. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}`",
           "type": "string"
         }
       },
@@ -3092,7 +3142,7 @@
       "type": "object"
     },
     "GoogleCloudRetailV2alphaExportMetadata": {
-      "description": "Metadata related to the progress of the Export operation. This will be returned by the google.longrunning.Operation.metadata field.",
+      "description": "Metadata related to the progress of the Export operation. This is returned by the google.longrunning.Operation.metadata field.",
       "id": "GoogleCloudRetailV2alphaExportMetadata",
       "properties": {
         "createTime": {
@@ -3171,11 +3221,11 @@
       "type": "object"
     },
     "GoogleCloudRetailV2alphaGcsSource": {
-      "description": "Google Cloud Storage location for input content. format.",
+      "description": "Google Cloud Storage location for input content.",
       "id": "GoogleCloudRetailV2alphaGcsSource",
       "properties": {
         "dataSchema": {
-          "description": "The schema to use when parsing the data from the source. Supported values for product imports: * `product` (default): One JSON Product per line. Each product must have a valid Product.id. * `product_merchant_center`: See [Importing catalog data from Merchant Center](https://cloud.google.com/retail/recommendations-ai/docs/upload-catalog#mc). Supported values for user events imports: * `user_event` (default): One JSON UserEvent per line. * `user_event_ga360`: Using https://support.google.com/analytics/answer/3437719. Supported values for control imports: * 'control' (default): One JSON Control per line. Supported values for catalog attribute imports: * 'catalog_attribute' (default): One CSV CatalogAttribute per line.",
+          "description": "The schema to use when parsing the data from the source. Supported values for product imports: * `product` (default): One JSON Product per line. Each product must have a valid Product.id. * `product_merchant_center`: See [Importing catalog data from Merchant Center](https://cloud.google.com/retail/recommendations-ai/docs/upload-catalog#mc). Supported values for user events imports: * `user_event` (default): One JSON UserEvent per line. * `user_event_ga360`: Using https://support.google.com/analytics/answer/3437719. Supported values for control imports: * `control` (default): One JSON Control per line. Supported values for catalog attribute imports: * `catalog_attribute` (default): One CSV CatalogAttribute per line.",
           "type": "string"
         },
         "inputUris": {
@@ -3238,7 +3288,7 @@
           "description": "Required. The desired input location of the data."
         },
         "notificationPubsubTopic": {
-          "description": "Pub/Sub topic for receiving notification. If this field is set, when the import is finished, a notification will be sent to specified Pub/Sub topic. The message data will be JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`.",
+          "description": "Pub/Sub topic for receiving notification. If this field is set, when the import is finished, a notification is sent to specified Pub/Sub topic. The message data is JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`.",
           "type": "string"
         }
       },
@@ -3263,14 +3313,14 @@
       "id": "GoogleCloudRetailV2alphaImportErrorsConfig",
       "properties": {
         "gcsPrefix": {
-          "description": "Google Cloud Storage prefix for import errors. This must be an empty, existing Cloud Storage directory. Import errors will be written to sharded files in this directory, one per line, as a JSON-encoded `google.rpc.Status` message.",
+          "description": "Google Cloud Storage prefix for import errors. This must be an empty, existing Cloud Storage directory. Import errors are written to sharded files in this directory, one per line, as a JSON-encoded `google.rpc.Status` message.",
           "type": "string"
         }
       },
       "type": "object"
     },
     "GoogleCloudRetailV2alphaImportMetadata": {
-      "description": "Metadata related to the progress of the Import operation. This will be returned by the google.longrunning.Operation.metadata field.",
+      "description": "Metadata related to the progress of the Import operation. This is returned by the google.longrunning.Operation.metadata field.",
       "id": "GoogleCloudRetailV2alphaImportMetadata",
       "properties": {
         "createTime": {
@@ -3284,7 +3334,7 @@
           "type": "string"
         },
         "notificationPubsubTopic": {
-          "description": "Pub/Sub topic for receiving notification. If this field is set, when the import is finished, a notification will be sent to specified Pub/Sub topic. The message data will be JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`.",
+          "description": "Pub/Sub topic for receiving notification. If this field is set, when the import is finished, a notification is sent to specified Pub/Sub topic. The message data is JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`.",
           "type": "string"
         },
         "requestId": {
@@ -3321,7 +3371,7 @@
           "description": "Required. The desired input location of the data."
         },
         "notificationPubsubTopic": {
-          "description": "Full Pub/Sub topic name for receiving notification. If this field is set, when the import is finished, a notification will be sent to specified Pub/Sub topic. The message data will be JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`. It has to be within the same project as ImportProductsRequest.parent. Make sure that `service-@gcp-sa-retail.iam.gserviceaccount.com` has the `pubsub.topics.publish` IAM permission on the topic.",
+          "description": "Full Pub/Sub topic name for receiving notification. If this field is set, when the import is finished, a notification is sent to specified Pub/Sub topic. The message data is JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`. It has to be within the same project as ImportProductsRequest.parent. Make sure that `service-@gcp-sa-retail.iam.gserviceaccount.com` has the `pubsub.topics.publish` IAM permission on the topic.",
           "type": "string"
         },
         "reconciliationMode": {
@@ -3343,11 +3393,11 @@
           "type": "string"
         },
         "skipDefaultBranchProtection": {
-          "description": "If true, will perform the FULL import even if it would delete a large proportion of the products in the default branch, which could potentially cause outages if you have live predict/search traffic. Only supported when ImportProductsRequest.reconciliation_mode is set to `FULL`.",
+          "description": "If true, this performs the FULL import even if it would delete a large proportion of the products in the default branch, which could potentially cause outages if you have live predict/search traffic. Only supported when ImportProductsRequest.reconciliation_mode is set to `FULL`.",
           "type": "boolean"
         },
         "updateMask": {
-          "description": "Indicates which fields in the provided imported 'products' to update. If not set, will by default update all fields.",
+          "description": "Indicates which fields in the provided imported `products` to update. If not set, all fields are updated.",
           "format": "google-fieldmask",
           "type": "string"
         }
@@ -3606,7 +3656,7 @@
       "type": "object"
     },
     "GoogleCloudRetailV2alphaModel": {
-      "description": "Metadata that describes the training and serving parameters of a Model. A Model can be associated with a ServingConfig and then queried through the Predict api.",
+      "description": "Metadata that describes the training and serving parameters of a Model. A Model can be associated with a ServingConfig and then queried through the Predict API.",
       "id": "GoogleCloudRetailV2alphaModel",
       "properties": {
         "createTime": {
@@ -3616,14 +3666,14 @@
           "type": "string"
         },
         "dataState": {
-          "description": "Output only. The state of data requirements for this model: DATA_OK and DATA_ERROR. Recommendation model cannot be trained if the data is in DATA_ERROR state. Recommendation model can have DATA_ERROR state even if serving state is ACTIVE: models were trained successfully before, but cannot be refreshed because model no longer has sufficient data for training.",
+          "description": "Output only. The state of data requirements for this model: `DATA_OK` and `DATA_ERROR`. Recommendation model cannot be trained if the data is in `DATA_ERROR` state. Recommendation model can have `DATA_ERROR` state even if serving state is `ACTIVE`: models were trained successfully before, but cannot be refreshed because model no longer has sufficient data for training.",
           "enum": [
             "DATA_STATE_UNSPECIFIED",
             "DATA_OK",
             "DATA_ERROR"
           ],
           "enumDescriptions": [
-            "Unspecified default value - should never be explicitly set.",
+            "Unspecified default value, should never be explicitly set.",
             "The model has sufficient training data.",
             "The model does not have sufficient training data. Error messages can be queried via Stackdriver."
           ],
@@ -3631,11 +3681,11 @@
           "type": "string"
         },
         "displayName": {
-          "description": "Required. The display name of the model. Should be human readable, used to display Recommendation Models in the Retail Cloud Cosole Dashboard. UTF-8 encoded string with limit of 1024 characters.",
+          "description": "Required. The display name of the model. Should be human readable, used to display Recommendation Models in the Retail Cloud Console Dashboard. UTF-8 encoded string with limit of 1024 characters.",
           "type": "string"
         },
         "filteringOption": {
-          "description": "Optional. If RECOMMENDATIONS_FILTERING_ENABLED, recommendation filtering by attributes is enabled for the model.",
+          "description": "Optional. If `RECOMMENDATIONS_FILTERING_ENABLED`, recommendation filtering by attributes is enabled for the model.",
           "enum": [
             "RECOMMENDATIONS_FILTERING_OPTION_UNSPECIFIED",
             "RECOMMENDATIONS_FILTERING_DISABLED",
@@ -3655,7 +3705,7 @@
           "type": "string"
         },
         "name": {
-          "description": "Required. The fully qualified resource name of the model. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id} catalog_id has char limit of 50. recommendation_model_id has char limit of 40.",
+          "description": "Required. The fully qualified resource name of the model. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` catalog_id has char limit of 50. recommendation_model_id has char limit of 40.",
           "type": "string"
         },
         "optimizationObjective": {
@@ -3667,7 +3717,7 @@
           "description": "Optional. The page optimization config."
         },
         "periodicTuningState": {
-          "description": "Optional. The state of periodic tuning. The period we use is 3 months - to do a one-off tune earlier use the TuneModel method. Default value is PERIODIC_TUNING_ENABLED.",
+          "description": "Optional. The state of periodic tuning. The period we use is 3 months - to do a one-off tune earlier use the `TuneModel` method. Default value is `PERIODIC_TUNING_ENABLED`.",
           "enum": [
             "PERIODIC_TUNING_STATE_UNSPECIFIED",
             "PERIODIC_TUNING_DISABLED",
@@ -3675,10 +3725,10 @@
             "PERIODIC_TUNING_ENABLED"
           ],
           "enumDescriptions": [
-            "Unspecified default value - should never be explicitly set.",
-            "The model has periodic tuning disabled. Tuning can be reenabled by calling the EnableModelPeriodicTuning method or by calling the TuneModel method.",
-            "The model cannot be tuned with periodic tuning OR the TuneModel method. Hide the options in customer UI and reject any requests through the backend self serve API.",
-            "The model has periodic tuning enabled. Tuning can be disabled by calling the DisableModelPeriodicTuning method."
+            "Unspecified default value, should never be explicitly set.",
+            "The model has periodic tuning disabled. Tuning can be reenabled by calling the `EnableModelPeriodicTuning` method or by calling the `TuneModel` method.",
+            "The model cannot be tuned with periodic tuning OR the `TuneModel` method. Hide the options in customer UI and reject any requests through the backend self serve API.",
+            "The model has periodic tuning enabled. Tuning can be disabled by calling the `DisableModelPeriodicTuning` method."
           ],
           "type": "string"
         },
@@ -3691,7 +3741,7 @@
           "type": "array"
         },
         "servingState": {
-          "description": "Output only. The serving state of the model: ACTIVE, NOT_ACTIVE.",
+          "description": "Output only. The serving state of the model: `ACTIVE`, `NOT_ACTIVE`.",
           "enum": [
             "SERVING_STATE_UNSPECIFIED",
             "INACTIVE",
@@ -3702,13 +3752,13 @@
             "Unspecified serving state.",
             "The model is not serving.",
             "The model is serving and can be queried.",
-            "The model is trained on tuned hyperparameters, and can be queried."
+            "The model is trained on tuned hyperparameters and can be queried."
           ],
           "readOnly": true,
           "type": "string"
         },
         "trainingState": {
-          "description": "Optional. The training state that the model is in (e.g. TRAINING or PAUSED). Since part of the cost of running the service is frequency of training - this can be used to determine when to train model in order to control cost. If not specified: the default value for CreateModel method is TRAINING. the default value for UpdateModel method is to keep the state the same as before.",
+          "description": "Optional. The training state that the model is in (e.g. `TRAINING` or `PAUSED`). Since part of the cost of running the service is frequency of training - this can be used to determine when to train model in order to control cost. If not specified: the default value for `CreateModel` method is `TRAINING`. The default value for `UpdateModel` method is to keep the state the same as before.",
           "enum": [
             "TRAINING_STATE_UNSPECIFIED",
             "PAUSED",
@@ -3727,7 +3777,7 @@
           "type": "string"
         },
         "type": {
-          "description": "Required. The type of model e.g. `home-page`. Currently supported values: `recommended-for-you`, `others-you-may-like`, `frequently-bought-together`, `page-optimization`, 'similar-items', 'buy-it-again', `recently-viewed`(readonly value).",
+          "description": "Required. The type of model e.g. `home-page`. Currently supported values: `recommended-for-you`, `others-you-may-like`, `frequently-bought-together`, `page-optimization`, `similar-items`, `buy-it-again`, and `recently-viewed`(readonly value).",
           "type": "string"
         },
         "updateTime": {
@@ -3766,9 +3816,9 @@
           "enumDescriptions": [
             "Unspecified value for restriction.",
             "Allow any ServingConfig to be show on any number of panels. Example: `Panel1 candidates`: pdp_ctr, pdp_cvr, home_page_ctr_no_diversity `Panel2 candidates`: home_page_ctr_no_diversity, home_page_ctr_diversity, pdp_cvr_no_diversity `Restriction` = NO_RESTRICTION `Valid combinations`: * * (pdp_ctr, home_page_ctr_no_diversity) * (pdp_ctr, home_page_ctr_diversity) * (pdp_ctr, pdp_cvr_no_diversity) * (pdp_cvr, home_page_ctr_no_diversity) * (pdp_cvr, home_page_ctr_diversity) * (pdp_cvr, pdp_cvr_no_diversity) * (home_page_ctr_no_diversity, home_page_ctr_no_diversity) * (home_page_ctr_no_diversity, home_page_ctr_diversity) * (home_page_ctr_no_diversity, pdp_cvr_no_diversity) * `Invalid combinations`: []",
-            "Do not allow the same ServingConfig.name to be shown on multiple panels. Example: `Panel1 candidates`: * pdp_ctr, pdp_cvr, home_page_ctr_no_diversity * `Panel2 candidates`: * home_page_ctr_no_diversity, home_page_ctr_diversity_low, pdp_cvr_no_diversity * `Restriction` = UNIQUE_SERVING_CONFIG_RESTRICTION `Valid combinations`: * * (pdp_ctr, home_page_ctr_no_diversity) * (pdp_ctr, home_page_ctr_diversity_low) * (pdp_ctr, pdp_cvr_no_diversity) * (pdp_ctr, pdp_cvr_no_diversity) * (pdp_cvr, home_page_ctr_no_diversity) * (pdp_cvr, home_page_ctr_diversity_low) * (pdp_cvr, pdp_cvr_no_diversity) * (home_page_ctr_no_diversity, home_page_ctr_diversity_low) * (home_page_ctr_no_diversity, pdp_cvr_no_diversity) * `Invalid combinations`: * * (home_page_ctr_no_diversity, home_page_ctr_no_diversity) *",
-            "Do not allow multiple ServingConfigs with same Model.name to be show on on different panels. Example: `Panel1 candidates`: * pdp_ctr, pdp_cvr, home_page_ctr_no_diversity * `Panel2 candidates`: * home_page_ctr_no_diversity, home_page_ctr_diversity_low, pdp_cvr_no_diversity * `Restriction` = UNIQUE_MODEL_RESTRICTION `Valid combinations`: * * (pdp_ctr, home_page_ctr_no_diversity) * (pdp_ctr, home_page_ctr_diversity) * (pdp_ctr, pdp_cvr_no_diversity) * (pdp_ctr, pdp_cvr_no_diversity) * (pdp_cvr, home_page_ctr_no_diversity) * (pdp_cvr, home_page_ctr_diversity_low) * (home_page_ctr_no_diversity, pdp_cvr_no_diversity) * `Invalid combinations`: * * (home_page_ctr_no_diversity, home_page_ctr_no_diversity) * (pdp_cvr, pdp_cvr_no_diversity) *",
-            "Do not allow multiple ServingConfigs with same Model.type to be shown on different panels. Example: `Panel1 candidates`: * pdp_ctr, pdp_cvr, home_page_ctr_no_diversity * `Panel2 candidates`: * home_page_ctr_no_diversity, home_page_ctr_diversity_low, pdp_cvr_no_diversity * `Restriction` = UNIQUE_MODEL_RESTRICTION `Valid combinations`: * * (pdp_ctr, home_page_ctr_no_diversity) * (pdp_ctr, home_page_ctr_diversity) * (pdp_cvr, home_page_ctr_no_diversity) * (pdp_cvr, home_page_ctr_diversity_low) * (home_page_ctr_no_diversity, pdp_cvr_no_diversity) * `Invalid combinations`: * * (pdp_ctr, pdp_cvr_no_diversity) * (pdp_ctr, pdp_cvr_no_diversity) * (pdp_cvr, pdp_cvr_no_diversity) * (home_page_ctr_no_diversity, home_page_ctr_no_diversity) * (home_page_ctr_no_diversity, home_page_ctr_diversity) *"
+            "Do not allow the same ServingConfig.name to be shown on multiple panels. Example: `Panel1 candidates`: * pdp_ctr, pdp_cvr, home_page_ctr_no_diversity * `Panel2 candidates`: * home_page_ctr_no_diversity, home_page_ctr_diversity_low, pdp_cvr_no_diversity * `Restriction` = `UNIQUE_SERVING_CONFIG_RESTRICTION` `Valid combinations`: * * (pdp_ctr, home_page_ctr_no_diversity) * (pdp_ctr, home_page_ctr_diversity_low) * (pdp_ctr, pdp_cvr_no_diversity) * (pdp_ctr, pdp_cvr_no_diversity) * (pdp_cvr, home_page_ctr_no_diversity) * (pdp_cvr, home_page_ctr_diversity_low) * (pdp_cvr, pdp_cvr_no_diversity) * (home_page_ctr_no_diversity, home_page_ctr_diversity_low) * (home_page_ctr_no_diversity, pdp_cvr_no_diversity) * `Invalid combinations`: * * (home_page_ctr_no_diversity, home_page_ctr_no_diversity) *",
+            "Do not allow multiple ServingConfigs with same Model.name to be show on on different panels. Example: `Panel1 candidates`: * pdp_ctr, pdp_cvr, home_page_ctr_no_diversity * `Panel2 candidates`: * home_page_ctr_no_diversity, home_page_ctr_diversity_low, pdp_cvr_no_diversity * `Restriction` = `UNIQUE_MODEL_RESTRICTION` `Valid combinations`: * * (pdp_ctr, home_page_ctr_no_diversity) * (pdp_ctr, home_page_ctr_diversity) * (pdp_ctr, pdp_cvr_no_diversity) * (pdp_ctr, pdp_cvr_no_diversity) * (pdp_cvr, home_page_ctr_no_diversity) * (pdp_cvr, home_page_ctr_diversity_low) * (home_page_ctr_no_diversity, pdp_cvr_no_diversity) * `Invalid combinations`: * * (home_page_ctr_no_diversity, home_page_ctr_no_diversity) * (pdp_cvr, pdp_cvr_no_diversity) *",
+            "Do not allow multiple ServingConfigs with same Model.type to be shown on different panels. Example: `Panel1 candidates`: * pdp_ctr, pdp_cvr, home_page_ctr_no_diversity * `Panel2 candidates`: * home_page_ctr_no_diversity, home_page_ctr_diversity_low, pdp_cvr_no_diversity * `Restriction` = `UNIQUE_MODEL_RESTRICTION` `Valid combinations`: * * (pdp_ctr, home_page_ctr_no_diversity) * (pdp_ctr, home_page_ctr_diversity) * (pdp_cvr, home_page_ctr_no_diversity) * (pdp_cvr, home_page_ctr_diversity_low) * (home_page_ctr_no_diversity, pdp_cvr_no_diversity) * `Invalid combinations`: * * (pdp_ctr, pdp_cvr_no_diversity) * (pdp_ctr, pdp_cvr_no_diversity) * (pdp_cvr, pdp_cvr_no_diversity) * (home_page_ctr_no_diversity, home_page_ctr_no_diversity) * (home_page_ctr_no_diversity, home_page_ctr_diversity) *"
           ],
           "type": "string"
         }
@@ -3780,7 +3830,7 @@
       "id": "GoogleCloudRetailV2alphaModelPageOptimizationConfigCandidate",
       "properties": {
         "servingConfigId": {
-          "description": "This has to be a valid ServingConfig identifier. e.g. for a ServingConfig with full name: `projects/*/locations/global/catalogs/default_catalog/servingConfigs/my_candidate_config` this would be 'my_candidate_config'",
+          "description": "This has to be a valid ServingConfig identifier. For example, for a ServingConfig with full name: `projects/*/locations/global/catalogs/default_catalog/servingConfigs/my_candidate_config`, this would be `my_candidate_config`.",
           "type": "string"
         }
       },
@@ -3799,7 +3849,7 @@
         },
         "defaultCandidate": {
           "$ref": "GoogleCloudRetailV2alphaModelPageOptimizationConfigCandidate",
-          "description": "Required. The default candidate (in case the model fails at serving time, we can fall back to the default)."
+          "description": "Required. The default candidate. If the model fails at serving time, we fall back to the default."
         },
         "displayName": {
           "description": "Optional. The name to display for the panel.",
@@ -3809,11 +3859,11 @@
       "type": "object"
     },
     "GoogleCloudRetailV2alphaModelServingConfigList": {
-      "description": "Represents an ordered combination of valid serving configs, which / may be used for PAGE_OPTIMIZATION recommendations.",
+      "description": "Represents an ordered combination of valid serving configs, which can be used for `PAGE_OPTIMIZATION` recommendations.",
       "id": "GoogleCloudRetailV2alphaModelServingConfigList",
       "properties": {
         "servingConfigIds": {
-          "description": "Optional. A set of valid serving configs that may be used for PAGE_OPTIMIZATION.",
+          "description": "Optional. A set of valid serving configs that may be used for `PAGE_OPTIMIZATION`.",
           "items": {
             "type": "string"
           },
@@ -4038,7 +4088,7 @@
           "type": "array"
         },
         "categories": {
-          "description": "Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both [\"Shoes & Accessories\" -> \"Shoes\"] and [\"Sports & Fitness\" -> \"Athletic Clothing\" -> \"Shoes\"], it could be represented as: \"categories\": [ \"Shoes & Accessories > Shoes\", \"Sports & Fitness > Athletic Clothing > Shoes\" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436",
+          "description": "Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both [\"Shoes & Accessories\" -> \"Shoes\"] and [\"Sports & Fitness\" -> \"Athletic Clothing\" -> \"Shoes\"], it could be represented as: \"categories\": [ \"Shoes & Accessories > Shoes\", \"Sports & Fitness > Athletic Clothing > Shoes\" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436",
           "items": {
             "type": "string"
           },
@@ -4097,6 +4147,14 @@
           "description": "Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to \"en-US\" if unset.",
           "type": "string"
         },
+        "localInventories": {
+          "description": "Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.",
+          "items": {
+            "$ref": "GoogleCloudRetailV2alphaLocalInventory"
+          },
+          "readOnly": true,
+          "type": "array"
+        },
         "materials": {
           "description": "The material of the product. For example, \"leather\", \"wooden\". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).",
           "items": {
@@ -4423,7 +4481,7 @@
       "type": "object"
     },
     "GoogleCloudRetailV2alphaRejoinUserEventsMetadata": {
-      "description": "Metadata for RejoinUserEvents method.",
+      "description": "Metadata for `RejoinUserEvents` method.",
       "id": "GoogleCloudRetailV2alphaRejoinUserEventsMetadata",
       "properties": {},
       "type": "object"
@@ -4433,7 +4491,7 @@
       "id": "GoogleCloudRetailV2alphaRejoinUserEventsRequest",
       "properties": {
         "userEventRejoinScope": {
-          "description": "The type of the user event rejoin to define the scope and range of the user events to be rejoined with the latest product catalog. Defaults to USER_EVENT_REJOIN_SCOPE_UNSPECIFIED if this field is not set, or set to an invalid integer value.",
+          "description": "The type of the user event rejoin to define the scope and range of the user events to be rejoined with the latest product catalog. Defaults to `USER_EVENT_REJOIN_SCOPE_UNSPECIFIED` if this field is not set, or set to an invalid integer value.",
           "enum": [
             "USER_EVENT_REJOIN_SCOPE_UNSPECIFIED",
             "JOINED_EVENTS",
@@ -4450,7 +4508,7 @@
       "type": "object"
     },
     "GoogleCloudRetailV2alphaRejoinUserEventsResponse": {
-      "description": "Response message for RejoinUserEvents method.",
+      "description": "Response message for `RejoinUserEvents` method.",
       "id": "GoogleCloudRetailV2alphaRejoinUserEventsResponse",
       "properties": {
         "rejoinedUserEventsCount": {
@@ -4580,7 +4638,7 @@
       "type": "object"
     },
     "GoogleCloudRetailV2alphaRule": {
-      "description": "A rule is a condition-action pair * A condition defines when a rule is to be triggered. * An action specifies what occurs on that trigger. Currently only boost rules are supported. Currently only supported by the search endpoint.",
+      "description": "A rule is a condition-action pair * A condition defines when a rule is to be triggered. * An action specifies what occurs on that trigger. Currently rules only work for controls with SOLUTION_TYPE_SEARCH.",
       "id": "GoogleCloudRetailV2alphaRule",
       "properties": {
         "boostAction": {
@@ -4814,7 +4872,7 @@
           "type": "string"
         },
         "pageCategories": {
-          "description": "The categories associated with a category page. Required for category navigation queries to achieve good search quality. The format should be the same as UserEvent.page_categories; To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: \"pageCategories\" : [\"Sales > 2017 Black Friday Deals\"].",
+          "description": "The categories associated with a category page. Required for category navigation queries to achieve good search quality. The format should be the same as UserEvent.page_categories; To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: \"pageCategories\" : [\"Sales > 2017 Black Friday Deals\"].",
           "items": {
             "type": "string"
           },
@@ -4831,7 +4889,7 @@
         },
         "personalizationSpec": {
           "$ref": "GoogleCloudRetailV2alphaSearchRequestPersonalizationSpec",
-          "description": "The specification for personalization."
+          "description": "The specification for personalization. Notice that if both ServingConfig.personalization_spec and SearchRequest.personalization_spec are set. SearchRequest.personalization_spec will override ServingConfig.personalization_spec."
         },
         "query": {
           "description": "Raw search query. If this field is empty, the request is considered a category browsing request and returned results are based on filter and page_categories.",
@@ -4867,9 +4925,9 @@
             "FACETED_SEARCH_ONLY"
           ],
           "enumDescriptions": [
-            "Default value. In this case both product search and faceted search will be performed. Both [SearchResponse.SearchResult] and [SearchResponse.Facet] will be returned.",
-            "Only product search will be performed. The faceted search will be disabled. Only [SearchResponse.SearchResult] will be returned. [SearchResponse.Facet] will not be returned, even if SearchRequest.facet_specs or SearchRequest.dynamic_facet_spec is set.",
-            "Only faceted search will be performed. The product search will be disabled. When in this mode, one or both of SearchRequest.facet_specs and SearchRequest.dynamic_facet_spec should be set. Otherwise, an INVALID_ARGUMENT error is returned. Only [SearchResponse.Facet] will be returned. [SearchResponse.SearchResult] will not be returned."
+            "Default value. In this case both product search and faceted search will be performed. Both SearchResponse.SearchResult and SearchResponse.Facet will be returned.",
+            "Only product search will be performed. The faceted search will be disabled. Only SearchResponse.SearchResult will be returned. SearchResponse.Facet will not be returned, even if SearchRequest.facet_specs or SearchRequest.dynamic_facet_spec is set.",
+            "Only faceted search will be performed. The product search will be disabled. When in this mode, one or both of SearchRequest.facet_specs and SearchRequest.dynamic_facet_spec should be set. Otherwise, an INVALID_ARGUMENT error is returned. Only SearchResponse.Facet will be returned. SearchResponse.SearchResult will not be returned."
           ],
           "type": "string"
         },
@@ -5270,7 +5328,7 @@
       "type": "object"
     },
     "GoogleCloudRetailV2alphaServingConfig": {
-      "description": "Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions). The ServingConfig is passed in the search and predict request and together with the Catalog.default_branch, generates results.",
+      "description": "Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions).",
       "id": "GoogleCloudRetailV2alphaServingConfig",
       "properties": {
         "boostControlIds": {
@@ -5285,7 +5343,21 @@
           "type": "string"
         },
         "diversityLevel": {
-          "description": "How much diversity to use in recommendation model results e.g. 'medium-diversity' or 'high-diversity'. Currently supported values: * 'no-diversity' * 'low-diversity' * 'medium-diversity' * 'high-diversity' * 'auto-diversity' If not specified, we choose default based on recommendation model type. Default value: 'no-diversity'. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.",
+          "description": "How much diversity to use in recommendation model results e.g. `medium-diversity` or `high-diversity`. Currently supported values: * `no-diversity` * `low-diversity` * `medium-diversity` * `high-diversity` * `auto-diversity` If not specified, we choose default based on recommendation model type. Default value: `no-diversity`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.",
+          "type": "string"
+        },
+        "diversityType": {
+          "description": "What kind of diversity to use - data driven or rule based.",
+          "enum": [
+            "DIVERSITY_TYPE_UNSPECIFIED",
+            "RULE_BASED_DIVERSITY",
+            "DATA_DRIVEN_DIVERSITY"
+          ],
+          "enumDescriptions": [
+            "Default value.",
+            "Rule based diversity.",
+            "Data driven diversity."
+          ],
           "type": "string"
         },
         "doNotAssociateControlIds": {
@@ -5300,7 +5372,7 @@
           "description": "The specification for dynamically generated facets. Notice that only textual facets can be dynamically generated. Can only be set if solution_types is SOLUTION_TYPE_SEARCH."
         },
         "enableCategoryFilterLevel": {
-          "description": "Whether to add additional category filters on the 'similar-items' model. If not specified, we enable it by default. Allowed values are: * 'no-category-match': No additional filtering of original results from the model and the customer's filters. * 'relaxed-category-match': Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.",
+          "description": "Whether to add additional category filters on the `similar-items` model. If not specified, we enable it by default. Allowed values are: * `no-category-match`: No additional filtering of original results from the model and the customer's filters. * `relaxed-category-match`: Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.",
           "type": "string"
         },
         "facetControlIds": {
@@ -5325,7 +5397,7 @@
           "type": "array"
         },
         "modelId": {
-          "description": "The id of the model to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.",
+          "description": "The id of the model in the same Catalog to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.",
           "type": "string"
         },
         "name": {
@@ -5339,8 +5411,12 @@
           },
           "type": "array"
         },
+        "personalizationSpec": {
+          "$ref": "GoogleCloudRetailV2alphaSearchRequestPersonalizationSpec",
+          "description": "The specification for personalization spec. Can only be set if solution_types is SOLUTION_TYPE_SEARCH. Notice that if both ServingConfig.personalization_spec and SearchRequest.personalization_spec are set. SearchRequest.personalization_spec will override ServingConfig.personalization_spec."
+        },
         "priceRerankingLevel": {
-          "description": "How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * 'no-price-reranking' * 'low-price-raranking' * 'medium-price-reranking' * 'high-price-reranking' If not specified, we choose default based on model type. Default value: 'no-price-reranking'. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.",
+          "description": "How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * `no-price-reranking` * `low-price-raranking` * `medium-price-reranking` * `high-price-reranking` If not specified, we choose default based on model type. Default value: `no-price-reranking`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.",
           "type": "string"
         },
         "redirectControlIds": {
@@ -5462,7 +5538,7 @@
       "id": "GoogleCloudRetailV2alphaTuneModelMetadata",
       "properties": {
         "model": {
-          "description": "The resource name of the model that this tune applies to. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}",
+          "description": "The resource name of the model that this tune applies to. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}`",
           "type": "string"
         }
       },
@@ -5533,7 +5609,7 @@
           "type": "string"
         },
         "pageCategories": {
-          "description": "The categories associated with a category page. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: \"pageCategories\" : [\"Sales > 2017 Black Friday Deals\"]. Required for `category-page-view` events. At least one of search_query or page_categories is required for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.",
+          "description": "The categories associated with a category page. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: \"pageCategories\" : [\"Sales > 2017 Black Friday Deals\"]. Required for `category-page-view` events. At least one of search_query or page_categories is required for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.",
           "items": {
             "type": "string"
           },
@@ -5705,7 +5781,7 @@
       "type": "object"
     },
     "GoogleCloudRetailV2betaExportMetadata": {
-      "description": "Metadata related to the progress of the Export operation. This will be returned by the google.longrunning.Operation.metadata field.",
+      "description": "Metadata related to the progress of the Export operation. This is returned by the google.longrunning.Operation.metadata field.",
       "id": "GoogleCloudRetailV2betaExportMetadata",
       "properties": {
         "createTime": {
@@ -5784,14 +5860,14 @@
       "id": "GoogleCloudRetailV2betaImportErrorsConfig",
       "properties": {
         "gcsPrefix": {
-          "description": "Google Cloud Storage prefix for import errors. This must be an empty, existing Cloud Storage directory. Import errors will be written to sharded files in this directory, one per line, as a JSON-encoded `google.rpc.Status` message.",
+          "description": "Google Cloud Storage prefix for import errors. This must be an empty, existing Cloud Storage directory. Import errors are written to sharded files in this directory, one per line, as a JSON-encoded `google.rpc.Status` message.",
           "type": "string"
         }
       },
       "type": "object"
     },
     "GoogleCloudRetailV2betaImportMetadata": {
-      "description": "Metadata related to the progress of the Import operation. This will be returned by the google.longrunning.Operation.metadata field.",
+      "description": "Metadata related to the progress of the Import operation. This is returned by the google.longrunning.Operation.metadata field.",
       "id": "GoogleCloudRetailV2betaImportMetadata",
       "properties": {
         "createTime": {
@@ -5805,7 +5881,7 @@
           "type": "string"
         },
         "notificationPubsubTopic": {
-          "description": "Pub/Sub topic for receiving notification. If this field is set, when the import is finished, a notification will be sent to specified Pub/Sub topic. The message data will be JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`.",
+          "description": "Pub/Sub topic for receiving notification. If this field is set, when the import is finished, a notification is sent to specified Pub/Sub topic. The message data is JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`.",
           "type": "string"
         },
         "requestId": {
@@ -5898,13 +5974,13 @@
       "type": "object"
     },
     "GoogleCloudRetailV2betaRejoinUserEventsMetadata": {
-      "description": "Metadata for RejoinUserEvents method.",
+      "description": "Metadata for `RejoinUserEvents` method.",
       "id": "GoogleCloudRetailV2betaRejoinUserEventsMetadata",
       "properties": {},
       "type": "object"
     },
     "GoogleCloudRetailV2betaRejoinUserEventsResponse": {
-      "description": "Response message for RejoinUserEvents method.",
+      "description": "Response message for `RejoinUserEvents` method.",
       "id": "GoogleCloudRetailV2betaRejoinUserEventsResponse",
       "properties": {
         "rejoinedUserEventsCount": {
diff --git a/googleapiclient/discovery_cache/documents/retail.v2beta.json b/googleapiclient/discovery_cache/documents/retail.v2beta.json
index b105c064f43..ced8911adf6 100644
--- a/googleapiclient/discovery_cache/documents/retail.v2beta.json
+++ b/googleapiclient/discovery_cache/documents/retail.v2beta.json
@@ -112,7 +112,7 @@
             "catalogs": {
               "methods": {
                 "completeQuery": {
-                  "description": "Completes the specified prefix with keyword suggestions. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.",
+                  "description": "Completes the specified prefix with keyword suggestions. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.",
                   "flatPath": "v2beta/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}:completeQuery",
                   "httpMethod": "GET",
                   "id": "retail.projects.locations.catalogs.completeQuery",
@@ -203,7 +203,7 @@
                   ],
                   "parameters": {
                     "name": {
-                      "description": "Required. Full CompletionConfig resource name. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/completionConfig",
+                      "description": "Required. Full CompletionConfig resource name. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/completionConfig`",
                       "location": "path",
                       "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+/completionConfig$",
                       "required": true,
@@ -561,7 +561,7 @@
                     "products": {
                       "methods": {
                         "addFulfillmentPlaces": {
-                          "description": "Incrementally adds place IDs to Product.fulfillment_info.place_ids. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, the added place IDs are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.",
+                          "description": "Incrementally adds place IDs to Product.fulfillment_info.place_ids. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, the added place IDs are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. The returned Operations will be obsolete after 1 day, and GetOperation API will return NOT_FOUND afterwards. If conflicting updates are issued, the Operations associated with the stale updates will not be marked as done until being obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.",
                           "flatPath": "v2beta/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/branches/{branchesId}/products/{productsId}:addFulfillmentPlaces",
                           "httpMethod": "POST",
                           "id": "retail.projects.locations.catalogs.branches.products.addFulfillmentPlaces",
@@ -589,7 +589,7 @@
                           ]
                         },
                         "addLocalInventories": {
-                          "description": "Updates local inventory information for a Product at a list of places, while respecting the last update timestamps of each inventory field. This process is asynchronous and does not require the Product to exist before updating inventory information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, updates are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. Local inventory information can only be modified using this method. ProductService.CreateProduct and ProductService.UpdateProduct has no effect on local inventories. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.",
+                          "description": "Updates local inventory information for a Product at a list of places, while respecting the last update timestamps of each inventory field. This process is asynchronous and does not require the Product to exist before updating inventory information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, updates are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. Local inventory information can only be modified using this method. ProductService.CreateProduct and ProductService.UpdateProduct has no effect on local inventories. The returned Operations will be obsolete after 1 day, and GetOperation API will return NOT_FOUND afterwards. If conflicting updates are issued, the Operations associated with the stale updates will not be marked as done until being obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.",
                           "flatPath": "v2beta/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/branches/{branchesId}/products/{productsId}:addLocalInventories",
                           "httpMethod": "POST",
                           "id": "retail.projects.locations.catalogs.branches.products.addLocalInventories",
@@ -814,7 +814,7 @@
                           ]
                         },
                         "removeFulfillmentPlaces": {
-                          "description": "Incrementally removes place IDs from a Product.fulfillment_info.place_ids. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, the removed place IDs are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.",
+                          "description": "Incrementally removes place IDs from a Product.fulfillment_info.place_ids. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, the removed place IDs are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. The returned Operations will be obsolete after 1 day, and GetOperation API will return NOT_FOUND afterwards. If conflicting updates are issued, the Operations associated with the stale updates will not be marked as done until being obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.",
                           "flatPath": "v2beta/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/branches/{branchesId}/products/{productsId}:removeFulfillmentPlaces",
                           "httpMethod": "POST",
                           "id": "retail.projects.locations.catalogs.branches.products.removeFulfillmentPlaces",
@@ -842,7 +842,7 @@
                           ]
                         },
                         "removeLocalInventories": {
-                          "description": "Remove local inventory information for a Product at a list of places at a removal timestamp. This process is asynchronous. If the request is valid, the removal will be enqueued and processed downstream. As a consequence, when a response is returned, removals are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. Local inventory information can only be removed using this method. ProductService.CreateProduct and ProductService.UpdateProduct has no effect on local inventories. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.",
+                          "description": "Remove local inventory information for a Product at a list of places at a removal timestamp. This process is asynchronous. If the request is valid, the removal will be enqueued and processed downstream. As a consequence, when a response is returned, removals are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. Local inventory information can only be removed using this method. ProductService.CreateProduct and ProductService.UpdateProduct has no effect on local inventories. The returned Operations will be obsolete after 1 day, and GetOperation API will return NOT_FOUND afterwards. If conflicting updates are issued, the Operations associated with the stale updates will not be marked as done until being obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.",
                           "flatPath": "v2beta/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/branches/{branchesId}/products/{productsId}:removeLocalInventories",
                           "httpMethod": "POST",
                           "id": "retail.projects.locations.catalogs.branches.products.removeLocalInventories",
@@ -870,7 +870,7 @@
                           ]
                         },
                         "setInventory": {
-                          "description": "Updates inventory information for a Product while respecting the last update timestamps of each inventory field. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update will be enqueued and processed downstream. As a consequence, when a response is returned, updates are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. When inventory is updated with ProductService.CreateProduct and ProductService.UpdateProduct, the specified inventory field value(s) will overwrite any existing value(s) while ignoring the last update time for this field. Furthermore, the last update time for the specified inventory fields will be overwritten to the time of the ProductService.CreateProduct or ProductService.UpdateProduct request. If no inventory fields are set in CreateProductRequest.product, then any pre-existing inventory information for this product will be used. If no inventory fields are set in SetInventoryRequest.set_mask, then any existing inventory information will be preserved. Pre-existing inventory information can only be updated with ProductService.SetInventory, ProductService.AddFulfillmentPlaces, and ProductService.RemoveFulfillmentPlaces. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.",
+                          "description": "Updates inventory information for a Product while respecting the last update timestamps of each inventory field. This process is asynchronous and does not require the Product to exist before updating fulfillment information. If the request is valid, the update is enqueued and processed downstream. As a consequence, when a response is returned, updates are not immediately manifested in the Product queried by ProductService.GetProduct or ProductService.ListProducts. When inventory is updated with ProductService.CreateProduct and ProductService.UpdateProduct, the specified inventory field value(s) overwrite any existing value(s) while ignoring the last update time for this field. Furthermore, the last update times for the specified inventory fields are overwritten by the times of the ProductService.CreateProduct or ProductService.UpdateProduct request. If no inventory fields are set in CreateProductRequest.product, then any pre-existing inventory information for this product is used. If no inventory fields are set in SetInventoryRequest.set_mask, then any existing inventory information is preserved. Pre-existing inventory information can only be updated with ProductService.SetInventory, ProductService.AddFulfillmentPlaces, and ProductService.RemoveFulfillmentPlaces. The returned Operations is obsolete after one day, and the GetOperation API returns `NOT_FOUND` afterwards. If conflicting updates are issued, the Operations associated with the stale updates are not marked as done until they are obsolete. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.",
                           "flatPath": "v2beta/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/branches/{branchesId}/products/{productsId}:setInventory",
                           "httpMethod": "POST",
                           "id": "retail.projects.locations.catalogs.branches.products.setInventory",
@@ -904,7 +904,7 @@
                 "completionData": {
                   "methods": {
                     "import": {
-                      "description": "Bulk import of processed completion dataset. Request processing is asynchronous. Partial updating is not supported. The operation is successfully finished only after the imported suggestions are indexed successfully and ready for serving. The process takes hours. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.",
+                      "description": "Bulk import of processed completion dataset. Request processing is asynchronous. Partial updating is not supported. The operation is successfully finished only after the imported suggestions are indexed successfully and ready for serving. The process takes hours. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.",
                       "flatPath": "v2beta/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/completionData:import",
                       "httpMethod": "POST",
                       "id": "retail.projects.locations.catalogs.completionData.import",
@@ -1003,7 +1003,7 @@
                       ],
                       "parameters": {
                         "name": {
-                          "description": "Required. The resource name of the Control to delete. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/controls/{control_id}`",
+                          "description": "Required. The resource name of the Control to get. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/controls/{control_id}`",
                           "location": "path",
                           "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+/controls/[^/]+$",
                           "required": true,
@@ -1019,7 +1019,7 @@
                       ]
                     },
                     "list": {
-                      "description": "Lists all Controls linked to this catalog.",
+                      "description": "Lists all Controls by their parent Catalog.",
                       "flatPath": "v2beta/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/controls",
                       "httpMethod": "GET",
                       "id": "retail.projects.locations.catalogs.controls.list",
@@ -1060,7 +1060,7 @@
                       ]
                     },
                     "patch": {
-                      "description": "Updates a Control. Control cannot be set to a different oneof field, if so an INVALID_ARGUMENT is returned. If the Control to delete does not exist, a NOT_FOUND error is returned.",
+                      "description": "Updates a Control. Control cannot be set to a different oneof field, if so an INVALID_ARGUMENT is returned. If the Control to update does not exist, a NOT_FOUND error is returned.",
                       "flatPath": "v2beta/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/controls/{controlsId}",
                       "httpMethod": "PATCH",
                       "id": "retail.projects.locations.catalogs.controls.patch",
@@ -1095,6 +1095,222 @@
                     }
                   }
                 },
+                "models": {
+                  "methods": {
+                    "create": {
+                      "description": "Creates a new model.",
+                      "flatPath": "v2beta/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/models",
+                      "httpMethod": "POST",
+                      "id": "retail.projects.locations.catalogs.models.create",
+                      "parameterOrder": [
+                        "parent"
+                      ],
+                      "parameters": {
+                        "dryRun": {
+                          "description": "Optional. Whether to run a dry run to validate the request (without actually creating the model).",
+                          "location": "query",
+                          "type": "boolean"
+                        },
+                        "parent": {
+                          "description": "Required. The parent resource under which to create the model. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}`",
+                          "location": "path",
+                          "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+$",
+                          "required": true,
+                          "type": "string"
+                        }
+                      },
+                      "path": "v2beta/{+parent}/models",
+                      "request": {
+                        "$ref": "GoogleCloudRetailV2betaModel"
+                      },
+                      "response": {
+                        "$ref": "GoogleLongrunningOperation"
+                      },
+                      "scopes": [
+                        "https://www.googleapis.com/auth/cloud-platform"
+                      ]
+                    },
+                    "delete": {
+                      "description": "Deletes an existing model.",
+                      "flatPath": "v2beta/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/models/{modelsId}",
+                      "httpMethod": "DELETE",
+                      "id": "retail.projects.locations.catalogs.models.delete",
+                      "parameterOrder": [
+                        "name"
+                      ],
+                      "parameters": {
+                        "name": {
+                          "description": "Required. The resource name of the Model to delete. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}`",
+                          "location": "path",
+                          "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+/models/[^/]+$",
+                          "required": true,
+                          "type": "string"
+                        }
+                      },
+                      "path": "v2beta/{+name}",
+                      "response": {
+                        "$ref": "GoogleProtobufEmpty"
+                      },
+                      "scopes": [
+                        "https://www.googleapis.com/auth/cloud-platform"
+                      ]
+                    },
+                    "list": {
+                      "description": "Lists all the models linked to this event store.",
+                      "flatPath": "v2beta/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/models",
+                      "httpMethod": "GET",
+                      "id": "retail.projects.locations.catalogs.models.list",
+                      "parameterOrder": [
+                        "parent"
+                      ],
+                      "parameters": {
+                        "pageSize": {
+                          "description": "Optional. Maximum number of results to return. If unspecified, defaults to 50. Max allowed value is 1000.",
+                          "format": "int32",
+                          "location": "query",
+                          "type": "integer"
+                        },
+                        "pageToken": {
+                          "description": "Optional. A page token, received from a previous `ListModels` call. Provide this to retrieve the subsequent page.",
+                          "location": "query",
+                          "type": "string"
+                        },
+                        "parent": {
+                          "description": "Required. The parent for which to list models. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}`",
+                          "location": "path",
+                          "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+$",
+                          "required": true,
+                          "type": "string"
+                        }
+                      },
+                      "path": "v2beta/{+parent}/models",
+                      "response": {
+                        "$ref": "GoogleCloudRetailV2betaListModelsResponse"
+                      },
+                      "scopes": [
+                        "https://www.googleapis.com/auth/cloud-platform"
+                      ]
+                    },
+                    "patch": {
+                      "description": "Update of model metadata. Only fields that currently can be updated are: `filtering_option` and `periodic_tuning_state`. If other values are provided, this API method ignores them.",
+                      "flatPath": "v2beta/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/models/{modelsId}",
+                      "httpMethod": "PATCH",
+                      "id": "retail.projects.locations.catalogs.models.patch",
+                      "parameterOrder": [
+                        "name"
+                      ],
+                      "parameters": {
+                        "name": {
+                          "description": "Required. The fully qualified resource name of the model. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` catalog_id has char limit of 50. recommendation_model_id has char limit of 40.",
+                          "location": "path",
+                          "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+/models/[^/]+$",
+                          "required": true,
+                          "type": "string"
+                        },
+                        "updateMask": {
+                          "description": "Optional. Indicates which fields in the provided 'model' to update. If not set, by default updates all fields.",
+                          "format": "google-fieldmask",
+                          "location": "query",
+                          "type": "string"
+                        }
+                      },
+                      "path": "v2beta/{+name}",
+                      "request": {
+                        "$ref": "GoogleCloudRetailV2betaModel"
+                      },
+                      "response": {
+                        "$ref": "GoogleCloudRetailV2betaModel"
+                      },
+                      "scopes": [
+                        "https://www.googleapis.com/auth/cloud-platform"
+                      ]
+                    },
+                    "pause": {
+                      "description": "Pauses the training of an existing model.",
+                      "flatPath": "v2beta/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/models/{modelsId}:pause",
+                      "httpMethod": "POST",
+                      "id": "retail.projects.locations.catalogs.models.pause",
+                      "parameterOrder": [
+                        "name"
+                      ],
+                      "parameters": {
+                        "name": {
+                          "description": "Required. The name of the model to pause. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}`",
+                          "location": "path",
+                          "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+/models/[^/]+$",
+                          "required": true,
+                          "type": "string"
+                        }
+                      },
+                      "path": "v2beta/{+name}:pause",
+                      "request": {
+                        "$ref": "GoogleCloudRetailV2betaPauseModelRequest"
+                      },
+                      "response": {
+                        "$ref": "GoogleCloudRetailV2betaModel"
+                      },
+                      "scopes": [
+                        "https://www.googleapis.com/auth/cloud-platform"
+                      ]
+                    },
+                    "resume": {
+                      "description": "Resumes the training of an existing model.",
+                      "flatPath": "v2beta/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/models/{modelsId}:resume",
+                      "httpMethod": "POST",
+                      "id": "retail.projects.locations.catalogs.models.resume",
+                      "parameterOrder": [
+                        "name"
+                      ],
+                      "parameters": {
+                        "name": {
+                          "description": "Required. The name of the model to resume. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}`",
+                          "location": "path",
+                          "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+/models/[^/]+$",
+                          "required": true,
+                          "type": "string"
+                        }
+                      },
+                      "path": "v2beta/{+name}:resume",
+                      "request": {
+                        "$ref": "GoogleCloudRetailV2betaResumeModelRequest"
+                      },
+                      "response": {
+                        "$ref": "GoogleCloudRetailV2betaModel"
+                      },
+                      "scopes": [
+                        "https://www.googleapis.com/auth/cloud-platform"
+                      ]
+                    },
+                    "tune": {
+                      "description": "Tunes an existing model.",
+                      "flatPath": "v2beta/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/models/{modelsId}:tune",
+                      "httpMethod": "POST",
+                      "id": "retail.projects.locations.catalogs.models.tune",
+                      "parameterOrder": [
+                        "name"
+                      ],
+                      "parameters": {
+                        "name": {
+                          "description": "Required. The resource name of the model to tune. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}`",
+                          "location": "path",
+                          "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+/models/[^/]+$",
+                          "required": true,
+                          "type": "string"
+                        }
+                      },
+                      "path": "v2beta/{+name}:tune",
+                      "request": {
+                        "$ref": "GoogleCloudRetailV2betaTuneModelRequest"
+                      },
+                      "response": {
+                        "$ref": "GoogleLongrunningOperation"
+                      },
+                      "scopes": [
+                        "https://www.googleapis.com/auth/cloud-platform"
+                      ]
+                    }
+                  }
+                },
                 "operations": {
                   "methods": {
                     "get": {
@@ -1196,7 +1412,7 @@
                       ]
                     },
                     "search": {
-                      "description": "Performs a search. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.",
+                      "description": "Performs a search. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.",
                       "flatPath": "v2beta/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/placements/{placementsId}:search",
                       "httpMethod": "POST",
                       "id": "retail.projects.locations.catalogs.placements.search",
@@ -1237,7 +1453,7 @@
                       ],
                       "parameters": {
                         "servingConfig": {
-                          "description": "Required. The source ServingConfig resource name . Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/servingConfigs/{serving_config_id}",
+                          "description": "Required. The source ServingConfig resource name . Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/servingConfigs/{serving_config_id}`",
                           "location": "path",
                           "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+/servingConfigs/[^/]+$",
                           "required": true,
@@ -1298,7 +1514,7 @@
                       ],
                       "parameters": {
                         "name": {
-                          "description": "Required. The resource name of the ServingConfig to delete. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/servingConfigs/{serving_config_id}",
+                          "description": "Required. The resource name of the ServingConfig to delete. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/servingConfigs/{serving_config_id}`",
                           "location": "path",
                           "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+/servingConfigs/[^/]+$",
                           "required": true,
@@ -1323,7 +1539,7 @@
                       ],
                       "parameters": {
                         "name": {
-                          "description": "Required. The resource name of the ServingConfig to get. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/servingConfigs/{serving_config_id}",
+                          "description": "Required. The resource name of the ServingConfig to get. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/servingConfigs/{serving_config_id}`",
                           "location": "path",
                           "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+/servingConfigs/[^/]+$",
                           "required": true,
@@ -1359,7 +1575,7 @@
                           "type": "string"
                         },
                         "parent": {
-                          "description": "Required. The catalog resource name. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}",
+                          "description": "Required. The catalog resource name. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}`",
                           "location": "path",
                           "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+$",
                           "required": true,
@@ -1446,7 +1662,7 @@
                       ],
                       "parameters": {
                         "servingConfig": {
-                          "description": "Required. The source ServingConfig resource name . Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/servingConfigs/{serving_config_id}",
+                          "description": "Required. The source ServingConfig resource name . Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/servingConfigs/{serving_config_id}`",
                           "location": "path",
                           "pattern": "^projects/[^/]+/locations/[^/]+/catalogs/[^/]+/servingConfigs/[^/]+$",
                           "required": true,
@@ -1465,7 +1681,7 @@
                       ]
                     },
                     "search": {
-                      "description": "Performs a search. This feature is only available for users who have Retail Search enabled. Please enable Retail Search on Cloud Console before using this feature.",
+                      "description": "Performs a search. This feature is only available for users who have Retail Search enabled. Enable Retail Search on Cloud Console before using this feature.",
                       "flatPath": "v2beta/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/servingConfigs/{servingConfigsId}:search",
                       "httpMethod": "POST",
                       "id": "retail.projects.locations.catalogs.servingConfigs.search",
@@ -1538,7 +1754,7 @@
                       ]
                     },
                     "import": {
-                      "description": "Bulk import of User events. Request processing might be synchronous. Events that already exist are skipped. Use this method for backfilling historical user events. Operation.response is of type ImportResponse. Note that it is possible for a subset of the items to be successfully inserted. Operation.metadata is of type ImportMetadata.",
+                      "description": "Bulk import of User events. Request processing might be synchronous. Events that already exist are skipped. Use this method for backfilling historical user events. `Operation.response` is of type `ImportResponse`. Note that it is possible for a subset of the items to be successfully inserted. `Operation.metadata` is of type `ImportMetadata`.",
                       "flatPath": "v2beta/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/userEvents:import",
                       "httpMethod": "POST",
                       "id": "retail.projects.locations.catalogs.userEvents.import",
@@ -1594,7 +1810,7 @@
                       ]
                     },
                     "rejoin": {
-                      "description": "Starts a user event rejoin operation with latest product catalog. Events will not be annotated with detailed product information if product is missing from the catalog at the time the user event is ingested, and these events are stored as unjoined events with a limited usage on training and serving. This method can be used to start a join operation on specified events with latest version of product catalog. It can also be used to correct events joined with the wrong product catalog. A rejoin operation can take hours or days to complete.",
+                      "description": "Starts a user-event rejoin operation with latest product catalog. Events are not annotated with detailed product information for products that are missing from the catalog when the user event is ingested. These events are stored as unjoined events with limited usage on training and serving. You can use this method to start a join operation on specified events with the latest version of product catalog. You can also use this method to correct events joined with the wrong product catalog. A rejoin operation can take hours or days to complete.",
                       "flatPath": "v2beta/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/userEvents:rejoin",
                       "httpMethod": "POST",
                       "id": "retail.projects.locations.catalogs.userEvents.rejoin",
@@ -1798,7 +2014,7 @@
       }
     }
   },
-  "revision": "20220811",
+  "revision": "20220822",
   "rootUrl": "https://retail.googleapis.com/",
   "schemas": {
     "GoogleApiHttpBody": {
@@ -1994,14 +2210,14 @@
       "id": "GoogleCloudRetailV2ImportErrorsConfig",
       "properties": {
         "gcsPrefix": {
-          "description": "Google Cloud Storage prefix for import errors. This must be an empty, existing Cloud Storage directory. Import errors will be written to sharded files in this directory, one per line, as a JSON-encoded `google.rpc.Status` message.",
+          "description": "Google Cloud Storage prefix for import errors. This must be an empty, existing Cloud Storage directory. Import errors are written to sharded files in this directory, one per line, as a JSON-encoded `google.rpc.Status` message.",
           "type": "string"
         }
       },
       "type": "object"
     },
     "GoogleCloudRetailV2ImportMetadata": {
-      "description": "Metadata related to the progress of the Import operation. This will be returned by the google.longrunning.Operation.metadata field.",
+      "description": "Metadata related to the progress of the Import operation. This is returned by the google.longrunning.Operation.metadata field.",
       "id": "GoogleCloudRetailV2ImportMetadata",
       "properties": {
         "createTime": {
@@ -2015,7 +2231,7 @@
           "type": "string"
         },
         "notificationPubsubTopic": {
-          "description": "Pub/Sub topic for receiving notification. If this field is set, when the import is finished, a notification will be sent to specified Pub/Sub topic. The message data will be JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`.",
+          "description": "Pub/Sub topic for receiving notification. If this field is set, when the import is finished, a notification is sent to specified Pub/Sub topic. The message data is JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`.",
           "type": "string"
         },
         "requestId": {
@@ -2094,13 +2310,13 @@
       "type": "object"
     },
     "GoogleCloudRetailV2RejoinUserEventsMetadata": {
-      "description": "Metadata for RejoinUserEvents method.",
+      "description": "Metadata for `RejoinUserEvents` method.",
       "id": "GoogleCloudRetailV2RejoinUserEventsMetadata",
       "properties": {},
       "type": "object"
     },
     "GoogleCloudRetailV2RejoinUserEventsResponse": {
-      "description": "Response message for RejoinUserEvents method.",
+      "description": "Response message for `RejoinUserEvents` method.",
       "id": "GoogleCloudRetailV2RejoinUserEventsResponse",
       "properties": {
         "rejoinedUserEventsCount": {
@@ -2208,7 +2424,7 @@
       "id": "GoogleCloudRetailV2alphaCreateModelMetadata",
       "properties": {
         "model": {
-          "description": "The resource name of the model that this create applies to. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}",
+          "description": "The resource name of the model that this create applies to. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}`",
           "type": "string"
         }
       },
@@ -2226,7 +2442,7 @@
       "type": "object"
     },
     "GoogleCloudRetailV2alphaExportMetadata": {
-      "description": "Metadata related to the progress of the Export operation. This will be returned by the google.longrunning.Operation.metadata field.",
+      "description": "Metadata related to the progress of the Export operation. This is returned by the google.longrunning.Operation.metadata field.",
       "id": "GoogleCloudRetailV2alphaExportMetadata",
       "properties": {
         "createTime": {
@@ -2305,14 +2521,14 @@
       "id": "GoogleCloudRetailV2alphaImportErrorsConfig",
       "properties": {
         "gcsPrefix": {
-          "description": "Google Cloud Storage prefix for import errors. This must be an empty, existing Cloud Storage directory. Import errors will be written to sharded files in this directory, one per line, as a JSON-encoded `google.rpc.Status` message.",
+          "description": "Google Cloud Storage prefix for import errors. This must be an empty, existing Cloud Storage directory. Import errors are written to sharded files in this directory, one per line, as a JSON-encoded `google.rpc.Status` message.",
           "type": "string"
         }
       },
       "type": "object"
     },
     "GoogleCloudRetailV2alphaImportMetadata": {
-      "description": "Metadata related to the progress of the Import operation. This will be returned by the google.longrunning.Operation.metadata field.",
+      "description": "Metadata related to the progress of the Import operation. This is returned by the google.longrunning.Operation.metadata field.",
       "id": "GoogleCloudRetailV2alphaImportMetadata",
       "properties": {
         "createTime": {
@@ -2326,7 +2542,7 @@
           "type": "string"
         },
         "notificationPubsubTopic": {
-          "description": "Pub/Sub topic for receiving notification. If this field is set, when the import is finished, a notification will be sent to specified Pub/Sub topic. The message data will be JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`.",
+          "description": "Pub/Sub topic for receiving notification. If this field is set, when the import is finished, a notification is sent to specified Pub/Sub topic. The message data is JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`.",
           "type": "string"
         },
         "requestId": {
@@ -2391,7 +2607,7 @@
       "type": "object"
     },
     "GoogleCloudRetailV2alphaModel": {
-      "description": "Metadata that describes the training and serving parameters of a Model. A Model can be associated with a ServingConfig and then queried through the Predict api.",
+      "description": "Metadata that describes the training and serving parameters of a Model. A Model can be associated with a ServingConfig and then queried through the Predict API.",
       "id": "GoogleCloudRetailV2alphaModel",
       "properties": {
         "createTime": {
@@ -2401,14 +2617,14 @@
           "type": "string"
         },
         "dataState": {
-          "description": "Output only. The state of data requirements for this model: DATA_OK and DATA_ERROR. Recommendation model cannot be trained if the data is in DATA_ERROR state. Recommendation model can have DATA_ERROR state even if serving state is ACTIVE: models were trained successfully before, but cannot be refreshed because model no longer has sufficient data for training.",
+          "description": "Output only. The state of data requirements for this model: `DATA_OK` and `DATA_ERROR`. Recommendation model cannot be trained if the data is in `DATA_ERROR` state. Recommendation model can have `DATA_ERROR` state even if serving state is `ACTIVE`: models were trained successfully before, but cannot be refreshed because model no longer has sufficient data for training.",
           "enum": [
             "DATA_STATE_UNSPECIFIED",
             "DATA_OK",
             "DATA_ERROR"
           ],
           "enumDescriptions": [
-            "Unspecified default value - should never be explicitly set.",
+            "Unspecified default value, should never be explicitly set.",
             "The model has sufficient training data.",
             "The model does not have sufficient training data. Error messages can be queried via Stackdriver."
           ],
@@ -2416,11 +2632,11 @@
           "type": "string"
         },
         "displayName": {
-          "description": "Required. The display name of the model. Should be human readable, used to display Recommendation Models in the Retail Cloud Cosole Dashboard. UTF-8 encoded string with limit of 1024 characters.",
+          "description": "Required. The display name of the model. Should be human readable, used to display Recommendation Models in the Retail Cloud Console Dashboard. UTF-8 encoded string with limit of 1024 characters.",
           "type": "string"
         },
         "filteringOption": {
-          "description": "Optional. If RECOMMENDATIONS_FILTERING_ENABLED, recommendation filtering by attributes is enabled for the model.",
+          "description": "Optional. If `RECOMMENDATIONS_FILTERING_ENABLED`, recommendation filtering by attributes is enabled for the model.",
           "enum": [
             "RECOMMENDATIONS_FILTERING_OPTION_UNSPECIFIED",
             "RECOMMENDATIONS_FILTERING_DISABLED",
@@ -2440,7 +2656,7 @@
           "type": "string"
         },
         "name": {
-          "description": "Required. The fully qualified resource name of the model. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id} catalog_id has char limit of 50. recommendation_model_id has char limit of 40.",
+          "description": "Required. The fully qualified resource name of the model. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` catalog_id has char limit of 50. recommendation_model_id has char limit of 40.",
           "type": "string"
         },
         "optimizationObjective": {
@@ -2452,7 +2668,7 @@
           "description": "Optional. The page optimization config."
         },
         "periodicTuningState": {
-          "description": "Optional. The state of periodic tuning. The period we use is 3 months - to do a one-off tune earlier use the TuneModel method. Default value is PERIODIC_TUNING_ENABLED.",
+          "description": "Optional. The state of periodic tuning. The period we use is 3 months - to do a one-off tune earlier use the `TuneModel` method. Default value is `PERIODIC_TUNING_ENABLED`.",
           "enum": [
             "PERIODIC_TUNING_STATE_UNSPECIFIED",
             "PERIODIC_TUNING_DISABLED",
@@ -2460,10 +2676,10 @@
             "PERIODIC_TUNING_ENABLED"
           ],
           "enumDescriptions": [
-            "Unspecified default value - should never be explicitly set.",
-            "The model has periodic tuning disabled. Tuning can be reenabled by calling the EnableModelPeriodicTuning method or by calling the TuneModel method.",
-            "The model cannot be tuned with periodic tuning OR the TuneModel method. Hide the options in customer UI and reject any requests through the backend self serve API.",
-            "The model has periodic tuning enabled. Tuning can be disabled by calling the DisableModelPeriodicTuning method."
+            "Unspecified default value, should never be explicitly set.",
+            "The model has periodic tuning disabled. Tuning can be reenabled by calling the `EnableModelPeriodicTuning` method or by calling the `TuneModel` method.",
+            "The model cannot be tuned with periodic tuning OR the `TuneModel` method. Hide the options in customer UI and reject any requests through the backend self serve API.",
+            "The model has periodic tuning enabled. Tuning can be disabled by calling the `DisableModelPeriodicTuning` method."
           ],
           "type": "string"
         },
@@ -2476,7 +2692,7 @@
           "type": "array"
         },
         "servingState": {
-          "description": "Output only. The serving state of the model: ACTIVE, NOT_ACTIVE.",
+          "description": "Output only. The serving state of the model: `ACTIVE`, `NOT_ACTIVE`.",
           "enum": [
             "SERVING_STATE_UNSPECIFIED",
             "INACTIVE",
@@ -2487,13 +2703,13 @@
             "Unspecified serving state.",
             "The model is not serving.",
             "The model is serving and can be queried.",
-            "The model is trained on tuned hyperparameters, and can be queried."
+            "The model is trained on tuned hyperparameters and can be queried."
           ],
           "readOnly": true,
           "type": "string"
         },
         "trainingState": {
-          "description": "Optional. The training state that the model is in (e.g. TRAINING or PAUSED). Since part of the cost of running the service is frequency of training - this can be used to determine when to train model in order to control cost. If not specified: the default value for CreateModel method is TRAINING. the default value for UpdateModel method is to keep the state the same as before.",
+          "description": "Optional. The training state that the model is in (e.g. `TRAINING` or `PAUSED`). Since part of the cost of running the service is frequency of training - this can be used to determine when to train model in order to control cost. If not specified: the default value for `CreateModel` method is `TRAINING`. The default value for `UpdateModel` method is to keep the state the same as before.",
           "enum": [
             "TRAINING_STATE_UNSPECIFIED",
             "PAUSED",
@@ -2512,7 +2728,7 @@
           "type": "string"
         },
         "type": {
-          "description": "Required. The type of model e.g. `home-page`. Currently supported values: `recommended-for-you`, `others-you-may-like`, `frequently-bought-together`, `page-optimization`, 'similar-items', 'buy-it-again', `recently-viewed`(readonly value).",
+          "description": "Required. The type of model e.g. `home-page`. Currently supported values: `recommended-for-you`, `others-you-may-like`, `frequently-bought-together`, `page-optimization`, `similar-items`, `buy-it-again`, and `recently-viewed`(readonly value).",
           "type": "string"
         },
         "updateTime": {
@@ -2551,9 +2767,9 @@
           "enumDescriptions": [
             "Unspecified value for restriction.",
             "Allow any ServingConfig to be show on any number of panels. Example: `Panel1 candidates`: pdp_ctr, pdp_cvr, home_page_ctr_no_diversity `Panel2 candidates`: home_page_ctr_no_diversity, home_page_ctr_diversity, pdp_cvr_no_diversity `Restriction` = NO_RESTRICTION `Valid combinations`: * * (pdp_ctr, home_page_ctr_no_diversity) * (pdp_ctr, home_page_ctr_diversity) * (pdp_ctr, pdp_cvr_no_diversity) * (pdp_cvr, home_page_ctr_no_diversity) * (pdp_cvr, home_page_ctr_diversity) * (pdp_cvr, pdp_cvr_no_diversity) * (home_page_ctr_no_diversity, home_page_ctr_no_diversity) * (home_page_ctr_no_diversity, home_page_ctr_diversity) * (home_page_ctr_no_diversity, pdp_cvr_no_diversity) * `Invalid combinations`: []",
-            "Do not allow the same ServingConfig.name to be shown on multiple panels. Example: `Panel1 candidates`: * pdp_ctr, pdp_cvr, home_page_ctr_no_diversity * `Panel2 candidates`: * home_page_ctr_no_diversity, home_page_ctr_diversity_low, pdp_cvr_no_diversity * `Restriction` = UNIQUE_SERVING_CONFIG_RESTRICTION `Valid combinations`: * * (pdp_ctr, home_page_ctr_no_diversity) * (pdp_ctr, home_page_ctr_diversity_low) * (pdp_ctr, pdp_cvr_no_diversity) * (pdp_ctr, pdp_cvr_no_diversity) * (pdp_cvr, home_page_ctr_no_diversity) * (pdp_cvr, home_page_ctr_diversity_low) * (pdp_cvr, pdp_cvr_no_diversity) * (home_page_ctr_no_diversity, home_page_ctr_diversity_low) * (home_page_ctr_no_diversity, pdp_cvr_no_diversity) * `Invalid combinations`: * * (home_page_ctr_no_diversity, home_page_ctr_no_diversity) *",
-            "Do not allow multiple ServingConfigs with same Model.name to be show on on different panels. Example: `Panel1 candidates`: * pdp_ctr, pdp_cvr, home_page_ctr_no_diversity * `Panel2 candidates`: * home_page_ctr_no_diversity, home_page_ctr_diversity_low, pdp_cvr_no_diversity * `Restriction` = UNIQUE_MODEL_RESTRICTION `Valid combinations`: * * (pdp_ctr, home_page_ctr_no_diversity) * (pdp_ctr, home_page_ctr_diversity) * (pdp_ctr, pdp_cvr_no_diversity) * (pdp_ctr, pdp_cvr_no_diversity) * (pdp_cvr, home_page_ctr_no_diversity) * (pdp_cvr, home_page_ctr_diversity_low) * (home_page_ctr_no_diversity, pdp_cvr_no_diversity) * `Invalid combinations`: * * (home_page_ctr_no_diversity, home_page_ctr_no_diversity) * (pdp_cvr, pdp_cvr_no_diversity) *",
-            "Do not allow multiple ServingConfigs with same Model.type to be shown on different panels. Example: `Panel1 candidates`: * pdp_ctr, pdp_cvr, home_page_ctr_no_diversity * `Panel2 candidates`: * home_page_ctr_no_diversity, home_page_ctr_diversity_low, pdp_cvr_no_diversity * `Restriction` = UNIQUE_MODEL_RESTRICTION `Valid combinations`: * * (pdp_ctr, home_page_ctr_no_diversity) * (pdp_ctr, home_page_ctr_diversity) * (pdp_cvr, home_page_ctr_no_diversity) * (pdp_cvr, home_page_ctr_diversity_low) * (home_page_ctr_no_diversity, pdp_cvr_no_diversity) * `Invalid combinations`: * * (pdp_ctr, pdp_cvr_no_diversity) * (pdp_ctr, pdp_cvr_no_diversity) * (pdp_cvr, pdp_cvr_no_diversity) * (home_page_ctr_no_diversity, home_page_ctr_no_diversity) * (home_page_ctr_no_diversity, home_page_ctr_diversity) *"
+            "Do not allow the same ServingConfig.name to be shown on multiple panels. Example: `Panel1 candidates`: * pdp_ctr, pdp_cvr, home_page_ctr_no_diversity * `Panel2 candidates`: * home_page_ctr_no_diversity, home_page_ctr_diversity_low, pdp_cvr_no_diversity * `Restriction` = `UNIQUE_SERVING_CONFIG_RESTRICTION` `Valid combinations`: * * (pdp_ctr, home_page_ctr_no_diversity) * (pdp_ctr, home_page_ctr_diversity_low) * (pdp_ctr, pdp_cvr_no_diversity) * (pdp_ctr, pdp_cvr_no_diversity) * (pdp_cvr, home_page_ctr_no_diversity) * (pdp_cvr, home_page_ctr_diversity_low) * (pdp_cvr, pdp_cvr_no_diversity) * (home_page_ctr_no_diversity, home_page_ctr_diversity_low) * (home_page_ctr_no_diversity, pdp_cvr_no_diversity) * `Invalid combinations`: * * (home_page_ctr_no_diversity, home_page_ctr_no_diversity) *",
+            "Do not allow multiple ServingConfigs with same Model.name to be show on on different panels. Example: `Panel1 candidates`: * pdp_ctr, pdp_cvr, home_page_ctr_no_diversity * `Panel2 candidates`: * home_page_ctr_no_diversity, home_page_ctr_diversity_low, pdp_cvr_no_diversity * `Restriction` = `UNIQUE_MODEL_RESTRICTION` `Valid combinations`: * * (pdp_ctr, home_page_ctr_no_diversity) * (pdp_ctr, home_page_ctr_diversity) * (pdp_ctr, pdp_cvr_no_diversity) * (pdp_ctr, pdp_cvr_no_diversity) * (pdp_cvr, home_page_ctr_no_diversity) * (pdp_cvr, home_page_ctr_diversity_low) * (home_page_ctr_no_diversity, pdp_cvr_no_diversity) * `Invalid combinations`: * * (home_page_ctr_no_diversity, home_page_ctr_no_diversity) * (pdp_cvr, pdp_cvr_no_diversity) *",
+            "Do not allow multiple ServingConfigs with same Model.type to be shown on different panels. Example: `Panel1 candidates`: * pdp_ctr, pdp_cvr, home_page_ctr_no_diversity * `Panel2 candidates`: * home_page_ctr_no_diversity, home_page_ctr_diversity_low, pdp_cvr_no_diversity * `Restriction` = `UNIQUE_MODEL_RESTRICTION` `Valid combinations`: * * (pdp_ctr, home_page_ctr_no_diversity) * (pdp_ctr, home_page_ctr_diversity) * (pdp_cvr, home_page_ctr_no_diversity) * (pdp_cvr, home_page_ctr_diversity_low) * (home_page_ctr_no_diversity, pdp_cvr_no_diversity) * `Invalid combinations`: * * (pdp_ctr, pdp_cvr_no_diversity) * (pdp_ctr, pdp_cvr_no_diversity) * (pdp_cvr, pdp_cvr_no_diversity) * (home_page_ctr_no_diversity, home_page_ctr_no_diversity) * (home_page_ctr_no_diversity, home_page_ctr_diversity) *"
           ],
           "type": "string"
         }
@@ -2565,7 +2781,7 @@
       "id": "GoogleCloudRetailV2alphaModelPageOptimizationConfigCandidate",
       "properties": {
         "servingConfigId": {
-          "description": "This has to be a valid ServingConfig identifier. e.g. for a ServingConfig with full name: `projects/*/locations/global/catalogs/default_catalog/servingConfigs/my_candidate_config` this would be 'my_candidate_config'",
+          "description": "This has to be a valid ServingConfig identifier. For example, for a ServingConfig with full name: `projects/*/locations/global/catalogs/default_catalog/servingConfigs/my_candidate_config`, this would be `my_candidate_config`.",
           "type": "string"
         }
       },
@@ -2584,7 +2800,7 @@
         },
         "defaultCandidate": {
           "$ref": "GoogleCloudRetailV2alphaModelPageOptimizationConfigCandidate",
-          "description": "Required. The default candidate (in case the model fails at serving time, we can fall back to the default)."
+          "description": "Required. The default candidate. If the model fails at serving time, we fall back to the default."
         },
         "displayName": {
           "description": "Optional. The name to display for the panel.",
@@ -2594,11 +2810,11 @@
       "type": "object"
     },
     "GoogleCloudRetailV2alphaModelServingConfigList": {
-      "description": "Represents an ordered combination of valid serving configs, which / may be used for PAGE_OPTIMIZATION recommendations.",
+      "description": "Represents an ordered combination of valid serving configs, which can be used for `PAGE_OPTIMIZATION` recommendations.",
       "id": "GoogleCloudRetailV2alphaModelServingConfigList",
       "properties": {
         "servingConfigIds": {
-          "description": "Optional. A set of valid serving configs that may be used for PAGE_OPTIMIZATION.",
+          "description": "Optional. A set of valid serving configs that may be used for `PAGE_OPTIMIZATION`.",
           "items": {
             "type": "string"
           },
@@ -2686,13 +2902,13 @@
       "type": "object"
     },
     "GoogleCloudRetailV2alphaRejoinUserEventsMetadata": {
-      "description": "Metadata for RejoinUserEvents method.",
+      "description": "Metadata for `RejoinUserEvents` method.",
       "id": "GoogleCloudRetailV2alphaRejoinUserEventsMetadata",
       "properties": {},
       "type": "object"
     },
     "GoogleCloudRetailV2alphaRejoinUserEventsResponse": {
-      "description": "Response message for RejoinUserEvents method.",
+      "description": "Response message for `RejoinUserEvents` method.",
       "id": "GoogleCloudRetailV2alphaRejoinUserEventsResponse",
       "properties": {
         "rejoinedUserEventsCount": {
@@ -2761,7 +2977,7 @@
       "id": "GoogleCloudRetailV2alphaTuneModelMetadata",
       "properties": {
         "model": {
-          "description": "The resource name of the model that this tune applies to. Format: projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}",
+          "description": "The resource name of the model that this tune applies to. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}`",
           "type": "string"
         }
       },
@@ -3345,7 +3561,7 @@
           "type": "boolean"
         },
         "value": {
-          "description": "The value of the term to match on. Value cannot be empty. Value can have at most 3 terms if specified as a partial match. Each space separated string is considered as one term. Example) \"a b c\" is 3 terms and allowed, \" a b c d\" is 4 terms and not allowed for partial match.",
+          "description": "The value of the term to match on. Value cannot be empty. Value can have at most 3 terms if specified as a partial match. Each space separated string is considered as one term. For example, \"a b c\" is 3 terms and allowed, but \" a b c d\" is 4 terms and not allowed for a partial match.",
           "type": "string"
         }
       },
@@ -3369,11 +3585,11 @@
       "type": "object"
     },
     "GoogleCloudRetailV2betaControl": {
-      "description": "Configures dynamic serving time metadata that is used to pre and post process search/recommendation model results.",
+      "description": "Configures dynamic metadata that can be linked to a ServingConfig and affect search or recommendation results at serving time.",
       "id": "GoogleCloudRetailV2betaControl",
       "properties": {
         "associatedServingConfigIds": {
-          "description": "Output only. List of serving configuration ids that that are associated with this control. Note the association is managed via the ServingConfig, this is an output only denormalizeed view. Assumed to be in the same catalog.",
+          "description": "Output only. List of serving configuration ids that are associated with this control in the same Catalog. Note the association is managed via the ServingConfig, this is an output only denormalized view.",
           "items": {
             "type": "string"
           },
@@ -3386,7 +3602,7 @@
         },
         "facetSpec": {
           "$ref": "GoogleCloudRetailV2betaSearchRequestFacetSpec",
-          "description": "A facet specification to perform faceted search."
+          "description": "A facet specification to perform faceted search. Note that this field is deprecated and will throw NOT_IMPLEMENTED if used for creating a control."
         },
         "name": {
           "description": "Immutable. Fully qualified name `projects/*/locations/global/catalogs/*/controls/*`",
@@ -3396,8 +3612,25 @@
           "$ref": "GoogleCloudRetailV2betaRule",
           "description": "A rule control - a condition-action pair. Enacts a set action when the condition is triggered. For example: Boost \"gShoe\" when query full matches \"Running Shoes\"."
         },
+        "searchSolutionUseCase": {
+          "description": "Specifies the use case for the control. Affects what condition fields can be set. Only settable by search controls. Will default to SEARCH_SOLUTION_USE_CASE_SEARCH if not specified. Currently only allow one search_solution_use_case per control.",
+          "items": {
+            "enum": [
+              "SEARCH_SOLUTION_USE_CASE_UNSPECIFIED",
+              "SEARCH_SOLUTION_USE_CASE_SEARCH",
+              "SEARCH_SOLUTION_USE_CASE_BROWSE"
+            ],
+            "enumDescriptions": [
+              "The value when it's unspecified. In this case, server behavior defaults to SEARCH_SOLUTION_USE_CASE_SEARCH.",
+              "Search use case. Expects the traffic has a non-empty query.",
+              "Browse use case. Expects the traffic has an empty query."
+            ],
+            "type": "string"
+          },
+          "type": "array"
+        },
         "solutionTypes": {
-          "description": "Required. Immutable. The solution types that the serving config is used for. Currently we support setting only one type of solution at creation time. Only `SOLUTION_TYPE_SEARCH` value is supported at the moment. If no solution type is provided at creation time, will default to SOLUTION_TYPE_SEARCH.",
+          "description": "Required. Immutable. The solution types that the control is used for. Currently we support setting only one type of solution at creation time. Only `SOLUTION_TYPE_SEARCH` value is supported at the moment. If no solution type is provided at creation time, will default to SOLUTION_TYPE_SEARCH.",
           "items": {
             "enum": [
               "SOLUTION_TYPE_UNSPECIFIED",
@@ -3458,7 +3691,7 @@
       "type": "object"
     },
     "GoogleCloudRetailV2betaExportMetadata": {
-      "description": "Metadata related to the progress of the Export operation. This will be returned by the google.longrunning.Operation.metadata field.",
+      "description": "Metadata related to the progress of the Export operation. This is returned by the google.longrunning.Operation.metadata field.",
       "id": "GoogleCloudRetailV2betaExportMetadata",
       "properties": {
         "createTime": {
@@ -3537,11 +3770,11 @@
       "type": "object"
     },
     "GoogleCloudRetailV2betaGcsSource": {
-      "description": "Google Cloud Storage location for input content. format.",
+      "description": "Google Cloud Storage location for input content.",
       "id": "GoogleCloudRetailV2betaGcsSource",
       "properties": {
         "dataSchema": {
-          "description": "The schema to use when parsing the data from the source. Supported values for product imports: * `product` (default): One JSON Product per line. Each product must have a valid Product.id. * `product_merchant_center`: See [Importing catalog data from Merchant Center](https://cloud.google.com/retail/recommendations-ai/docs/upload-catalog#mc). Supported values for user events imports: * `user_event` (default): One JSON UserEvent per line. * `user_event_ga360`: Using https://support.google.com/analytics/answer/3437719. Supported values for control imports: * 'control' (default): One JSON Control per line. Supported values for catalog attribute imports: * 'catalog_attribute' (default): One CSV CatalogAttribute per line.",
+          "description": "The schema to use when parsing the data from the source. Supported values for product imports: * `product` (default): One JSON Product per line. Each product must have a valid Product.id. * `product_merchant_center`: See [Importing catalog data from Merchant Center](https://cloud.google.com/retail/recommendations-ai/docs/upload-catalog#mc). Supported values for user events imports: * `user_event` (default): One JSON UserEvent per line. * `user_event_ga360`: Using https://support.google.com/analytics/answer/3437719. Supported values for control imports: * `control` (default): One JSON Control per line. Supported values for catalog attribute imports: * `catalog_attribute` (default): One CSV CatalogAttribute per line.",
           "type": "string"
         },
         "inputUris": {
@@ -3604,7 +3837,7 @@
           "description": "Required. The desired input location of the data."
         },
         "notificationPubsubTopic": {
-          "description": "Pub/Sub topic for receiving notification. If this field is set, when the import is finished, a notification will be sent to specified Pub/Sub topic. The message data will be JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`.",
+          "description": "Pub/Sub topic for receiving notification. If this field is set, when the import is finished, a notification is sent to specified Pub/Sub topic. The message data is JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`.",
           "type": "string"
         }
       },
@@ -3629,14 +3862,14 @@
       "id": "GoogleCloudRetailV2betaImportErrorsConfig",
       "properties": {
         "gcsPrefix": {
-          "description": "Google Cloud Storage prefix for import errors. This must be an empty, existing Cloud Storage directory. Import errors will be written to sharded files in this directory, one per line, as a JSON-encoded `google.rpc.Status` message.",
+          "description": "Google Cloud Storage prefix for import errors. This must be an empty, existing Cloud Storage directory. Import errors are written to sharded files in this directory, one per line, as a JSON-encoded `google.rpc.Status` message.",
           "type": "string"
         }
       },
       "type": "object"
     },
     "GoogleCloudRetailV2betaImportMetadata": {
-      "description": "Metadata related to the progress of the Import operation. This will be returned by the google.longrunning.Operation.metadata field.",
+      "description": "Metadata related to the progress of the Import operation. This is returned by the google.longrunning.Operation.metadata field.",
       "id": "GoogleCloudRetailV2betaImportMetadata",
       "properties": {
         "createTime": {
@@ -3650,7 +3883,7 @@
           "type": "string"
         },
         "notificationPubsubTopic": {
-          "description": "Pub/Sub topic for receiving notification. If this field is set, when the import is finished, a notification will be sent to specified Pub/Sub topic. The message data will be JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`.",
+          "description": "Pub/Sub topic for receiving notification. If this field is set, when the import is finished, a notification is sent to specified Pub/Sub topic. The message data is JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`.",
           "type": "string"
         },
         "requestId": {
@@ -3683,7 +3916,7 @@
           "description": "Required. The desired input location of the data."
         },
         "notificationPubsubTopic": {
-          "description": "Full Pub/Sub topic name for receiving notification. If this field is set, when the import is finished, a notification will be sent to specified Pub/Sub topic. The message data will be JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`. It has to be within the same project as ImportProductsRequest.parent. Make sure that `service-@gcp-sa-retail.iam.gserviceaccount.com` has the `pubsub.topics.publish` IAM permission on the topic.",
+          "description": "Full Pub/Sub topic name for receiving notification. If this field is set, when the import is finished, a notification is sent to specified Pub/Sub topic. The message data is JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`. It has to be within the same project as ImportProductsRequest.parent. Make sure that `service-@gcp-sa-retail.iam.gserviceaccount.com` has the `pubsub.topics.publish` IAM permission on the topic.",
           "type": "string"
         },
         "reconciliationMode": {
@@ -3705,7 +3938,7 @@
           "type": "string"
         },
         "updateMask": {
-          "description": "Indicates which fields in the provided imported 'products' to update. If not set, will by default update all fields.",
+          "description": "Indicates which fields in the provided imported `products` to update. If not set, all fields are updated.",
           "format": "google-fieldmask",
           "type": "string"
         }
@@ -3830,6 +4063,24 @@
       },
       "type": "object"
     },
+    "GoogleCloudRetailV2betaListModelsResponse": {
+      "description": "Response to a ListModelRequest.",
+      "id": "GoogleCloudRetailV2betaListModelsResponse",
+      "properties": {
+        "models": {
+          "description": "List of Models.",
+          "items": {
+            "$ref": "GoogleCloudRetailV2betaModel"
+          },
+          "type": "array"
+        },
+        "nextPageToken": {
+          "description": "Pagination token, if not returned indicates the last page.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
     "GoogleCloudRetailV2betaListProductsResponse": {
       "description": "Response message for ProductService.ListProducts method.",
       "id": "GoogleCloudRetailV2betaListProductsResponse",
@@ -3940,6 +4191,150 @@
       },
       "type": "object"
     },
+    "GoogleCloudRetailV2betaModel": {
+      "description": "Metadata that describes the training and serving parameters of a Model. A Model can be associated with a ServingConfig and then queried through the Predict API.",
+      "id": "GoogleCloudRetailV2betaModel",
+      "properties": {
+        "createTime": {
+          "description": "Output only. Timestamp the Recommendation Model was created at.",
+          "format": "google-datetime",
+          "readOnly": true,
+          "type": "string"
+        },
+        "dataState": {
+          "description": "Output only. The state of data requirements for this model: `DATA_OK` and `DATA_ERROR`. Recommendation model cannot be trained if the data is in `DATA_ERROR` state. Recommendation model can have `DATA_ERROR` state even if serving state is `ACTIVE`: models were trained successfully before, but cannot be refreshed because model no longer has sufficient data for training.",
+          "enum": [
+            "DATA_STATE_UNSPECIFIED",
+            "DATA_OK",
+            "DATA_ERROR"
+          ],
+          "enumDescriptions": [
+            "Unspecified default value, should never be explicitly set.",
+            "The model has sufficient training data.",
+            "The model does not have sufficient training data. Error messages can be queried via Stackdriver."
+          ],
+          "readOnly": true,
+          "type": "string"
+        },
+        "displayName": {
+          "description": "Required. The display name of the model. Should be human readable, used to display Recommendation Models in the Retail Cloud Console Dashboard. UTF-8 encoded string with limit of 1024 characters.",
+          "type": "string"
+        },
+        "filteringOption": {
+          "description": "Optional. If `RECOMMENDATIONS_FILTERING_ENABLED`, recommendation filtering by attributes is enabled for the model.",
+          "enum": [
+            "RECOMMENDATIONS_FILTERING_OPTION_UNSPECIFIED",
+            "RECOMMENDATIONS_FILTERING_DISABLED",
+            "RECOMMENDATIONS_FILTERING_ENABLED"
+          ],
+          "enumDescriptions": [
+            "Value used when unset. In this case, server behavior defaults to RECOMMENDATIONS_FILTERING_DISABLED.",
+            "Recommendation filtering is disabled.",
+            "Recommendation filtering is enabled."
+          ],
+          "type": "string"
+        },
+        "lastTuneTime": {
+          "description": "Output only. The timestamp when the latest successful tune finished.",
+          "format": "google-datetime",
+          "readOnly": true,
+          "type": "string"
+        },
+        "name": {
+          "description": "Required. The fully qualified resource name of the model. Format: `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` catalog_id has char limit of 50. recommendation_model_id has char limit of 40.",
+          "type": "string"
+        },
+        "optimizationObjective": {
+          "description": "Optional. The optimization objective e.g. `cvr`. Currently supported values: `ctr`, `cvr`, `revenue-per-order`. If not specified, we choose default based on model type. Default depends on type of recommendation: `recommended-for-you` => `ctr` `others-you-may-like` => `ctr` `frequently-bought-together` => `revenue_per_order`",
+          "type": "string"
+        },
+        "periodicTuningState": {
+          "description": "Optional. The state of periodic tuning. The period we use is 3 months - to do a one-off tune earlier use the `TuneModel` method. Default value is `PERIODIC_TUNING_ENABLED`.",
+          "enum": [
+            "PERIODIC_TUNING_STATE_UNSPECIFIED",
+            "PERIODIC_TUNING_DISABLED",
+            "ALL_TUNING_DISABLED",
+            "PERIODIC_TUNING_ENABLED"
+          ],
+          "enumDescriptions": [
+            "Unspecified default value, should never be explicitly set.",
+            "The model has periodic tuning disabled. Tuning can be reenabled by calling the `EnableModelPeriodicTuning` method or by calling the `TuneModel` method.",
+            "The model cannot be tuned with periodic tuning OR the `TuneModel` method. Hide the options in customer UI and reject any requests through the backend self serve API.",
+            "The model has periodic tuning enabled. Tuning can be disabled by calling the `DisableModelPeriodicTuning` method."
+          ],
+          "type": "string"
+        },
+        "servingConfigLists": {
+          "description": "Output only. The list of valid serving configs associated with the PageOptimizationConfig.",
+          "items": {
+            "$ref": "GoogleCloudRetailV2betaModelServingConfigList"
+          },
+          "readOnly": true,
+          "type": "array"
+        },
+        "servingState": {
+          "description": "Output only. The serving state of the model: `ACTIVE`, `NOT_ACTIVE`.",
+          "enum": [
+            "SERVING_STATE_UNSPECIFIED",
+            "INACTIVE",
+            "ACTIVE",
+            "TUNED"
+          ],
+          "enumDescriptions": [
+            "Unspecified serving state.",
+            "The model is not serving.",
+            "The model is serving and can be queried.",
+            "The model is trained on tuned hyperparameters and can be queried."
+          ],
+          "readOnly": true,
+          "type": "string"
+        },
+        "trainingState": {
+          "description": "Optional. The training state that the model is in (e.g. `TRAINING` or `PAUSED`). Since part of the cost of running the service is frequency of training - this can be used to determine when to train model in order to control cost. If not specified: the default value for `CreateModel` method is `TRAINING`. The default value for `UpdateModel` method is to keep the state the same as before.",
+          "enum": [
+            "TRAINING_STATE_UNSPECIFIED",
+            "PAUSED",
+            "TRAINING"
+          ],
+          "enumDescriptions": [
+            "Unspecified training state.",
+            "The model training is paused.",
+            "The model is training."
+          ],
+          "type": "string"
+        },
+        "tuningOperation": {
+          "description": "Output only. The tune operation associated with the model. Can be used to determine if there is an ongoing tune for this recommendation. Empty field implies no tune is goig on.",
+          "readOnly": true,
+          "type": "string"
+        },
+        "type": {
+          "description": "Required. The type of model e.g. `home-page`. Currently supported values: `recommended-for-you`, `others-you-may-like`, `frequently-bought-together`, `page-optimization`, `similar-items`, `buy-it-again`, and `recently-viewed`(readonly value).",
+          "type": "string"
+        },
+        "updateTime": {
+          "description": "Output only. Timestamp the Recommendation Model was last updated. E.g. if a Recommendation Model was paused - this would be the time the pause was initiated.",
+          "format": "google-datetime",
+          "readOnly": true,
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudRetailV2betaModelServingConfigList": {
+      "description": "Represents an ordered combination of valid serving configs, which can be used for `PAGE_OPTIMIZATION` recommendations.",
+      "id": "GoogleCloudRetailV2betaModelServingConfigList",
+      "properties": {
+        "servingConfigIds": {
+          "description": "Optional. A set of valid serving configs that may be used for `PAGE_OPTIMIZATION`.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
     "GoogleCloudRetailV2betaOutputResult": {
       "description": "Output result.",
       "id": "GoogleCloudRetailV2betaOutputResult",
@@ -3954,6 +4349,12 @@
       },
       "type": "object"
     },
+    "GoogleCloudRetailV2betaPauseModelRequest": {
+      "description": "Request for pausing training of a model.",
+      "id": "GoogleCloudRetailV2betaPauseModelRequest",
+      "properties": {},
+      "type": "object"
+    },
     "GoogleCloudRetailV2betaPredictRequest": {
       "description": "Request message for Predict method.",
       "id": "GoogleCloudRetailV2betaPredictRequest",
@@ -4150,7 +4551,7 @@
           "type": "array"
         },
         "categories": {
-          "description": "Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). For example, if a shoes product belongs to both [\"Shoes & Accessories\" -> \"Shoes\"] and [\"Sports & Fitness\" -> \"Athletic Clothing\" -> \"Shoes\"], it could be represented as: \"categories\": [ \"Shoes & Accessories > Shoes\", \"Sports & Fitness > Athletic Clothing > Shoes\" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436",
+          "description": "Product categories. This field is repeated for supporting one product belonging to several parallel categories. Strongly recommended using the full path for better search / recommendation quality. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). For example, if a shoes product belongs to both [\"Shoes & Accessories\" -> \"Shoes\"] and [\"Sports & Fitness\" -> \"Athletic Clothing\" -> \"Shoes\"], it could be represented as: \"categories\": [ \"Shoes & Accessories > Shoes\", \"Sports & Fitness > Athletic Clothing > Shoes\" ] Must be set for Type.PRIMARY Product otherwise an INVALID_ARGUMENT error is returned. At most 250 values are allowed per Product. Empty values are not allowed. Each value must be a UTF-8 encoded string with a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property google_product_category. Schema.org property [Product.category] (https://schema.org/category). [mc_google_product_category]: https://support.google.com/merchants/answer/6324436",
           "items": {
             "type": "string"
           },
@@ -4209,6 +4610,14 @@
           "description": "Language of the title/description and other string attributes. Use language tags defined by [BCP 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). For product prediction, this field is ignored and the model automatically detects the text language. The Product can include text in different languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to \"en-US\" if unset.",
           "type": "string"
         },
+        "localInventories": {
+          "description": "Output only. A list of local inventories specific to different places. This is only available for users who have Retail Search enabled, and it can be managed by AddLocalInventories and RemoveLocalInventories APIs.",
+          "items": {
+            "$ref": "GoogleCloudRetailV2betaLocalInventory"
+          },
+          "readOnly": true,
+          "type": "array"
+        },
         "materials": {
           "description": "The material of the product. For example, \"leather\", \"wooden\". A maximum of 20 values are allowed. Each value must be a UTF-8 encoded string with a length limit of 200 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property [material](https://support.google.com/merchants/answer/6324410). Schema.org property [Product.material](https://schema.org/material).",
           "items": {
@@ -4474,7 +4883,7 @@
       "type": "object"
     },
     "GoogleCloudRetailV2betaRejoinUserEventsMetadata": {
-      "description": "Metadata for RejoinUserEvents method.",
+      "description": "Metadata for `RejoinUserEvents` method.",
       "id": "GoogleCloudRetailV2betaRejoinUserEventsMetadata",
       "properties": {},
       "type": "object"
@@ -4484,7 +4893,7 @@
       "id": "GoogleCloudRetailV2betaRejoinUserEventsRequest",
       "properties": {
         "userEventRejoinScope": {
-          "description": "The type of the user event rejoin to define the scope and range of the user events to be rejoined with the latest product catalog. Defaults to USER_EVENT_REJOIN_SCOPE_UNSPECIFIED if this field is not set, or set to an invalid integer value.",
+          "description": "The type of the user event rejoin to define the scope and range of the user events to be rejoined with the latest product catalog. Defaults to `USER_EVENT_REJOIN_SCOPE_UNSPECIFIED` if this field is not set, or set to an invalid integer value.",
           "enum": [
             "USER_EVENT_REJOIN_SCOPE_UNSPECIFIED",
             "JOINED_EVENTS",
@@ -4501,7 +4910,7 @@
       "type": "object"
     },
     "GoogleCloudRetailV2betaRejoinUserEventsResponse": {
-      "description": "Response message for RejoinUserEvents method.",
+      "description": "Response message for `RejoinUserEvents` method.",
       "id": "GoogleCloudRetailV2betaRejoinUserEventsResponse",
       "properties": {
         "rejoinedUserEventsCount": {
@@ -4624,8 +5033,14 @@
       },
       "type": "object"
     },
+    "GoogleCloudRetailV2betaResumeModelRequest": {
+      "description": "Request for resuming training of a model.",
+      "id": "GoogleCloudRetailV2betaResumeModelRequest",
+      "properties": {},
+      "type": "object"
+    },
     "GoogleCloudRetailV2betaRule": {
-      "description": "A rule is a condition-action pair * A condition defines when a rule is to be triggered. * An action specifies what occurs on that trigger. Currently only boost rules are supported. Currently only supported by the search endpoint.",
+      "description": "A rule is a condition-action pair * A condition defines when a rule is to be triggered. * An action specifies what occurs on that trigger. Currently rules only work for controls with SOLUTION_TYPE_SEARCH.",
       "id": "GoogleCloudRetailV2betaRule",
       "properties": {
         "boostAction": {
@@ -4859,7 +5274,7 @@
           "type": "string"
         },
         "pageCategories": {
-          "description": "The categories associated with a category page. Required for category navigation queries to achieve good search quality. The format should be the same as UserEvent.page_categories; To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: \"pageCategories\" : [\"Sales > 2017 Black Friday Deals\"].",
+          "description": "The categories associated with a category page. Required for category navigation queries to achieve good search quality. The format should be the same as UserEvent.page_categories; To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: \"pageCategories\" : [\"Sales > 2017 Black Friday Deals\"].",
           "items": {
             "type": "string"
           },
@@ -4876,7 +5291,7 @@
         },
         "personalizationSpec": {
           "$ref": "GoogleCloudRetailV2betaSearchRequestPersonalizationSpec",
-          "description": "The specification for personalization."
+          "description": "The specification for personalization. Notice that if both ServingConfig.personalization_spec and SearchRequest.personalization_spec are set. SearchRequest.personalization_spec will override ServingConfig.personalization_spec."
         },
         "query": {
           "description": "Raw search query. If this field is empty, the request is considered a category browsing request and returned results are based on filter and page_categories.",
@@ -4894,9 +5309,9 @@
             "FACETED_SEARCH_ONLY"
           ],
           "enumDescriptions": [
-            "Default value. In this case both product search and faceted search will be performed. Both [SearchResponse.SearchResult] and [SearchResponse.Facet] will be returned.",
-            "Only product search will be performed. The faceted search will be disabled. Only [SearchResponse.SearchResult] will be returned. [SearchResponse.Facet] will not be returned, even if SearchRequest.facet_specs or SearchRequest.dynamic_facet_spec is set.",
-            "Only faceted search will be performed. The product search will be disabled. When in this mode, one or both of SearchRequest.facet_specs and SearchRequest.dynamic_facet_spec should be set. Otherwise, an INVALID_ARGUMENT error is returned. Only [SearchResponse.Facet] will be returned. [SearchResponse.SearchResult] will not be returned."
+            "Default value. In this case both product search and faceted search will be performed. Both SearchResponse.SearchResult and SearchResponse.Facet will be returned.",
+            "Only product search will be performed. The faceted search will be disabled. Only SearchResponse.SearchResult will be returned. SearchResponse.Facet will not be returned, even if SearchRequest.facet_specs or SearchRequest.dynamic_facet_spec is set.",
+            "Only faceted search will be performed. The product search will be disabled. When in this mode, one or both of SearchRequest.facet_specs and SearchRequest.dynamic_facet_spec should be set. Otherwise, an INVALID_ARGUMENT error is returned. Only SearchResponse.Facet will be returned. SearchResponse.SearchResult will not be returned."
           ],
           "type": "string"
         },
@@ -5297,7 +5712,7 @@
       "type": "object"
     },
     "GoogleCloudRetailV2betaServingConfig": {
-      "description": "Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions). The ServingConfig is passed in the search and predict request and together with the Catalog.default_branch, generates results.",
+      "description": "Configures metadata that is used to generate serving time results (e.g. search results or recommendation predictions).",
       "id": "GoogleCloudRetailV2betaServingConfig",
       "properties": {
         "boostControlIds": {
@@ -5312,7 +5727,21 @@
           "type": "string"
         },
         "diversityLevel": {
-          "description": "How much diversity to use in recommendation model results e.g. 'medium-diversity' or 'high-diversity'. Currently supported values: * 'no-diversity' * 'low-diversity' * 'medium-diversity' * 'high-diversity' * 'auto-diversity' If not specified, we choose default based on recommendation model type. Default value: 'no-diversity'. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.",
+          "description": "How much diversity to use in recommendation model results e.g. `medium-diversity` or `high-diversity`. Currently supported values: * `no-diversity` * `low-diversity` * `medium-diversity` * `high-diversity` * `auto-diversity` If not specified, we choose default based on recommendation model type. Default value: `no-diversity`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.",
+          "type": "string"
+        },
+        "diversityType": {
+          "description": "What kind of diversity to use - data driven or rule based.",
+          "enum": [
+            "DIVERSITY_TYPE_UNSPECIFIED",
+            "RULE_BASED_DIVERSITY",
+            "DATA_DRIVEN_DIVERSITY"
+          ],
+          "enumDescriptions": [
+            "Default value.",
+            "Rule based diversity.",
+            "Data driven diversity."
+          ],
           "type": "string"
         },
         "doNotAssociateControlIds": {
@@ -5327,7 +5756,7 @@
           "description": "The specification for dynamically generated facets. Notice that only textual facets can be dynamically generated. Can only be set if solution_types is SOLUTION_TYPE_SEARCH."
         },
         "enableCategoryFilterLevel": {
-          "description": "Whether to add additional category filters on the 'similar-items' model. If not specified, we enable it by default. Allowed values are: * 'no-category-match': No additional filtering of original results from the model and the customer's filters. * 'relaxed-category-match': Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.",
+          "description": "Whether to add additional category filters on the `similar-items` model. If not specified, we enable it by default. Allowed values are: * `no-category-match`: No additional filtering of original results from the model and the customer's filters. * `relaxed-category-match`: Only keep results with categories that match at least one item categories in the PredictRequests's context item. * If customer also sends filters in the PredictRequest, then the results will satisfy both conditions (user given and category match). Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.",
           "type": "string"
         },
         "facetControlIds": {
@@ -5352,7 +5781,7 @@
           "type": "array"
         },
         "modelId": {
-          "description": "The id of the model to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.",
+          "description": "The id of the model in the same Catalog to use at serving time. Currently only RecommendationModels are supported: https://cloud.google.com/retail/recommendations-ai/docs/create-models Can be changed but only to a compatible model (e.g. others-you-may-like CTR to others-you-may-like CVR). Required when solution_types is SOLUTION_TYPE_RECOMMENDATION.",
           "type": "string"
         },
         "name": {
@@ -5366,8 +5795,12 @@
           },
           "type": "array"
         },
+        "personalizationSpec": {
+          "$ref": "GoogleCloudRetailV2betaSearchRequestPersonalizationSpec",
+          "description": "The specification for personalization spec. Can only be set if solution_types is SOLUTION_TYPE_SEARCH. Notice that if both ServingConfig.personalization_spec and SearchRequest.personalization_spec are set. SearchRequest.personalization_spec will override ServingConfig.personalization_spec."
+        },
         "priceRerankingLevel": {
-          "description": "How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * 'no-price-reranking' * 'low-price-raranking' * 'medium-price-reranking' * 'high-price-reranking' If not specified, we choose default based on model type. Default value: 'no-price-reranking'. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.",
+          "description": "How much price ranking we want in serving results. Price reranking causes product items with a similar recommendation probability to be ordered by price, with the highest-priced items first. This setting could result in a decrease in click-through and conversion rates. Allowed values are: * `no-price-reranking` * `low-price-raranking` * `medium-price-reranking` * `high-price-reranking` If not specified, we choose default based on model type. Default value: `no-price-reranking`. Can only be set if solution_types is SOLUTION_TYPE_RECOMMENDATION.",
           "type": "string"
         },
         "redirectControlIds": {
@@ -5467,6 +5900,12 @@
       "properties": {},
       "type": "object"
     },
+    "GoogleCloudRetailV2betaTuneModelRequest": {
+      "description": "Request to manually start a tuning process now (instead of waiting for the periodically scheduled tuning to happen).",
+      "id": "GoogleCloudRetailV2betaTuneModelRequest",
+      "properties": {},
+      "type": "object"
+    },
     "GoogleCloudRetailV2betaUserEvent": {
       "description": "UserEvent captures all metadata information Retail API needs to know about how end users interact with customers' website.",
       "id": "GoogleCloudRetailV2betaUserEvent",
@@ -5520,7 +5959,7 @@
           "type": "string"
         },
         "pageCategories": {
-          "description": "The categories associated with a category page. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, please replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: \"pageCategories\" : [\"Sales > 2017 Black Friday Deals\"]. Required for `category-page-view` events. At least one of search_query or page_categories is required for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.",
+          "description": "The categories associated with a category page. To represent full path of category, use '>' sign to separate different hierarchies. If '>' is part of the category name, replace it with other character(s). Category pages include special pages such as sales or promotions. For instance, a special sale page may have the category hierarchy: \"pageCategories\" : [\"Sales > 2017 Black Friday Deals\"]. Required for `category-page-view` events. At least one of search_query or page_categories is required for `search` events. Other event types should not set this field. Otherwise, an INVALID_ARGUMENT error is returned.",
           "items": {
             "type": "string"
           },
diff --git a/googleapiclient/discovery_cache/documents/run.v1.json b/googleapiclient/discovery_cache/documents/run.v1.json
index 4a1ece8740a..39e6d462645 100644
--- a/googleapiclient/discovery_cache/documents/run.v1.json
+++ b/googleapiclient/discovery_cache/documents/run.v1.json
@@ -159,7 +159,7 @@
               ],
               "parameters": {
                 "name": {
-                  "description": "The name of the configuration to retrieve. For Cloud Run (fully managed), replace {namespace_id} with the project ID or number.",
+                  "description": "The name of the configuration to retrieve. For Cloud Run, replace {namespace_id} with the project ID or number.",
                   "location": "path",
                   "pattern": "^namespaces/[^/]+/configurations/[^/]+$",
                   "required": true,
@@ -189,12 +189,12 @@
                   "type": "string"
                 },
                 "fieldSelector": {
-                  "description": "Allows to filter resources based on a specific value for a field name. Send this in a query string format. i.e. 'metadata.name%3Dlorem'. Not currently used by Cloud Run.",
+                  "description": "Not supported by Cloud Run.",
                   "location": "query",
                   "type": "string"
                 },
                 "includeUninitialized": {
-                  "description": "Not currently used by Cloud Run.",
+                  "description": "Not supported by Cloud Run.",
                   "location": "query",
                   "type": "boolean"
                 },
@@ -204,25 +204,25 @@
                   "type": "string"
                 },
                 "limit": {
-                  "description": "Optional. The maximum number of records that should be returned.",
+                  "description": "Optional. The maximum number of the records that should be returned.",
                   "format": "int32",
                   "location": "query",
                   "type": "integer"
                 },
                 "parent": {
-                  "description": "The namespace from which the configurations should be listed. For Cloud Run (fully managed), replace {namespace_id} with the project ID or number.",
+                  "description": "The namespace from which the configurations should be listed. For Cloud Run, replace {namespace_id} with the project ID or number.",
                   "location": "path",
                   "pattern": "^namespaces/[^/]+$",
                   "required": true,
                   "type": "string"
                 },
                 "resourceVersion": {
-                  "description": "The baseline resource version from which the list or watch operation should start. Not currently used by Cloud Run.",
+                  "description": "Not supported by Cloud Run.",
                   "location": "query",
                   "type": "string"
                 },
                 "watch": {
-                  "description": "Flag that indicates that the client expects to watch this resource as well. Not currently used by Cloud Run.",
+                  "description": "Not supported by Cloud Run.",
                   "location": "query",
                   "type": "boolean"
                 }
@@ -304,7 +304,7 @@
                   "type": "string"
                 },
                 "propagationPolicy": {
-                  "description": "Specifies the propagation policy of delete. Cloud Run currently ignores this setting, and deletes in the background. Please see kubernetes.io/docs/concepts/workloads/controllers/garbage-collection/ for more information.",
+                  "description": "Specifies the propagation policy of delete. Cloud Run currently ignores this setting, and deletes in the background. Please see kubernetes.io/docs/concepts/architecture/garbage-collection/ for more information.",
                   "location": "query",
                   "type": "string"
                 }
@@ -343,7 +343,7 @@
               ]
             },
             "list": {
-              "description": "List domain mappings.",
+              "description": "List all domain mappings.",
               "flatPath": "apis/domains.cloudrun.com/v1/namespaces/{namespacesId}/domainmappings",
               "httpMethod": "GET",
               "id": "run.namespaces.domainmappings.list",
@@ -462,7 +462,7 @@
                   "type": "string"
                 },
                 "propagationPolicy": {
-                  "description": "Optional. Specifies the propagation policy of delete. Cloud Run currently ignores this setting, and deletes in the background. Please see kubernetes.io/docs/concepts/workloads/controllers/garbage-collection/ for more information.",
+                  "description": "Optional. Specifies the propagation policy of delete. Cloud Run currently ignores this setting, and deletes in the background. Please see http://kubernetes.io/docs/concepts/workloads/controllers/garbage-collection/ for more information.",
                   "location": "query",
                   "type": "string"
                 }
@@ -515,12 +515,12 @@
                   "type": "string"
                 },
                 "fieldSelector": {
-                  "description": "Optional. Allows to filter resources based on a specific value for a field name. Send this in a query string format. i.e. 'metadata.name%3Dlorem'. Not currently used by Cloud Run.",
+                  "description": "Optional. Not supported by Cloud Run.",
                   "location": "query",
                   "type": "string"
                 },
                 "includeUninitialized": {
-                  "description": "Optional. Not currently used by Cloud Run.",
+                  "description": "Optional. Not supported by Cloud Run.",
                   "location": "query",
                   "type": "boolean"
                 },
@@ -530,7 +530,7 @@
                   "type": "string"
                 },
                 "limit": {
-                  "description": "Optional. The maximum number of records that should be returned.",
+                  "description": "Optional. The maximum number of the records that should be returned.",
                   "format": "int32",
                   "location": "query",
                   "type": "integer"
@@ -543,12 +543,12 @@
                   "type": "string"
                 },
                 "resourceVersion": {
-                  "description": "Optional. The baseline resource version from which the list or watch operation should start. Not currently used by Cloud Run.",
+                  "description": "Optional. Not supported by Cloud Run.",
                   "location": "query",
                   "type": "string"
                 },
                 "watch": {
-                  "description": "Optional. Flag that indicates that the client expects to watch this resource as well. Not currently used by Cloud Run.",
+                  "description": "Optional. Not supported by Cloud Run.",
                   "location": "query",
                   "type": "boolean"
                 }
@@ -673,12 +673,12 @@
                   "type": "string"
                 },
                 "fieldSelector": {
-                  "description": "Optional. Allows to filter resources based on a specific value for a field name. Send this in a query string format. i.e. 'metadata.name%3Dlorem'. Not currently used by Cloud Run.",
+                  "description": "Optional. Not supported by Cloud Run.",
                   "location": "query",
                   "type": "string"
                 },
                 "includeUninitialized": {
-                  "description": "Optional. Not currently used by Cloud Run.",
+                  "description": "Optional. Not supported by Cloud Run.",
                   "location": "query",
                   "type": "boolean"
                 },
@@ -701,12 +701,12 @@
                   "type": "string"
                 },
                 "resourceVersion": {
-                  "description": "Optional. The baseline resource version from which the list or watch operation should start. Not currently used by Cloud Run.",
+                  "description": "Optional. Not supported by Cloud Run.",
                   "location": "query",
                   "type": "string"
                 },
                 "watch": {
-                  "description": "Optional. Flag that indicates that the client expects to watch this resource as well. Not currently used by Cloud Run.",
+                  "description": "Optional. Not supported by Cloud Run.",
                   "location": "query",
                   "type": "boolean"
                 }
@@ -729,7 +729,7 @@
               ],
               "parameters": {
                 "name": {
-                  "description": "Required. The name of the service being replaced. Replace {namespace} with the project ID or number. It takes the form namespaces/{namespace}. For example: namespaces/PROJECT_ID",
+                  "description": "Required. The name of the job being replaced. Replace {namespace} with the project ID or number. It takes the form namespaces/{namespace}. For example: namespaces/PROJECT_ID",
                   "location": "path",
                   "pattern": "^namespaces/[^/]+/jobs/[^/]+$",
                   "required": true,
@@ -811,7 +811,7 @@
                   "type": "string"
                 },
                 "propagationPolicy": {
-                  "description": "Specifies the propagation policy of delete. Cloud Run currently ignores this setting, and deletes in the background. Please see kubernetes.io/docs/concepts/workloads/controllers/garbage-collection/ for more information.",
+                  "description": "Specifies the propagation policy of delete. Cloud Run currently ignores this setting, and deletes in the background. Please see https://kubernetes.io/docs/concepts/architecture/garbage-collection/ for more information.",
                   "location": "query",
                   "type": "string"
                 }
@@ -1005,7 +1005,7 @@
         "services": {
           "methods": {
             "create": {
-              "description": "Create a service.",
+              "description": "Creates a new Service. Service creation will trigger a new deployment. Use GetService, and check service.status to determine if the Service is ready.",
               "flatPath": "apis/serving.knative.dev/v1/namespaces/{namespacesId}/services",
               "httpMethod": "POST",
               "id": "run.namespaces.services.create",
@@ -1019,7 +1019,7 @@
                   "type": "string"
                 },
                 "parent": {
-                  "description": "The namespace in which the service should be created. For Cloud Run (fully managed), replace {namespace} with the project ID or number. It takes the form namespaces/{namespace}. For example: namespaces/PROJECT_ID",
+                  "description": "The resource's parent. In Cloud Run, it may be one of the following: * `namespaces/{project_id_or_number}` * `projects/{project_id_or_number}/locations/{region}` * `projects/{project_id_or_number}/regions/{region}`",
                   "location": "path",
                   "pattern": "^namespaces/[^/]+$",
                   "required": true,
@@ -1038,7 +1038,7 @@
               ]
             },
             "delete": {
-              "description": "Delete a service. This will cause the Service to stop serving traffic and will delete the child entities like Routes, Configurations and Revisions.",
+              "description": "Deletes the provided service. This will cause the Service to stop serving traffic and will delete all associated Revisions.",
               "flatPath": "apis/serving.knative.dev/v1/namespaces/{namespacesId}/services/{servicesId}",
               "httpMethod": "DELETE",
               "id": "run.namespaces.services.delete",
@@ -1047,7 +1047,7 @@
               ],
               "parameters": {
                 "apiVersion": {
-                  "description": "Cloud Run currently ignores this parameter.",
+                  "description": "Not supported, and ignored by Cloud Run.",
                   "location": "query",
                   "type": "string"
                 },
@@ -1057,19 +1057,19 @@
                   "type": "string"
                 },
                 "kind": {
-                  "description": "Cloud Run currently ignores this parameter.",
+                  "description": "Not supported, and ignored by Cloud Run.",
                   "location": "query",
                   "type": "string"
                 },
                 "name": {
-                  "description": "The name of the service to delete. For Cloud Run (fully managed), replace {namespace} with the project ID or number. It takes the form namespaces/{namespace}. For example: namespaces/PROJECT_ID",
+                  "description": "The fully qualified name of the service to delete. It can be any of the following forms: * `namespaces/{project_id_or_number}/services/{service_name}` * `projects/{project_id_or_number}/locations/{region}/services/{service_name}` * `projects/{project_id_or_number}/regions/{region}/services/{service_name}`",
                   "location": "path",
                   "pattern": "^namespaces/[^/]+/services/[^/]+$",
                   "required": true,
                   "type": "string"
                 },
                 "propagationPolicy": {
-                  "description": "Specifies the propagation policy of delete. Cloud Run currently ignores this setting, and deletes in the background. Please see kubernetes.io/docs/concepts/workloads/controllers/garbage-collection/ for more information.",
+                  "description": "Not supported, and ignored by Cloud Run.",
                   "location": "query",
                   "type": "string"
                 }
@@ -1083,7 +1083,7 @@
               ]
             },
             "get": {
-              "description": "Get information about a service.",
+              "description": "Gets information about a service.",
               "flatPath": "apis/serving.knative.dev/v1/namespaces/{namespacesId}/services/{servicesId}",
               "httpMethod": "GET",
               "id": "run.namespaces.services.get",
@@ -1092,7 +1092,7 @@
               ],
               "parameters": {
                 "name": {
-                  "description": "The name of the service to retrieve. For Cloud Run (fully managed), replace {namespace} with the project ID or number. It takes the form namespaces/{namespace}. For example: namespaces/PROJECT_ID",
+                  "description": "The fully qualified name of the service to retrieve. It can be any of the following forms: * `namespaces/{project_id_or_number}/services/{service_name}` * `projects/{project_id_or_number}/locations/{region}/services/{service_name}` * `projects/{project_id_or_number}/regions/{region}/services/{service_name}`",
                   "location": "path",
                   "pattern": "^namespaces/[^/]+/services/[^/]+$",
                   "required": true,
@@ -1108,7 +1108,7 @@
               ]
             },
             "list": {
-              "description": "List services.",
+              "description": "Lists services for the given project and region.",
               "flatPath": "apis/serving.knative.dev/v1/namespaces/{namespacesId}/services",
               "httpMethod": "GET",
               "id": "run.namespaces.services.list",
@@ -1122,12 +1122,12 @@
                   "type": "string"
                 },
                 "fieldSelector": {
-                  "description": "Allows to filter resources based on a specific value for a field name. Send this in a query string format. i.e. 'metadata.name%3Dlorem'. Not currently used by Cloud Run.",
+                  "description": "Not supported, and ignored by Cloud Run.",
                   "location": "query",
                   "type": "string"
                 },
                 "includeUninitialized": {
-                  "description": "Not currently used by Cloud Run.",
+                  "description": "Not supported, and ignored by Cloud Run.",
                   "location": "query",
                   "type": "boolean"
                 },
@@ -1143,19 +1143,19 @@
                   "type": "integer"
                 },
                 "parent": {
-                  "description": "The namespace from which the services should be listed. For Cloud Run (fully managed), replace {namespace} with the project ID or number. It takes the form namespaces/{namespace}. For example: namespaces/PROJECT_ID",
+                  "description": "The parent from where the resources should be listed. In Cloud Run, it may be one of the following: * `namespaces/{project_id_or_number}` * `projects/{project_id_or_number}/locations/{region}` * `projects/{project_id_or_number}/regions/{region}`",
                   "location": "path",
                   "pattern": "^namespaces/[^/]+$",
                   "required": true,
                   "type": "string"
                 },
                 "resourceVersion": {
-                  "description": "The baseline resource version from which the list or watch operation should start. Not currently used by Cloud Run.",
+                  "description": "Not supported, and ignored by Cloud Run.",
                   "location": "query",
                   "type": "string"
                 },
                 "watch": {
-                  "description": "Flag that indicates that the client expects to watch this resource as well. Not currently used by Cloud Run.",
+                  "description": "Not supported, and ignored by Cloud Run.",
                   "location": "query",
                   "type": "boolean"
                 }
@@ -1169,7 +1169,7 @@
               ]
             },
             "replaceService": {
-              "description": "Replace a service. Only the spec and metadata labels and annotations are modifiable. After the Update request, Cloud Run will work to make the 'status' match the requested 'spec'. May provide metadata.resourceVersion to enforce update from last read for optimistic concurrency control.",
+              "description": "Replaces a service. Only the spec and metadata labels and annotations are modifiable. After the Update request, Cloud Run will work to make the 'status' match the requested 'spec'. May provide metadata.resourceVersion to enforce update from last read for optimistic concurrency control.",
               "flatPath": "apis/serving.knative.dev/v1/namespaces/{namespacesId}/services/{servicesId}",
               "httpMethod": "PUT",
               "id": "run.namespaces.services.replaceService",
@@ -1183,7 +1183,7 @@
                   "type": "string"
                 },
                 "name": {
-                  "description": "The name of the service being replaced. For Cloud Run (fully managed), replace {namespace} with the project ID or number. It takes the form namespaces/{namespace}. For example: namespaces/PROJECT_ID",
+                  "description": "The fully qualified name of the service to replace. It can be any of the following forms: * `namespaces/{project_id_or_number}/services/{service_name}` * `projects/{project_id_or_number}/locations/{region}/services/{service_name}` * `projects/{project_id_or_number}/regions/{region}/services/{service_name}`",
                   "location": "path",
                   "pattern": "^namespaces/[^/]+/services/[^/]+$",
                   "required": true,
@@ -1245,12 +1245,12 @@
                   "type": "string"
                 },
                 "fieldSelector": {
-                  "description": "Optional. Allows to filter resources based on a specific value for a field name. Send this in a query string format. i.e. 'metadata.name%3Dlorem'. Not currently used by Cloud Run.",
+                  "description": "Optional. Not supported by Cloud Run.",
                   "location": "query",
                   "type": "string"
                 },
                 "includeUninitialized": {
-                  "description": "Optional. Not currently used by Cloud Run.",
+                  "description": "Optional. Not supported by Cloud Run.",
                   "location": "query",
                   "type": "boolean"
                 },
@@ -1273,12 +1273,12 @@
                   "type": "string"
                 },
                 "resourceVersion": {
-                  "description": "Optional. The baseline resource version from which the list or watch operation should start. Not currently used by Cloud Run.",
+                  "description": "Optional. Not supported by Cloud Run.",
                   "location": "query",
                   "type": "string"
                 },
                 "watch": {
-                  "description": "Optional. Flag that indicates that the client expects to watch this resource as well. Not currently used by Cloud Run.",
+                  "description": "Optional. Not supported by Cloud Run.",
                   "location": "query",
                   "type": "boolean"
                 }
@@ -1434,7 +1434,7 @@
                   ],
                   "parameters": {
                     "name": {
-                      "description": "The name of the configuration to retrieve. For Cloud Run (fully managed), replace {namespace_id} with the project ID or number.",
+                      "description": "The name of the configuration to retrieve. For Cloud Run, replace {namespace_id} with the project ID or number.",
                       "location": "path",
                       "pattern": "^projects/[^/]+/locations/[^/]+/configurations/[^/]+$",
                       "required": true,
@@ -1464,12 +1464,12 @@
                       "type": "string"
                     },
                     "fieldSelector": {
-                      "description": "Allows to filter resources based on a specific value for a field name. Send this in a query string format. i.e. 'metadata.name%3Dlorem'. Not currently used by Cloud Run.",
+                      "description": "Not supported by Cloud Run.",
                       "location": "query",
                       "type": "string"
                     },
                     "includeUninitialized": {
-                      "description": "Not currently used by Cloud Run.",
+                      "description": "Not supported by Cloud Run.",
                       "location": "query",
                       "type": "boolean"
                     },
@@ -1479,25 +1479,25 @@
                       "type": "string"
                     },
                     "limit": {
-                      "description": "Optional. The maximum number of records that should be returned.",
+                      "description": "Optional. The maximum number of the records that should be returned.",
                       "format": "int32",
                       "location": "query",
                       "type": "integer"
                     },
                     "parent": {
-                      "description": "The namespace from which the configurations should be listed. For Cloud Run (fully managed), replace {namespace_id} with the project ID or number.",
+                      "description": "The namespace from which the configurations should be listed. For Cloud Run, replace {namespace_id} with the project ID or number.",
                       "location": "path",
                       "pattern": "^projects/[^/]+/locations/[^/]+$",
                       "required": true,
                       "type": "string"
                     },
                     "resourceVersion": {
-                      "description": "The baseline resource version from which the list or watch operation should start. Not currently used by Cloud Run.",
+                      "description": "Not supported by Cloud Run.",
                       "location": "query",
                       "type": "string"
                     },
                     "watch": {
-                      "description": "Flag that indicates that the client expects to watch this resource as well. Not currently used by Cloud Run.",
+                      "description": "Not supported by Cloud Run.",
                       "location": "query",
                       "type": "boolean"
                     }
@@ -1579,7 +1579,7 @@
                       "type": "string"
                     },
                     "propagationPolicy": {
-                      "description": "Specifies the propagation policy of delete. Cloud Run currently ignores this setting, and deletes in the background. Please see kubernetes.io/docs/concepts/workloads/controllers/garbage-collection/ for more information.",
+                      "description": "Specifies the propagation policy of delete. Cloud Run currently ignores this setting, and deletes in the background. Please see kubernetes.io/docs/concepts/architecture/garbage-collection/ for more information.",
                       "location": "query",
                       "type": "string"
                     }
@@ -1618,7 +1618,7 @@
                   ]
                 },
                 "list": {
-                  "description": "List domain mappings.",
+                  "description": "List all domain mappings.",
                   "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/domainmappings",
                   "httpMethod": "GET",
                   "id": "run.projects.locations.domainmappings.list",
@@ -1805,7 +1805,7 @@
                       "type": "string"
                     },
                     "propagationPolicy": {
-                      "description": "Specifies the propagation policy of delete. Cloud Run currently ignores this setting, and deletes in the background. Please see kubernetes.io/docs/concepts/workloads/controllers/garbage-collection/ for more information.",
+                      "description": "Specifies the propagation policy of delete. Cloud Run currently ignores this setting, and deletes in the background. Please see https://kubernetes.io/docs/concepts/architecture/garbage-collection/ for more information.",
                       "location": "query",
                       "type": "string"
                     }
@@ -1999,7 +1999,7 @@
             "services": {
               "methods": {
                 "create": {
-                  "description": "Create a service.",
+                  "description": "Creates a new Service. Service creation will trigger a new deployment. Use GetService, and check service.status to determine if the Service is ready.",
                   "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/services",
                   "httpMethod": "POST",
                   "id": "run.projects.locations.services.create",
@@ -2013,7 +2013,7 @@
                       "type": "string"
                     },
                     "parent": {
-                      "description": "The namespace in which the service should be created. For Cloud Run (fully managed), replace {namespace} with the project ID or number. It takes the form namespaces/{namespace}. For example: namespaces/PROJECT_ID",
+                      "description": "The resource's parent. In Cloud Run, it may be one of the following: * `namespaces/{project_id_or_number}` * `projects/{project_id_or_number}/locations/{region}` * `projects/{project_id_or_number}/regions/{region}`",
                       "location": "path",
                       "pattern": "^projects/[^/]+/locations/[^/]+$",
                       "required": true,
@@ -2032,7 +2032,7 @@
                   ]
                 },
                 "delete": {
-                  "description": "Delete a service. This will cause the Service to stop serving traffic and will delete the child entities like Routes, Configurations and Revisions.",
+                  "description": "Deletes the provided service. This will cause the Service to stop serving traffic and will delete all associated Revisions.",
                   "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/services/{servicesId}",
                   "httpMethod": "DELETE",
                   "id": "run.projects.locations.services.delete",
@@ -2041,7 +2041,7 @@
                   ],
                   "parameters": {
                     "apiVersion": {
-                      "description": "Cloud Run currently ignores this parameter.",
+                      "description": "Not supported, and ignored by Cloud Run.",
                       "location": "query",
                       "type": "string"
                     },
@@ -2051,19 +2051,19 @@
                       "type": "string"
                     },
                     "kind": {
-                      "description": "Cloud Run currently ignores this parameter.",
+                      "description": "Not supported, and ignored by Cloud Run.",
                       "location": "query",
                       "type": "string"
                     },
                     "name": {
-                      "description": "The name of the service to delete. For Cloud Run (fully managed), replace {namespace} with the project ID or number. It takes the form namespaces/{namespace}. For example: namespaces/PROJECT_ID",
+                      "description": "The fully qualified name of the service to delete. It can be any of the following forms: * `namespaces/{project_id_or_number}/services/{service_name}` * `projects/{project_id_or_number}/locations/{region}/services/{service_name}` * `projects/{project_id_or_number}/regions/{region}/services/{service_name}`",
                       "location": "path",
                       "pattern": "^projects/[^/]+/locations/[^/]+/services/[^/]+$",
                       "required": true,
                       "type": "string"
                     },
                     "propagationPolicy": {
-                      "description": "Specifies the propagation policy of delete. Cloud Run currently ignores this setting, and deletes in the background. Please see kubernetes.io/docs/concepts/workloads/controllers/garbage-collection/ for more information.",
+                      "description": "Not supported, and ignored by Cloud Run.",
                       "location": "query",
                       "type": "string"
                     }
@@ -2077,7 +2077,7 @@
                   ]
                 },
                 "get": {
-                  "description": "Get information about a service.",
+                  "description": "Gets information about a service.",
                   "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/services/{servicesId}",
                   "httpMethod": "GET",
                   "id": "run.projects.locations.services.get",
@@ -2086,7 +2086,7 @@
                   ],
                   "parameters": {
                     "name": {
-                      "description": "The name of the service to retrieve. For Cloud Run (fully managed), replace {namespace} with the project ID or number. It takes the form namespaces/{namespace}. For example: namespaces/PROJECT_ID",
+                      "description": "The fully qualified name of the service to retrieve. It can be any of the following forms: * `namespaces/{project_id_or_number}/services/{service_name}` * `projects/{project_id_or_number}/locations/{region}/services/{service_name}` * `projects/{project_id_or_number}/regions/{region}/services/{service_name}`",
                       "location": "path",
                       "pattern": "^projects/[^/]+/locations/[^/]+/services/[^/]+$",
                       "required": true,
@@ -2102,7 +2102,7 @@
                   ]
                 },
                 "getIamPolicy": {
-                  "description": "Get the IAM Access Control policy currently in effect for the given Cloud Run service. This result does not include any inherited policies.",
+                  "description": "Gets the IAM Access Control policy currently in effect for the given Cloud Run service. This result does not include any inherited policies.",
                   "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/services/{servicesId}:getIamPolicy",
                   "httpMethod": "GET",
                   "id": "run.projects.locations.services.getIamPolicy",
@@ -2133,7 +2133,7 @@
                   ]
                 },
                 "list": {
-                  "description": "List services.",
+                  "description": "Lists services for the given project and region.",
                   "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/services",
                   "httpMethod": "GET",
                   "id": "run.projects.locations.services.list",
@@ -2147,12 +2147,12 @@
                       "type": "string"
                     },
                     "fieldSelector": {
-                      "description": "Allows to filter resources based on a specific value for a field name. Send this in a query string format. i.e. 'metadata.name%3Dlorem'. Not currently used by Cloud Run.",
+                      "description": "Not supported, and ignored by Cloud Run.",
                       "location": "query",
                       "type": "string"
                     },
                     "includeUninitialized": {
-                      "description": "Not currently used by Cloud Run.",
+                      "description": "Not supported, and ignored by Cloud Run.",
                       "location": "query",
                       "type": "boolean"
                     },
@@ -2168,19 +2168,19 @@
                       "type": "integer"
                     },
                     "parent": {
-                      "description": "The namespace from which the services should be listed. For Cloud Run (fully managed), replace {namespace} with the project ID or number. It takes the form namespaces/{namespace}. For example: namespaces/PROJECT_ID",
+                      "description": "The parent from where the resources should be listed. In Cloud Run, it may be one of the following: * `namespaces/{project_id_or_number}` * `projects/{project_id_or_number}/locations/{region}` * `projects/{project_id_or_number}/regions/{region}`",
                       "location": "path",
                       "pattern": "^projects/[^/]+/locations/[^/]+$",
                       "required": true,
                       "type": "string"
                     },
                     "resourceVersion": {
-                      "description": "The baseline resource version from which the list or watch operation should start. Not currently used by Cloud Run.",
+                      "description": "Not supported, and ignored by Cloud Run.",
                       "location": "query",
                       "type": "string"
                     },
                     "watch": {
-                      "description": "Flag that indicates that the client expects to watch this resource as well. Not currently used by Cloud Run.",
+                      "description": "Not supported, and ignored by Cloud Run.",
                       "location": "query",
                       "type": "boolean"
                     }
@@ -2194,7 +2194,7 @@
                   ]
                 },
                 "replaceService": {
-                  "description": "Replace a service. Only the spec and metadata labels and annotations are modifiable. After the Update request, Cloud Run will work to make the 'status' match the requested 'spec'. May provide metadata.resourceVersion to enforce update from last read for optimistic concurrency control.",
+                  "description": "Replaces a service. Only the spec and metadata labels and annotations are modifiable. After the Update request, Cloud Run will work to make the 'status' match the requested 'spec'. May provide metadata.resourceVersion to enforce update from last read for optimistic concurrency control.",
                   "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/services/{servicesId}",
                   "httpMethod": "PUT",
                   "id": "run.projects.locations.services.replaceService",
@@ -2208,7 +2208,7 @@
                       "type": "string"
                     },
                     "name": {
-                      "description": "The name of the service being replaced. For Cloud Run (fully managed), replace {namespace} with the project ID or number. It takes the form namespaces/{namespace}. For example: namespaces/PROJECT_ID",
+                      "description": "The fully qualified name of the service to replace. It can be any of the following forms: * `namespaces/{project_id_or_number}/services/{service_name}` * `projects/{project_id_or_number}/locations/{region}/services/{service_name}` * `projects/{project_id_or_number}/regions/{region}/services/{service_name}`",
                       "location": "path",
                       "pattern": "^projects/[^/]+/locations/[^/]+/services/[^/]+$",
                       "required": true,
@@ -2289,7 +2289,7 @@
       }
     }
   },
-  "revision": "20220807",
+  "revision": "20220814",
   "rootUrl": "https://run.googleapis.com/",
   "schemas": {
     "Addressable": {
@@ -2394,7 +2394,7 @@
       "type": "object"
     },
     "ConfigMapEnvSource": {
-      "description": "Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables.",
+      "description": "Not supported by Cloud Run. ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables.",
       "id": "ConfigMapEnvSource",
       "properties": {
         "localObjectReference": {
@@ -2406,18 +2406,18 @@
           "type": "string"
         },
         "optional": {
-          "description": "(Optional) Specify whether the ConfigMap must be defined",
+          "description": "Specify whether the ConfigMap must be defined.",
           "type": "boolean"
         }
       },
       "type": "object"
     },
     "ConfigMapKeySelector": {
-      "description": "Not supported by Cloud Run Selects a key from a ConfigMap.",
+      "description": "Not supported by Cloud Run. Selects a key from a ConfigMap.",
       "id": "ConfigMapKeySelector",
       "properties": {
         "key": {
-          "description": "The key to select.",
+          "description": "Required. The key to select.",
           "type": "string"
         },
         "localObjectReference": {
@@ -2425,18 +2425,18 @@
           "description": "This field should not be used directly as it is meant to be inlined directly into the message. Use the \"name\" field instead."
         },
         "name": {
-          "description": "The ConfigMap to select from.",
+          "description": "Required. The ConfigMap to select from.",
           "type": "string"
         },
         "optional": {
-          "description": "(Optional) Specify whether the ConfigMap or its key must be defined",
+          "description": "Specify whether the ConfigMap or its key must be defined",
           "type": "boolean"
         }
       },
       "type": "object"
     },
     "ConfigMapVolumeSource": {
-      "description": "Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.",
+      "description": "Not supported by Cloud Run. Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.",
       "id": "ConfigMapVolumeSource",
       "properties": {
         "defaultMode": {
@@ -2463,7 +2463,7 @@
       "type": "object"
     },
     "Configuration": {
-      "description": "Configuration represents the \"floating HEAD\" of a linear history of Revisions, and optionally how the containers those revisions reference are built. Users create new Revisions by updating the Configuration's spec. The \"latest created\" revision's name is available under status, as is the \"latest ready\" revision's name. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#configuration",
+      "description": "Configuration represents the \"floating HEAD\" of a linear history of Revisions, and optionally how the containers those revisions reference are built. Users create new Revisions by updating the Configuration's spec. The \"latest created\" revision's name is available under status, as is the \"latest ready\" revision's name. See also: https://github.com/knative/specs/blob/main/specs/serving/overview.md#configuration",
       "id": "Configuration",
       "properties": {
         "apiVersion": {
@@ -2505,14 +2505,14 @@
       "id": "ConfigurationStatus",
       "properties": {
         "conditions": {
-          "description": "Conditions communicates information about ongoing/complete reconciliation processes that bring the \"spec\" inline with the observed state of the world.",
+          "description": "Conditions communicate information about ongoing/complete reconciliation processes that bring the \"spec\" inline with the observed state of the world.",
           "items": {
             "$ref": "GoogleCloudRunV1Condition"
           },
           "type": "array"
         },
         "latestCreatedRevisionName": {
-          "description": "LatestCreatedRevisionName is the last revision that was created from this Configuration. It might not be ready yet, for that use LatestReadyRevisionName.",
+          "description": "LatestCreatedRevisionName is the last revision that was created from this Configuration. It might not be ready yet, so for the latest ready revision, use LatestReadyRevisionName.",
           "type": "string"
         },
         "latestReadyRevisionName": {
@@ -2532,50 +2532,51 @@
       "id": "Container",
       "properties": {
         "args": {
-          "description": "(Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell",
+          "description": "Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell",
           "items": {
             "type": "string"
           },
           "type": "array"
         },
         "command": {
+          "description": "Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell",
           "items": {
             "type": "string"
           },
           "type": "array"
         },
         "env": {
-          "description": "(Optional) List of environment variables to set in the container.",
+          "description": "List of environment variables to set in the container.",
           "items": {
             "$ref": "EnvVar"
           },
           "type": "array"
         },
         "envFrom": {
-          "description": "(Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.",
+          "description": "Not supported by Cloud Run.",
           "items": {
             "$ref": "EnvFromSource"
           },
           "type": "array"
         },
         "image": {
-          "description": "Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images",
+          "description": "Required. URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images",
           "type": "string"
         },
         "imagePullPolicy": {
-          "description": "(Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images",
+          "description": "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images",
           "type": "string"
         },
         "livenessProbe": {
           "$ref": "Probe",
-          "description": "(Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+          "description": "Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
         },
         "name": {
-          "description": "(Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names",
+          "description": "Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names",
           "type": "string"
         },
         "ports": {
-          "description": "(Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.",
+          "description": "List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.",
           "items": {
             "$ref": "ContainerPort"
           },
@@ -2583,37 +2584,37 @@
         },
         "readinessProbe": {
           "$ref": "Probe",
-          "description": "(Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+          "description": "Not supported by Cloud Run."
         },
         "resources": {
           "$ref": "ResourceRequirements",
-          "description": "(Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources"
+          "description": "Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources"
         },
         "securityContext": {
           "$ref": "SecurityContext",
-          "description": "(Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/"
+          "description": "Not supported by Cloud Run."
         },
         "startupProbe": {
           "$ref": "Probe",
-          "description": "(Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+          "description": "Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not receive traffic if the probe fails. If not provided, a default startup probe with TCP socket action is used. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
         },
         "terminationMessagePath": {
-          "description": "(Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.",
+          "description": "Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.",
           "type": "string"
         },
         "terminationMessagePolicy": {
-          "description": "(Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.",
+          "description": "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.",
           "type": "string"
         },
         "volumeMounts": {
-          "description": "(Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.",
+          "description": "Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.",
           "items": {
             "$ref": "VolumeMount"
           },
           "type": "array"
         },
         "workingDir": {
-          "description": "(Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.",
+          "description": "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.",
           "type": "string"
         }
       },
@@ -2624,16 +2625,16 @@
       "id": "ContainerPort",
       "properties": {
         "containerPort": {
-          "description": "(Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536.",
+          "description": "Port number the container listens on. This must be a valid port number, 0 < x < 65536.",
           "format": "int32",
           "type": "integer"
         },
         "name": {
-          "description": "(Optional) If specified, used to specify which protocol to use. Allowed values are \"http1\" and \"h2c\".",
+          "description": "If specified, used to specify which protocol to use. Allowed values are \"http1\" and \"h2c\".",
           "type": "string"
         },
         "protocol": {
-          "description": "(Optional) Protocol for port. Must be \"TCP\". Defaults to \"TCP\".",
+          "description": "Protocol for port. Must be \"TCP\". Defaults to \"TCP\".",
           "type": "string"
         }
       },
@@ -2680,7 +2681,7 @@
           "enumDescriptions": [
             "",
             "Do not provision an HTTPS certificate.",
-            "Automatically provisions an HTTPS certificate via GoogleCA or LetsEncrypt."
+            "Automatically provisions an HTTPS certificate via GoogleCA."
           ],
           "type": "string"
         },
@@ -2723,27 +2724,27 @@
           "type": "array"
         },
         "url": {
-          "description": "Optional. Cloud Run fully managed: not supported Cloud Run on GKE: supported Holds the URL that will serve the traffic of the DomainMapping.",
+          "description": "Optional. Not supported by Cloud Run.",
           "type": "string"
         }
       },
       "type": "object"
     },
     "EnvFromSource": {
-      "description": "Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps",
+      "description": "Not supported by Cloud Run. EnvFromSource represents the source of a set of ConfigMaps",
       "id": "EnvFromSource",
       "properties": {
         "configMapRef": {
           "$ref": "ConfigMapEnvSource",
-          "description": "(Optional) The ConfigMap to select from"
+          "description": "The ConfigMap to select from"
         },
         "prefix": {
-          "description": "(Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.",
+          "description": "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.",
           "type": "string"
         },
         "secretRef": {
           "$ref": "SecretEnvSource",
-          "description": "(Optional) The Secret to select from"
+          "description": "The Secret to select from"
         }
       },
       "type": "object"
@@ -2753,16 +2754,16 @@
       "id": "EnvVar",
       "properties": {
         "name": {
-          "description": "Name of the environment variable. Must be a C_IDENTIFIER.",
+          "description": "Required. Name of the environment variable. Must be a C_IDENTIFIER.",
           "type": "string"
         },
         "value": {
-          "description": "(Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".",
+          "description": "Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".",
           "type": "string"
         },
         "valueFrom": {
           "$ref": "EnvVarSource",
-          "description": "(Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty."
+          "description": "Source for the environment variable's value. Only supports secret_key_ref. Cannot be used if value is not empty."
         }
       },
       "type": "object"
@@ -2773,21 +2774,21 @@
       "properties": {
         "configMapKeyRef": {
           "$ref": "ConfigMapKeySelector",
-          "description": "(Optional) Not supported by Cloud Run Selects a key of a ConfigMap."
+          "description": "Not supported by Cloud Run. Selects a key of a ConfigMap."
         },
         "secretKeyRef": {
           "$ref": "SecretKeySelector",
-          "description": "(Optional) Selects a key (version) of a secret in Secret Manager."
+          "description": "Selects a key (version) of a secret in Secret Manager."
         }
       },
       "type": "object"
     },
     "ExecAction": {
-      "description": "Not supported by Cloud Run ExecAction describes a \"run in container\" action.",
+      "description": "Not supported by Cloud Run. ExecAction describes a \"run in container\" action.",
       "id": "ExecAction",
       "properties": {
         "command": {
-          "description": "(Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.",
+          "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.",
           "items": {
             "type": "string"
           },
@@ -2797,28 +2798,28 @@
       "type": "object"
     },
     "Execution": {
-      "description": "Execution represents the configuration of a single execution. A execution an immutable resource that references a container image which is run to completion.",
+      "description": "Execution represents the configuration of a single execution. An execution is an immutable resource that references a container image which is run to completion.",
       "id": "Execution",
       "properties": {
         "apiVersion": {
-          "description": "Optional. APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources +optional",
+          "description": "Optional. APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources",
           "type": "string"
         },
         "kind": {
-          "description": "Optional. Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +optional",
+          "description": "Optional. Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds",
           "type": "string"
         },
         "metadata": {
           "$ref": "ObjectMeta",
-          "description": "Optional. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional"
+          "description": "Optional. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata"
         },
         "spec": {
           "$ref": "ExecutionSpec",
-          "description": "Optional. Specification of the desired behavior of an execution. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status +optional"
+          "description": "Optional. Specification of the desired behavior of an execution. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status"
         },
         "status": {
           "$ref": "ExecutionStatus",
-          "description": "Output only. Current status of an execution. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status +optional",
+          "description": "Output only. Current status of an execution. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status",
           "readOnly": true
         }
       },
@@ -2850,12 +2851,12 @@
       "id": "ExecutionSpec",
       "properties": {
         "parallelism": {
-          "description": "Optional. Specifies the maximum desired number of tasks the execution should run at given time. Must be <= task_count. When the job is run, if this field is 0 or unset, the maximum possible value will be used for that execution. The actual number of tasks running in steady state will be less than this number when there are fewer tasks waiting to be completed remaining, i.e. when the work left to do is less than max parallelism. +optional",
+          "description": "Optional. Specifies the maximum desired number of tasks the execution should run at given time. Must be <= task_count. When the job is run, if this field is 0 or unset, the maximum possible value will be used for that execution. The actual number of tasks running in steady state will be less than this number when there are fewer tasks waiting to be completed, i.e. when the work left to do is less than max parallelism.",
           "format": "int32",
           "type": "integer"
         },
         "taskCount": {
-          "description": "Optional. Specifies the desired number of tasks the execution should run. Setting to 1 means that parallelism is limited to 1 and the success of that task signals the success of the execution. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/ +optional",
+          "description": "Optional. Specifies the desired number of tasks the execution should run. Setting to 1 means that parallelism is limited to 1 and the success of that task signals the success of the execution.",
           "format": "int32",
           "type": "integer"
         },
@@ -2867,28 +2868,28 @@
       "type": "object"
     },
     "ExecutionStatus": {
-      "description": "ExecutionStatus represents the current state of a Execution.",
+      "description": "ExecutionStatus represents the current state of an Execution.",
       "id": "ExecutionStatus",
       "properties": {
         "cancelledCount": {
-          "description": "Optional. The number of tasks which reached phase Cancelled. +optional",
+          "description": "Optional. The number of tasks which reached phase Cancelled.",
           "format": "int32",
           "type": "integer"
         },
         "completionTime": {
-          "description": "Optional. Represents time when the execution was completed. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC. +optional",
+          "description": "Optional. Represents the time that the execution was completed. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC. +optional",
           "format": "google-datetime",
           "type": "string"
         },
         "conditions": {
-          "description": "Optional. The latest available observations of an execution's current state. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/ +optional",
+          "description": "Optional. The latest available observations of an execution's current state.",
           "items": {
             "$ref": "GoogleCloudRunV1Condition"
           },
           "type": "array"
         },
         "failedCount": {
-          "description": "Optional. The number of tasks which reached phase Failed. +optional",
+          "description": "Optional. The number of tasks which reached phase Failed.",
           "format": "int32",
           "type": "integer"
         },
@@ -2902,22 +2903,22 @@
           "type": "integer"
         },
         "retriedCount": {
-          "description": "Optional. The number of tasks which have retried at least once. +optional",
+          "description": "Optional. The number of tasks which have retried at least once.",
           "format": "int32",
           "type": "integer"
         },
         "runningCount": {
-          "description": "Optional. The number of actively running tasks. +optional",
+          "description": "Optional. The number of actively running tasks.",
           "format": "int32",
           "type": "integer"
         },
         "startTime": {
-          "description": "Optional. Represents time when the execution started to run. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC. +optional",
+          "description": "Optional. Represents the time that the execution started to run. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC.",
           "format": "google-datetime",
           "type": "string"
         },
         "succeededCount": {
-          "description": "Optional. The number of tasks which reached phase Succeeded. +optional",
+          "description": "Optional. The number of tasks which reached phase Succeeded.",
           "format": "int32",
           "type": "integer"
         }
@@ -2979,7 +2980,7 @@
       "type": "object"
     },
     "GoogleCloudRunV1Condition": {
-      "description": "Condition defines a generic condition for a Resource.",
+      "description": "Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type \"Ready\" or \"Completed\" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.",
       "id": "GoogleCloudRunV1Condition",
       "properties": {
         "lastTransitionTime": {
@@ -2992,11 +2993,11 @@
           "type": "string"
         },
         "reason": {
-          "description": "Optional. One-word CamelCase reason for the condition's last transition.",
+          "description": "Optional. One-word CamelCase reason for the condition's last transition. These are intended to be stable, unique values which the client may use to trigger error handling logic, whereas messages which may be changed later by the server.",
           "type": "string"
         },
         "severity": {
-          "description": "Optional. How to interpret failures of this condition, one of Error, Warning, Info",
+          "description": "Optional. How to interpret this condition. One of Error, Warning, or Info. Conditions of severity Info do not contribute to resource readiness.",
           "type": "string"
         },
         "status": {
@@ -3004,7 +3005,7 @@
           "type": "string"
         },
         "type": {
-          "description": "type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * \"Ready\": True when the Resource is ready.",
+          "description": "type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * \"Ready\" or \"Completed\": True when the Resource is ready.",
           "type": "string"
         }
       },
@@ -3042,22 +3043,22 @@
       "id": "HTTPGetAction",
       "properties": {
         "host": {
-          "description": "(Optional) Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.",
+          "description": "Not supported by Cloud Run.",
           "type": "string"
         },
         "httpHeaders": {
-          "description": "(Optional) Custom headers to set in the request. HTTP allows repeated headers.",
+          "description": "Custom headers to set in the request. HTTP allows repeated headers.",
           "items": {
             "$ref": "HTTPHeader"
           },
           "type": "array"
         },
         "path": {
-          "description": "(Optional) Path to access on the HTTP server.",
+          "description": "Path to access on the HTTP server.",
           "type": "string"
         },
         "scheme": {
-          "description": "(Optional) Scheme to use for connecting to the host. Defaults to HTTP.",
+          "description": "Not supported by Cloud Run.",
           "type": "string"
         }
       },
@@ -3079,28 +3080,28 @@
       "type": "object"
     },
     "Job": {
-      "description": "Job represents the configuration of a single job. A job an immutable resource that references a container image which is run to completion.",
+      "description": "Job represents the configuration of a single job, which references a container image which is run to completion.",
       "id": "Job",
       "properties": {
         "apiVersion": {
-          "description": "Optional. APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources +optional",
+          "description": "Optional. APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources",
           "type": "string"
         },
         "kind": {
-          "description": "Optional. Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +optional",
+          "description": "Optional. Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds",
           "type": "string"
         },
         "metadata": {
           "$ref": "ObjectMeta",
-          "description": "Optional. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional"
+          "description": "Optional. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata"
         },
         "spec": {
           "$ref": "JobSpec",
-          "description": "Optional. Specification of the desired behavior of a job. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status +optional"
+          "description": "Optional. Specification of the desired behavior of a job. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status"
         },
         "status": {
           "$ref": "JobStatus",
-          "description": "Output only. Current status of a job. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status +optional",
+          "description": "Output only. Current status of a job. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status",
           "readOnly": true
         }
       },
@@ -3122,7 +3123,7 @@
       "id": "JobStatus",
       "properties": {
         "conditions": {
-          "description": "The latest available observations of a job's current state. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/",
+          "description": "The latest available observations of a job's current state. More info: https://kubernetes.io/docs/concepts/workloads/controllers/job/",
           "items": {
             "$ref": "GoogleCloudRunV1Condition"
           },
@@ -3334,19 +3335,19 @@
       "type": "object"
     },
     "ListMeta": {
-      "description": "ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}.",
+      "description": "Metadata for synthetic resources like List. In Cloud Run, all List Resources Responses will have a ListMeta instead of ObjectMeta.",
       "id": "ListMeta",
       "properties": {
         "continue": {
-          "description": "continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response.",
+          "description": "Continuation token is a value emitted when the count of items is larger than the user/system limit. To retrieve the next page of items, pass the value of `continue` as the next request's `page_token`.",
           "type": "string"
         },
         "resourceVersion": {
-          "description": "String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional",
+          "description": "Opaque string that identifies the server's internal version of this object. It can be used by clients to determine when objects have changed. If the message is passed back to the server, it must be left unmodified. https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency",
           "type": "string"
         },
         "selfLink": {
-          "description": "SelfLink is a URL representing this object. Populated by the system. Read-only. +optional",
+          "description": "URL representing this object.",
           "type": "string"
         }
       },
@@ -3423,7 +3424,7 @@
       "id": "ListServicesResponse",
       "properties": {
         "apiVersion": {
-          "description": "The API version for this call such as \"serving.knative.dev/v1\".",
+          "description": "The API version for this call; returns \"serving.knative.dev/v1\".",
           "type": "string"
         },
         "items": {
@@ -3434,7 +3435,7 @@
           "type": "array"
         },
         "kind": {
-          "description": "The kind of this resource, in this case \"ServiceList\".",
+          "description": "The kind of this resource; returns \"ServiceList\".",
           "type": "string"
         },
         "metadata": {
@@ -3442,7 +3443,7 @@
           "description": "Metadata associated with this Service list."
         },
         "unreachable": {
-          "description": "Locations that could not be reached.",
+          "description": "For calls against the global endpoint, returns the list of Cloud locations that could not be reached. For regional calls, this field is not used.",
           "items": {
             "type": "string"
           },
@@ -3485,11 +3486,11 @@
       "type": "object"
     },
     "LocalObjectReference": {
-      "description": "Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.",
+      "description": "Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.",
       "id": "LocalObjectReference",
       "properties": {
         "name": {
-          "description": "(Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+          "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
           "type": "string"
         }
       },
@@ -3537,41 +3538,41 @@
           "additionalProperties": {
             "type": "string"
           },
-          "description": "(Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations",
+          "description": "Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. * `autoscaling.knative.dev/maxScale`: Revision. * `autoscaling.knative.dev/minScale`: Revision. * `run.googleapis.com/binary-authorization-breakglass`: Service, Job, * `run.googleapis.com/binary-authorization`: Service, Job, Execution. * `run.googleapis.com/client-name`: All resources. * `run.googleapis.com/cloudsql-instances`: Revision, Execution. * `run.googleapis.com/cpu-throttling`: Revision. * `run.googleapis.com/custom-audiences`: Service. * `run.googleapis.com/description`: Service. * `run.googleapis.com/encryption-key-shutdown-hours`: Revision * `run.googleapis.com/encryption-key`: Revision, Execution. * `run.googleapis.com/execution-environment`: Revision, Execution. * `run.googleapis.com/gc-traffic-tags`: Service. * `run.googleapis.com/ingress`: Service. * `run.googleapis.com/network-interfaces`: Revision, Execution. * `run.googleapis.com/post-key-revocation-action-type`: Revision. * `run.googleapis.com/secrets`: Revision, Execution. * `run.googleapis.com/secure-session-agent`: Revision. * `run.googleapis.com/sessionAffinity`: Revision. * `run.googleapis.com/startup-cpu-boost`: Revision. * `run.googleapis.com/vpc-access-connector`: Revision, Execution. * `run.googleapis.com/vpc-access-egress`: Revision, Execution. Execution. More info: https://kubernetes.io/docs/user-guide/annotations",
           "type": "object"
         },
         "clusterName": {
-          "description": "(Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.",
+          "description": "Not supported by Cloud Run",
           "type": "string"
         },
         "creationTimestamp": {
-          "description": "(Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
+          "description": "UTC timestamp representing the server time when this object was created. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
           "format": "google-datetime",
           "type": "string"
         },
         "deletionGracePeriodSeconds": {
-          "description": "(Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.",
+          "description": "Not supported by Cloud Run",
           "format": "int32",
           "type": "integer"
         },
         "deletionTimestamp": {
-          "description": "(Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
+          "description": "The read-only soft deletion timestamp for this resource. In Cloud Run, users are not able to set this field. Instead, they must call the corresponding Delete API.",
           "format": "google-datetime",
           "type": "string"
         },
         "finalizers": {
-          "description": "(Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge",
+          "description": "Not supported by Cloud Run",
           "items": {
             "type": "string"
           },
           "type": "array"
         },
         "generateName": {
-          "description": "(Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;",
+          "description": "Not supported by Cloud Run",
           "type": "string"
         },
         "generation": {
-          "description": "(Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.",
+          "description": "A system-provided sequence number representing a specific generation of the desired state.",
           "format": "int32",
           "type": "integer"
         },
@@ -3579,65 +3580,65 @@
           "additionalProperties": {
             "type": "string"
           },
-          "description": "(Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels",
+          "description": "Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/user-guide/labels",
           "type": "object"
         },
         "name": {
-          "description": "Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a namespaces.services.create request, name must contain fewer than 50 characters. +optional",
+          "description": "The immutable name of the resource. In Cloud Run, name is required when creating top-level resources (Service, Job), and must be unique within a Cloud Run project/region. More info: https://kubernetes.io/docs/user-guide/identifiers#names If ObjectMeta is part of a CreateServiceRequest, name must contain fewer than 50 characters. Otherwise,",
           "type": "string"
         },
         "namespace": {
-          "description": "Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number.",
+          "description": "Defines the space within each name must be unique within a Cloud Run region. In Cloud Run, it must be project ID or number.",
           "type": "string"
         },
         "ownerReferences": {
-          "description": "(Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.",
+          "description": "Not supported by Cloud Run",
           "items": {
             "$ref": "OwnerReference"
           },
           "type": "array"
         },
         "resourceVersion": {
-          "description": "Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency",
+          "description": "Optional. Opaque, system-generated value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency",
           "type": "string"
         },
         "selfLink": {
-          "description": "(Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;",
+          "description": "URL representing this object.",
           "type": "string"
         },
         "uid": {
-          "description": "(Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: https://kubernetes.io/docs/user-guide/identifiers#uids",
+          "description": "Unique, system-generated identifier for this resource. More info: https://kubernetes.io/docs/user-guide/identifiers#uids",
           "type": "string"
         }
       },
       "type": "object"
     },
     "OwnerReference": {
-      "description": "OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.",
+      "description": "This is not supported or used by Cloud Run.",
       "id": "OwnerReference",
       "properties": {
         "apiVersion": {
-          "description": "API version of the referent.",
+          "description": "This is not supported or used by Cloud Run.",
           "type": "string"
         },
         "blockOwnerDeletion": {
-          "description": "If true, AND if the owner has the \"foregroundDeletion\" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs \"delete\" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional",
+          "description": "This is not supported or used by Cloud Run.",
           "type": "boolean"
         },
         "controller": {
-          "description": "If true, this reference points to the managing controller. +optional",
+          "description": "This is not supported or used by Cloud Run.",
           "type": "boolean"
         },
         "kind": {
-          "description": "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds",
+          "description": "This is not supported or used by Cloud Run.",
           "type": "string"
         },
         "name": {
-          "description": "Name of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#names",
+          "description": "This is not supported or used by Cloud Run.",
           "type": "string"
         },
         "uid": {
-          "description": "UID of the referent. More info: https://kubernetes.io/docs/user-guide/identifiers#uids",
+          "description": "This is not supported or used by Cloud Run.",
           "type": "string"
         }
       },
@@ -3675,47 +3676,47 @@
       "type": "object"
     },
     "Probe": {
-      "description": "Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.",
+      "description": "Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.",
       "id": "Probe",
       "properties": {
         "exec": {
           "$ref": "ExecAction",
-          "description": "(Optional) Not supported by Cloud Run One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message."
+          "description": "Not supported by Cloud Run."
         },
         "failureThreshold": {
-          "description": "(Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.",
+          "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.",
           "format": "int32",
           "type": "integer"
         },
         "grpc": {
           "$ref": "GRPCAction",
-          "description": "(Optional) GRPCAction specifies an action involving a GRPC port. A field inlined from the Handler message."
+          "description": "GRPCAction specifies an action involving a GRPC port."
         },
         "httpGet": {
           "$ref": "HTTPGetAction",
-          "description": "(Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message."
+          "description": "HTTPGet specifies the http request to perform."
         },
         "initialDelaySeconds": {
-          "description": "(Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes",
+          "description": "Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes",
           "format": "int32",
           "type": "integer"
         },
         "periodSeconds": {
-          "description": "(Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.",
+          "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeout_seconds.",
           "format": "int32",
           "type": "integer"
         },
         "successThreshold": {
-          "description": "(Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.",
+          "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Must be 1 if set.",
           "format": "int32",
           "type": "integer"
         },
         "tcpSocket": {
           "$ref": "TCPSocketAction",
-          "description": "(Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message."
+          "description": "TCPSocket specifies an action involving a TCP port."
         },
         "timeoutSeconds": {
-          "description": "(Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes",
+          "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes",
           "format": "int32",
           "type": "integer"
         }
@@ -3761,21 +3762,21 @@
           "additionalProperties": {
             "type": "string"
           },
-          "description": "(Optional) Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go",
+          "description": "Only memory and CPU are supported. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go",
           "type": "object"
         },
         "requests": {
           "additionalProperties": {
             "type": "string"
           },
-          "description": "(Optional) Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go",
+          "description": "Only memory and CPU are supported. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go",
           "type": "object"
         }
       },
       "type": "object"
     },
     "Revision": {
-      "description": "Revision is an immutable snapshot of code and configuration. A revision references a container image. Revisions are created by updates to a Configuration. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#revision",
+      "description": "Revision is an immutable snapshot of code and configuration. A revision references a container image. Revisions are created by updates to a Configuration. See also: https://github.com/knative/specs/blob/main/specs/serving/overview.md#revision",
       "id": "Revision",
       "properties": {
         "apiVersion": {
@@ -3806,23 +3807,23 @@
       "id": "RevisionSpec",
       "properties": {
         "containerConcurrency": {
-          "description": "ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run for Anthos: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler.",
+          "description": "ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run: supported, defaults to 80",
           "format": "int32",
           "type": "integer"
         },
         "containers": {
-          "description": "Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/serving/blob/main/docs/runtime-contract.md",
+          "description": "Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/specs/blob/main/specs/serving/runtime-contract.md",
           "items": {
             "$ref": "Container"
           },
           "type": "array"
         },
         "enableServiceLinks": {
-          "description": "Indicates whether information about services should be injected into pod's environment variables, matching the syntax of Docker links. Cloud Run fully managed: Not supported. Cloud Run for Anthos: supported, defaults to true.",
+          "description": "Not supported by Cloud Run.",
           "type": "boolean"
         },
         "imagePullSecrets": {
-          "description": "ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet. More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod Cloud Run fully managed: Not supported. Cloud Run for Anthos: supported.",
+          "description": "Not supported by Cloud Run.",
           "items": {
             "$ref": "LocalObjectReference"
           },
@@ -3833,7 +3834,7 @@
           "type": "string"
         },
         "timeoutSeconds": {
-          "description": "TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run fully managed: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour). Cloud Run for Anthos: defaults to 300 seconds (5 minutes). Maximum allowed value is configurable by the cluster operator.",
+          "description": "TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour).",
           "format": "int32",
           "type": "integer"
         },
@@ -3893,7 +3894,7 @@
       "type": "object"
     },
     "Route": {
-      "description": "Route is responsible for configuring ingress over a collection of Revisions. Some of the Revisions a Route distributes traffic over may be specified by referencing the Configuration responsible for creating them; in these cases the Route is additionally responsible for monitoring the Configuration for \"latest ready\" revision changes, and smoothly rolling out latest revisions. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#route Cloud Run currently supports referencing a single Configuration to automatically deploy the \"latest ready\" Revision from that Configuration.",
+      "description": "Route is responsible for configuring ingress over a collection of Revisions. Some of the Revisions a Route distributes traffic over may be specified by referencing the Configuration responsible for creating them; in these cases the Route is additionally responsible for monitoring the Configuration for \"latest ready\" revision changes, and smoothly rolling out latest revisions. See also: https://github.com/knative/specs/blob/main/specs/serving/overview.md#route Cloud Run currently supports referencing a single Configuration to automatically deploy the \"latest ready\" Revision from that Configuration.",
       "id": "Route",
       "properties": {
         "apiVersion": {
@@ -3954,7 +3955,7 @@
           "type": "integer"
         },
         "traffic": {
-          "description": "Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed.",
+          "description": "Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that was last observed.",
           "items": {
             "$ref": "TrafficTarget"
           },
@@ -3974,7 +3975,7 @@
       "type": "object"
     },
     "SecretEnvSource": {
-      "description": "Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables.",
+      "description": "Not supported by Cloud Run. SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables.",
       "id": "SecretEnvSource",
       "properties": {
         "localObjectReference": {
@@ -3986,7 +3987,7 @@
           "type": "string"
         },
         "optional": {
-          "description": "(Optional) Specify whether the Secret must be defined",
+          "description": "Specify whether the Secret must be defined",
           "type": "boolean"
         }
       },
@@ -3997,7 +3998,7 @@
       "id": "SecretKeySelector",
       "properties": {
         "key": {
-          "description": "A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.",
+          "description": "Required. A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.",
           "type": "string"
         },
         "localObjectReference": {
@@ -4009,14 +4010,14 @@
           "type": "string"
         },
         "optional": {
-          "description": "(Optional) Specify whether the Secret or its key must be defined",
+          "description": "Specify whether the Secret or its key must be defined.",
           "type": "boolean"
         }
       },
       "type": "object"
     },
     "SecretVolumeSource": {
-      "description": "The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names.",
+      "description": "A volume representing a secret stored in Google Secret Manager. The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names.",
       "id": "SecretVolumeSource",
       "properties": {
         "defaultMode": {
@@ -4025,14 +4026,14 @@
           "type": "integer"
         },
         "items": {
-          "description": "(Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.",
+          "description": "A list of secret versions to mount in the volume. If no items are specified, the volume will expose a file with the same name as the secret name. The contents of the file will be the data in the latest version of the secret. If items are specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify both a key and a path.",
           "items": {
             "$ref": "KeyToPath"
           },
           "type": "array"
         },
         "optional": {
-          "description": "(Optional) Specify whether the Secret or its keys must be defined.",
+          "description": "Not supported by Cloud Run.",
           "type": "boolean"
         },
         "secretName": {
@@ -4043,11 +4044,11 @@
       "type": "object"
     },
     "SecurityContext": {
-      "description": "Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence.",
+      "description": "Not supported by Cloud Run. SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence.",
       "id": "SecurityContext",
       "properties": {
         "runAsUser": {
-          "description": "(Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.",
+          "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.",
           "format": "int32",
           "type": "integer"
         }
@@ -4059,24 +4060,24 @@
       "id": "Service",
       "properties": {
         "apiVersion": {
-          "description": "The API version for this call such as \"serving.knative.dev/v1\".",
+          "description": "The API version for this call. It must be \"serving.knative.dev/v1\".",
           "type": "string"
         },
         "kind": {
-          "description": "The kind of resource, in this case \"Service\".",
+          "description": "The kind of resource. It must be \"Service\".",
           "type": "string"
         },
         "metadata": {
           "$ref": "ObjectMeta",
-          "description": "Metadata associated with this Service, including name, namespace, labels, and annotations. Cloud Run (fully managed) uses the following annotation keys to configure features on a Service: * `run.googleapis.com/ingress` sets the ingress settings for the Service. See [the ingress settings documentation](/run/docs/securing/ingress) for details on configuring ingress settings. * `run.googleapis.com/ingress-status` is output-only and contains the currently active ingress settings for the Service. `run.googleapis.com/ingress-status` may differ from `run.googleapis.com/ingress` while the system is processing a change to `run.googleapis.com/ingress` or if the system failed to process a change to `run.googleapis.com/ingress`. When the system has processed all changes successfully `run.googleapis.com/ingress-status` and `run.googleapis.com/ingress` are equal."
+          "description": "Metadata associated with this Service, including name, namespace, labels, and annotations. In Cloud Run, annotations with 'run.googleapis.com/' and 'autoscaling.knative.dev' are restricted, and the accepted annotations will be different depending on the resource type. The following Cloud Run-specific annotations are accepted in Service.metadata.annotations. * `run.googleapis.com/binary-authorization-breakglass` * `run.googleapis.com/binary-authorization` * `run.googleapis.com/client-name` * `run.googleapis.com/custom-audiences` * `run.googleapis.com/description` * `run.googleapis.com/gc-traffic-tags` * `run.googleapis.com/ingress` * `run.googleapis.com/ingress` sets the ingress settings for the Service. See [the ingress settings documentation](/run/docs/securing/ingress) for details on configuring ingress settings. * `run.googleapis.com/ingress-status` is output-only and contains the currently active ingress settings for the Service. `run.googleapis.com/ingress-status` may differ from `run.googleapis.com/ingress` while the system is processing a change to `run.googleapis.com/ingress` or if the system failed to process a change to `run.googleapis.com/ingress`. When the system has processed all changes successfully `run.googleapis.com/ingress-status` and `run.googleapis.com/ingress` are equal."
         },
         "spec": {
           "$ref": "ServiceSpec",
-          "description": "Spec holds the desired state of the Service (from the client)."
+          "description": "Holds the desired state of the Service (from the client)."
         },
         "status": {
           "$ref": "ServiceStatus",
-          "description": "Status communicates the observed state of the Service (from the controller)."
+          "description": "Communicates the system-controlled state of the Service."
         }
       },
       "type": "object"
@@ -4087,10 +4088,10 @@
       "properties": {
         "template": {
           "$ref": "RevisionTemplate",
-          "description": "Template holds the latest specification for the Revision to be stamped out."
+          "description": "Holds the latest specification for the Revision to be stamped out."
         },
         "traffic": {
-          "description": "Traffic specifies how to distribute traffic over a collection of Knative Revisions and Configurations.",
+          "description": "Specifies how to distribute traffic over a collection of Knative Revisions and Configurations to the Service's main URL.",
           "items": {
             "$ref": "TrafficTarget"
           },
@@ -4105,37 +4106,37 @@
       "properties": {
         "address": {
           "$ref": "Addressable",
-          "description": "From RouteStatus. Similar to url, information on where the service is available on HTTP."
+          "description": "Similar to url, information on where the service is available on HTTP."
         },
         "conditions": {
-          "description": "Conditions communicates information about ongoing/complete reconciliation processes that bring the \"spec\" inline with the observed state of the world. Service-specific conditions include: * \"ConfigurationsReady\": true when the underlying Configuration is ready. * \"RoutesReady\": true when the underlying Route is ready. * \"Ready\": true when both the underlying Route and Configuration are ready.",
+          "description": "Communicates information about ongoing/complete reconciliation processes that bring the `spec` inline with the observed state of the world. Service-specific conditions include: * `ConfigurationsReady`: `True` when the underlying Configuration is ready. * `RoutesReady`: `True` when the underlying Route is ready. * `Ready`: `True` when all underlying resources are ready.",
           "items": {
             "$ref": "GoogleCloudRunV1Condition"
           },
           "type": "array"
         },
         "latestCreatedRevisionName": {
-          "description": "From ConfigurationStatus. LatestCreatedRevisionName is the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName.",
+          "description": "Name of the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName.",
           "type": "string"
         },
         "latestReadyRevisionName": {
-          "description": "From ConfigurationStatus. LatestReadyRevisionName holds the name of the latest Revision stamped out from this Service's Configuration that has had its \"Ready\" condition become \"True\".",
+          "description": "Name of the latest Revision from this Service's Configuration that has had its `Ready` condition become `True`.",
           "type": "string"
         },
         "observedGeneration": {
-          "description": "ObservedGeneration is the 'Generation' of the Route that was last processed by the controller. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False.",
+          "description": "Returns the generation last fully processed by the system. This will only match metadata.generation when reconciliation is complete. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False.",
           "format": "int32",
           "type": "integer"
         },
         "traffic": {
-          "description": "From RouteStatus. Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed.",
+          "description": "Holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed.",
           "items": {
             "$ref": "TrafficTarget"
           },
           "type": "array"
         },
         "url": {
-          "description": "From RouteStatus. URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app",
+          "description": "URL that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app",
           "type": "string"
         }
       },
@@ -4158,32 +4159,32 @@
       "type": "object"
     },
     "Status": {
-      "description": "Status is a return value for calls that don't return other objects",
+      "description": "Status is a return value for calls that don't return other objects.",
       "id": "Status",
       "properties": {
         "code": {
-          "description": "Suggested HTTP return code for this status, 0 if not set. +optional",
+          "description": "Suggested HTTP return code for this status, 0 if not set.",
           "format": "int32",
           "type": "integer"
         },
         "details": {
           "$ref": "StatusDetails",
-          "description": "Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type. +optional"
+          "description": "Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type."
         },
         "message": {
-          "description": "A human-readable description of the status of this operation. +optional",
+          "description": "A human-readable description of the status of this operation.",
           "type": "string"
         },
         "metadata": {
           "$ref": "ListMeta",
-          "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +optional"
+          "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
         },
         "reason": {
-          "description": "A machine-readable description of why this operation is in the \"Failure\" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it. +optional",
+          "description": "A machine-readable description of why this operation is in the \"Failure\" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it.",
           "type": "string"
         },
         "status": {
-          "description": "Status of the operation. One of: \"Success\" or \"Failure\". More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status +optional",
+          "description": "Status of the operation. One of: \"Success\" or \"Failure\". More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status",
           "type": "string"
         }
       },
@@ -4194,15 +4195,15 @@
       "id": "StatusCause",
       "properties": {
         "field": {
-          "description": "The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. Examples: \"name\" - the field \"name\" on the current resource \"items[0].name\" - the field \"name\" on the first array entry in \"items\" +optional",
+          "description": "The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Examples: \"name\" - the field \"name\" on the current resource \"items[0].name\" - the field \"name\" on the first array entry in \"items\"",
           "type": "string"
         },
         "message": {
-          "description": "A human-readable description of the cause of the error. This field may be presented as-is to a reader. +optional",
+          "description": "A human-readable description of the cause of the error. This field may be presented as-is to a reader.",
           "type": "string"
         },
         "reason": {
-          "description": "A machine-readable description of the cause of the error. If this value is empty there is no information available. +optional",
+          "description": "A machine-readable description of the cause of the error. If this value is empty there is no information available.",
           "type": "string"
         }
       },
@@ -4213,31 +4214,31 @@
       "id": "StatusDetails",
       "properties": {
         "causes": {
-          "description": "The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes. +optional",
+          "description": "The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes.",
           "items": {
             "$ref": "StatusCause"
           },
           "type": "array"
         },
         "group": {
-          "description": "The group attribute of the resource associated with the status StatusReason. +optional",
+          "description": "The group attribute of the resource associated with the status StatusReason.",
           "type": "string"
         },
         "kind": {
-          "description": "The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +optional",
+          "description": "The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds",
           "type": "string"
         },
         "name": {
-          "description": "The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described). +optional",
+          "description": "The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described).",
           "type": "string"
         },
         "retryAfterSeconds": {
-          "description": "If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action. +optional",
+          "description": "If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action.",
           "format": "int32",
           "type": "integer"
         },
         "uid": {
-          "description": "UID of the resource. (when there is a single resource which can be described). More info: https://kubernetes.io/docs/user-guide/identifiers#uids +optional",
+          "description": "UID of the resource. (when there is a single resource which can be described). More info: https://kubernetes.io/docs/user-guide/identifiers#uids",
           "type": "string"
         }
       },
@@ -4248,11 +4249,11 @@
       "id": "TCPSocketAction",
       "properties": {
         "host": {
-          "description": "(Optional) Optional: Host name to connect to, defaults to the pod IP.",
+          "description": "Not supported by Cloud Run.",
           "type": "string"
         },
         "port": {
-          "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.",
+          "description": "Port number to access on the container. Number must be in the range 1 to 65535.",
           "format": "int32",
           "type": "integer"
         }
@@ -4264,24 +4265,24 @@
       "id": "Task",
       "properties": {
         "apiVersion": {
-          "description": "Optional. APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources +optional",
+          "description": "Optional. APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources",
           "type": "string"
         },
         "kind": {
-          "description": "Optional. Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +optional",
+          "description": "Optional. Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds",
           "type": "string"
         },
         "metadata": {
           "$ref": "ObjectMeta",
-          "description": "Optional. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional"
+          "description": "Optional. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata"
         },
         "spec": {
           "$ref": "TaskSpec",
-          "description": "Optional. Specification of the desired behavior of an execution. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status +optional"
+          "description": "Optional. Specification of the desired behavior of a task. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status"
         },
         "status": {
           "$ref": "TaskStatus",
-          "description": "Output only. Current status of an execution. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status +optional",
+          "description": "Output only. Current status of a task. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status",
           "readOnly": true
         }
       },
@@ -4320,16 +4321,16 @@
           "type": "integer"
         },
         "serviceAccountName": {
-          "description": "Optional. Email address of the IAM service account associated with the task of a job execution. The service account represents the identity of the running task, and determines what permissions the task has. If not provided, the task will use the project's default service account. +optional",
+          "description": "Optional. Email address of the IAM service account associated with the task of a job execution. The service account represents the identity of the running task, and determines what permissions the task has. If not provided, the task will use the project's default service account.",
           "type": "string"
         },
         "timeoutSeconds": {
-          "description": "Optional. Optional duration in seconds the task may be active before the system will actively try to mark it failed and kill associated containers. This applies per attempt of a task, meaning each retry can run for the full timeout. +optional",
+          "description": "Optional. Duration in seconds the task may be active before the system will actively try to mark it failed and kill associated containers. This applies per attempt of a task, meaning each retry can run for the full timeout.",
           "format": "int64",
           "type": "string"
         },
         "volumes": {
-          "description": "Optional. List of volumes that can be mounted by containers belonging to the task. More info: https://kubernetes.io/docs/concepts/storage/volumes +optional",
+          "description": "Optional. List of volumes that can be mounted by containers belonging to the task. More info: https://kubernetes.io/docs/concepts/storage/volumes",
           "items": {
             "$ref": "Volume"
           },
@@ -4339,16 +4340,16 @@
       "type": "object"
     },
     "TaskStatus": {
-      "description": "TaskStatus represents the status of a task of a job execution.",
+      "description": "TaskStatus represents the status of a task.",
       "id": "TaskStatus",
       "properties": {
         "completionTime": {
-          "description": "Optional. Represents time when the task was completed. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC. +optional",
+          "description": "Optional. Represents time when the task was completed. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC.",
           "format": "google-datetime",
           "type": "string"
         },
         "conditions": {
-          "description": "Optional. The latest available observations of a task's current state. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/ +optional",
+          "description": "Optional. The latest available observations of a task's current state. More info: https://kubernetes.io/docs/concepts/workloads/controllers/job/",
           "items": {
             "$ref": "GoogleCloudRunV1Condition"
           },
@@ -4361,24 +4362,24 @@
         },
         "lastAttemptResult": {
           "$ref": "TaskAttemptResult",
-          "description": "Optional. Result of the last attempt of this task. +optional"
+          "description": "Optional. Result of the last attempt of this task."
         },
         "logUri": {
           "description": "Optional. URI where logs for this task can be found in Cloud Console.",
           "type": "string"
         },
         "observedGeneration": {
-          "description": "Optional. The 'generation' of the execution that was last processed by the controller.",
+          "description": "Optional. The 'generation' of the task that was last processed by the controller.",
           "format": "int32",
           "type": "integer"
         },
         "retried": {
-          "description": "Optional. The number of times this task was retried. Instances are retried when they fail up to the maxRetries limit. +optional",
+          "description": "Optional. The number of times this task was retried. Instances are retried when they fail up to the maxRetries limit.",
           "format": "int32",
           "type": "integer"
         },
         "startTime": {
-          "description": "Optional. Represents time when the task started to run. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC. +optional",
+          "description": "Optional. Represents time when the task started to run. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC.",
           "format": "google-datetime",
           "type": "string"
         }
@@ -4391,7 +4392,7 @@
       "properties": {
         "spec": {
           "$ref": "TaskSpec",
-          "description": "Optional. Specification of the desired behavior of the task. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status +optional"
+          "description": "Optional. Specification of the desired behavior of the task. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status"
         }
       },
       "type": "object"
@@ -4429,7 +4430,7 @@
       "id": "TrafficTarget",
       "properties": {
         "configurationName": {
-          "description": "ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the \"status.latestReadyRevisionName\" of the referenced configuration changes, we will automatically migrate traffic from the prior \"latest ready\" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.",
+          "description": "ConfigurationName of a configuration to whose latest revision which will be sent this portion of traffic. When the \"status.latestReadyRevisionName\" of the referenced configuration changes, traffic will automatically migrate from the prior \"latest ready\" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName.",
           "type": "string"
         },
         "latestRevision": {
@@ -4461,14 +4462,16 @@
       "id": "Volume",
       "properties": {
         "configMap": {
-          "$ref": "ConfigMapVolumeSource"
+          "$ref": "ConfigMapVolumeSource",
+          "description": "Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths."
         },
         "name": {
           "description": "Volume's name. In Cloud Run Fully Managed, the name 'cloudsql' is reserved.",
           "type": "string"
         },
         "secret": {
-          "$ref": "SecretVolumeSource"
+          "$ref": "SecretVolumeSource",
+          "description": "The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secretName."
         }
       },
       "type": "object"
@@ -4478,19 +4481,19 @@
       "id": "VolumeMount",
       "properties": {
         "mountPath": {
-          "description": "Path within the container at which the volume should be mounted. Must not contain ':'.",
+          "description": "Required. Path within the container at which the volume should be mounted. Must not contain ':'.",
           "type": "string"
         },
         "name": {
-          "description": "The name of the volume. There must be a corresponding Volume with the same name.",
+          "description": "Required. The name of the volume. There must be a corresponding Volume with the same name.",
           "type": "string"
         },
         "readOnly": {
-          "description": "(Optional) Only true is accepted. Defaults to true.",
+          "description": "Only true is accepted for Secret Volumes. Defaults to true for Secrets Volumes.",
           "type": "boolean"
         },
         "subPath": {
-          "description": "(Optional) Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root).",
+          "description": "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root).",
           "type": "string"
         }
       },
diff --git a/googleapiclient/discovery_cache/documents/run.v2.json b/googleapiclient/discovery_cache/documents/run.v2.json
index 2bc259f8111..f1f83738c83 100644
--- a/googleapiclient/discovery_cache/documents/run.v2.json
+++ b/googleapiclient/discovery_cache/documents/run.v2.json
@@ -1064,7 +1064,7 @@
       }
     }
   },
-  "revision": "20220807",
+  "revision": "20220814",
   "rootUrl": "https://run.googleapis.com/",
   "schemas": {
     "GoogleCloudRunV2BinaryAuthorization": {
diff --git a/googleapiclient/discovery_cache/documents/safebrowsing.v4.json b/googleapiclient/discovery_cache/documents/safebrowsing.v4.json
index 021cd07ec8c..9916b9d6163 100644
--- a/googleapiclient/discovery_cache/documents/safebrowsing.v4.json
+++ b/googleapiclient/discovery_cache/documents/safebrowsing.v4.json
@@ -261,7 +261,7 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220821",
   "rootUrl": "https://safebrowsing.googleapis.com/",
   "schemas": {
     "GoogleProtobufEmpty": {
diff --git a/googleapiclient/discovery_cache/documents/sasportal.v1alpha1.json b/googleapiclient/discovery_cache/documents/sasportal.v1alpha1.json
index 2f4f3378797..95bf8e44236 100644
--- a/googleapiclient/discovery_cache/documents/sasportal.v1alpha1.json
+++ b/googleapiclient/discovery_cache/documents/sasportal.v1alpha1.json
@@ -2563,7 +2563,7 @@
       }
     }
   },
-  "revision": "20220727",
+  "revision": "20220815",
   "rootUrl": "https://sasportal.googleapis.com/",
   "schemas": {
     "SasPortalAssignment": {
diff --git a/googleapiclient/discovery_cache/documents/script.v1.json b/googleapiclient/discovery_cache/documents/script.v1.json
index f6135f7009c..360af6801b4 100644
--- a/googleapiclient/discovery_cache/documents/script.v1.json
+++ b/googleapiclient/discovery_cache/documents/script.v1.json
@@ -887,7 +887,7 @@
       }
     }
   },
-  "revision": "20220806",
+  "revision": "20220812",
   "rootUrl": "https://script.googleapis.com/",
   "schemas": {
     "Content": {
diff --git a/googleapiclient/discovery_cache/documents/searchconsole.v1.json b/googleapiclient/discovery_cache/documents/searchconsole.v1.json
index 1890d8646f0..b249f37f7db 100644
--- a/googleapiclient/discovery_cache/documents/searchconsole.v1.json
+++ b/googleapiclient/discovery_cache/documents/searchconsole.v1.json
@@ -400,7 +400,7 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220819",
   "rootUrl": "https://searchconsole.googleapis.com/",
   "schemas": {
     "AmpInspectionResult": {
@@ -419,7 +419,7 @@
           "enumDescriptions": [
             "Unknown verdict.",
             "Equivalent to \"Valid\" for the page or item in Search Console.",
-            "Equivalent to \"Valid with warnings\" for the page or item in Search Console.",
+            "Reserved, no longer in use.",
             "Equivalent to \"Error\" or \"Invalid\" for the page or item in Search Console.",
             "Equivalent to \"Excluded\" for the page or item in Search Console."
           ],
@@ -515,7 +515,7 @@
           "enumDescriptions": [
             "Unknown verdict.",
             "Equivalent to \"Valid\" for the page or item in Search Console.",
-            "Equivalent to \"Valid with warnings\" for the page or item in Search Console.",
+            "Reserved, no longer in use.",
             "Equivalent to \"Error\" or \"Invalid\" for the page or item in Search Console.",
             "Equivalent to \"Excluded\" for the page or item in Search Console."
           ],
@@ -815,7 +815,7 @@
           "enumDescriptions": [
             "Unknown verdict.",
             "Equivalent to \"Valid\" for the page or item in Search Console.",
-            "Equivalent to \"Valid with warnings\" for the page or item in Search Console.",
+            "Reserved, no longer in use.",
             "Equivalent to \"Error\" or \"Invalid\" for the page or item in Search Console.",
             "Equivalent to \"Excluded\" for the page or item in Search Console."
           ],
@@ -924,7 +924,7 @@
           "enumDescriptions": [
             "Unknown verdict.",
             "Equivalent to \"Valid\" for the page or item in Search Console.",
-            "Equivalent to \"Valid with warnings\" for the page or item in Search Console.",
+            "Reserved, no longer in use.",
             "Equivalent to \"Error\" or \"Invalid\" for the page or item in Search Console.",
             "Equivalent to \"Excluded\" for the page or item in Search Console."
           ],
@@ -1014,7 +1014,7 @@
           "enumDescriptions": [
             "Unknown verdict.",
             "Equivalent to \"Valid\" for the page or item in Search Console.",
-            "Equivalent to \"Valid with warnings\" for the page or item in Search Console.",
+            "Reserved, no longer in use.",
             "Equivalent to \"Error\" or \"Invalid\" for the page or item in Search Console.",
             "Equivalent to \"Excluded\" for the page or item in Search Console."
           ],
diff --git a/googleapiclient/discovery_cache/documents/secretmanager.v1.json b/googleapiclient/discovery_cache/documents/secretmanager.v1.json
index c01c2cbf19c..0a0222baca9 100644
--- a/googleapiclient/discovery_cache/documents/secretmanager.v1.json
+++ b/googleapiclient/discovery_cache/documents/secretmanager.v1.json
@@ -643,7 +643,7 @@
       }
     }
   },
-  "revision": "20220729",
+  "revision": "20220812",
   "rootUrl": "https://secretmanager.googleapis.com/",
   "schemas": {
     "AccessSecretVersionResponse": {
@@ -752,7 +752,7 @@
           "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)."
         },
         "members": {
-          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
+          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
           "items": {
             "type": "string"
           },
@@ -1061,6 +1061,13 @@
       "description": "A Secret is a logical secret whose value and versions can be accessed. A Secret is made up of zero or more SecretVersions that represent the secret data.",
       "id": "Secret",
       "properties": {
+        "annotations": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "Optional. Custom metadata about the secret. Annotations are distinct from various forms of labels. Annotations exist to allow client tools to store their own state information without requiring a database. Annotation keys must be between 1 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, begin and end with an alphanumeric character ([a-z0-9A-Z]), and may have dashes (-), underscores (_), dots (.), and alphanumerics in between these symbols. The total size of annotation keys and values must be less than 16KiB.",
+          "type": "object"
+        },
         "createTime": {
           "description": "Output only. The time at which the Secret was created.",
           "format": "google-datetime",
diff --git a/googleapiclient/discovery_cache/documents/secretmanager.v1beta1.json b/googleapiclient/discovery_cache/documents/secretmanager.v1beta1.json
index 428cf03534c..3791ef922cf 100644
--- a/googleapiclient/discovery_cache/documents/secretmanager.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/secretmanager.v1beta1.json
@@ -628,7 +628,7 @@
       }
     }
   },
-  "revision": "20220729",
+  "revision": "20220812",
   "rootUrl": "https://secretmanager.googleapis.com/",
   "schemas": {
     "AccessSecretVersionResponse": {
@@ -720,7 +720,7 @@
           "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)."
         },
         "members": {
-          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
+          "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
           "items": {
             "type": "string"
           },
diff --git a/googleapiclient/discovery_cache/documents/serviceconsumermanagement.v1.json b/googleapiclient/discovery_cache/documents/serviceconsumermanagement.v1.json
index 45cca13dce4..fd4b3859e42 100644
--- a/googleapiclient/discovery_cache/documents/serviceconsumermanagement.v1.json
+++ b/googleapiclient/discovery_cache/documents/serviceconsumermanagement.v1.json
@@ -542,7 +542,7 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220819",
   "rootUrl": "https://serviceconsumermanagement.googleapis.com/",
   "schemas": {
     "AddTenantProjectRequest": {
@@ -1789,6 +1789,10 @@
       "description": "OAuth scopes are a way to define data and permissions on data. For example, there are scopes defined for \"Read-only access to Google Calendar\" and \"Access to Cloud Platform\". Users can consent to a scope for an application, giving it permission to access that data on their behalf. OAuth scope specifications should be fairly coarse grained; a user will need to see and understand the text description of what your scope means. In most cases: use one or at most two OAuth scopes for an entire family of products. If your product has multiple APIs, you should probably be sharing the OAuth scope across all of those APIs. When you need finer grained OAuth consent screens: talk with your product management about how developers will use them in practice. Please note that even though each of the canonical scopes is enough for a request to be accepted and passed to the backend, a request can still fail due to the backend requiring additional scopes or permissions.",
       "id": "OAuthRequirements",
       "properties": {
+        "allowAnyScope": {
+          "description": "UNIMPLEMENTED: If enabled, ESF will allow OAuth credentials with any scope, more details in http://go/esf-oauth-any-scope. WARNING: Enabling this option will bring security risks. Customers enabling this feature accidentally may have the risk of losing authentication enforcement. Please reach out to api-auth@ and esf-team@ for approval and allowlisting before you enable this option. ",
+          "type": "boolean"
+        },
         "canonicalScopes": {
           "description": "The list of publicly documented OAuth scopes that are allowed access. An OAuth token containing any of these scopes will be accepted. Example: canonical_scopes: https://www.googleapis.com/auth/calendar, https://www.googleapis.com/auth/calendar.read",
           "type": "string"
diff --git a/googleapiclient/discovery_cache/documents/serviceconsumermanagement.v1beta1.json b/googleapiclient/discovery_cache/documents/serviceconsumermanagement.v1beta1.json
index d77d8b1a263..a5e12502c19 100644
--- a/googleapiclient/discovery_cache/documents/serviceconsumermanagement.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/serviceconsumermanagement.v1beta1.json
@@ -500,7 +500,7 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220819",
   "rootUrl": "https://serviceconsumermanagement.googleapis.com/",
   "schemas": {
     "Api": {
@@ -1623,6 +1623,10 @@
       "description": "OAuth scopes are a way to define data and permissions on data. For example, there are scopes defined for \"Read-only access to Google Calendar\" and \"Access to Cloud Platform\". Users can consent to a scope for an application, giving it permission to access that data on their behalf. OAuth scope specifications should be fairly coarse grained; a user will need to see and understand the text description of what your scope means. In most cases: use one or at most two OAuth scopes for an entire family of products. If your product has multiple APIs, you should probably be sharing the OAuth scope across all of those APIs. When you need finer grained OAuth consent screens: talk with your product management about how developers will use them in practice. Please note that even though each of the canonical scopes is enough for a request to be accepted and passed to the backend, a request can still fail due to the backend requiring additional scopes or permissions.",
       "id": "OAuthRequirements",
       "properties": {
+        "allowAnyScope": {
+          "description": "UNIMPLEMENTED: If enabled, ESF will allow OAuth credentials with any scope, more details in http://go/esf-oauth-any-scope. WARNING: Enabling this option will bring security risks. Customers enabling this feature accidentally may have the risk of losing authentication enforcement. Please reach out to api-auth@ and esf-team@ for approval and allowlisting before you enable this option. ",
+          "type": "boolean"
+        },
         "canonicalScopes": {
           "description": "The list of publicly documented OAuth scopes that are allowed access. An OAuth token containing any of these scopes will be accepted. Example: canonical_scopes: https://www.googleapis.com/auth/calendar, https://www.googleapis.com/auth/calendar.read",
           "type": "string"
diff --git a/googleapiclient/discovery_cache/documents/servicecontrol.v1.json b/googleapiclient/discovery_cache/documents/servicecontrol.v1.json
index d82a9dd37a5..05e94c15828 100644
--- a/googleapiclient/discovery_cache/documents/servicecontrol.v1.json
+++ b/googleapiclient/discovery_cache/documents/servicecontrol.v1.json
@@ -197,7 +197,7 @@
       }
     }
   },
-  "revision": "20220729",
+  "revision": "20220805",
   "rootUrl": "https://servicecontrol.googleapis.com/",
   "schemas": {
     "AllocateInfo": {
diff --git a/googleapiclient/discovery_cache/documents/servicecontrol.v2.json b/googleapiclient/discovery_cache/documents/servicecontrol.v2.json
index dc3580d6553..5f86a5efa6a 100644
--- a/googleapiclient/discovery_cache/documents/servicecontrol.v2.json
+++ b/googleapiclient/discovery_cache/documents/servicecontrol.v2.json
@@ -169,7 +169,7 @@
       }
     }
   },
-  "revision": "20220729",
+  "revision": "20220805",
   "rootUrl": "https://servicecontrol.googleapis.com/",
   "schemas": {
     "Api": {
diff --git a/googleapiclient/discovery_cache/documents/servicedirectory.v1.json b/googleapiclient/discovery_cache/documents/servicedirectory.v1.json
index c774396c63f..4daa67b6cc7 100644
--- a/googleapiclient/discovery_cache/documents/servicedirectory.v1.json
+++ b/googleapiclient/discovery_cache/documents/servicedirectory.v1.json
@@ -883,7 +883,7 @@
       }
     }
   },
-  "revision": "20220804",
+  "revision": "20220811",
   "rootUrl": "https://servicedirectory.googleapis.com/",
   "schemas": {
     "Binding": {
diff --git a/googleapiclient/discovery_cache/documents/servicedirectory.v1beta1.json b/googleapiclient/discovery_cache/documents/servicedirectory.v1beta1.json
index 82e81572844..5f2b6d2fb78 100644
--- a/googleapiclient/discovery_cache/documents/servicedirectory.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/servicedirectory.v1beta1.json
@@ -1059,7 +1059,7 @@
       }
     }
   },
-  "revision": "20220804",
+  "revision": "20220811",
   "rootUrl": "https://servicedirectory.googleapis.com/",
   "schemas": {
     "Binding": {
diff --git a/googleapiclient/discovery_cache/documents/servicemanagement.v1.json b/googleapiclient/discovery_cache/documents/servicemanagement.v1.json
index 2ff0b7b8919..66a5b4cf41d 100644
--- a/googleapiclient/discovery_cache/documents/servicemanagement.v1.json
+++ b/googleapiclient/discovery_cache/documents/servicemanagement.v1.json
@@ -829,7 +829,7 @@
       }
     }
   },
-  "revision": "20220805",
+  "revision": "20220822",
   "rootUrl": "https://servicemanagement.googleapis.com/",
   "schemas": {
     "Advice": {
@@ -2387,6 +2387,10 @@
       "description": "OAuth scopes are a way to define data and permissions on data. For example, there are scopes defined for \"Read-only access to Google Calendar\" and \"Access to Cloud Platform\". Users can consent to a scope for an application, giving it permission to access that data on their behalf. OAuth scope specifications should be fairly coarse grained; a user will need to see and understand the text description of what your scope means. In most cases: use one or at most two OAuth scopes for an entire family of products. If your product has multiple APIs, you should probably be sharing the OAuth scope across all of those APIs. When you need finer grained OAuth consent screens: talk with your product management about how developers will use them in practice. Please note that even though each of the canonical scopes is enough for a request to be accepted and passed to the backend, a request can still fail due to the backend requiring additional scopes or permissions.",
       "id": "OAuthRequirements",
       "properties": {
+        "allowAnyScope": {
+          "description": "UNIMPLEMENTED: If enabled, ESF will allow OAuth credentials with any scope, more details in http://go/esf-oauth-any-scope. WARNING: Enabling this option will bring security risks. Customers enabling this feature accidentally may have the risk of losing authentication enforcement. Please reach out to api-auth@ and esf-team@ for approval and allowlisting before you enable this option. ",
+          "type": "boolean"
+        },
         "canonicalScopes": {
           "description": "The list of publicly documented OAuth scopes that are allowed access. An OAuth token containing any of these scopes will be accepted. Example: canonical_scopes: https://www.googleapis.com/auth/calendar, https://www.googleapis.com/auth/calendar.read",
           "type": "string"
diff --git a/googleapiclient/discovery_cache/documents/servicenetworking.v1.json b/googleapiclient/discovery_cache/documents/servicenetworking.v1.json
index 17066dc28ef..285971370f8 100644
--- a/googleapiclient/discovery_cache/documents/servicenetworking.v1.json
+++ b/googleapiclient/discovery_cache/documents/servicenetworking.v1.json
@@ -865,7 +865,7 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220819",
   "rootUrl": "https://servicenetworking.googleapis.com/",
   "schemas": {
     "AddDnsRecordSetMetadata": {
@@ -2519,6 +2519,10 @@
       "description": "OAuth scopes are a way to define data and permissions on data. For example, there are scopes defined for \"Read-only access to Google Calendar\" and \"Access to Cloud Platform\". Users can consent to a scope for an application, giving it permission to access that data on their behalf. OAuth scope specifications should be fairly coarse grained; a user will need to see and understand the text description of what your scope means. In most cases: use one or at most two OAuth scopes for an entire family of products. If your product has multiple APIs, you should probably be sharing the OAuth scope across all of those APIs. When you need finer grained OAuth consent screens: talk with your product management about how developers will use them in practice. Please note that even though each of the canonical scopes is enough for a request to be accepted and passed to the backend, a request can still fail due to the backend requiring additional scopes or permissions.",
       "id": "OAuthRequirements",
       "properties": {
+        "allowAnyScope": {
+          "description": "UNIMPLEMENTED: If enabled, ESF will allow OAuth credentials with any scope, more details in http://go/esf-oauth-any-scope. WARNING: Enabling this option will bring security risks. Customers enabling this feature accidentally may have the risk of losing authentication enforcement. Please reach out to api-auth@ and esf-team@ for approval and allowlisting before you enable this option. ",
+          "type": "boolean"
+        },
         "canonicalScopes": {
           "description": "The list of publicly documented OAuth scopes that are allowed access. An OAuth token containing any of these scopes will be accepted. Example: canonical_scopes: https://www.googleapis.com/auth/calendar, https://www.googleapis.com/auth/calendar.read",
           "type": "string"
diff --git a/googleapiclient/discovery_cache/documents/servicenetworking.v1beta.json b/googleapiclient/discovery_cache/documents/servicenetworking.v1beta.json
index 21b6e4673af..1f0c735ebe2 100644
--- a/googleapiclient/discovery_cache/documents/servicenetworking.v1beta.json
+++ b/googleapiclient/discovery_cache/documents/servicenetworking.v1beta.json
@@ -307,7 +307,7 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220819",
   "rootUrl": "https://servicenetworking.googleapis.com/",
   "schemas": {
     "AddDnsRecordSetMetadata": {
@@ -1777,6 +1777,10 @@
       "description": "OAuth scopes are a way to define data and permissions on data. For example, there are scopes defined for \"Read-only access to Google Calendar\" and \"Access to Cloud Platform\". Users can consent to a scope for an application, giving it permission to access that data on their behalf. OAuth scope specifications should be fairly coarse grained; a user will need to see and understand the text description of what your scope means. In most cases: use one or at most two OAuth scopes for an entire family of products. If your product has multiple APIs, you should probably be sharing the OAuth scope across all of those APIs. When you need finer grained OAuth consent screens: talk with your product management about how developers will use them in practice. Please note that even though each of the canonical scopes is enough for a request to be accepted and passed to the backend, a request can still fail due to the backend requiring additional scopes or permissions.",
       "id": "OAuthRequirements",
       "properties": {
+        "allowAnyScope": {
+          "description": "UNIMPLEMENTED: If enabled, ESF will allow OAuth credentials with any scope, more details in http://go/esf-oauth-any-scope. WARNING: Enabling this option will bring security risks. Customers enabling this feature accidentally may have the risk of losing authentication enforcement. Please reach out to api-auth@ and esf-team@ for approval and allowlisting before you enable this option. ",
+          "type": "boolean"
+        },
         "canonicalScopes": {
           "description": "The list of publicly documented OAuth scopes that are allowed access. An OAuth token containing any of these scopes will be accepted. Example: canonical_scopes: https://www.googleapis.com/auth/calendar, https://www.googleapis.com/auth/calendar.read",
           "type": "string"
diff --git a/googleapiclient/discovery_cache/documents/serviceusage.v1.json b/googleapiclient/discovery_cache/documents/serviceusage.v1.json
index 1d4cdb61d37..8d3bfa50850 100644
--- a/googleapiclient/discovery_cache/documents/serviceusage.v1.json
+++ b/googleapiclient/discovery_cache/documents/serviceusage.v1.json
@@ -426,7 +426,7 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220819",
   "rootUrl": "https://serviceusage.googleapis.com/",
   "schemas": {
     "AdminQuotaPolicy": {
@@ -2153,6 +2153,10 @@
       "description": "OAuth scopes are a way to define data and permissions on data. For example, there are scopes defined for \"Read-only access to Google Calendar\" and \"Access to Cloud Platform\". Users can consent to a scope for an application, giving it permission to access that data on their behalf. OAuth scope specifications should be fairly coarse grained; a user will need to see and understand the text description of what your scope means. In most cases: use one or at most two OAuth scopes for an entire family of products. If your product has multiple APIs, you should probably be sharing the OAuth scope across all of those APIs. When you need finer grained OAuth consent screens: talk with your product management about how developers will use them in practice. Please note that even though each of the canonical scopes is enough for a request to be accepted and passed to the backend, a request can still fail due to the backend requiring additional scopes or permissions.",
       "id": "OAuthRequirements",
       "properties": {
+        "allowAnyScope": {
+          "description": "UNIMPLEMENTED: If enabled, ESF will allow OAuth credentials with any scope, more details in http://go/esf-oauth-any-scope. WARNING: Enabling this option will bring security risks. Customers enabling this feature accidentally may have the risk of losing authentication enforcement. Please reach out to api-auth@ and esf-team@ for approval and allowlisting before you enable this option. ",
+          "type": "boolean"
+        },
         "canonicalScopes": {
           "description": "The list of publicly documented OAuth scopes that are allowed access. An OAuth token containing any of these scopes will be accepted. Example: canonical_scopes: https://www.googleapis.com/auth/calendar, https://www.googleapis.com/auth/calendar.read",
           "type": "string"
diff --git a/googleapiclient/discovery_cache/documents/serviceusage.v1beta1.json b/googleapiclient/discovery_cache/documents/serviceusage.v1beta1.json
index 2d07a52b614..2805ed32911 100644
--- a/googleapiclient/discovery_cache/documents/serviceusage.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/serviceusage.v1beta1.json
@@ -959,7 +959,7 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220819",
   "rootUrl": "https://serviceusage.googleapis.com/",
   "schemas": {
     "AdminQuotaPolicy": {
@@ -2843,6 +2843,10 @@
       "description": "OAuth scopes are a way to define data and permissions on data. For example, there are scopes defined for \"Read-only access to Google Calendar\" and \"Access to Cloud Platform\". Users can consent to a scope for an application, giving it permission to access that data on their behalf. OAuth scope specifications should be fairly coarse grained; a user will need to see and understand the text description of what your scope means. In most cases: use one or at most two OAuth scopes for an entire family of products. If your product has multiple APIs, you should probably be sharing the OAuth scope across all of those APIs. When you need finer grained OAuth consent screens: talk with your product management about how developers will use them in practice. Please note that even though each of the canonical scopes is enough for a request to be accepted and passed to the backend, a request can still fail due to the backend requiring additional scopes or permissions.",
       "id": "OAuthRequirements",
       "properties": {
+        "allowAnyScope": {
+          "description": "UNIMPLEMENTED: If enabled, ESF will allow OAuth credentials with any scope, more details in http://go/esf-oauth-any-scope. WARNING: Enabling this option will bring security risks. Customers enabling this feature accidentally may have the risk of losing authentication enforcement. Please reach out to api-auth@ and esf-team@ for approval and allowlisting before you enable this option. ",
+          "type": "boolean"
+        },
         "canonicalScopes": {
           "description": "The list of publicly documented OAuth scopes that are allowed access. An OAuth token containing any of these scopes will be accepted. Example: canonical_scopes: https://www.googleapis.com/auth/calendar, https://www.googleapis.com/auth/calendar.read",
           "type": "string"
diff --git a/googleapiclient/discovery_cache/documents/sheets.v4.json b/googleapiclient/discovery_cache/documents/sheets.v4.json
index 0a72452288d..470f4d1b3c1 100644
--- a/googleapiclient/discovery_cache/documents/sheets.v4.json
+++ b/googleapiclient/discovery_cache/documents/sheets.v4.json
@@ -870,7 +870,7 @@
       }
     }
   },
-  "revision": "20220804",
+  "revision": "20220816",
   "rootUrl": "https://sheets.googleapis.com/",
   "schemas": {
     "AddBandingRequest": {
diff --git a/googleapiclient/discovery_cache/documents/slides.v1.json b/googleapiclient/discovery_cache/documents/slides.v1.json
index 1a6e48e8252..1ecab84e6a7 100644
--- a/googleapiclient/discovery_cache/documents/slides.v1.json
+++ b/googleapiclient/discovery_cache/documents/slides.v1.json
@@ -313,7 +313,7 @@
       }
     }
   },
-  "revision": "20220802",
+  "revision": "20220818",
   "rootUrl": "https://slides.googleapis.com/",
   "schemas": {
     "AffineTransform": {
diff --git a/googleapiclient/discovery_cache/documents/smartdevicemanagement.v1.json b/googleapiclient/discovery_cache/documents/smartdevicemanagement.v1.json
index 7cb107f4d1e..c561279d75d 100644
--- a/googleapiclient/discovery_cache/documents/smartdevicemanagement.v1.json
+++ b/googleapiclient/discovery_cache/documents/smartdevicemanagement.v1.json
@@ -355,7 +355,7 @@
       }
     }
   },
-  "revision": "20220806",
+  "revision": "20220812",
   "rootUrl": "https://smartdevicemanagement.googleapis.com/",
   "schemas": {
     "GoogleHomeEnterpriseSdmV1Device": {
diff --git a/googleapiclient/discovery_cache/documents/sourcerepo.v1.json b/googleapiclient/discovery_cache/documents/sourcerepo.v1.json
index 0b33d8f6a6d..03212b06c25 100644
--- a/googleapiclient/discovery_cache/documents/sourcerepo.v1.json
+++ b/googleapiclient/discovery_cache/documents/sourcerepo.v1.json
@@ -450,7 +450,7 @@
       }
     }
   },
-  "revision": "20220808",
+  "revision": "20220815",
   "rootUrl": "https://sourcerepo.googleapis.com/",
   "schemas": {
     "AuditConfig": {
diff --git a/googleapiclient/discovery_cache/documents/speech.v1.json b/googleapiclient/discovery_cache/documents/speech.v1.json
index 440b5caa570..372586d6955 100644
--- a/googleapiclient/discovery_cache/documents/speech.v1.json
+++ b/googleapiclient/discovery_cache/documents/speech.v1.json
@@ -524,7 +524,7 @@
       }
     }
   },
-  "revision": "20220808",
+  "revision": "20220811",
   "rootUrl": "https://speech.googleapis.com/",
   "schemas": {
     "ClassItem": {
diff --git a/googleapiclient/discovery_cache/documents/speech.v1p1beta1.json b/googleapiclient/discovery_cache/documents/speech.v1p1beta1.json
index bca660555ca..07f77233a0c 100644
--- a/googleapiclient/discovery_cache/documents/speech.v1p1beta1.json
+++ b/googleapiclient/discovery_cache/documents/speech.v1p1beta1.json
@@ -524,7 +524,7 @@
       }
     }
   },
-  "revision": "20220808",
+  "revision": "20220811",
   "rootUrl": "https://speech.googleapis.com/",
   "schemas": {
     "ClassItem": {
diff --git a/googleapiclient/discovery_cache/documents/storage.v1.json b/googleapiclient/discovery_cache/documents/storage.v1.json
index 584bab52c94..fc706cece1b 100644
--- a/googleapiclient/discovery_cache/documents/storage.v1.json
+++ b/googleapiclient/discovery_cache/documents/storage.v1.json
@@ -26,7 +26,7 @@
   "description": "Stores and retrieves potentially large, immutable data objects.",
   "discoveryVersion": "v1",
   "documentationLink": "https://developers.google.com/storage/docs/json_api/",
-  "etag": "\"3131343836313132353634323839343530393639\"",
+  "etag": "\"32373239383734313436393735363039393432\"",
   "icons": {
     "x16": "https://www.google.com/images/icons/product/cloud_storage-16.png",
     "x32": "https://www.google.com/images/icons/product/cloud_storage-32.png"
@@ -3005,7 +3005,7 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220816",
   "rootUrl": "https://storage.googleapis.com/",
   "schemas": {
     "Bucket": {
diff --git a/googleapiclient/discovery_cache/documents/streetviewpublish.v1.json b/googleapiclient/discovery_cache/documents/streetviewpublish.v1.json
index 2090bbe2f73..6f980f2286b 100644
--- a/googleapiclient/discovery_cache/documents/streetviewpublish.v1.json
+++ b/googleapiclient/discovery_cache/documents/streetviewpublish.v1.json
@@ -533,7 +533,7 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220817",
   "rootUrl": "https://streetviewpublish.googleapis.com/",
   "schemas": {
     "BatchDeletePhotosRequest": {
diff --git a/googleapiclient/discovery_cache/documents/sts.v1.json b/googleapiclient/discovery_cache/documents/sts.v1.json
index 89ccf98cbad..65e20dd47c4 100644
--- a/googleapiclient/discovery_cache/documents/sts.v1.json
+++ b/googleapiclient/discovery_cache/documents/sts.v1.json
@@ -131,7 +131,7 @@
       }
     }
   },
-  "revision": "20220806",
+  "revision": "20220812",
   "rootUrl": "https://sts.googleapis.com/",
   "schemas": {
     "GoogleIamV1Binding": {
diff --git a/googleapiclient/discovery_cache/documents/sts.v1beta.json b/googleapiclient/discovery_cache/documents/sts.v1beta.json
index 12b65910eb5..1f26328bebd 100644
--- a/googleapiclient/discovery_cache/documents/sts.v1beta.json
+++ b/googleapiclient/discovery_cache/documents/sts.v1beta.json
@@ -116,7 +116,7 @@
       }
     }
   },
-  "revision": "20220806",
+  "revision": "20220812",
   "rootUrl": "https://sts.googleapis.com/",
   "schemas": {
     "GoogleIamV1Binding": {
diff --git a/googleapiclient/discovery_cache/documents/tagmanager.v1.json b/googleapiclient/discovery_cache/documents/tagmanager.v1.json
index 8311a84a099..edaa83e21d1 100644
--- a/googleapiclient/discovery_cache/documents/tagmanager.v1.json
+++ b/googleapiclient/discovery_cache/documents/tagmanager.v1.json
@@ -1932,7 +1932,7 @@
       }
     }
   },
-  "revision": "20220810",
+  "revision": "20220817",
   "rootUrl": "https://tagmanager.googleapis.com/",
   "schemas": {
     "Account": {
diff --git a/googleapiclient/discovery_cache/documents/tagmanager.v2.json b/googleapiclient/discovery_cache/documents/tagmanager.v2.json
index 1d2cfa442e8..7a62ff8ef94 100644
--- a/googleapiclient/discovery_cache/documents/tagmanager.v2.json
+++ b/googleapiclient/discovery_cache/documents/tagmanager.v2.json
@@ -3317,7 +3317,7 @@
       }
     }
   },
-  "revision": "20220810",
+  "revision": "20220817",
   "rootUrl": "https://tagmanager.googleapis.com/",
   "schemas": {
     "Account": {
@@ -5584,13 +5584,6 @@
           "description": "User notes on how to apply this zone in the container.",
           "type": "string"
         },
-        "parameter": {
-          "description": "Additional parameters.",
-          "items": {
-            "$ref": "Parameter"
-          },
-          "type": "array"
-        },
         "path": {
           "description": "GTM Zone's API relative path.",
           "type": "string"
diff --git a/googleapiclient/discovery_cache/documents/tasks.v1.json b/googleapiclient/discovery_cache/documents/tasks.v1.json
index 8c168b0c537..0c8be4b9ca9 100644
--- a/googleapiclient/discovery_cache/documents/tasks.v1.json
+++ b/googleapiclient/discovery_cache/documents/tasks.v1.json
@@ -566,7 +566,7 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220819",
   "rootUrl": "https://tasks.googleapis.com/",
   "schemas": {
     "Task": {
diff --git a/googleapiclient/discovery_cache/documents/testing.v1.json b/googleapiclient/discovery_cache/documents/testing.v1.json
index d503197e919..4f1339a8ce2 100644
--- a/googleapiclient/discovery_cache/documents/testing.v1.json
+++ b/googleapiclient/discovery_cache/documents/testing.v1.json
@@ -282,7 +282,7 @@
       }
     }
   },
-  "revision": "20220806",
+  "revision": "20220808",
   "rootUrl": "https://testing.googleapis.com/",
   "schemas": {
     "Account": {
diff --git a/googleapiclient/discovery_cache/documents/texttospeech.v1.json b/googleapiclient/discovery_cache/documents/texttospeech.v1.json
index 0b6c9c1ddbc..e4953f0d8e0 100644
--- a/googleapiclient/discovery_cache/documents/texttospeech.v1.json
+++ b/googleapiclient/discovery_cache/documents/texttospeech.v1.json
@@ -153,7 +153,7 @@
       }
     }
   },
-  "revision": "20220808",
+  "revision": "20220819",
   "rootUrl": "https://texttospeech.googleapis.com/",
   "schemas": {
     "AudioConfig": {
diff --git a/googleapiclient/discovery_cache/documents/texttospeech.v1beta1.json b/googleapiclient/discovery_cache/documents/texttospeech.v1beta1.json
index b02bb1f18f8..3c4b2a5612c 100644
--- a/googleapiclient/discovery_cache/documents/texttospeech.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/texttospeech.v1beta1.json
@@ -153,7 +153,7 @@
       }
     }
   },
-  "revision": "20220808",
+  "revision": "20220819",
   "rootUrl": "https://texttospeech.googleapis.com/",
   "schemas": {
     "AudioConfig": {
diff --git a/googleapiclient/discovery_cache/documents/toolresults.v1beta3.json b/googleapiclient/discovery_cache/documents/toolresults.v1beta3.json
index 7b11df2c772..277261718c5 100644
--- a/googleapiclient/discovery_cache/documents/toolresults.v1beta3.json
+++ b/googleapiclient/discovery_cache/documents/toolresults.v1beta3.json
@@ -1463,7 +1463,7 @@
       }
     }
   },
-  "revision": "20220813",
+  "revision": "20220822",
   "rootUrl": "https://toolresults.googleapis.com/",
   "schemas": {
     "ANR": {
diff --git a/googleapiclient/discovery_cache/documents/trafficdirector.v2.json b/googleapiclient/discovery_cache/documents/trafficdirector.v2.json
index 1e994977aff..8dc61a7fa56 100644
--- a/googleapiclient/discovery_cache/documents/trafficdirector.v2.json
+++ b/googleapiclient/discovery_cache/documents/trafficdirector.v2.json
@@ -128,7 +128,7 @@
       }
     }
   },
-  "revision": "20220805",
+  "revision": "20220818",
   "rootUrl": "https://trafficdirector.googleapis.com/",
   "schemas": {
     "Address": {
diff --git a/googleapiclient/discovery_cache/documents/transcoder.v1.json b/googleapiclient/discovery_cache/documents/transcoder.v1.json
index bff240cd574..2f05d208e38 100644
--- a/googleapiclient/discovery_cache/documents/transcoder.v1.json
+++ b/googleapiclient/discovery_cache/documents/transcoder.v1.json
@@ -385,7 +385,7 @@
       }
     }
   },
-  "revision": "20220719",
+  "revision": "20220811",
   "rootUrl": "https://transcoder.googleapis.com/",
   "schemas": {
     "AdBreak": {
@@ -577,6 +577,25 @@
       },
       "type": "object"
     },
+    "BwdifConfig": {
+      "description": "Bob Weaver Deinterlacing Filter Configuration.",
+      "id": "BwdifConfig",
+      "properties": {
+        "deinterlaceAllFrames": {
+          "description": "Deinterlace all frames rather than just the frames identified as interlaced. The default is `false`.",
+          "type": "boolean"
+        },
+        "mode": {
+          "description": "Specifies the deinterlacing mode to adopt. The default is `send_frame`. Supported values: - `send_frame`: Output one frame for each frame - `send_field`: Output one frame for each field",
+          "type": "string"
+        },
+        "parity": {
+          "description": "The picture field parity assumed for the input interlaced video. The default is `auto`. Supported values: - `tff`: Assume the top field is first - `bff`: Assume the bottom field is first - `auto`: Enable automatic detection of field parity",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
     "Color": {
       "description": "Color preprocessing configuration. **Note:** This configuration is not supported.",
       "id": "Color",
@@ -642,6 +661,21 @@
       },
       "type": "object"
     },
+    "Deinterlace": {
+      "description": "Deinterlace configuration for input video.",
+      "id": "Deinterlace",
+      "properties": {
+        "bwdif": {
+          "$ref": "BwdifConfig",
+          "description": "Specifies the Bob Weaver Deinterlacing Filter Configuration."
+        },
+        "yadif": {
+          "$ref": "YadifConfig",
+          "description": "Specifies the Yet Another Deinterlacing Filter Configuration."
+        }
+      },
+      "type": "object"
+    },
     "Denoise": {
       "description": "Denoise preprocessing configuration. **Note:** This configuration is not supported.",
       "id": "Denoise",
@@ -1325,6 +1359,10 @@
           "$ref": "Deblock",
           "description": "Deblock preprocessing configuration."
         },
+        "deinterlace": {
+          "$ref": "Deinterlace",
+          "description": "Specify the video deinterlace configuration."
+        },
         "denoise": {
           "$ref": "Denoise",
           "description": "Denoise preprocessing configuration."
@@ -1560,6 +1598,29 @@
         }
       },
       "type": "object"
+    },
+    "YadifConfig": {
+      "description": "Yet Another Deinterlacing Filter Configuration.",
+      "id": "YadifConfig",
+      "properties": {
+        "deinterlaceAllFrames": {
+          "description": "Deinterlace all frames rather than just the frames identified as interlaced. The default is `false`.",
+          "type": "boolean"
+        },
+        "disableSpatialInterlacing": {
+          "description": "Disable spacial interlacing. The default is `false`.",
+          "type": "boolean"
+        },
+        "mode": {
+          "description": "Specifies the deinterlacing mode to adopt. The default is `send_frame`. Supported values: - `send_frame`: Output one frame for each frame - `send_field`: Output one frame for each field",
+          "type": "string"
+        },
+        "parity": {
+          "description": "The picture field parity assumed for the input interlaced video. The default is `auto`. Supported values: - `tff`: Assume the top field is first - `bff`: Assume the bottom field is first - `auto`: Enable automatic detection of field parity",
+          "type": "string"
+        }
+      },
+      "type": "object"
     }
   },
   "servicePath": "",
diff --git a/googleapiclient/discovery_cache/documents/translate.v3.json b/googleapiclient/discovery_cache/documents/translate.v3.json
index 091849c48d4..029874002eb 100644
--- a/googleapiclient/discovery_cache/documents/translate.v3.json
+++ b/googleapiclient/discovery_cache/documents/translate.v3.json
@@ -931,7 +931,7 @@
       }
     }
   },
-  "revision": "20220805",
+  "revision": "20220819",
   "rootUrl": "https://translation.googleapis.com/",
   "schemas": {
     "BatchDocumentInputConfig": {
diff --git a/googleapiclient/discovery_cache/documents/translate.v3beta1.json b/googleapiclient/discovery_cache/documents/translate.v3beta1.json
index db477a0caba..9c794a492da 100644
--- a/googleapiclient/discovery_cache/documents/translate.v3beta1.json
+++ b/googleapiclient/discovery_cache/documents/translate.v3beta1.json
@@ -744,7 +744,7 @@
       }
     }
   },
-  "revision": "20220805",
+  "revision": "20220819",
   "rootUrl": "https://translation.googleapis.com/",
   "schemas": {
     "BatchDocumentInputConfig": {
diff --git a/googleapiclient/discovery_cache/documents/versionhistory.v1.json b/googleapiclient/discovery_cache/documents/versionhistory.v1.json
index a831c7f984f..8ab63a03307 100644
--- a/googleapiclient/discovery_cache/documents/versionhistory.v1.json
+++ b/googleapiclient/discovery_cache/documents/versionhistory.v1.json
@@ -271,7 +271,7 @@
       }
     }
   },
-  "revision": "20220814",
+  "revision": "20220822",
   "rootUrl": "https://versionhistory.googleapis.com/",
   "schemas": {
     "Channel": {
diff --git a/googleapiclient/discovery_cache/documents/vmmigration.v1.json b/googleapiclient/discovery_cache/documents/vmmigration.v1.json
index 8ce4347dde1..b619e8aa631 100644
--- a/googleapiclient/discovery_cache/documents/vmmigration.v1.json
+++ b/googleapiclient/discovery_cache/documents/vmmigration.v1.json
@@ -1897,7 +1897,7 @@
       }
     }
   },
-  "revision": "20220803",
+  "revision": "20220811",
   "rootUrl": "https://vmmigration.googleapis.com/",
   "schemas": {
     "AddGroupMigrationRequest": {
@@ -2873,7 +2873,7 @@
       "id": "LocalizedMessage",
       "properties": {
         "locale": {
-          "description": "The locale used following the specification defined at http://www.rfc-editor.org/rfc/bcp/bcp47.txt. Examples are: \"en-US\", \"fr-CH\", \"es-MX\"",
+          "description": "The locale used following the specification defined at https://www.rfc-editor.org/rfc/bcp/bcp47.txt. Examples are: \"en-US\", \"fr-CH\", \"es-MX\"",
           "type": "string"
         },
         "message": {
diff --git a/googleapiclient/discovery_cache/documents/vmmigration.v1alpha1.json b/googleapiclient/discovery_cache/documents/vmmigration.v1alpha1.json
index 3b00a5a0501..1b2407bc265 100644
--- a/googleapiclient/discovery_cache/documents/vmmigration.v1alpha1.json
+++ b/googleapiclient/discovery_cache/documents/vmmigration.v1alpha1.json
@@ -1897,7 +1897,7 @@
       }
     }
   },
-  "revision": "20220803",
+  "revision": "20220811",
   "rootUrl": "https://vmmigration.googleapis.com/",
   "schemas": {
     "AdaptingOSStep": {
@@ -3031,7 +3031,7 @@
       "id": "LocalizedMessage",
       "properties": {
         "locale": {
-          "description": "The locale used following the specification defined at http://www.rfc-editor.org/rfc/bcp/bcp47.txt. Examples are: \"en-US\", \"fr-CH\", \"es-MX\"",
+          "description": "The locale used following the specification defined at https://www.rfc-editor.org/rfc/bcp/bcp47.txt. Examples are: \"en-US\", \"fr-CH\", \"es-MX\"",
           "type": "string"
         },
         "message": {
diff --git a/googleapiclient/discovery_cache/documents/websecurityscanner.v1.json b/googleapiclient/discovery_cache/documents/websecurityscanner.v1.json
index 1f22d274167..8dcfceee67b 100644
--- a/googleapiclient/discovery_cache/documents/websecurityscanner.v1.json
+++ b/googleapiclient/discovery_cache/documents/websecurityscanner.v1.json
@@ -526,7 +526,7 @@
       }
     }
   },
-  "revision": "20220730",
+  "revision": "20220812",
   "rootUrl": "https://websecurityscanner.googleapis.com/",
   "schemas": {
     "Authentication": {
diff --git a/googleapiclient/discovery_cache/documents/websecurityscanner.v1alpha.json b/googleapiclient/discovery_cache/documents/websecurityscanner.v1alpha.json
index 6af37791013..8183f53b049 100644
--- a/googleapiclient/discovery_cache/documents/websecurityscanner.v1alpha.json
+++ b/googleapiclient/discovery_cache/documents/websecurityscanner.v1alpha.json
@@ -526,7 +526,7 @@
       }
     }
   },
-  "revision": "20220730",
+  "revision": "20220812",
   "rootUrl": "https://websecurityscanner.googleapis.com/",
   "schemas": {
     "Authentication": {
diff --git a/googleapiclient/discovery_cache/documents/websecurityscanner.v1beta.json b/googleapiclient/discovery_cache/documents/websecurityscanner.v1beta.json
index 147b140dd81..c775e4a1283 100644
--- a/googleapiclient/discovery_cache/documents/websecurityscanner.v1beta.json
+++ b/googleapiclient/discovery_cache/documents/websecurityscanner.v1beta.json
@@ -526,7 +526,7 @@
       }
     }
   },
-  "revision": "20220730",
+  "revision": "20220812",
   "rootUrl": "https://websecurityscanner.googleapis.com/",
   "schemas": {
     "Authentication": {
diff --git a/googleapiclient/discovery_cache/documents/workflowexecutions.v1.json b/googleapiclient/discovery_cache/documents/workflowexecutions.v1.json
index f249df1273f..83c2a1c301b 100644
--- a/googleapiclient/discovery_cache/documents/workflowexecutions.v1.json
+++ b/googleapiclient/discovery_cache/documents/workflowexecutions.v1.json
@@ -299,7 +299,7 @@
       }
     }
   },
-  "revision": "20220808",
+  "revision": "20220809",
   "rootUrl": "https://workflowexecutions.googleapis.com/",
   "schemas": {
     "CancelExecutionRequest": {
diff --git a/googleapiclient/discovery_cache/documents/workflowexecutions.v1beta.json b/googleapiclient/discovery_cache/documents/workflowexecutions.v1beta.json
index a8262832218..03cb49112cd 100644
--- a/googleapiclient/discovery_cache/documents/workflowexecutions.v1beta.json
+++ b/googleapiclient/discovery_cache/documents/workflowexecutions.v1beta.json
@@ -269,7 +269,7 @@
       }
     }
   },
-  "revision": "20220808",
+  "revision": "20220809",
   "rootUrl": "https://workflowexecutions.googleapis.com/",
   "schemas": {
     "CancelExecutionRequest": {
diff --git a/googleapiclient/discovery_cache/documents/workflows.v1.json b/googleapiclient/discovery_cache/documents/workflows.v1.json
index 60f65ddbf69..bf8a7568f7b 100644
--- a/googleapiclient/discovery_cache/documents/workflows.v1.json
+++ b/googleapiclient/discovery_cache/documents/workflows.v1.json
@@ -444,7 +444,7 @@
       }
     }
   },
-  "revision": "20220728",
+  "revision": "20220818",
   "rootUrl": "https://workflows.googleapis.com/",
   "schemas": {
     "Empty": {
diff --git a/googleapiclient/discovery_cache/documents/workflows.v1beta.json b/googleapiclient/discovery_cache/documents/workflows.v1beta.json
index 08f4951dc97..7a7f9bcbd4c 100644
--- a/googleapiclient/discovery_cache/documents/workflows.v1beta.json
+++ b/googleapiclient/discovery_cache/documents/workflows.v1beta.json
@@ -444,7 +444,7 @@
       }
     }
   },
-  "revision": "20220728",
+  "revision": "20220811",
   "rootUrl": "https://workflows.googleapis.com/",
   "schemas": {
     "Empty": {
diff --git a/googleapiclient/discovery_cache/documents/youtube.v3.json b/googleapiclient/discovery_cache/documents/youtube.v3.json
index d4b98dff5c3..1a59bb35b61 100644
--- a/googleapiclient/discovery_cache/documents/youtube.v3.json
+++ b/googleapiclient/discovery_cache/documents/youtube.v3.json
@@ -3829,7 +3829,7 @@
       }
     }
   },
-  "revision": "20220813",
+  "revision": "20220821",
   "rootUrl": "https://youtube.googleapis.com/",
   "schemas": {
     "AbuseReport": {
diff --git a/googleapiclient/discovery_cache/documents/youtubeAnalytics.v2.json b/googleapiclient/discovery_cache/documents/youtubeAnalytics.v2.json
index 0d47e76d187..cb925120612 100644
--- a/googleapiclient/discovery_cache/documents/youtubeAnalytics.v2.json
+++ b/googleapiclient/discovery_cache/documents/youtubeAnalytics.v2.json
@@ -421,7 +421,7 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220819",
   "rootUrl": "https://youtubeanalytics.googleapis.com/",
   "schemas": {
     "EmptyResponse": {
diff --git a/googleapiclient/discovery_cache/documents/youtubereporting.v1.json b/googleapiclient/discovery_cache/documents/youtubereporting.v1.json
index ff9e04d397b..a1d21aa812d 100644
--- a/googleapiclient/discovery_cache/documents/youtubereporting.v1.json
+++ b/googleapiclient/discovery_cache/documents/youtubereporting.v1.json
@@ -411,7 +411,7 @@
       }
     }
   },
-  "revision": "20220812",
+  "revision": "20220819",
   "rootUrl": "https://youtubereporting.googleapis.com/",
   "schemas": {
     "Empty": {

From b45580bd531e63e0db30640d66247b2e27753342 Mon Sep 17 00:00:00 2001
From: "release-please[bot]"
 <55107282+release-please[bot]@users.noreply.github.com>
Date: Tue, 23 Aug 2022 10:01:39 -0400
Subject: [PATCH 3/3] chore(main): release 2.58.0 (#1880)

Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com>
---
 CHANGELOG.md               | 35 +++++++++++++++++++++++++++++++++++
 googleapiclient/version.py |  2 +-
 2 files changed, 36 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 18336e729d2..709955e3cca 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,40 @@
 # Changelog
 
+## [2.58.0](https://github.com/googleapis/google-api-python-client/compare/v2.57.0...v2.58.0) (2022-08-23)
+
+
+### Features
+
+* **adsense:** update the api https://github.com/googleapis/google-api-python-client/commit/c4fe80ae2f6433bffee06c09f233ca46d54ae986 ([5471a41](https://github.com/googleapis/google-api-python-client/commit/5471a4104c1642e6167180d0fbe0425cf93406b7))
+* **apigee:** update the api https://github.com/googleapis/google-api-python-client/commit/783a01cb3ee2785ffb6b3e598b1bddb21706c894 ([5471a41](https://github.com/googleapis/google-api-python-client/commit/5471a4104c1642e6167180d0fbe0425cf93406b7))
+* **chromepolicy:** update the api https://github.com/googleapis/google-api-python-client/commit/dbd092e7fa9a3189b125a32c71d27e499ec005f8 ([5471a41](https://github.com/googleapis/google-api-python-client/commit/5471a4104c1642e6167180d0fbe0425cf93406b7))
+* **cloudsearch:** update the api https://github.com/googleapis/google-api-python-client/commit/90f98d13d11db9a6e690df9c0310eb5094479e41 ([5471a41](https://github.com/googleapis/google-api-python-client/commit/5471a4104c1642e6167180d0fbe0425cf93406b7))
+* **compute:** update the api https://github.com/googleapis/google-api-python-client/commit/187e71fdfe58d3b2833fc34a82b7eff2f4e4d467 ([5471a41](https://github.com/googleapis/google-api-python-client/commit/5471a4104c1642e6167180d0fbe0425cf93406b7))
+* **dataflow:** update the api https://github.com/googleapis/google-api-python-client/commit/67081e018d953f95e81456ca5ab5dca4e3bdc42c ([5471a41](https://github.com/googleapis/google-api-python-client/commit/5471a4104c1642e6167180d0fbe0425cf93406b7))
+* **dataproc:** update the api https://github.com/googleapis/google-api-python-client/commit/f9b16e5ac6b1de335f5408c74c97901c2b40e889 ([5471a41](https://github.com/googleapis/google-api-python-client/commit/5471a4104c1642e6167180d0fbe0425cf93406b7))
+* **dlp:** update the api https://github.com/googleapis/google-api-python-client/commit/d41a45060ba0f8e24ab25513c3ffcd84061013b6 ([5471a41](https://github.com/googleapis/google-api-python-client/commit/5471a4104c1642e6167180d0fbe0425cf93406b7))
+* **documentai:** update the api https://github.com/googleapis/google-api-python-client/commit/072238b5d7586871069b7cf99f552a238e92d014 ([5471a41](https://github.com/googleapis/google-api-python-client/commit/5471a4104c1642e6167180d0fbe0425cf93406b7))
+* **drive:** update the api https://github.com/googleapis/google-api-python-client/commit/380907f0e9d2c11eae684876fff6336eb0755c8d ([5471a41](https://github.com/googleapis/google-api-python-client/commit/5471a4104c1642e6167180d0fbe0425cf93406b7))
+* **firebase:** update the api https://github.com/googleapis/google-api-python-client/commit/ca27b614293c77f6901578ccc4cf8646b4d514c4 ([5471a41](https://github.com/googleapis/google-api-python-client/commit/5471a4104c1642e6167180d0fbe0425cf93406b7))
+* **gkehub:** update the api https://github.com/googleapis/google-api-python-client/commit/82e05896571a953faf24453b236ee6b49455bd43 ([5471a41](https://github.com/googleapis/google-api-python-client/commit/5471a4104c1642e6167180d0fbe0425cf93406b7))
+* **managedidentities:** update the api https://github.com/googleapis/google-api-python-client/commit/3e8252b8ad09c893153e7b91d0f5564597fbfd90 ([5471a41](https://github.com/googleapis/google-api-python-client/commit/5471a4104c1642e6167180d0fbe0425cf93406b7))
+* **networkmanagement:** update the api https://github.com/googleapis/google-api-python-client/commit/425521b94a49febd11ba9375c538f14c62537faa ([5471a41](https://github.com/googleapis/google-api-python-client/commit/5471a4104c1642e6167180d0fbe0425cf93406b7))
+* **orgpolicy:** update the api https://github.com/googleapis/google-api-python-client/commit/c318440453b64108aca52b296b42c1dda04475e1 ([5471a41](https://github.com/googleapis/google-api-python-client/commit/5471a4104c1642e6167180d0fbe0425cf93406b7))
+* **playintegrity:** update the api https://github.com/googleapis/google-api-python-client/commit/28a7dc83daaa8ce99bbf1d622c898826ee744a04 ([5471a41](https://github.com/googleapis/google-api-python-client/commit/5471a4104c1642e6167180d0fbe0425cf93406b7))
+* **retail:** update the api https://github.com/googleapis/google-api-python-client/commit/e326c357d61376c64aee08d0630ed9b9f5bb61a1 ([5471a41](https://github.com/googleapis/google-api-python-client/commit/5471a4104c1642e6167180d0fbe0425cf93406b7))
+* **secretmanager:** update the api https://github.com/googleapis/google-api-python-client/commit/956320a450d5b112b3c275fa8886f80f1e509631 ([5471a41](https://github.com/googleapis/google-api-python-client/commit/5471a4104c1642e6167180d0fbe0425cf93406b7))
+* **serviceconsumermanagement:** update the api https://github.com/googleapis/google-api-python-client/commit/de8b5b13744fcf98c647fb5664a4e88fffca07f6 ([5471a41](https://github.com/googleapis/google-api-python-client/commit/5471a4104c1642e6167180d0fbe0425cf93406b7))
+* **servicemanagement:** update the api https://github.com/googleapis/google-api-python-client/commit/dc2597a7d89b3f744b5c1b4476ffeafe960951bf ([5471a41](https://github.com/googleapis/google-api-python-client/commit/5471a4104c1642e6167180d0fbe0425cf93406b7))
+* **servicenetworking:** update the api https://github.com/googleapis/google-api-python-client/commit/104f2af0cc2d36d43da57c7545f3fcc8c7f1cb3d ([5471a41](https://github.com/googleapis/google-api-python-client/commit/5471a4104c1642e6167180d0fbe0425cf93406b7))
+* **serviceusage:** update the api https://github.com/googleapis/google-api-python-client/commit/903bea9ded70c8977785086cced79faf438c275c ([5471a41](https://github.com/googleapis/google-api-python-client/commit/5471a4104c1642e6167180d0fbe0425cf93406b7))
+* **tagmanager:** update the api https://github.com/googleapis/google-api-python-client/commit/27df08b5315c7cc38877aa898cb5fd3bd468fff1 ([5471a41](https://github.com/googleapis/google-api-python-client/commit/5471a4104c1642e6167180d0fbe0425cf93406b7))
+* **transcoder:** update the api https://github.com/googleapis/google-api-python-client/commit/7bd32cedfbe5fd31360cfd4363e54d278946eacb ([5471a41](https://github.com/googleapis/google-api-python-client/commit/5471a4104c1642e6167180d0fbe0425cf93406b7))
+
+
+### Bug Fixes
+
+* **dfareporting:** update the api https://github.com/googleapis/google-api-python-client/commit/802b87692eb73c5df5df39b91c6b50d8ef94b7d5 ([5471a41](https://github.com/googleapis/google-api-python-client/commit/5471a4104c1642e6167180d0fbe0425cf93406b7))
+
 ## [2.57.0](https://github.com/googleapis/google-api-python-client/compare/v2.56.0...v2.57.0) (2022-08-16)
 
 
diff --git a/googleapiclient/version.py b/googleapiclient/version.py
index 723f6398ac8..f6cc9e8044f 100644
--- a/googleapiclient/version.py
+++ b/googleapiclient/version.py
@@ -12,4 +12,4 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-__version__ = "2.57.0"
+__version__ = "2.58.0"