| 12
 3
 4
 5
 6
 7
 8
 9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
 100
 101
 102
 103
 104
 105
 106
 107
 108
 109
 110
 111
 112
 113
 114
 115
 116
 117
 118
 119
 120
 121
 122
 123
 124
 125
 126
 127
 128
 129
 130
 131
 132
 133
 134
 135
 136
 137
 138
 139
 140
 141
 142
 143
 144
 145
 146
 147
 148
 149
 150
 151
 152
 153
 154
 155
 156
 157
 158
 159
 160
 161
 162
 163
 164
 165
 166
 167
 168
 169
 170
 171
 172
 173
 174
 175
 176
 177
 178
 179
 180
 181
 182
 183
 184
 185
 186
 187
 188
 189
 190
 191
 192
 193
 194
 195
 196
 197
 198
 199
 200
 201
 202
 203
 204
 205
 206
 207
 208
 209
 210
 211
 212
 213
 214
 215
 216
 217
 218
 219
 220
 221
 222
 223
 224
 225
 226
 227
 228
 229
 230
 231
 232
 233
 234
 235
 236
 237
 238
 239
 240
 241
 242
 243
 244
 245
 246
 247
 248
 249
 250
 251
 252
 253
 254
 255
 256
 257
 258
 259
 260
 261
 262
 263
 264
 265
 266
 267
 268
 269
 270
 271
 272
 273
 274
 275
 276
 277
 278
 279
 280
 281
 282
 283
 284
 285
 286
 287
 288
 289
 290
 291
 292
 293
 294
 295
 296
 297
 298
 299
 300
 301
 302
 303
 304
 305
 306
 307
 308
 309
 310
 311
 312
 313
 314
 315
 316
 317
 318
 319
 320
 321
 322
 323
 324
 325
 326
 327
 328
 329
 330
 331
 332
 333
 334
 335
 336
 337
 338
 339
 340
 341
 342
 343
 344
 345
 346
 347
 348
 349
 350
 351
 352
 353
 354
 355
 356
 357
 358
 359
 360
 361
 362
 363
 364
 365
 366
 367
 368
 369
 370
 371
 372
 373
 374
 375
 376
 377
 378
 379
 380
 381
 382
 383
 384
 385
 386
 387
 388
 389
 390
 391
 392
 393
 394
 395
 396
 397
 398
 399
 400
 401
 402
 403
 404
 405
 406
 407
 408
 409
 410
 411
 412
 413
 414
 415
 416
 417
 418
 419
 420
 421
 422
 423
 424
 425
 426
 427
 428
 429
 430
 431
 432
 433
 434
 435
 436
 437
 438
 439
 440
 441
 442
 443
 444
 445
 446
 447
 448
 449
 450
 451
 452
 453
 454
 455
 456
 457
 458
 459
 460
 461
 462
 463
 464
 465
 466
 467
 468
 469
 470
 471
 472
 473
 474
 475
 476
 477
 478
 479
 480
 481
 482
 483
 484
 485
 486
 487
 488
 489
 490
 491
 492
 493
 494
 495
 496
 497
 498
 499
 500
 501
 502
 503
 504
 505
 506
 507
 508
 509
 510
 511
 512
 513
 514
 515
 516
 517
 518
 519
 520
 521
 522
 523
 524
 525
 526
 527
 528
 529
 530
 531
 532
 533
 534
 535
 536
 537
 538
 539
 540
 541
 542
 543
 544
 545
 546
 547
 548
 549
 550
 551
 552
 553
 554
 555
 556
 557
 558
 559
 560
 561
 562
 563
 564
 565
 566
 567
 568
 569
 570
 571
 572
 573
 574
 575
 576
 577
 578
 579
 580
 581
 582
 583
 584
 585
 586
 587
 588
 589
 590
 591
 592
 593
 594
 595
 596
 597
 598
 599
 600
 601
 602
 603
 604
 605
 606
 607
 608
 609
 610
 611
 612
 613
 614
 615
 616
 617
 618
 619
 620
 621
 622
 623
 624
 625
 626
 627
 628
 629
 630
 631
 632
 633
 634
 635
 636
 637
 638
 639
 640
 641
 642
 643
 644
 645
 646
 647
 648
 649
 650
 651
 652
 653
 654
 655
 656
 657
 658
 659
 660
 661
 662
 663
 664
 665
 666
 667
 668
 669
 670
 671
 672
 673
 674
 675
 676
 677
 678
 679
 680
 681
 682
 683
 684
 685
 686
 687
 688
 689
 690
 691
 692
 693
 694
 695
 696
 697
 698
 699
 700
 701
 702
 703
 704
 705
 706
 707
 708
 709
 710
 711
 712
 713
 714
 715
 716
 717
 718
 719
 720
 721
 722
 723
 724
 725
 726
 727
 728
 729
 730
 731
 732
 733
 734
 735
 736
 737
 738
 739
 740
 741
 742
 743
 744
 745
 746
 747
 748
 749
 750
 751
 752
 753
 754
 755
 756
 757
 758
 759
 760
 761
 762
 763
 764
 765
 766
 767
 768
 769
 770
 771
 772
 773
 774
 775
 776
 777
 778
 779
 780
 781
 782
 783
 784
 785
 786
 787
 788
 789
 790
 791
 792
 793
 794
 795
 796
 797
 798
 799
 800
 801
 802
 803
 804
 805
 
 | <html><body>
<style>
body, h1, h2, h3, div, span, p, pre, a {
  margin: 0;
  padding: 0;
  border: 0;
  font-weight: inherit;
  font-style: inherit;
  font-size: 100%;
  font-family: inherit;
  vertical-align: baseline;
}
body {
  font-size: 13px;
  padding: 1em;
}
h1 {
  font-size: 26px;
  margin-bottom: 1em;
}
h2 {
  font-size: 24px;
  margin-bottom: 1em;
}
h3 {
  font-size: 20px;
  margin-bottom: 1em;
  margin-top: 1em;
}
pre, code {
  line-height: 1.5;
  font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
}
pre {
  margin-top: 0.5em;
}
h1, h2, h3, p {
  font-family: Arial, sans serif;
}
h1, h2, h3 {
  border-bottom: solid #CCC 1px;
}
.toc_element {
  margin-top: 0.5em;
}
.firstline {
  margin-left: 2 em;
}
.method  {
  margin-top: 1em;
  border: solid 1px #CCC;
  padding: 1em;
  background: #EEE;
}
.details {
  font-weight: bold;
  font-size: 14px;
}
</style>
<h1><a href="compute_beta.html">Compute Engine API</a> . <a href="compute_beta.firewalls.html">firewalls</a></h1>
<h2>Instance Methods</h2>
<p class="toc_element">
  <code><a href="#delete">delete(project, firewall, requestId=None)</a></code></p>
<p class="firstline">Deletes the specified firewall.</p>
<p class="toc_element">
  <code><a href="#get">get(project, firewall)</a></code></p>
<p class="firstline">Returns the specified firewall.</p>
<p class="toc_element">
  <code><a href="#insert">insert(project, body, requestId=None)</a></code></p>
<p class="firstline">Creates a firewall rule in the specified project using the data included in the request.</p>
<p class="toc_element">
  <code><a href="#list">list(project, orderBy=None, maxResults=None, pageToken=None, filter=None)</a></code></p>
<p class="firstline">Retrieves the list of firewall rules available to the specified project.</p>
<p class="toc_element">
  <code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p>
<p class="firstline">Retrieves the next page of results.</p>
<p class="toc_element">
  <code><a href="#patch">patch(project, firewall, body, requestId=None)</a></code></p>
<p class="firstline">Updates the specified firewall rule with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.</p>
<p class="toc_element">
  <code><a href="#testIamPermissions">testIamPermissions(project, resource, body)</a></code></p>
<p class="firstline">Returns permissions that a caller has on the specified resource.</p>
<p class="toc_element">
  <code><a href="#update">update(project, firewall, body, requestId=None)</a></code></p>
<p class="firstline">Updates the specified firewall rule with the data included in the request. The PUT method can only update the following fields of firewall rule: allowed, description, sourceRanges, sourceTags, targetTags.</p>
<h3>Method Details</h3>
<div class="method">
    <code class="details" id="delete">delete(project, firewall, requestId=None)</code>
  <pre>Deletes the specified firewall.
Args:
  project: string, Project ID for this request. (required)
  firewall: string, Name of the firewall rule to delete. (required)
  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
Returns:
  An object of the form:
    { # Represents an Operation resource.
      #
      # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
      #
      # Operations can be global, regional or zonal.
      # - For global operations, use the globalOperations resource.
      # - For regional operations, use the regionOperations resource.
      # - For zonal operations, use the zonalOperations resource.
      #
      # For more information, read  Global, Regional, and Zonal Resources. (== resource_for v1.globalOperations ==) (== resource_for beta.globalOperations ==) (== resource_for v1.regionOperations ==) (== resource_for beta.regionOperations ==) (== resource_for v1.zoneOperations ==) (== resource_for beta.zoneOperations ==)
    "targetId": "A String", # [Output Only] The unique target ID, which identifies a specific incarnation of the target resource.
    "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
    "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
    "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
    "zone": "A String", # [Output Only] The URL of the zone where the operation resides. Only applicable when performing per-zone operations.
    "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
    "operationType": "A String", # [Output Only] The type of operation, such as insert, update, or delete, and so on.
    "httpErrorMessage": "A String", # [Output Only] If the operation fails, this field contains the HTTP error message that was returned, such as NOT FOUND.
    "progress": 42, # [Output Only] An optional progress indicator that ranges from 0 to 100. There is no requirement that this be linear or support any granularity of operations. This should not be used to guess when the operation will be complete. This number should monotonically increase as the operation progresses.
    "httpErrorStatusCode": 42, # [Output Only] If the operation fails, this field contains the HTTP error status code that was returned. For example, a 404 means the resource was not found.
    "statusMessage": "A String", # [Output Only] An optional textual description of the current status of the operation.
    "status": "A String", # [Output Only] The status of the operation, which can be one of the following: PENDING, RUNNING, or DONE.
    "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
    "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
      {
        "message": "A String", # [Output Only] A human-readable description of the warning code.
        "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
          {
            "value": "A String", # [Output Only] A warning data value corresponding to the key.
            "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
          },
        ],
      },
    ],
    "user": "A String", # [Output Only] User who requested the operation, for example: user@example.com.
    "startTime": "A String", # [Output Only] The time that this operation was started by the server. This value is in RFC3339 text format.
    "kind": "compute#operation", # [Output Only] Type of the resource. Always compute#operation for Operation resources.
    "name": "A String", # [Output Only] Name of the resource.
    "region": "A String", # [Output Only] The URL of the region where the operation resides. Only applicable when performing regional operations.
    "error": { # [Output Only] If errors are generated during processing of the operation, this field will be populated.
      "errors": [ # [Output Only] The array of errors encountered while processing this operation.
        {
          "message": "A String", # [Output Only] An optional, human-readable error message.
          "code": "A String", # [Output Only] The error type identifier for this error.
          "location": "A String", # [Output Only] Indicates the field in the request that caused the error. This property is optional.
        },
      ],
    },
    "endTime": "A String", # [Output Only] The time that this operation was completed. This value is in RFC3339 text format.
    "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
    "targetLink": "A String", # [Output Only] The URL of the resource that the operation modifies. For operations related to creating a snapshot, this points to the persistent disk that the snapshot was created from.
  }</pre>
</div>
<div class="method">
    <code class="details" id="get">get(project, firewall)</code>
  <pre>Returns the specified firewall.
Args:
  project: string, Project ID for this request. (required)
  firewall: string, Name of the firewall rule to return. (required)
Returns:
  An object of the form:
    { # Represents a Firewall Rule resource.
        #
        # Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
      "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
      "direction": "A String", # Direction of traffic to which this firewall applies, either `INGRESS` or `EGRESS`. The default is `INGRESS`. For `INGRESS` traffic, you cannot specify the destinationRanges field, and for `EGRESS` traffic, you cannot specify the sourceRanges or sourceTags fields.
      "sourceRanges": [ # If source ranges are specified, the firewall rule applies only to traffic that has a source IP address in these ranges. These ranges must be expressed in CIDR format. One or both of sourceRanges and sourceTags may be set. If both fields are set, the rule applies to traffic that has a source IP address within sourceRanges OR a source IP from a resource with a matching tag listed in the sourceTags field. The connection does not need to match both fields for the rule to apply. Only IPv4 is supported.
        "A String",
      ],
      "sourceServiceAccounts": [ # If source service accounts are specified, the firewall rules apply only to traffic originating from an instance with a service account in this list. Source service accounts cannot be used to control traffic to an instance's external IP address because service accounts are associated with an instance, not an IP address. sourceRanges can be set at the same time as sourceServiceAccounts. If both are set, the firewall applies to traffic that has a source IP address within the sourceRanges OR a source IP that belongs to an instance with service account listed in sourceServiceAccount. The connection does not need to match both fields for the firewall to apply. sourceServiceAccounts cannot be used at the same time as sourceTags or targetTags.
        "A String",
      ],
      "description": "A String", # An optional description of this resource. Provide this field when you create the resource.
      "destinationRanges": [ # If destination ranges are specified, the firewall rule applies only to traffic that has destination IP address in these ranges. These ranges must be expressed in CIDR format. Only IPv4 is supported.
        "A String",
      ],
      "sourceTags": [ # If source tags are specified, the firewall rule applies only to traffic with source IPs that match the primary network interfaces of VM instances that have the tag and are in the same VPC network. Source tags cannot be used to control traffic to an instance's external IP address, it only applies to traffic between instances in the same virtual network. Because tags are associated with instances, not IP addresses. One or both of sourceRanges and sourceTags may be set. If both fields are set, the firewall applies to traffic that has a source IP address within sourceRanges OR a source IP from a resource with a matching tag listed in the sourceTags field. The connection does not need to match both fields for the firewall to apply.
        "A String",
      ],
      "allowed": [ # The list of ALLOW rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection.
        {
          "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
              #
              # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
            "A String",
          ],
        },
      ],
      "enableLogging": True or False, # Deprecated in favor of enable in LogConfig. This field denotes whether to enable logging for a particular firewall rule. If logging is enabled, logs will be exported to Stackdriver.
      "kind": "compute#firewall", # [Output Only] Type of the resource. Always compute#firewall for firewall rules.
      "logConfig": { # The available logging options for a firewall rule. # This field denotes the logging options for a particular firewall rule. If logging is enabled, logs will be exported to Stackdriver.
        "enable": True or False, # This field denotes whether to enable logging for a particular firewall rule.
      },
      "disabled": True or False, # Denotes whether the firewall rule is disabled. When set to true, the firewall rule is not enforced and the network behaves as if it did not exist. If this is unspecified, the firewall rule will be enabled.
      "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used:
          # global/networks/default
          # If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
          # - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network
          # - projects/myproject/global/networks/my-network
          # - global/networks/default
      "targetServiceAccounts": [ # A list of service accounts indicating sets of instances located in the network that may make network connections as specified in allowed[]. targetServiceAccounts cannot be used at the same time as targetTags or sourceTags. If neither targetServiceAccounts nor targetTags are specified, the firewall rule applies to all instances on the specified network.
        "A String",
      ],
      "targetTags": [ # A list of tags that controls which instances the firewall rule applies to. If targetTags are specified, then the firewall rule applies only to instances in the VPC network that have one of those tags. If no targetTags are specified, the firewall rule applies to all instances on the specified network.
        "A String",
      ],
      "denied": [ # The list of DENY rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a denied connection.
        {
          "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
              #
              # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
            "A String",
          ],
        },
      ],
      "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
      "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
      "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
      "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
    }</pre>
</div>
<div class="method">
    <code class="details" id="insert">insert(project, body, requestId=None)</code>
  <pre>Creates a firewall rule in the specified project using the data included in the request.
Args:
  project: string, Project ID for this request. (required)
  body: object, The request body. (required)
    The object takes the form of:
{ # Represents a Firewall Rule resource.
      # 
      # Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
    "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
    "direction": "A String", # Direction of traffic to which this firewall applies, either `INGRESS` or `EGRESS`. The default is `INGRESS`. For `INGRESS` traffic, you cannot specify the destinationRanges field, and for `EGRESS` traffic, you cannot specify the sourceRanges or sourceTags fields.
    "sourceRanges": [ # If source ranges are specified, the firewall rule applies only to traffic that has a source IP address in these ranges. These ranges must be expressed in CIDR format. One or both of sourceRanges and sourceTags may be set. If both fields are set, the rule applies to traffic that has a source IP address within sourceRanges OR a source IP from a resource with a matching tag listed in the sourceTags field. The connection does not need to match both fields for the rule to apply. Only IPv4 is supported.
      "A String",
    ],
    "sourceServiceAccounts": [ # If source service accounts are specified, the firewall rules apply only to traffic originating from an instance with a service account in this list. Source service accounts cannot be used to control traffic to an instance's external IP address because service accounts are associated with an instance, not an IP address. sourceRanges can be set at the same time as sourceServiceAccounts. If both are set, the firewall applies to traffic that has a source IP address within the sourceRanges OR a source IP that belongs to an instance with service account listed in sourceServiceAccount. The connection does not need to match both fields for the firewall to apply. sourceServiceAccounts cannot be used at the same time as sourceTags or targetTags.
      "A String",
    ],
    "description": "A String", # An optional description of this resource. Provide this field when you create the resource.
    "destinationRanges": [ # If destination ranges are specified, the firewall rule applies only to traffic that has destination IP address in these ranges. These ranges must be expressed in CIDR format. Only IPv4 is supported.
      "A String",
    ],
    "sourceTags": [ # If source tags are specified, the firewall rule applies only to traffic with source IPs that match the primary network interfaces of VM instances that have the tag and are in the same VPC network. Source tags cannot be used to control traffic to an instance's external IP address, it only applies to traffic between instances in the same virtual network. Because tags are associated with instances, not IP addresses. One or both of sourceRanges and sourceTags may be set. If both fields are set, the firewall applies to traffic that has a source IP address within sourceRanges OR a source IP from a resource with a matching tag listed in the sourceTags field. The connection does not need to match both fields for the firewall to apply.
      "A String",
    ],
    "allowed": [ # The list of ALLOW rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection.
      {
        "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
        "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
            # 
            # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
          "A String",
        ],
      },
    ],
    "enableLogging": True or False, # Deprecated in favor of enable in LogConfig. This field denotes whether to enable logging for a particular firewall rule. If logging is enabled, logs will be exported to Stackdriver.
    "kind": "compute#firewall", # [Output Only] Type of the resource. Always compute#firewall for firewall rules.
    "logConfig": { # The available logging options for a firewall rule. # This field denotes the logging options for a particular firewall rule. If logging is enabled, logs will be exported to Stackdriver.
      "enable": True or False, # This field denotes whether to enable logging for a particular firewall rule.
    },
    "disabled": True or False, # Denotes whether the firewall rule is disabled. When set to true, the firewall rule is not enforced and the network behaves as if it did not exist. If this is unspecified, the firewall rule will be enabled.
    "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used:
        # global/networks/default
        # If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
        # - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network
        # - projects/myproject/global/networks/my-network
        # - global/networks/default
    "targetServiceAccounts": [ # A list of service accounts indicating sets of instances located in the network that may make network connections as specified in allowed[]. targetServiceAccounts cannot be used at the same time as targetTags or sourceTags. If neither targetServiceAccounts nor targetTags are specified, the firewall rule applies to all instances on the specified network.
      "A String",
    ],
    "targetTags": [ # A list of tags that controls which instances the firewall rule applies to. If targetTags are specified, then the firewall rule applies only to instances in the VPC network that have one of those tags. If no targetTags are specified, the firewall rule applies to all instances on the specified network.
      "A String",
    ],
    "denied": [ # The list of DENY rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a denied connection.
      {
        "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
        "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
            # 
            # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
          "A String",
        ],
      },
    ],
    "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
    "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
    "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
    "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
  }
  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
Returns:
  An object of the form:
    { # Represents an Operation resource.
      #
      # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
      #
      # Operations can be global, regional or zonal.
      # - For global operations, use the globalOperations resource.
      # - For regional operations, use the regionOperations resource.
      # - For zonal operations, use the zonalOperations resource.
      #
      # For more information, read  Global, Regional, and Zonal Resources. (== resource_for v1.globalOperations ==) (== resource_for beta.globalOperations ==) (== resource_for v1.regionOperations ==) (== resource_for beta.regionOperations ==) (== resource_for v1.zoneOperations ==) (== resource_for beta.zoneOperations ==)
    "targetId": "A String", # [Output Only] The unique target ID, which identifies a specific incarnation of the target resource.
    "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
    "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
    "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
    "zone": "A String", # [Output Only] The URL of the zone where the operation resides. Only applicable when performing per-zone operations.
    "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
    "operationType": "A String", # [Output Only] The type of operation, such as insert, update, or delete, and so on.
    "httpErrorMessage": "A String", # [Output Only] If the operation fails, this field contains the HTTP error message that was returned, such as NOT FOUND.
    "progress": 42, # [Output Only] An optional progress indicator that ranges from 0 to 100. There is no requirement that this be linear or support any granularity of operations. This should not be used to guess when the operation will be complete. This number should monotonically increase as the operation progresses.
    "httpErrorStatusCode": 42, # [Output Only] If the operation fails, this field contains the HTTP error status code that was returned. For example, a 404 means the resource was not found.
    "statusMessage": "A String", # [Output Only] An optional textual description of the current status of the operation.
    "status": "A String", # [Output Only] The status of the operation, which can be one of the following: PENDING, RUNNING, or DONE.
    "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
    "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
      {
        "message": "A String", # [Output Only] A human-readable description of the warning code.
        "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
          {
            "value": "A String", # [Output Only] A warning data value corresponding to the key.
            "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
          },
        ],
      },
    ],
    "user": "A String", # [Output Only] User who requested the operation, for example: user@example.com.
    "startTime": "A String", # [Output Only] The time that this operation was started by the server. This value is in RFC3339 text format.
    "kind": "compute#operation", # [Output Only] Type of the resource. Always compute#operation for Operation resources.
    "name": "A String", # [Output Only] Name of the resource.
    "region": "A String", # [Output Only] The URL of the region where the operation resides. Only applicable when performing regional operations.
    "error": { # [Output Only] If errors are generated during processing of the operation, this field will be populated.
      "errors": [ # [Output Only] The array of errors encountered while processing this operation.
        {
          "message": "A String", # [Output Only] An optional, human-readable error message.
          "code": "A String", # [Output Only] The error type identifier for this error.
          "location": "A String", # [Output Only] Indicates the field in the request that caused the error. This property is optional.
        },
      ],
    },
    "endTime": "A String", # [Output Only] The time that this operation was completed. This value is in RFC3339 text format.
    "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
    "targetLink": "A String", # [Output Only] The URL of the resource that the operation modifies. For operations related to creating a snapshot, this points to the persistent disk that the snapshot was created from.
  }</pre>
</div>
<div class="method">
    <code class="details" id="list">list(project, orderBy=None, maxResults=None, pageToken=None, filter=None)</code>
  <pre>Retrieves the list of firewall rules available to the specified project.
Args:
  project: string, Project ID for this request. (required)
  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
You can also sort results in descending order based on the creation timestamp using orderBy="creationTimestamp desc". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
Currently, only sorting by name or creationTimestamp desc is supported.
  maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)
  pageToken: string, Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.
  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either =, !=, >, or <.
For example, if you are filtering Compute Engine instances, you can exclude instances named example-instance by specifying name != example-instance.
You can also filter nested fields. For example, you could specify scheduling.automaticRestart = false to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
To filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake"). By default, each expression is an AND expression. However, you can include AND and OR expressions explicitly. For example, (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true).
Returns:
  An object of the form:
    { # Contains a list of firewalls.
    "nextPageToken": "A String", # [Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.
    "kind": "compute#firewallList", # [Output Only] Type of resource. Always compute#firewallList for lists of firewalls.
    "items": [ # A list of Firewall resources.
      { # Represents a Firewall Rule resource.
            #
            # Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
          "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
          "direction": "A String", # Direction of traffic to which this firewall applies, either `INGRESS` or `EGRESS`. The default is `INGRESS`. For `INGRESS` traffic, you cannot specify the destinationRanges field, and for `EGRESS` traffic, you cannot specify the sourceRanges or sourceTags fields.
          "sourceRanges": [ # If source ranges are specified, the firewall rule applies only to traffic that has a source IP address in these ranges. These ranges must be expressed in CIDR format. One or both of sourceRanges and sourceTags may be set. If both fields are set, the rule applies to traffic that has a source IP address within sourceRanges OR a source IP from a resource with a matching tag listed in the sourceTags field. The connection does not need to match both fields for the rule to apply. Only IPv4 is supported.
            "A String",
          ],
          "sourceServiceAccounts": [ # If source service accounts are specified, the firewall rules apply only to traffic originating from an instance with a service account in this list. Source service accounts cannot be used to control traffic to an instance's external IP address because service accounts are associated with an instance, not an IP address. sourceRanges can be set at the same time as sourceServiceAccounts. If both are set, the firewall applies to traffic that has a source IP address within the sourceRanges OR a source IP that belongs to an instance with service account listed in sourceServiceAccount. The connection does not need to match both fields for the firewall to apply. sourceServiceAccounts cannot be used at the same time as sourceTags or targetTags.
            "A String",
          ],
          "description": "A String", # An optional description of this resource. Provide this field when you create the resource.
          "destinationRanges": [ # If destination ranges are specified, the firewall rule applies only to traffic that has destination IP address in these ranges. These ranges must be expressed in CIDR format. Only IPv4 is supported.
            "A String",
          ],
          "sourceTags": [ # If source tags are specified, the firewall rule applies only to traffic with source IPs that match the primary network interfaces of VM instances that have the tag and are in the same VPC network. Source tags cannot be used to control traffic to an instance's external IP address, it only applies to traffic between instances in the same virtual network. Because tags are associated with instances, not IP addresses. One or both of sourceRanges and sourceTags may be set. If both fields are set, the firewall applies to traffic that has a source IP address within sourceRanges OR a source IP from a resource with a matching tag listed in the sourceTags field. The connection does not need to match both fields for the firewall to apply.
            "A String",
          ],
          "allowed": [ # The list of ALLOW rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection.
            {
              "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
                  #
                  # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
                "A String",
              ],
            },
          ],
          "enableLogging": True or False, # Deprecated in favor of enable in LogConfig. This field denotes whether to enable logging for a particular firewall rule. If logging is enabled, logs will be exported to Stackdriver.
          "kind": "compute#firewall", # [Output Only] Type of the resource. Always compute#firewall for firewall rules.
          "logConfig": { # The available logging options for a firewall rule. # This field denotes the logging options for a particular firewall rule. If logging is enabled, logs will be exported to Stackdriver.
            "enable": True or False, # This field denotes whether to enable logging for a particular firewall rule.
          },
          "disabled": True or False, # Denotes whether the firewall rule is disabled. When set to true, the firewall rule is not enforced and the network behaves as if it did not exist. If this is unspecified, the firewall rule will be enabled.
          "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used:
              # global/networks/default
              # If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
              # - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network
              # - projects/myproject/global/networks/my-network
              # - global/networks/default
          "targetServiceAccounts": [ # A list of service accounts indicating sets of instances located in the network that may make network connections as specified in allowed[]. targetServiceAccounts cannot be used at the same time as targetTags or sourceTags. If neither targetServiceAccounts nor targetTags are specified, the firewall rule applies to all instances on the specified network.
            "A String",
          ],
          "targetTags": [ # A list of tags that controls which instances the firewall rule applies to. If targetTags are specified, then the firewall rule applies only to instances in the VPC network that have one of those tags. If no targetTags are specified, the firewall rule applies to all instances on the specified network.
            "A String",
          ],
          "denied": [ # The list of DENY rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a denied connection.
            {
              "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
                  #
                  # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
                "A String",
              ],
            },
          ],
          "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
          "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
          "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
          "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
        },
    ],
    "warning": { # [Output Only] Informational warning message.
      "message": "A String", # [Output Only] A human-readable description of the warning code.
      "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
        {
          "value": "A String", # [Output Only] A warning data value corresponding to the key.
          "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
        },
      ],
    },
    "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
    "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
  }</pre>
</div>
<div class="method">
    <code class="details" id="list_next">list_next(previous_request, previous_response)</code>
  <pre>Retrieves the next page of results.
Args:
  previous_request: The request for the previous page. (required)
  previous_response: The response from the request for the previous page. (required)
Returns:
  A request object that you can call 'execute()' on to request the next
  page. Returns None if there are no more items in the collection.
    </pre>
</div>
<div class="method">
    <code class="details" id="patch">patch(project, firewall, body, requestId=None)</code>
  <pre>Updates the specified firewall rule with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
Args:
  project: string, Project ID for this request. (required)
  firewall: string, Name of the firewall rule to patch. (required)
  body: object, The request body. (required)
    The object takes the form of:
{ # Represents a Firewall Rule resource.
      # 
      # Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
    "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
    "direction": "A String", # Direction of traffic to which this firewall applies, either `INGRESS` or `EGRESS`. The default is `INGRESS`. For `INGRESS` traffic, you cannot specify the destinationRanges field, and for `EGRESS` traffic, you cannot specify the sourceRanges or sourceTags fields.
    "sourceRanges": [ # If source ranges are specified, the firewall rule applies only to traffic that has a source IP address in these ranges. These ranges must be expressed in CIDR format. One or both of sourceRanges and sourceTags may be set. If both fields are set, the rule applies to traffic that has a source IP address within sourceRanges OR a source IP from a resource with a matching tag listed in the sourceTags field. The connection does not need to match both fields for the rule to apply. Only IPv4 is supported.
      "A String",
    ],
    "sourceServiceAccounts": [ # If source service accounts are specified, the firewall rules apply only to traffic originating from an instance with a service account in this list. Source service accounts cannot be used to control traffic to an instance's external IP address because service accounts are associated with an instance, not an IP address. sourceRanges can be set at the same time as sourceServiceAccounts. If both are set, the firewall applies to traffic that has a source IP address within the sourceRanges OR a source IP that belongs to an instance with service account listed in sourceServiceAccount. The connection does not need to match both fields for the firewall to apply. sourceServiceAccounts cannot be used at the same time as sourceTags or targetTags.
      "A String",
    ],
    "description": "A String", # An optional description of this resource. Provide this field when you create the resource.
    "destinationRanges": [ # If destination ranges are specified, the firewall rule applies only to traffic that has destination IP address in these ranges. These ranges must be expressed in CIDR format. Only IPv4 is supported.
      "A String",
    ],
    "sourceTags": [ # If source tags are specified, the firewall rule applies only to traffic with source IPs that match the primary network interfaces of VM instances that have the tag and are in the same VPC network. Source tags cannot be used to control traffic to an instance's external IP address, it only applies to traffic between instances in the same virtual network. Because tags are associated with instances, not IP addresses. One or both of sourceRanges and sourceTags may be set. If both fields are set, the firewall applies to traffic that has a source IP address within sourceRanges OR a source IP from a resource with a matching tag listed in the sourceTags field. The connection does not need to match both fields for the firewall to apply.
      "A String",
    ],
    "allowed": [ # The list of ALLOW rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection.
      {
        "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
        "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
            # 
            # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
          "A String",
        ],
      },
    ],
    "enableLogging": True or False, # Deprecated in favor of enable in LogConfig. This field denotes whether to enable logging for a particular firewall rule. If logging is enabled, logs will be exported to Stackdriver.
    "kind": "compute#firewall", # [Output Only] Type of the resource. Always compute#firewall for firewall rules.
    "logConfig": { # The available logging options for a firewall rule. # This field denotes the logging options for a particular firewall rule. If logging is enabled, logs will be exported to Stackdriver.
      "enable": True or False, # This field denotes whether to enable logging for a particular firewall rule.
    },
    "disabled": True or False, # Denotes whether the firewall rule is disabled. When set to true, the firewall rule is not enforced and the network behaves as if it did not exist. If this is unspecified, the firewall rule will be enabled.
    "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used:
        # global/networks/default
        # If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
        # - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network
        # - projects/myproject/global/networks/my-network
        # - global/networks/default
    "targetServiceAccounts": [ # A list of service accounts indicating sets of instances located in the network that may make network connections as specified in allowed[]. targetServiceAccounts cannot be used at the same time as targetTags or sourceTags. If neither targetServiceAccounts nor targetTags are specified, the firewall rule applies to all instances on the specified network.
      "A String",
    ],
    "targetTags": [ # A list of tags that controls which instances the firewall rule applies to. If targetTags are specified, then the firewall rule applies only to instances in the VPC network that have one of those tags. If no targetTags are specified, the firewall rule applies to all instances on the specified network.
      "A String",
    ],
    "denied": [ # The list of DENY rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a denied connection.
      {
        "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
        "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
            # 
            # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
          "A String",
        ],
      },
    ],
    "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
    "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
    "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
    "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
  }
  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
Returns:
  An object of the form:
    { # Represents an Operation resource.
      #
      # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
      #
      # Operations can be global, regional or zonal.
      # - For global operations, use the globalOperations resource.
      # - For regional operations, use the regionOperations resource.
      # - For zonal operations, use the zonalOperations resource.
      #
      # For more information, read  Global, Regional, and Zonal Resources. (== resource_for v1.globalOperations ==) (== resource_for beta.globalOperations ==) (== resource_for v1.regionOperations ==) (== resource_for beta.regionOperations ==) (== resource_for v1.zoneOperations ==) (== resource_for beta.zoneOperations ==)
    "targetId": "A String", # [Output Only] The unique target ID, which identifies a specific incarnation of the target resource.
    "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
    "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
    "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
    "zone": "A String", # [Output Only] The URL of the zone where the operation resides. Only applicable when performing per-zone operations.
    "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
    "operationType": "A String", # [Output Only] The type of operation, such as insert, update, or delete, and so on.
    "httpErrorMessage": "A String", # [Output Only] If the operation fails, this field contains the HTTP error message that was returned, such as NOT FOUND.
    "progress": 42, # [Output Only] An optional progress indicator that ranges from 0 to 100. There is no requirement that this be linear or support any granularity of operations. This should not be used to guess when the operation will be complete. This number should monotonically increase as the operation progresses.
    "httpErrorStatusCode": 42, # [Output Only] If the operation fails, this field contains the HTTP error status code that was returned. For example, a 404 means the resource was not found.
    "statusMessage": "A String", # [Output Only] An optional textual description of the current status of the operation.
    "status": "A String", # [Output Only] The status of the operation, which can be one of the following: PENDING, RUNNING, or DONE.
    "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
    "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
      {
        "message": "A String", # [Output Only] A human-readable description of the warning code.
        "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
          {
            "value": "A String", # [Output Only] A warning data value corresponding to the key.
            "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
          },
        ],
      },
    ],
    "user": "A String", # [Output Only] User who requested the operation, for example: user@example.com.
    "startTime": "A String", # [Output Only] The time that this operation was started by the server. This value is in RFC3339 text format.
    "kind": "compute#operation", # [Output Only] Type of the resource. Always compute#operation for Operation resources.
    "name": "A String", # [Output Only] Name of the resource.
    "region": "A String", # [Output Only] The URL of the region where the operation resides. Only applicable when performing regional operations.
    "error": { # [Output Only] If errors are generated during processing of the operation, this field will be populated.
      "errors": [ # [Output Only] The array of errors encountered while processing this operation.
        {
          "message": "A String", # [Output Only] An optional, human-readable error message.
          "code": "A String", # [Output Only] The error type identifier for this error.
          "location": "A String", # [Output Only] Indicates the field in the request that caused the error. This property is optional.
        },
      ],
    },
    "endTime": "A String", # [Output Only] The time that this operation was completed. This value is in RFC3339 text format.
    "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
    "targetLink": "A String", # [Output Only] The URL of the resource that the operation modifies. For operations related to creating a snapshot, this points to the persistent disk that the snapshot was created from.
  }</pre>
</div>
<div class="method">
    <code class="details" id="testIamPermissions">testIamPermissions(project, resource, body)</code>
  <pre>Returns permissions that a caller has on the specified resource.
Args:
  project: string, Project ID for this request. (required)
  resource: string, Name or id of the resource for this request. (required)
  body: object, The request body. (required)
    The object takes the form of:
{
    "permissions": [ # The set of permissions to check for the 'resource'. Permissions with wildcards (such as '*' or 'storage.*') are not allowed.
      "A String",
    ],
  }
Returns:
  An object of the form:
    {
    "permissions": [ # A subset of `TestPermissionsRequest.permissions` that the caller is allowed.
      "A String",
    ],
  }</pre>
</div>
<div class="method">
    <code class="details" id="update">update(project, firewall, body, requestId=None)</code>
  <pre>Updates the specified firewall rule with the data included in the request. The PUT method can only update the following fields of firewall rule: allowed, description, sourceRanges, sourceTags, targetTags.
Args:
  project: string, Project ID for this request. (required)
  firewall: string, Name of the firewall rule to update. (required)
  body: object, The request body. (required)
    The object takes the form of:
{ # Represents a Firewall Rule resource.
      # 
      # Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
    "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
    "direction": "A String", # Direction of traffic to which this firewall applies, either `INGRESS` or `EGRESS`. The default is `INGRESS`. For `INGRESS` traffic, you cannot specify the destinationRanges field, and for `EGRESS` traffic, you cannot specify the sourceRanges or sourceTags fields.
    "sourceRanges": [ # If source ranges are specified, the firewall rule applies only to traffic that has a source IP address in these ranges. These ranges must be expressed in CIDR format. One or both of sourceRanges and sourceTags may be set. If both fields are set, the rule applies to traffic that has a source IP address within sourceRanges OR a source IP from a resource with a matching tag listed in the sourceTags field. The connection does not need to match both fields for the rule to apply. Only IPv4 is supported.
      "A String",
    ],
    "sourceServiceAccounts": [ # If source service accounts are specified, the firewall rules apply only to traffic originating from an instance with a service account in this list. Source service accounts cannot be used to control traffic to an instance's external IP address because service accounts are associated with an instance, not an IP address. sourceRanges can be set at the same time as sourceServiceAccounts. If both are set, the firewall applies to traffic that has a source IP address within the sourceRanges OR a source IP that belongs to an instance with service account listed in sourceServiceAccount. The connection does not need to match both fields for the firewall to apply. sourceServiceAccounts cannot be used at the same time as sourceTags or targetTags.
      "A String",
    ],
    "description": "A String", # An optional description of this resource. Provide this field when you create the resource.
    "destinationRanges": [ # If destination ranges are specified, the firewall rule applies only to traffic that has destination IP address in these ranges. These ranges must be expressed in CIDR format. Only IPv4 is supported.
      "A String",
    ],
    "sourceTags": [ # If source tags are specified, the firewall rule applies only to traffic with source IPs that match the primary network interfaces of VM instances that have the tag and are in the same VPC network. Source tags cannot be used to control traffic to an instance's external IP address, it only applies to traffic between instances in the same virtual network. Because tags are associated with instances, not IP addresses. One or both of sourceRanges and sourceTags may be set. If both fields are set, the firewall applies to traffic that has a source IP address within sourceRanges OR a source IP from a resource with a matching tag listed in the sourceTags field. The connection does not need to match both fields for the firewall to apply.
      "A String",
    ],
    "allowed": [ # The list of ALLOW rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection.
      {
        "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
        "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
            # 
            # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
          "A String",
        ],
      },
    ],
    "enableLogging": True or False, # Deprecated in favor of enable in LogConfig. This field denotes whether to enable logging for a particular firewall rule. If logging is enabled, logs will be exported to Stackdriver.
    "kind": "compute#firewall", # [Output Only] Type of the resource. Always compute#firewall for firewall rules.
    "logConfig": { # The available logging options for a firewall rule. # This field denotes the logging options for a particular firewall rule. If logging is enabled, logs will be exported to Stackdriver.
      "enable": True or False, # This field denotes whether to enable logging for a particular firewall rule.
    },
    "disabled": True or False, # Denotes whether the firewall rule is disabled. When set to true, the firewall rule is not enforced and the network behaves as if it did not exist. If this is unspecified, the firewall rule will be enabled.
    "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used:
        # global/networks/default
        # If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
        # - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network
        # - projects/myproject/global/networks/my-network
        # - global/networks/default
    "targetServiceAccounts": [ # A list of service accounts indicating sets of instances located in the network that may make network connections as specified in allowed[]. targetServiceAccounts cannot be used at the same time as targetTags or sourceTags. If neither targetServiceAccounts nor targetTags are specified, the firewall rule applies to all instances on the specified network.
      "A String",
    ],
    "targetTags": [ # A list of tags that controls which instances the firewall rule applies to. If targetTags are specified, then the firewall rule applies only to instances in the VPC network that have one of those tags. If no targetTags are specified, the firewall rule applies to all instances on the specified network.
      "A String",
    ],
    "denied": [ # The list of DENY rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a denied connection.
      {
        "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
        "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
            # 
            # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
          "A String",
        ],
      },
    ],
    "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
    "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
    "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
    "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
  }
  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
Returns:
  An object of the form:
    { # Represents an Operation resource.
      #
      # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
      #
      # Operations can be global, regional or zonal.
      # - For global operations, use the globalOperations resource.
      # - For regional operations, use the regionOperations resource.
      # - For zonal operations, use the zonalOperations resource.
      #
      # For more information, read  Global, Regional, and Zonal Resources. (== resource_for v1.globalOperations ==) (== resource_for beta.globalOperations ==) (== resource_for v1.regionOperations ==) (== resource_for beta.regionOperations ==) (== resource_for v1.zoneOperations ==) (== resource_for beta.zoneOperations ==)
    "targetId": "A String", # [Output Only] The unique target ID, which identifies a specific incarnation of the target resource.
    "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
    "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
    "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
    "zone": "A String", # [Output Only] The URL of the zone where the operation resides. Only applicable when performing per-zone operations.
    "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
    "operationType": "A String", # [Output Only] The type of operation, such as insert, update, or delete, and so on.
    "httpErrorMessage": "A String", # [Output Only] If the operation fails, this field contains the HTTP error message that was returned, such as NOT FOUND.
    "progress": 42, # [Output Only] An optional progress indicator that ranges from 0 to 100. There is no requirement that this be linear or support any granularity of operations. This should not be used to guess when the operation will be complete. This number should monotonically increase as the operation progresses.
    "httpErrorStatusCode": 42, # [Output Only] If the operation fails, this field contains the HTTP error status code that was returned. For example, a 404 means the resource was not found.
    "statusMessage": "A String", # [Output Only] An optional textual description of the current status of the operation.
    "status": "A String", # [Output Only] The status of the operation, which can be one of the following: PENDING, RUNNING, or DONE.
    "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
    "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
      {
        "message": "A String", # [Output Only] A human-readable description of the warning code.
        "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
          {
            "value": "A String", # [Output Only] A warning data value corresponding to the key.
            "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
          },
        ],
      },
    ],
    "user": "A String", # [Output Only] User who requested the operation, for example: user@example.com.
    "startTime": "A String", # [Output Only] The time that this operation was started by the server. This value is in RFC3339 text format.
    "kind": "compute#operation", # [Output Only] Type of the resource. Always compute#operation for Operation resources.
    "name": "A String", # [Output Only] Name of the resource.
    "region": "A String", # [Output Only] The URL of the region where the operation resides. Only applicable when performing regional operations.
    "error": { # [Output Only] If errors are generated during processing of the operation, this field will be populated.
      "errors": [ # [Output Only] The array of errors encountered while processing this operation.
        {
          "message": "A String", # [Output Only] An optional, human-readable error message.
          "code": "A String", # [Output Only] The error type identifier for this error.
          "location": "A String", # [Output Only] Indicates the field in the request that caused the error. This property is optional.
        },
      ],
    },
    "endTime": "A String", # [Output Only] The time that this operation was completed. This value is in RFC3339 text format.
    "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
    "targetLink": "A String", # [Output Only] The URL of the resource that the operation modifies. For operations related to creating a snapshot, this points to the persistent disk that the snapshot was created from.
  }</pre>
</div>
</body></html>
 |