Represents the aggregation level and interval for pricing of a single SKU.
Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both allServices
and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { “audit_configs”: [ { “service”: “allServices”, “audit_log_configs”: [ { “log_type”: “DATA_READ”, “exempted_members”: [ “user:jose@example.com” ] }, { “log_type”: “DATA_WRITE” }, { “log_type”: “ADMIN_READ” } ] }, { “service”: “sampleservice.googleapis.com”, “audit_log_configs”: [ { “log_type”: “DATA_READ” }, { “log_type”: “DATA_WRITE”, “exempted_members”: [ “user:aliya@example.com” ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com
from DATA_READ logging, and aliya@example.com
from DATA_WRITE logging.
Provides the configuration for logging a type of permissions. Example: { “audit_log_configs”: [ { “log_type”: “DATA_READ”, “exempted_members”: [ “user:jose@example.com” ] }, { “log_type”: “DATA_WRITE” } ] } This enables ‘DATA_READ’ and ‘DATA_WRITE’ logging, while exempting jose@example.com from DATA_READ logging.
A billing account in the
Google Cloud Console. You can assign a billing account to one or more projects.
Gets the access control policy for a billing account. The caller must have the
billing.accounts.getIamPolicy
permission on the account, which is often given to billing account
viewers.
Lists the billing accounts that the current authenticated user has permission to
view.
A builder providing access to all methods supported on
billingAccount resources.
It is not used directly, but through the
Cloudbilling
hub.
Changes which parent organization a billing account belongs to.
Updates a billing account’s fields. Currently the only field that can be edited is
display_name
. The current authenticated user must have the
billing.accounts.update
IAM permission, which is typically given to the
administrator of the billing account.
Lists the projects associated with a billing account. The current authenticated user must have the
billing.resourceAssociations.list
IAM permission, which is often given to billing account
viewers.
Sets the access control policy for a billing account. Replaces any existing policy. The caller must have the
billing.accounts.setIamPolicy
permission on the account, which is often given to billing account
administrators.
Lists the billing accounts that the current authenticated user has permission to
view.
Tests the access control policy for a billing account. This method takes the resource and a set of permissions as input and returns the subset of the input permissions that the caller is allowed for that resource.
Associates members
, or principals, with a role
.
Represents the category hierarchy of a SKU.
Central instance to access all Cloudbilling related resource activities
Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: “Summary size limit” description: “Determines if a summary is less than 100 chars” expression: “document.summary.size() < 100” Example (Equality): title: “Requestor is owner” description: “Determines if requestor is the document owner” expression: “document.owner == request.auth.claims.email” Example (Logic): title: “Public documents” description: “Determine whether the document should be publicly visible” expression: “document.type != ‘private’ && document.type != ‘internal’” Example (Data Manipulation): title: “Notification string” description: “Create a notification string with a timestamp.” expression: “’New message received at ’ + string(document.create_time)” The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
Encapsulates the geographic taxonomy data for a sku.
Response message for ListBillingAccounts
.
Request message for ListProjectBillingInfoResponse
.
Response message for ListServices
.
Response message for ListSkus
.
Represents an amount of money with its currency type.
Request message for MoveBillingAccount
RPC.
Lists the billing accounts that the current authenticated user has permission to
view.
Changes which parent organization a billing account belongs to.
A builder providing access to all methods supported on
organization resources.
It is not used directly, but through the
Cloudbilling
hub.
An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A
Policy
is a collection of
bindings
. A
binding
binds one or more
members
, or principals, to a single
role
. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A
role
is a named list of permissions; each
role
can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a
binding
can also specify a
condition
, which is a logical expression that allows access to a resource only if the expression evaluates to
true
. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the
IAM documentation.
JSON example: { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
YAML example: bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3
For a description of IAM and its features, see the
IAM documentation.
Expresses a mathematical pricing formula. For Example:- usage_unit: GBy
tiered_rates:
[start_usage_amount: 20, unit_price: $10]
[start_usage_amount: 100, unit_price: $5]
The above expresses a pricing formula where the first 20GB is free, the next 80GB is priced at $10 per GB followed by $5 per GB for additional usage.
Represents the pricing information for a SKU at a single point of time.
Encapsulation of billing information for a Google Cloud Console project. A project has at most one associated billing account at a time (but a billing account can be assigned to multiple projects).
Gets the billing information for a project. The current authenticated user must have the
resourcemanager.projects.get
permission for the project, which can be granted by assigning the
Project Viewer role.
A builder providing access to all methods supported on
project resources.
It is not used directly, but through the
Cloudbilling
hub.
Sets or updates the billing account associated with a project. You specify the new billing account by setting the
billing_account_name
in the
ProjectBillingInfo
resource to the resource name of a billing account. Associating a project with an open billing account enables billing on the project and allows charges for resource usage. If the project already had a billing account, this method changes the billing account used for resource usage charges.
Note: Incurred charges that have not yet been reported in the transaction history of the Google Cloud Console might be billed to the new billing account, even if the charge occurred before the new billing account was assigned to the project. The current authenticated user must have ownership privileges for both the
project and the
billing account. You can disable billing on the project by setting the
billing_account_name
field to empty. This action disassociates the current billing account from the project. Any billable activity of your in-use services will stop, and your application could stop functioning as expected. Any unbilled charges to date will be billed to the previously associated account. The current authenticated user must be either an owner of the project or an owner of the billing account for the project. Note that associating a project with a
closed billing account will have much the same effect as disabling billing on the project: any paid resources used by the project will be shut down. Thus, unless you wish to disable billing, you should always call this method with the name of an
open billing account.
Encapsulates a single service in Google Cloud Platform.
Lists all public cloud services.
A builder providing access to all methods supported on
service resources.
It is not used directly, but through the
Cloudbilling
hub.
Lists all publicly available SKUs for a given cloud service.
Request message for SetIamPolicy
method.
Encapsulates a single SKU in Google Cloud Platform
Request message for TestIamPermissions
method.
Response message for TestIamPermissions
method.
The price rate indicating starting usage and its corresponding price.